Post on 03-Jan-2016
description
Adaptive Security for
Wireless Sensor Networks
Master Thesis – June 2006
Table of contents
I Introduction
II Security Aspects in WSN
III The Proposal
- Security Manager - Context Monitoring Algorithm
- Adaptive Security System Building Blocks - Building Blocks & Information procedure diagram
IV Results
V Conclusions
2/19
Introduction
• Sensor nodes are able to improve lots of applications (medical, industrial, intelligent environments…)
• Work is focused on the adaptive security of a wireless sensor networks
• A new feature is introduced: the Security Manager
• One specific scenarios has been studied: healthcare monitoring
Results
Conclusions
Our Proposal
Introduction
Security in WSN
3/19
Security aspects
• Weak points of Security in WSN:
– Communication between sensor nodes and the aggregator.
– The aptitude of a network to counterattack.– The ability to protect privacy
• Real need for a secure and an easy-to-use network
– We assume that the base station is a point-of-trust– The nodes must have robust solution against attacks:
• Use of authentication protocols and cryptography techniques
Results
Conclusions
Our Proposal
Introduction
Security in WSN
4/19
Our Proposal
• Security Manager
• Context Monitoring Algorithm
• Adaptive Security System building blocks
• Building blocks and information procedure diagram
Results
Conclusions
Our Proposal
Introduction
Security in WSN
5/19
Authentication and Encryption Processes
Authentication :
Diffie-Hellman
Elliptical curve equation
Encryption :
RC5 algorithm
X-OR operation
Flags
Key determination protocol
Message Encryption protocol
Results
Conclusions
Our Proposal
Introduction
Security in WSN
6/19
Security Levels
Three Levels of Security:
Low Level
RC5 - 32/6/3
Medium Level
RC5 - 32/6/5
High Level
RC5 - 32/12/5
Block length of clear text
Key length (in bytes)
Number of rounds
Results
Conclusions
Our Proposal
Introduction
Security in WSN
7/19
The Context Monitoring Algorithm
Determine an adaptive reaction to maintain the network’s integrity and functionalities.
Responsible for:
Tracking and Reporting the network’s status
Checking the anomalies
Monitoring the context information
Results
Conclusions
Our Proposal
Introduction
Security in WSN
8/19
Functionalities of the CMA
Broadcast requests
Analize traffic:
Check the number of messages.
Below expected Find deficient node
Increase the level of security
Above expected Revoke and change the nodes’ key
Increase the level of security
Results
Conclusions
Our Proposal
Introduction
Security in WSN
9/19
Functionalities of the CMA
Scan for attacks:
CRC Errors Change Channel
Aggregator DoS Revoke and change all the keys
Increase the level of security
Compromised node Revoke its key
Send notification to the user and to the hospital database
Power Control Management
Check the batteries status and send notification to the user
Control the emitting power of nodes and aggregator.
Results
Conclusions
Our Proposal
Introduction
Security in WSN
10/19
Adaptive Security System Building Blocks
Results
Conclusions
Our Proposal
Introduction
Security in WSN
11/19 (half-time)
Building Blocks &
Information procedure diagram
Results
Conclusions
Our Proposal
Introduction
Security in WSN
12/19
Results
•Aim : Find the best compromise between performance and security
•Conditions: Test bed:
- Processor Frequency: 540MHz
- Processing Unit: 32 bits
Real case (Mica2dot):- Processor Frequency: 4Mhz- Processing Unit: 8 bits
•Assumptions: Linear relation between the 2 processing units The gain in processing time is equivalent to the gain of
battery lifetime Reference – High Level of Security Key Exchange frequency : 4hours Message Sample Rate : 10 sec (according to Code Blue)
Results
Conclusions
Our Proposal
Introduction
Security in WSN
13/19
Performances of the System
• Evolution of the processing time and the key robustness regarding the level of security
Processing Time Gain 30%
Processing Time Gain 10%
Processing Time Gain 0%0%
5%
10%
15%
20%
25%
30%
35%
low medium high
1,5 hoursto break the Key
4712 daysto break the Key
2740 yearsto break the Key
Results
Conclusions
Our Proposal
Introduction
Security in WSN
14/19
Performances of the System
• Using our simulator and creating a typical day scenario, we have obtained the following results:
Processing time 81%
Gain 19%
Processing time 100%
w ith adaptive security w ithout adaptive security
Results
Conclusions
Our Proposal
Introduction
Security in WSN
15/19
Performances of the System• Why did we choose 4hours for the key exchange
frequency?
Only in the trusted place the time to break the key is less than 4 h. By increasing the key exchange frequency the battery consuming
highly increases
Processing time 45%
Gain due to a lower key exchange sample
rate 29%
Gain 26%
Processing time 74%
Gain 26%
Processing time 100%
with adaptive security(key exchange
frequency :4hours)
with adaptive security(key exchange
frequency :1,4hours)
without adaptivesecurity (key exchangefrequency :1,4hours)
Results
Conclusions
Our Proposal
Introduction
Security in WSN
16/19
Performances of the System
• The influence of the message sample rate on the energy consumption
Processing time 15%
Gain due to a lower message sample rate
77%
Gain 8%
Processing time 92%
Gain 8%
Processing time 100%
with adaptive security(Message sample rate:
10sec.)
with adaptive security(Message sample rate:
1sec.)
without adaptive security(Message sample rate :
1sec.)
Results
Conclusions
Our Proposal
Introduction
Security in WSN
17/19 (almost done)
Conclusions
• New solution based on the ECC and the Diffie-Hellman protocol
• Caution when labeling a place as “trusted”
• The adaptability of the system increases sensor nodes battery’s lifetime
• The user’s behavior is intimately connected to the security parameters, i.e. to the battery lifetime saved.
• Ability to track the network status and ensure a quick response
Results
Conclusions
Our Proposal
Introduction
Security in WSN
18/19
Thank you for your attention
… and Happy New Year