P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\titulka.jpg
PA197 Secure Network Design
Wireless Sensor Networks – attacker models, secure routing, IDS
•Petr Švenda svenda@fi.muni.cz
•Faculty of Informatics, Masaryk University

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Overview
•Intro to wireless sensor networks
•Security considerations
–Why are WSNs special?
•Attacker models
•Routing ® attacks ® secure routing
•Intrusion detection, reaction
•
2
| PA197 Wireless sensor networks

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
| PA197 Wireless sensor networks
SCADA image
Route to nodes technology
•
_TINYMCU ENIAC DaftDustSEMSys_150 images deepblue Apple iPhone 16GB Mobile Phone
wireless-sensor-node
3

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
| PA197 Wireless sensor networks
ISSCC Mote TMoteSky
Wireless Sensor Node
•Basic technology
–8 bit CPU, ~1 kB RAM, ~102 kB flash
–short range radio, battery powered
–condition sensor (temperature, pressure, …)
–xBow MicaZ, TelosB, BT LE, Weightless…
–https://en.wikipedia.org/wiki/List_of_wireless_sensor_nodes
•Putting pieces together…
–battery-powered small MCU
–+ efficient radio module
–+ environmental sensor
–=> Wireless Sensor Network (WSN)
DaftDustSEMSys_150
4

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
| PA197 Wireless sensor networks
•
humanbody soldier_sm
Combat field control
wildfire_mit_module
Remote fire detection
Medical information
bridgecar
Traffic control
5
Do we have useful application for WSN?

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
| PA197 Wireless sensor networks
Ideal in 2000:
WSN is highly distributed network with high number of low-cost sensor nodes powered by battery
connected via multi-hop communication with base station
6

pridat obrazek smart dust

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
| PA197 Wireless sensor networks
sensorNet
Large scale Wireless Sensor Networks
•Network of nodes and few powerful base stations
–102 – 106 sensor nodes
–particular nodes deployed randomly, e.g., from plane
•Network characteristics
–covering large areas - distributed
–ad-hoc position/neighbours – not known in advance
–multi-hop communication
•
l The price (still) is a current problem
●  currently ~50$ or more (complete node)
●  (but 3.35 $ for CC1110F32)
7

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
| PA197 Wireless sensor networks
>
8

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
| PA197 Wireless sensor networks
9
•But situation is getting better J

pridat obrazek sensoru s velkou baterii

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Navigating WSN (research) landscape
•The basic idea is sound and exciting
•BUT: extremely large body of research
–Scholar + ‘Wireless Sensor Networks’: 1,480,000 results
–Scholar + ‘Cryptography’: 811,000 results
•Large number of papers exploring artificial scenarios, lack of grounding to technology, not cited
at all…
•If involved, always ask for realistic usage scenarios
–Number of nodes, patterns of communication, network lifetime, energy consumption of sensors…
–
–
10
| PA197 Wireless sensor networks

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Current low(er)-cost technology
•IEEE 802.15.4 standard for low-rate PANs
–Basis for ZigBee tec.
•Bluetooth LE/Smart enabled devices
–~$10 for BT module
•Weightless-N/P/W (IoT), http://www.weightless.org/
–5 km range, 10 years lifetime, $2 price (planned J)
–Thanks to large range, fewer hops to reach sink node
•Libelium Waspmote (multi-RF node)
•Simple processing can be run directly on network controller chip (if accessible)
–Espressif ESP8266 ($1.6) WiFi module
•
–
11
| PA197 Wireless sensor networks

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Operating systems for WSNs
1.Should work on very limited device (102-103B RAM)
2.Should provide concurrency (perceived, real)
3.Should be flexible enough to support different usage scenarios
4.Should conserve as much energy as possible
•Examples: TinyOS, Contiky, RIOT…
12
| PA197 Wireless sensor networks

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
TinyOS architecture (Berkley)
•Used to be the most popular operating system for sensor nodes
–first version released in 2002 (TinyOS 1.2), current 2.1.2 (released in 2012)
–Open-source work https://github.com/tinyos/tinyos-main (active)
–network protocols, sensor drivers and data acquisition tools
•Basic design principles
–Event-driven (routines serving particular event)
–Telescoping abstractions
•abstractions with spectrum of levels, portability and optimization
–Partial virtualization
•top layers of telescopic abstractions are shared or virtualized
–Static binding and allocation
•no dynamic allocation, all required resources allocated statically
•Applications written in Network Embedded System C (nesC)
–optimized for low memory, real-time applications
| PA197 Wireless sensor networks
tinyos_3
13

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Contiki architecture
•Initial release 2003, current version 3.0 (2015)
–http://contiki-os.org/
•Basic design principles
–Dynamic loading and unloading of code at runtime
–Event-driven kernel
–Proto-threads (small routines executed after event)
•OS requires about 10 kilobytes of RAM (minimum)
–More complex than TinyOS (400B RAM only)
–TCP/IP stack… Optional addition of GUI etc.
–
14
| PA197 Wireless sensor networks

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
•
15
| PA197 Wireless sensor networks
We (will) have exciting technology.
Why/What security measures should be used?

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Where do we need security in WSNs?
•Sensitive data are often sensed/processed
–military application
–medical information, location data (privacy)
•Commercially viable information
–information for sale – cost for owner of the network
–know-how - agriculture monitoring
•Protection against vandalism
–distant non-existing fires blocks fireman
•
16
| PA197 Wireless sensor networks
•Early stage of WSN allows to build security in  rather than as late patch

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Why not “Just use TLS”?
•What are differences from standard networks and why classical solutions mail fail?
–Why we cannot use standard “TLS” for protection of data?
–Party authentication, confidentiality, integrity, freshness…
•Sometimes we can! (don’t be dogmatic)
•But: certificates, asymmetric crypto, revocation control, high data/computational overhead,
session management, authentication of data, local aggregation…
–TLS is great for IoT (is WSN != IoT?)
•
17
| PA197 Wireless sensor networks
D:\Documents\Obrázky\question.png

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Some differences from standard networks
•Running on battery (limited resource)
–days for personal network
–years for large scale monitoring network
–especially communication is energy-expensive
•Relatively limited computation power
–powerful CPU possible, but energy demanding
•Links can be temporal, network often disconnected
–by design, by necessity
| PA197 Wireless sensor networks
18

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
| PA197 Wireless sensor networks
Some differences from standard networks
•Nodes can be captured by an attacker
–all secrets can be extracted from unprotected nodes
–and returned back as malicious node
•How to detect malicious node?
•How to react on detected malicious node?
•
Mote devil
•When detection/reaction is hard,
•focus on prevention
120px-Light_Bulb_Icon
19

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Main topics in WSNs (network security)
•Establishing network
–Deployment, redeployment
–Neighbor discovery, clustering
•Using and maintaining network
–Sensing, data collection, data aggregation
–Routing and reliable communication
–Energy efficiency of all tasks (running on battery)
•Supporting security functions
–Key management (pre-distribution, establishment, use)
–Secure communication, authentication
–Partially compromised network
20
| PA197 Wireless sensor networks

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Network lifetime
•
21
| PA197 Wireless sensor networks
key pre-distribution
time
key update
message routing …
physical deployment
neighbors discovery
link key setup
nodes authentication
message routing …
nodes re-deployment
new to old nodes
authentication
link key setup
Network operation
Initial deployment

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
ATTACKER MODELS
•Wireless Networks – Attacker Models
| PA197 Wireless sensor networks
22

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
D:\mv\antenna_icon2.jpg devil D:\mv\telosb.jpg
Attacker models - capabilities
•Passive attacker
–Does not inject/modify messages and does not jam
•Active attacker
–May inject/modify messages or perform jamming
•External attacker
–Not a legitimate member of a network
–Not compromised any node or used key (yet)
•Internal attacker
–Legitimate member of a network
–compromised a single/few static/mobile sensor node(s) and/or possesses a single/few key(s)
•
23
| PA197 Wireless sensor networks

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Attacker models – capabilities (cont.)
•Local attacker
–Can overhear only a local area: single or few hop(s)
–Depending on antenna, transmission signal strength…
•Global attacker
–Can overhear most/all node-to-node and node-to-base station communication simultaneously for all
the time
•
24
| PA197 Wireless sensor networks
D:\mv\antenna_icon2.jpg devil D:\mv\telosb.jpg

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Attacker models - levels
•Level 1 attacker
–A low cost attacker with minimum equipment requirements
–Typical capabilities: Passive, External, Local
•Level 2 attacker
–A medium cost attacker with distributed eavesdropping and transmitting device(s), but no
compromised node
–Typically a group of people with radio devices
–Typical capabilities: Active, External, Global
25
| PA197 Wireless sensor networks
D:\mv\antenna_icon2.jpg devil D:\mv\telosb.jpg

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Attacker models – levels (cont.)
•Level 3 attacker
–A medium cost attacker with common or special equipment and knowledge
–The most common one as far as intentional serious attacks on a network are concerned
–Typical capabilities: Active, Internal, Local
•Level 4 attacker
–A high cost attacker with special equipment and knowledge (well-funded organization with high
motivation)
–Typical capabilities: Active, Internal, Global
•
•
26
| PA197 Wireless sensor networks
D:\mv\antenna_icon2.jpg devil D:\mv\telosb.jpg

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
ROUTING
•Wireless Networks – Routing
| PA197 Wireless sensor networks
27

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Target network topology
28
•| PA197 Wireless sensor networks
BS
Sensor node
BS
Base station

Term SA coined by Ross Anderson and Adrian Perrig 2004. Keys exchanged in plaintext, assumption of
incomplete eavesdropping, then simple protocol to turn some intercepted keys back
Their SA protocol was very simple – one intermediate, transmit key, combine
Second one step transmission – because existing key is used to encrypt transmission, order of
protocol runs matters
Multistep – not only single intermediate

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Routing influenced by data reporting model
•Time-driven
–Periodic, continuous
–E.g., “send current temperature every 10 seconds”
•Event-driven
–when event happens
–E.g., “report if temperature is more than 80°C”
•Query-driven
–When someone (base station) asks
–E.g., “send me the current temperature on node 42”
•Hybrid (combination)
29
| PA197 Wireless sensor networks
D:\Documents\Obrázky\question.png
How models compares?
-Routing requirements
-Attacker perspective

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
D:\Documents\Obrazky\ctp_routing_standf.png
Example: static fixed routing tree
•Every node is preloaded with ID of parent node closer to BS
–Received message is forwarded to parent node
•Advantages
–Simple, low-memory consumption
–Reduced attack surface (no route discovery)
•Disadvantages
–Disconnect on node’s failure
–Non-uniform battery consumption
–Not adapting to network changes
30
| PA197 Wireless sensor networks

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Example: Collection Tree Protocol (CTP)
•Collection Tree Protocol (CTP), default in TinyOS
–Many-to-one collection data collection protocol (nodes to BS)
–Address-free routing (only route towards BS)
•Routing metric is number of steps to BS (sink node)
–Number of expected transmissions (ETX) to reach sink node
–Each node keeps only smallest ETX to nearest sink node
–Routes with lower metric are preferred
–Message is send only from higher ETX to lower ETX
•Routing loops prevention
–In case of message with lower ETX then own => update path
•Possibility to periodically refresh routing metric
–Continuous adaptation to network changes
•
•
–
–
31
| PA197 Wireless sensor networks

http://www.btnode.ethz.ch/static_docs/tinyos-2.x/pdf/tep123.pdf

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
CTP – resulting routing tree
•
32
| PA197 Wireless sensor networks
D:\Documents\Obrazky\ctp_routing_standf.png
Source: http://sing.stanford.edu/gnawali/ctp/

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Hardware used, testbed
•
33
| PA197 Wireless sensor networks
D:\mv\telosb.jpg D:\mv\mica2.jpg D:\mv\zilog.jpg
CRoCS Laboratory testbed
Crossbow TelosB
Crossbow MICAz
Zilog ePIR
D:\mv\rfid2.jpg
RFID reader 125kHz

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
General attacks against routing
•Spoofed, altered, or replayed routing information
•Selective forwarding
•Sinkhole attacks
•Sybil attacks
•Wormholes
•HELLO flood attacks
•Acknowledgement spoofing
•
34
| PA197 Wireless sensor networks
Adapted from http://webs.cs.berkeley.edu/papers/sensor-route-security.pdf

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Basic topology with single sink node
•
35
| PA197 Wireless sensor networks
D:\Documents\Obrazky\ra_topology.png
Source: http://webs.cs.berkeley.edu/papers/sensor-route-security.pdf

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Wormhole attack
36
| PA197 Wireless sensor networks
Source: http://webs.cs.berkeley.edu/papers/sensor-route-security.pdf
D:\Documents\Obrazky\ra_wormhole.png
•Artificially short path(s)
•Perception of locality
•Influences routing metrics
•

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Sinkhole attack
•
37
| PA197 Wireless sensor networks
Source: http://webs.cs.berkeley.edu/papers/sensor-route-security.pdf
•Forge routing information, becomes malicious sink •Messages not delivered to legitimate sink
•Messages selectively forwarded to legitimate sink

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
HELLO flood attack
•
38
| PA197 Wireless sensor networks
Source: http://webs.cs.berkeley.edu/papers/sensor-route-security.pdf
D:\Documents\Obrazky\ra_flood.png
•Strong transmission of neigh. discovery or route establishment packet •Nodes will try to contact
malicious sender
•

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
D:\Documents\Obrazky\ra_sybil.png
Acknowledgements spoofing
•
39
| PA197 Wireless sensor networks
Source: http://webs.cs.berkeley.edu/papers/sensor-route-security.pdf
•Attacker fakes response from legitimate nodes (faster) •Perception of closeness of non-reachable
nodes

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Sybil attack
40
| PA197 Wireless sensor networks
D:\Documents\Obrazky\ra_topology.png
Source: http://webs.cs.berkeley.edu/papers/sensor-route-security.pdf
•Attacker pretends to have additional nodes connected behind him •Creates perception of multiple
nodes sensing same forged event, influences majority voting…

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
D:\Documents\Obrazky\ctp_routing_standf.png
Collection Tree Protocol - security?
•How would you attack CTP-enabled network?
•Bogus routing information
–Manipulate propagated ETX values
•Selective forwarding
–No control of delivery
•Sinkhole
–Advertise itself as base station (sink hole)
•Wormhole attack
–Shortcut path between two nodes via different medium (=> preferred path)
•HELLO flood attack
–Flood network with CTP beacons, corrupt paths and drain energy
•…
41
| PA197 Wireless sensor networks

http://webs.cs.berkeley.edu/papers/sensor-route-security.pdf

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Example: Directed diffusion
•Base station floods network for named data (interest)
–“Which node has temperate higher than 80°C?”
•Gradients with distance from base station
–If data found, returned back via reverse path
•Properties:
–Data-centric routing
–Robust due to flooding
•No cryptographic protection
–Basic version, many extensions
•Attacks:
–Suppress flow, cloning flow (eavesdropping)
–Selective forwarding…
42
| PA197 Wireless sensor networks

C.
Intanagonwiw
at,
R.
Go
vindan,
and
D.
Estrin,
“Directed
dif
fusion:
A
scalable
and
rob
ust
communication
paradigm
for
sensor
netw
orks,
”
in
Pr
oceedings
of
the
Sixth
Annual
International
Confer
ence
on
Mobile
Computing
and
Networks
(MobiCOM
’00)
,
August
2000

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
SECURE ROUTING
•Wireless Networks – Secure Routing
| PA197 Wireless sensor networks
43

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Why we need special routing for WSN?
•MANY existing routing schemes for ad-hoc networks
•Should have low packet overhead and node state
–Energy efficiency
–But: CPU/radio efficiency improves
•Should not be based on public key cryptography
–Increases cost of hardware / transmission
–But: ECC or pairing-based crypto?
•Should omit unnecessary complexity “any two nodes”
–Data-centric routing
–Energy-aware routing
–But: depends on usage scenario
44
| PA197 Wireless sensor networks

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Security and efficiency tradeoff
•There is tradeoff between security and efficiency
•Q: Should I require packet/message confirmations?
–Or just hope to be delivered to save energy?
•Q: Should I require cryptographically signed ACKs?
–Or just detect discrepancies on base station?
•Q: Should I use multiple paths to deliver?
–Or just one to save energy? Aggregate data?
•
•Always confront to your expected attacker model and usage scenario
45
| PA197 Wireless sensor networks

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Multipath routing algorithms
•Targets improved reliability, security and load balance
–Reliability – probabilistically bypassing unrealiable path
–Security – limits localized sinkhole (by bypassing it)
–Load balance – spread of communication load (energy)
•Nature of algorithms
–Infrastructure-based (more stable paths, infrastructure help)
–Non-infrastructure-based (paths discovered adhoc)
–Coding based (message split into parts via different routes)
46
| PA197 Wireless sensor networks

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
•
47
| PA197 Wireless sensor networks
Multipath Routing Techniques in Wireless Sensor
Networks: A Survey; Kewei Sha, Jegnesh Gehlot, Robert Greve

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
INTRUSION DETECTION
•Wireless Networks – Intrusion Detection System
| PA197 Wireless sensor networks
48

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Distributed intrusion detection
•Attacks considered: Jammer, Dropper, Selective dropper, Sybil, Sinkhole…
1.Promiscuity eavesdropping on IDS node
2.Gather runtime characteristics about neighbours
3.Compute monitored node “reputation”
4.If significant deviation is detected => reaction
–Report to BS or neighbours, change routing path, block offender (time-limited suicide)…
•
49
| PA197 Wireless sensor networks

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
IDS monitored network characteristics
•Signal Strength (of received packet from node)
•Carrier Sensing time (time to be clear to send)
•Packet Delivery Ratio (packets successfully forwarded by monitored node)
•Packet Send Ratio (how many packets send by monitored node were forwarded further?)
•…
•
50
| PA197 Wireless sensor networks

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Generic problems with IDS
•How long to store characteristics?
–limited memory
•How to reliable measure all wanted characteristics?
–usually impossible, missed/unheard transmissions
•How to detect deviances in noisy environment?
–Natural packet loss rate, attacker just below threshold
•How monitoring node should survive on batteries?
•How NOT to be tricked by an attacker to blame legitimate node?
•
51
| PA197 Wireless sensor networks

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Summary
•WSNs specifics: Limited communication, local knowledge, partial compromise
•Many factors influence resulting network settings
–Usage scenario
–Available hardware parameters => network topology
–Sensitivity and nature of data processed => attacker model
•Area is currently flooded with different protocols
–Have good understanding of basic principles
–Be critical in judging various proposal
–Have clear definition of usage scenario & attacker model
•
52
| PA197 Wireless sensor networks

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Mandatory reading
•Ch. Karlof, D. Wagner, Secure routing in wireless sensor networks: attacks and countermeasures
(2003)
•https://web.archive.org/web/20150621025340/http://webs.cs.berkeley.edu:80/papers/sensor-route-secu
rity.pdf
•
53
| PA197 Wireless sensor networks