Monday, May 25, 2015

WIRELESS SENSOR NETWORK SECURITY ANALYSIS

REVIEW JURNAL
“WIRELESS SENSOR NETWORK SECURITY ANALYSIS”
Discussion of Results Review

1. WSN ARCHITECTURE
In WSN we see the network components as follows :
  • Sensor motes ( Field devices ) , field devices installed in the process and should be capable of routing packets on behalf of other devices . In most cases they characterize or control the process or process equipment . Routers are a special type of field devices that do not have sensors or process control equipment and thus do not control the process itself .
  •  Gateway or Access Point is a gateway that enables communication between the application and the host device .
  • Network Manager . A Network Manager is responsible for the configuration of the network , scheduling communications between devices ( ie , configure Super frame ) , the routing table management and monitoring and health reporting network
  • Security Manager . Security Manager is responsible for system security , and data storage .
2. WSN SECURITY ANALYSIS
Simplicity in Wireless Sensor Network nodes with limited resources makes them very vulnerable to various attacks. This journal identifies and categorizes be some attacks in Wireless Sensor Network as follows:
  •  Denial of Service
Denial of Service (DoS) is any event that reduces or eliminates the ability of the network to perform the functions expected.
  • Sybil
Sybil attack is defined as "an evil device that can take multiple identities". The enemy can "be in more than one place at once" as a single node serving multiple identities to other nodes in the network can significantly reduce the effectiveness of the scheme as fault tolerant storage, distribution, dispersity, and multipath.
  • Wormhole
In the wormhole attack, the enemy entered through the tunnel received messages in one part of the network through a low latency link and rotate them in different sections. The enemy is located close to the base station may be able to truly disrupt routing by creating wormholes well placed.
  • Sinkhole (black hole)
Sinkhole attacks generally work by making a compromised node look very attractive to the surrounding nodes with respect to routing algorithms and captivate almost all traffic from a specific area through a compromised node, create a sinkhole metaphor with the enemy in the center. Because node at, or near, the road which follow the package has many opportunities to mengutakatik application data, sinkhole attacks can activate many other attacks (selective forwarding, for example).
  • Selective Forwarding
In the selective forwarding attacks, malicious nodes behave like black holes and may refuse to forward certain messages and simply drop them, ensuring that they do not spread any further. However, attackers like to run the risk that neighboring nodes will conclude that he has failed and decided to look for another route. A more subtle form of this attack is when an enemy selectively forwarding the packet. Enemies who are interested in suppressing or modifying packets originating from multiple nodes select believed to forward traffic and limits residual suspicions of his guilt.
·
  • Impersonation
Replication node. Also called impersonation. An attacker tried
to add nodes to an existing sensor network by copying (replication) node ID of sensor nodes exist. Node replication attack can occur if the enemy can copy the identification of network nodes. In this way the package can be damaged, misrouted or deleted, and if the enemy is able to replicate it is possible that the cryptographic key can be disclosed.
  • Eavesdropping / Eavesdropping
By listening to the data, the enemy can easily find the content of the communication. Network traffic is also vulnerable to monitoring and eavesdropping. It should be no cause for concern given a strong security protocols, but monitoring can lead to attacks similar to those described previously. It can also cause an attack wormhole or a black hole.
  • Traffic Analysis
Traffic analysis attacks forged in which the base station can be determined with the observation that most of the packets are being routed to one particular node. If the enemy can compromise the base station can make the network useless.
  • Mote Class
Also called insider attacks. The attackers have authorized participants in sensor networks. Insider attacks can be mounted either on the compromised sensor nodes running malicious code or an enemy who has stolen the key material, code, and data from a legitimate node, and then use one or more Class Laptop device to attack the network.
  • Laptop Class
Also called Outsider attacks. Attackers have special access to a network of sensors. Class Laptop attacks can have access to more powerful devices, Class Laptop attacks may have high bandwidth, lowlatency communication channels are not available to ordinary sensor nodes, which allows the attacker to coordinate their Efforts.
3. Precautions
In this section, we discuss some precautions.
  •  Attacks Outsider and link layer
Most of the outside attacks against the sensor network routing protocols can be prevented with a simple link layer encryption and authentication keys shared global use. Link layer security mechanisms using shared global key Bena really effective also in the presence of an insider attack. Insiders can attack the network by spoofing or inject false routing information, creating sinkholes, selectively forwarding packets, using a Sybil attack. However, more sophisticated defense mechanisms are still urgently needed to provide adequate protection against insider attacks and worm holes.
  • The Sybil Attack
Using this joint global key
allow people inside to impersonate any (maybe even none) node. Identity must be verified. In the traditional setting, this may be done by using public key cryptography, but generating and verifying digital signatures is beyond the ability of the sensor node. One solution is to have a unique node symmetric key with a base station that is reliable.
  • Wormhole and Sinkhole
Wormhole and sinkhole attack is very difficult to defend against, especially when both are used in combination. Wormholes are difficult to detect because they use private, out-of-band channel seen by the underlying sensor network. A technique for detecting wormhole requires a very tight time synchronization and thus are not feasible for the majority of sensor networks. Since it is very difficult to retrofit existing protocol with the defense against this attack, the best solution is to carefully design the routing protocol where the wormhole and sinkholes that means.
  • Leveraging Global Knowledge
A major challenge in securing large sensor networks is their inherent self-organizing, decentralized nature. When the limited network size or topology structured or controlled, global knowledge can be utilized in security mechanisms. To take into account topology changes due to radio interference or failure node, the node will periodically update the base station with the right information. Drastic changes or suspicious to the topological node may indicate a compromise, and appropriate action can be taken.
  • Selective Forwarding
Multipath routing can be used to fight the kind of selective forwarding attacks. Messages routed through that node actually decipher completely protected against attacks involving selective forwarding node most disturbed and still offer some protection each time probabilistic node disrupted. By allowing nodes to dynamically choose this package next hop probabilistically from a set of candidates can further reduce the possibility of enemy gain full control of the data stream.

No comments:

Post a Comment