A Complete Security Framework for Wireless Sensor Networks: Theory and Practice

A Complete Security Framework for Wireless Sensor Networks: Theory and Practice

Christophe Guyeux (University of Franche-Comté (FEMTO-ST), Belfort Cedex, France), Abdallah Makhoul (University of Franche-Comté (FEMTO-ST), Belfort Cedex, France), Ibrahim Atoui (Faculty of Sciences, Lebanese University, Hadath, Lebanon), Samar Tawbi (Faculty of Sciences, Lebanese University, Hadath, Lebanon) and Jacques M. Bahi (University of Franche-Comté (FEMTO-ST), Belfort Cedex, France)
DOI: 10.4018/ijitwe.2015010103
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

Wireless sensor networks are often deployed in public or otherwise untrusted and even hostile environments, which prompt a number of security issues. Although security is a necessity in other types of networks, it is much more so in sensor networks due to the resource-constraint, susceptibility to physical capture, and wireless nature. Till now, most of the security approaches proposed for sensor networks present single solution for particular and single problem. Therefore, to address the special security needs of sensor networks as a whole we introduce a security framework. In their framework, the authors emphasize the following areas: (1) secure communication infrastructure, (2) secure scheduling, and (3) a secure data aggregation algorithm. Due to resource constraints, specific strategies are often necessary to preserve the network's lifetime and its quality of service. For instance, to reduce communication costs, data can be aggregated through the network, or nodes can go to sleep mode periodically (nodes scheduling). These strategies must be proven as secure, but protocols used to guarantee this security must be compatible with the resource preservation requirement. To achieve this goal, secure communications in such networks will be defined, together with the notions of secure scheduling and secure aggregation. The concepts of indistinguability, nonmalleability, and message detection resistance will thus be adapted to communications in wireless sensor networks. Finally, some of these security properties will be evaluated in concrete case studies.
Article Preview

1. Introduction

In the last few years, wireless sensor networks (WSN) have gained increasing attention from both the research community and actual users. As sensor nodes are generally battery-powered devices, the critical aspects to face concern how to reduce the energy consumption of nodes, so that the network lifetime can be extended to reasonable times. Therefore, energy conservation is a key issue in the design of systems based on wireless sensor networks. In the literature, we can find different techniques to extend the sensor network lifetime (Anastasi, Conti, Di Francesco, Passarella, 2009). For example, energy efficient protocols are aimed at minimizing the energy consumption during network activities. However, a large amount of energy is consumed by node components (CPU, radio, etc.) even if they are idle. Power management schemes are thus used for switching off node components that are temporarily not needed (Cardei, Wu, 2006; Bahi, Makhoul, Mostefaoui, 2008; Liu, Wan, Jia, 2006; Zhao, Zhao, 2007). Other techniques suitable to reduce the energy consumption of sensors are data acquisition (i.e. sampling or transmitting) reduction as data fusion and aggregation (Li, 2006; Bahi, Makhoul, Medlej, 2011; Esnaashari, Meybodi, 2010; Bahi, Makhoul, Medlej, to appear). On the other hand, sensor networks are often deployed in unattended even hostile environments, thus leaving these networks vulnerable to passive and active attacks by the adversary. The communication between sensor nodes can be eavesdropped by the adversary and can forge the data. Sensor nodes should be resilient to these attacks. Therefore, one of the major challenges in such networks is how to provide connection between sensors and the base station and how to exchange the data while maintaining the security requirements and taking into consideration their limited resources. Until now, most of the security and saving energy approaches proposed for sensor networks propose single solution for particular and single problem. Therefore, to address the special security needs of sensor networks as a whole we introduce a security framework. In our framework, we emphasize the following areas: (1) secure communication infrastructure, (2) secure scheduling, and (3) a secure data aggregation algorithm.

Secure communication infrastructure: In wireless sensor networks, a sensor node generally senses the data and sends to its neighbor nodes or to the sink (base station). Stationary adversaries equipped with powerful computers and communication devices may access whole WSN from a remote location. For instance, an intrusion detection system detects the different types of attacks and sends the report to base station. It uses all nodes or some special nodes to detect these types of attacks. These nodes co-operate with each other to take the decision and finally send the report to the base station. It requires lots of communication between the nodes. If adversary can trap the message exchanging between the nodes then he can easily tamper the messages and send the false information to the other nodes. Secure communication is a necessary condition in order to make the network smooth so that nodes can send data or exchange the message securely. In our paper, we provide the definition of a communication system for WSNs, and define some of the required security properties (indistinguability, nonmalleability, and message detection resistance) dedicated to sensor networks.

Secure scheduling: The main objective of a secure scheduling is to prolong the whole network lifetime while fulfilling the surveillance application needs. In other words, a common approach is to define a subset of the deployed nodes to be active while the other nodes can sleep. In this paper, we present a novel scheduling algorithm where only a subset of nodes contribute significantly to detect intruders and prevent malicious attacker to predict the behavior of the network prior to intrusion. We present a random scheduling to solve this issue, by guaranteeing a uniform coverage while preventing attackers to predict the list of awaken nodes.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 12: 4 Issues (2017)
Volume 11: 4 Issues (2016)
Volume 10: 4 Issues (2015)
Volume 9: 4 Issues (2014)
Volume 8: 4 Issues (2013)
Volume 7: 4 Issues (2012)
Volume 6: 4 Issues (2011)
Volume 5: 4 Issues (2010)
Volume 4: 4 Issues (2009)
Volume 3: 4 Issues (2008)
Volume 2: 4 Issues (2007)
Volume 1: 4 Issues (2006)
View Complete Journal Contents Listing