Securing a wireless sensor network for human tracking: a review of solutions

Currently, wireless sensor networks (WSNs) are formed by devices with limited resources and limited power energy availability. Thanks to their cost effectiveness, flexibility, and ease of deployment, wireless sensor networks have been applied to many scenarios such as industrial, civil, and military applications. For many applications, security is a primary issue, but this produces an extra energy cost. Thus, in real applications, a trade-off is required between the security level and energy consumption. This paper evaluates different security schemes applied to human tracking applications, based on a real-case scenario.Junta de Andalucía P07-TIC-02476Junta de Andalucía TIC-570

On Evaluating the Performance Impact of the IEEE 802.15.4 Security Sub-layer

Nowadays, wireless sensor networks (WSNs) are used in a wide range of application scenarios ranging from structural monitoring to health-care, from surveillance to industrial automation. Most of these applications require forms of secure communication. On the other hand, security has a cost in terms of reduced performance. In this paper we refer to the IEEE 802.15.4 standard and investigate the impact of the 802.15.4 security sub-layer on the WSN performance. Specifically, we analyze the impact that security mechanisms and options, as provided by the standard, have on the overall WSN performance, in terms of latency, goodput, and energy consumption. To this end, we develop an analytical model and a security enabled simulator. We also use a real testbed, based on a complete open-source implementation of the standard, to validate simulation and analytical results, as well as to better understand the limits of the current WSN technology

Distributed storage protection in wireless sensor networks

With reference to a distributed architecture consisting of sensor nodes connected in a wireless network, we present a model of a protection system based on segments and applications. An application is the result of the joint activities of a set of cooperating nodes. A given node can access a segment stored in the primary memory of a different node only by presenting a gate for that segment. A gate is a form of pointer protected cryptographically, which references a segment and specifies a set of access rights for this segment. Gates can be freely transmitted between nodes, thereby granting the corresponding access permissions. Two special node functionalities are considered, segment servers and application servers. Segment servers are used for inter-application communication and information gathering. An application server is used in each application to support key management and rekeying. The rekey mechanism takes advantage of key naming to cope with losses of rekey messages. The total memory requirements for key and gate storage result to be a negligible fraction of the overall memory resources of the generic network node

Solutions and Tools for Secure Communication in Wireless Sensor Networks

Secure communication is considered a vital requirement in Wireless Sensor Network (WSN) applications. Such a requirement embraces different aspects, including confidentiality, integrity and authenticity of exchanged information, proper management of security material, and effective prevention and reaction against security threats and attacks. However, WSNs are mainly composed of resource-constrained devices. That is, network nodes feature reduced capabilities, especially in terms of memory storage, computing power, transmission rate, and energy availability. As a consequence, assuring secure communication in WSNs results to be more difficult than in other kinds of network. In fact, trading effectiveness of adopted solutions with their efficiency becomes far more important. In addition, specific device classes or technologies may require to design ad hoc security solutions. Also, it is necessary to efficiently manage security material, and dynamically cope with changes of security requirements. Finally, security threats and countermeasures have to be carefully considered since from the network design phase. This Ph.D. dissertion considers secure communication in WSNs, and provides the following contributions. First, we provide a performance evaluation of IEEE 802.15.4 security services. Then, we focus on the ZigBee technology and its security services, and propose possible solutions to some deficiencies and inefficiencies. Second, we present HISS, a highly scalable and efficient key management scheme, able to contrast collusion attacks while displaying a graceful degradation of performance. Third, we present STaR, a software component for WSNs that secures multiple traffic flows at the same time. It is transparent to the application, and provides runtime reconfigurability, thus coping with dynamic changes of security requirements. Finally, we describe ASF, our attack simulation framework for WSNs. Such a tool helps network designers to quantitatively evaluate effects of security attacks, produce an attack ranking based on their severity, and thus select the most appropriate countermeasures

Improved Wireless Security through Physical Layer Protocol Manipulation and Radio Frequency Fingerprinting

Wireless networks are particularly vulnerable to spoofing and route poisoning attacks due to the contested transmission medium. Traditional bit-layer defenses including encryption keys and MAC address control lists are vulnerable to extraction and identity spoofing, respectively. This dissertation explores three novel strategies to leverage the wireless physical layer to improve security in low-rate wireless personal area networks. The first, physical layer protocol manipulation, identifies true transceiver design within remote devices through analysis of replies in response to packets transmitted with modified physical layer headers. Results herein demonstrate a methodology that correctly differentiates among six IEEE 802.15.4 transceiver classes with greater than 99% accuracy, regardless of claimed bit-layer identity. The second strategy, radio frequency fingerprinting, accurately identifies the true source of every wireless transmission in a network, even among devices of the same design and manufacturer. Results suggest that even low-cost signal collection receivers can achieve greater than 90% authentication accuracy within a defense system based on radio frequency fingerprinting. The third strategy, based on received signal strength quantification, can be leveraged to rapidly locate suspicious transmission sources and to perform physical security audits of critical networks. Results herein reduce mean absolute percentage error of a widely-utilized distance estimation model 20% by examining signal strength measurements from real-world networks in a military hospital and a civilian hospital

Performance Evaluation of Security Solutions for Wireless Sensor Networks

In the recent years, wireless communication is involving not only computers, but a multitude of heterogeneous devices. Wireless Sensor Networks (WSNs) contribute to the new paradigm of pervasive computing, and this translates into new requirements for new applications. WSNs are employed not only on their own, but also in Cooperating Objects Systems (COSs), where mobile physical agents share the same environment to fulfill their tasks, either in group or in isolation. Sensor nodes are typically resource constrained devices deployed in unattended, possibly hostile environments. WSNs and COSs are a tempting target for an adversary, since a security infringement may easily translate into a safety one, with possible consequences in terms of damages to things and injures to people. Main security requirements for WSNs are secure communication, key management and secure bootstrapping. Security usually involves resource greedy operations, while sensors are resource constrained devices. This means that security requirements must be satisfied assuring a lightweight impact in terms of memory occupancy, network performance and energy consumption. In this thesis work, we start from a performance evaluation of the security sublayer of the IEEE 802.15.4 standard in terms of memory occupancy, network performance and energy consumption. Then, present and evaluate a solution to a vulnerability of the IEEE 802.15.4 standard that causes a selective Denial of Service attack. Finally, we present PLASA: a modular and reconfigurable security architecture for WSNs. PLASA extends the STaR architecture. STaR is a secure communication module we designed to provide confidentiality and/or authenticity of communications in a trans- parent and flexible manner. PLASA enhances STaR, introducing modules for key management and secure bootstrapping, so providing a complete system that is suitable not only for the WSN, but for the entire COS

On experimentally evaluating the impact of security on IEEE 802.15.4 networks

IEEE 802.15.4 addresses low-rate wireless personal area networks, enables low power devices, and includes a number of security provisions and options (the security sublayer). Security competes with performance for the scarce resources of low power, low cost sensor devices. So, a proper design of efficient and secure applications requires to know the impact that IEEE 802.15.4 security services have on the protocol performance. In this paper we present the preliminary results of a research activity aimed at quantitatively evaluating such impact from different standpoints including memory consumption, network performance, and energy consumption. The evaluation exploits a free implementation of the IEEE 802.15.4 security sublayer