SECURE ROUTING IN WIRELESS SENSOR NETWORKS

ATTACKS AND COUNTERMEASURES

A.MUQEED

11011A0449

CONTENTS:

• Introduction• Sensor Networks vs Ad-Hoc Networks• Problem statement• Attacks on sensor network routing• Countermeasures• Future Enhancements• Conclusion• References

Introduction

• Propose security goals for routing in wireless Sensor networks.

• Show how certain attacks against Ad-hoc networks and peer-to-peer

networks can be adapted into more powerful attacks against sensor

networks.

• Provide a list of attacks and their countermeasures.

• Sensor Network: Heterogeneous system consisting of tiny sensors and

actuators having some computing elements.

• When all the wireless sensor nodes are connected in a network, they form a

wireless sensor network.

• Hence, Wireless Sensor Networks are heterogeneous systems containing

many small devices called sensor nodes and actuators with general-purpose

computing elements.

• WSN’s facilitate monitoring and controlling of physical environments from

remote locations that could be difficult or dangerous to reach.

• Base Station:

– Point of centralized control

– Gateway to another network, powerful data processing unit, or point of

human interface

– More processing capability, memory & power

• Aggregation points: Node at which the messages are processed before

sending to base station.

Sensor N/w vs Ad-Hoc N/w

• Similarity: The dominant communication method in both is multi-hop

networking.

• Differences:

I. Ad-Hoc networks support routing between any pair of nodes, whereas

sensor networks support specialized communication pattern like Many-to-

one, One-to-many, Local communication.

II. Nodes in sensor networks are more resource constrained than Ad-Hoc

networks.

III. Higher level of trust relationship among sensor nodes. In-network

processing, aggregation, duplication elimination.

Problem Statement

• Before discussing about each attack on routing protocol and its

countermeasure a clear view about routing security problem is required.• Network Assumptions:

-> Insecure radio links.

-> Malicious node collude to attack the system.

-> No tamper resistance on nodes.

-> Adversary can access all key material, data, and code stored on the

captured node.• Trust Requirements:

-> Base stations are trustworthy.

-> Aggregation points not necessarily trustworthy.

• Threat Models : 2 types

-> Based on device capability

– Mote-class attacker Access to few sensor nodes.

– Laptop-class attacker Access to more powerful devices. Have more battery

power, better CPU, sensitive antenna, powerful radio Tx, etc.

-> Based on attacker type / attacker location

– Outside attacks attacker external to the network.

– Inside attacks Authorized node in the network is malicious/compromised.

• Security Goals

– Secure routing protocol should guarantee integrity, authenticity, availability

of messages in presence of adversaries.

– Secrecy of application data is must.

Attacks on sensor network routing• By Spoofing, Altering, or Replaying

routing information:

-> Attacker can create loops, attract or repel network traffic, generate false message, partition network, induce delay, etc.

• Selective forwarding:

-> Malicious node forwards only some messages, drop others.

-> Attacker tries to be on the actual path of data flow, if it’s a neighboring node, then it causes collision on each forwarded packet of interest in order to include itself on data flow path.

• Sinkhole Attacks:

– Main Reason : Specialized communication

patterns supported by wsn; All packets have

same destination i.e. base station.

– Adversary tries to attract traffic from a

particular area to pass through a

compromised node, thereby creating

sinkhole with adversary at the center.

– A compromised node may be made to look

attractive to neighbors in some routing

algorithm

– Laptop class adversary provide a high quality

route to base station by transmitting at high

power which will cause the neighboring

nodes to forward packets through the

adversary.

• Sybil Attack:

-> Single node presents multiple identities to other

nodes.

-> Significantly affect fault-tolerance schemes like

distributed storage, multi-path routing, topology

maintenance.

-> Threat to geographical routing protocols.

• Wormholes:

-> Transfer of packets from sender to receiver

occurs through a low latency route formed by

creation of wormhole.

-> This poses a threat to routing protocols which

rely heavily on geographic locations and

proximity.

-> Selective forwarding and sinkhole attacks can be

launched from wormhole.

• HELLO flood attack:

-> Some protocols require that nodes

broadcast ‘HELLO’ packets to advertise

themselves.

-> Laptop-class attacker can convince every

node that it is their neighbor by

transmitting at high power.

-> Target nodes attempts to reply, but the

adversary is out of range.

->This creates a state of confusion in the

network

Attack on LEACH protocol• Low Energy Adaptive Clustering Hierarchy ("LEACH") is a TDMA-

based MAC protocol which is integrated with clustering in wireless sensor networks (WSNs).

• The goal of LEACH is to lower the energy consumption required to create and maintain clusters in order to improve the life time of a wireless sensor network.

• In LEACH nodes transmit to cluster heads, and the cluster heads aggregate and compress the data and forward it to the base station(sink).

Attack:• Since nodes choose a cluster-head based on received signal strength, an

adversary can disable the entire network by using HELLO flood attack.• Every node will choose the adversary as its cluster head and the adversary now

can use selective forwarding attack to modify the node data.• Simple countermeasure like changing the cluster-head for each round will easily

be compromised by Sybil attack.

Countermeasures• Outsider attack and link layer security

-> Outside attackers can be reduced by link layer security and authentication using

a global shared key.

-> Sybil, Sinkhole, Selective forwarding attacks can be restricted as node doesn’t

accept identity of adversary and the adversary is prevented from joining

topology.

-> Ineffective against Insider attacks like wormhole, Hello flood attacks.

• Sybil attack

-> Every node shares a unique symmetric key with the base station.

-> Then two nodes generate pair-wise shared secret key between them (Needham

– Schroeder symmetric key exchange) for ‘Identity verification’

-> Limit the number of neighbors for a node prevent adversary from establishing

shared keys with everyone.

• HELLO flood attack

-> Verification of bidirectionality of a link before taking meaningful action using Identity

verification protocol.

-> Nodes are connected to limited verified neighbors, so even with a high sensitive

adversary the compromise of nodes is not on a large segment of network.

• Wormhole and Sinkhole attacks

-> Very difficult to defend when two are used in combination as wormholes use out-of-

bound channels invisible to networks.

-> Whereas sinkholes are difficult to defend against protocols using advertising information.

-> Good protocol design is required to avoid these attacks.

Eg: Geographic routing protocol can be used to avoid wormhole and sinkhole attacks as it

is a location based protocol.

>> Initiation is not from base station and the traffic is naturally routed towards physical

location of base station hence difficult to create a wormhole and sinkhole.

• Selective forwarding

-> Use Multipath Routing; messages routed over disjoint paths.

-> Messages routed on n disjoint paths protected against selective forwarding offer

probabilistic protection when over n nodes are compromised.

Future Enhancements

• This survey on attacks and countermeasures in wireless sensor network

routing protocols will help in better design of routing protocols at

development stage.

• If design of routing protocols satisfies the proposed security goals then

effective defending against adversaries will be achieved.

Conclusion

• Different security problems in sensor networks.

• Different types of attacks on the sensor networks from inside attackers

and outside attackers.

• Countermeasures to avoid the occurrence of these attacks.

• Hence, Protocols developed for routing in wireless sensor networks must

be designed with security features in view.

References:

1. Chris Karlof and David Wagner, Secure routing in wireless sensor networks: Attacks

and countermeasures, University of california, Berkeley, IEEE 2003.

2. K.Venkatraman, J.Vijay Daniel, G.Murugaboopathi, Various attacks in Wireless

Sensor network: Survey, VelTech group of institution, IJSCE, March 2013.

3. Aashima Singla, Ratika Sachdeva, Review on Security Issues and Attacks in

Wireless Sensor Networks, Department of CSE Sri Guru Granth Sahib World

University, IJARCSSE, April 2013.

4. J.Steffi Agino, Priyanka, S.Tephillah, A.M.Balamurugan, Attacks and

countermeasures in WSN, St. Joseph’s College of Engineering, Chennai, Tamil

Nadu, IPASJ, January 2014.

5. I. R. Uouceur, "The Sybil Attack:' in 1st lnternational Workshop on Peer-to-Peer

Systems (IPTPS '0202). March 2002.

THANK YOU