adaptive security for wireless sensor networks

Adaptive Security for

Wireless Sensor Networks

Master Thesis – June 2006

Table of contents

I Introduction

II Security Aspects in WSN

III The Proposal

- Security Manager - Context Monitoring Algorithm

- Adaptive Security System Building Blocks - Building Blocks & Information procedure diagram

IV Results

V Conclusions

2/19

Introduction

• Sensor nodes are able to improve lots of applications (medical, industrial, intelligent environments…)

• Work is focused on the adaptive security of a wireless sensor networks

• A new feature is introduced: the Security Manager

• One specific scenarios has been studied: healthcare monitoring

Results

Conclusions

Our Proposal

Introduction

Security in WSN

3/19

Security aspects

• Weak points of Security in WSN:

– Communication between sensor nodes and the aggregator.

– The aptitude of a network to counterattack.– The ability to protect privacy

• Real need for a secure and an easy-to-use network

– We assume that the base station is a point-of-trust– The nodes must have robust solution against attacks:

• Use of authentication protocols and cryptography techniques

Results

Conclusions

Our Proposal

Introduction

Security in WSN

4/19

Our Proposal

• Security Manager

• Context Monitoring Algorithm

• Adaptive Security System building blocks

• Building blocks and information procedure diagram

Results

Conclusions

Our Proposal

Introduction

Security in WSN

5/19

Authentication and Encryption Processes

Authentication :

Diffie-Hellman

Elliptical curve equation

Encryption :

RC5 algorithm

X-OR operation

Flags

Key determination protocol

Message Encryption protocol

Results

Conclusions

Our Proposal

Introduction

Security in WSN

6/19

Security Levels

Three Levels of Security:

Low Level

RC5 - 32/6/3

Medium Level

RC5 - 32/6/5

High Level

RC5 - 32/12/5

Block length of clear text

Key length (in bytes)

Number of rounds

Results

Conclusions

Our Proposal

Introduction

Security in WSN

7/19

The Context Monitoring Algorithm

Determine an adaptive reaction to maintain the network’s integrity and functionalities.

Responsible for:

Tracking and Reporting the network’s status

Checking the anomalies

Monitoring the context information

Results

Conclusions

Our Proposal

Introduction

Security in WSN

8/19

Functionalities of the CMA

Broadcast requests

Analize traffic:

Check the number of messages.

Below expected Find deficient node

Increase the level of security

Above expected Revoke and change the nodes’ key


Results

Conclusions

Our Proposal

Introduction

Security in WSN

9/19

Functionalities of the CMA

Scan for attacks:

CRC Errors Change Channel

Aggregator DoS Revoke and change all the keys


Compromised node Revoke its key

Send notification to the user and to the hospital database

Power Control Management

Check the batteries status and send notification to the user

Control the emitting power of nodes and aggregator.

Results

Conclusions

Our Proposal

Introduction

Security in WSN

10/19

Adaptive Security System Building Blocks

Results

Conclusions

Our Proposal

Introduction

Security in WSN

11/19 (half-time)

Building Blocks &

Information procedure diagram

Results

Conclusions

Our Proposal

Introduction

Security in WSN

12/19

Results

•Aim : Find the best compromise between performance and security

•Conditions: Test bed:

- Processor Frequency: 540MHz

- Processing Unit: 32 bits

Real case (Mica2dot):- Processor Frequency: 4Mhz- Processing Unit: 8 bits

•Assumptions: Linear relation between the 2 processing units The gain in processing time is equivalent to the gain of

battery lifetime Reference – High Level of Security Key Exchange frequency : 4hours Message Sample Rate : 10 sec (according to Code Blue)

Results

Conclusions

Our Proposal

Introduction

Security in WSN

13/19

Performances of the System

• Evolution of the processing time and the key robustness regarding the level of security

Processing Time Gain 30%

Processing Time Gain 10%

Processing Time Gain 0%0%

5%

10%

15%

20%

25%

30%

35%

low medium high

1,5 hoursto break the Key

4712 daysto break the Key

2740 yearsto break the Key

Results

Conclusions

Our Proposal

Introduction

Security in WSN

14/19


• Using our simulator and creating a typical day scenario, we have obtained the following results:

Processing time 81%

Gain 19%

Processing time 100%

w ith adaptive security w ithout adaptive security

Results

Conclusions

Our Proposal

Introduction

Security in WSN

15/19

Performances of the System• Why did we choose 4hours for the key exchange

frequency?

Only in the trusted place the time to break the key is less than 4 h. By increasing the key exchange frequency the battery consuming

highly increases

Processing time 45%

Gain due to a lower key exchange sample

rate 29%

Gain 26%

Processing time 74%

Gain 26%


with adaptive security(key exchange

frequency :4hours)

with adaptive security(key exchange

frequency :1,4hours)

without adaptivesecurity (key exchangefrequency :1,4hours)

Results

Conclusions

Our Proposal

Introduction

Security in WSN

16/19


• The influence of the message sample rate on the energy consumption

Processing time 15%

Gain due to a lower message sample rate

77%

Gain 8%

Processing time 92%

Gain 8%


with adaptive security(Message sample rate:

10sec.)

with adaptive security(Message sample rate:

1sec.)

without adaptive security(Message sample rate :

1sec.)

Results

Conclusions

Our Proposal

Introduction

Security in WSN

17/19 (almost done)

Conclusions

• New solution based on the ECC and the Diffie-Hellman protocol

• Caution when labeling a place as “trusted”

• The adaptability of the system increases sensor nodes battery’s lifetime

• The user’s behavior is intimately connected to the security parameters, i.e. to the battery lifetime saved.

• Ability to track the network status and ensure a quick response

Results

Conclusions

Our Proposal

Introduction

Security in WSN

18/19

Thank you for your attention

… and Happy New Year

adaptive security for wireless sensor networks

Documents