A Design for Secure and Survivable Wireless Sensor Networks

1. A Design for Secure and Survivable Wireless Sensor Networks Yi Qian, Kejie Lu, David Tipper Presented by: William Newton University of Maryland, Baltimore County

2. What is a Wireless Sensor Network? • A Wireless Sensor Network (WSN) is a network of motes and base stations that communicate with each other over a wireless medium. Mote - battery operated node with limited computing and processing capabilities. Base Station (BS) – node with high computing capabilities. Examples: Military command and control, health-care, weather

3. Limitations & Environment Conditions • Mote Lifespan – Dependent on the battery • Limits computations • Cannot execute heavy crypto functions such as AES • Limits wireless communications • Efficient power control • Various Types of Attacks • Jamming (DoS), Sleep Deprivation Attack, Man in the Middle Attack, Sybil Attack, Physical Security • Environmental Factors

4. Security and Survivability • Security • Confidentiality – protect data from being viewed • Authentication – verify that data came from the “true” source • Integrity – protect data from modification • Secure Management • Base station level • Provide key management services • Survivability • Reliability – maintain functionality (even if some nodes fail) • Availability – ensures network accessibility when it is required. • Energy Efficiency – preserve battery life

5. Architecture

6. Key Management Scheme • Must maintain a keying scheme without “hogging” battery life • Key Management Solutions • Single shared key – Not a good idea • Pairwise key scheme – Not your traditional slice of pie • Challenge - distribute the keys (or keying materials) to each node before deployment in a secure fashion. • Methods • Pre-distributed keys • Dynamically generated keys (from keying materials) • Three Steps

7. Dynamically Generated Keys • Keying Materials – polynomial key pool based • Three Steps • Step 1: Initialization – distributing polynomial shares • Step 2: Direct Key • Two nodes attempt to establish a session key • Step 3: Path Key Setup (Step 2 Failed) • Establish a pairwise key with the aid of other sensors on the network • Must consider the current condition of the network (who can and can’t we trust?)

8. Assumptions • Not all of the motes are identical • Two types of motes were used for testing • C1  Weaker motes • C2  Stronger motes (Focus was not based around the base stations) • Metrics • Security: Scalability, efficiency, resilience, reliability • Survivability: Scalability, efficiency, key connectivity, resilience, reliability

9. Findings • Resilience of the key management scheme under attack conditions (Number of C2 motes vary) • Additional C2 motes provides stronger resilience and reliability

10. Findings (cont) • Resilience of the key management scheme under attack conditions withdifferent keypool sizes • Larger key pools provide stronger resilience. • Tradeoff – resilience and reliability

11. So What’s Missing? • What the paper did not address… • What happens if a C2 mode is compromised? • Efficiency of the key management scheme • Attacks on key management scheme • Intruder “sneaking” around • Key replay attack • Key authentication (good node/bad node)

12. Questions?