3rd IEEE International Conference on "Computational Intelligence and Communication Technology" (IEEE-CICT 2017)

A Survey of security in Wireless Sensor Networks

Aditi Rani, Sanjeet Kumar
Department of Electronics and Communication Engineering
BIT Mesra, Ranchi, Jharkhand, India
aditi9582@gmail.com
sanjeet@bitmesra.ac.in

Abstract— Wireless sensor networks are spatially distributed routing protocols needs to be devised that compensates its
sensor nodes that keeps the track of the physical or deficiencies and also maximize the network lifetime.
environmental conditions like sound, stress waves, temperature
of surrounding etc, and also send the sensed data back to the sink
or base station.WSN are used in many applications like military
areas, disaster management in remote areas, in building smart
cities etc. Therefore security is an important aspect in WSN.
These networks can be prone to various disastrous attacks or
hackers that has the motive to disrupt the entire network. In this
article, various aspects of security in Wireless Sensor Networks
has been observed like secure routing protocols, security at the
node level in the network, cryptography etc.

Index Terms— WSN; secure routing protocols; security issues

I. INTRODUCTION

Various advancements made in the area of Wireless

Communication and electronics Science has let the
development of low-power ,low-cost,tinymultifunctional Fig.1. Architecture of WSN
sensor nodes.These sensor nodes consisting of sensing,data
processing and communication components,make it possible
to deploy Wireless Sensor Networks (WSNs) efficiently as
they can be proved to be more advantageous than the III. ATTACKS IN WIRELESS SENSOR
conventional or existing Wireless communication NETWORKS
systems[1].Wireless Sensor Networks can be placed at remote
places, under-water etc to extract the useful information,also it WSNs are prone to numerous attacks or hackers.The
has unique features that enable the network to withstand intrudersalter the sensed data thus affecting the secrecy of the
unfavorable environmental situations. network data.Also authentication and integrity of the network
In Wireless sensor networks, due to nature of broadcast is affected,protection against these can be provided by various
communication there is possibility of hooligans,intrusion and cryptographic techniques and secure routing protocols.Attacks
alteration of the data packets. So to prevent the network from in WSNs can be categorized on the basis of different layers-
these threats it is essential to provide security in this field for physical layer,Link layer,Network layer and Transport
securely routing the data in the network.This article gives layer[2].
details of various attacks in Wireless Sensor Networks and its
countermeasures,various security issues and security
protocols,also related work done so far in the field of security
in Wireless Sensor Networks(WSNs).

II. ARCHITECTURE OF WSN

WSN consists of numerous nodes which can range from

hundreds to thousands in number that are deployed in the
network.WSN also consist of the sink or the base station,these
sensor nodes sense the data from the surrounding environment and
route the data back to the sink either through single hop or multi-hop
technique which in turn is transmitted to the user via other secondary Fig.2.Hierarchy of attacks at different layers
links.These nodes lack in energy and memory[2], therefore various

978-1-5090-6218-8/17/$31.00 ©2017 IEEE

1
 3rd IEEE International Conference on "Computational Intelligence and Communication Technology" (IEEE-CICT 2017)
Various attacks are discussed below:-
Selective Forwarding(SF)-As we know in multi-hop
technique all the nodes in the network will forward received
messages to the sink or sensor nodes .An attacker may create
corrupt nodes in the network that drops some important
messages intentionally while forwarding only few of them.
Defense mechanism against this attack is to use multiple paths
to route data in the network [2].
Sinkhole-In this scenario, an attacker makes the defected node
look very attractive as compared to other nodes in the
network. As a consequence, the surrounding nodes chooses
the defected node to send the data.
Sybil-It is also known as clone attack, as in this type of attack
there is the presence more than one identity of a node in the
network.Clones can leak data or can inject false data in the
network.
Acknowledgment spoofing(AS)- Sometimes an attacking
node can provide false information to their nearby nodes.This
is known as Acknowledgment spoofing.For example claiming
that the node is alive when in actual it is dead.Defense for this
is authentication.
Collision-When two nodes attempt to transmit on the same
frequency simultaneously a collision occurs due to which
packets collide with each other.This is a type of link layer
attack. Defense mechanism against this attack is to use
algorithms or codes for error correction, however these leads
to additional overheads.
IV. SECURITY ASPECTS IN WIRELESS
SENSOR NETWORKS
There are various security aspects like cryptography,secure
routing protocols example SPIN[10] and key
managementwhich plays an important role in providing
security at nodal level and network level in the WSNs.In this
paper security at both-nodal level and network level has been
discussed.At node level dynamic cryptography algorithm[14]
provides semantic security in the network,however it requires
memory and energy consumption which is compensated in the
LDTS[17] protocol.
Fig.3. Hierarchy of security in WSN
1. Providing security at node level
2
WSNs due to its wide range of applications are often deployed in
hostile environmentthus are susceptible to node capture,sensor nodes
can be trained or reprogramed by the attacker secretly turning them
into clones.Various solutions have been given to this problem like
Line-SelectedMulticast(LSM) [11] that uses the routing topology of
the network to detect the clones. In fig 4,in LSM any node p
announces its location and any neighboring node e forwards the
signature of the claimed node or node id to destination node h via
several intermediate nodes.The replicated node is caught by the
intersection of two paths generated by two different nodes with same
node ids. Node p’ is the clone of node p, detected at the intersection
of the two paths.Here x is the node at the intersection point of two
paths.
Fig.4.LSM Protocol [13]
Mauro et al. proposed a model for detection of clones that is
Randomized Efficient and Distributed RED [12] protocol
which is more energy efficient as compared to LSM.RED is
similar to Randomized Multicast Protocol [13] in principle but
the witness that is chosen is pseudorandom in nature and is
based on network-wide seed. After various simulations done it
is found that RED protocol attain the following properties:-
Areaobliviousness; Id obliviousness; overhead balancing; high
replica attacks detection probability; low overhead.
M.Donget al. proposed a Low-Storage Clone Detection
Protocol for Cyber-Physical Systems (LSCD)[26].It basically
consists of detection route and witness path.The model is
designed such that the detection route is in the perpendicular
direction of the witness path. It is assumed that the whole
network is in the form of ring and is called ring path which
consists of various witness paths with witness nodes and
detection routes to detect the probability of clone in the
network.
In this protocol it is ensured that the detection route
encounters the witness path,also a huge amount of energy is
left which can be utilized in lifetime maximization of the
network along with enhancing energy efficiency. LSCD has
following characteristics :-
Small storage requirement which is equivalent to a constant,
higher clone detection probability as compared to others,
increase in network lifetime and energy efficiency. The
fundamental aspect of LSCD protocol is that the distance
between any two clone detection route has to be smaller than
the witness path length.
Various simulation results shows that there is an of
improvement of about 20% in the network lifetime, also
probability of detection of clones has been increased to
50%,moreover has been observed that the storage
requirements are one-fifth of the LSM protocol.
 3rd IEEE International Conference on "Computational Intelligence and Communication Technology" (IEEE-CICT 2017)
Dynamic Cryptographic Algorithm [14] has been also
proposed to provide nodal level security in the Wireless
Sensor Network (WSNs).In this algorithm all the nodes are
shared with an initial key.It consists of two main steps:-
• Each sensor node will encrypt the sensed data with
the initial key.All the nodes also consist of another
key called as secondary key
• This secondary key is used to encrypt the data and
initial key with simple XOR operation,as this
operation consumes less energy.The secondary key is
made dynamic by changing its value periodically. So
by the time attacker comes close to guessing the
value of initial key,secondary key changes.To ensure
that the data and the initial key are safe, a safe time
gap is maintained.
Other light weight protocols like HEIGHT [15] and
PRESENT [16] can also be used as encryption techniques in
this.Security in WSNs is essential but some of the trust system
consumes more energy and has high overhead.A Light weight
and Dependable Trust System (LDTS) [17] provides security
that compensates the above deficiencies,it employs clustering
algorithm.It is based on node identities in clustered
WSNs.Canceling feedback between cluster members or
between cluster heads improves system efficiency thus
providing more efficient network with lesser malicious nodes.
Simulation results show that LDTS demands less memory and
overhead compared to other schemes.
A. Cryptography
It is very important to select the most efficient cryptographic
method in terms of memory, speed,power consumption etc.
Various cryptographic techniques have been proposed to
provide nodal level security.There can be symmetric and
asymmetric cryptography techniques based on the key
used.However symmetric cryptography is preferred over
asymmetric because of constraints on power consumption and
computation in sensor nodes[2].Symmetric key cryptography
uses same key for both encryption and decryption at both the
transmitting and receiving end.Some of the popular forms are
RC4[3],RC5[4],SHA-1[5],MD5[6] etc.
Asymmetric cryptographic techniques like Diffie-
Hellman[7],or RSA[8] can be used in WSNs,however due to
its computational complexity and overhead it is undesirable to
be used in WSNs. Brown et al. found that public key
cryptography requireson the order of tens of seconds or up to
minutes to perform encryption and decryption operations in
constrained wireless devices which exposes risk of DOS
attacks [9].On contrast private key cryptography consume much
lesser time. Table I summarizes some important asymmetric or public
key cryptography techniques with their key sizesand specifications
that can be used in WSNs.Elective Curve Cryptography (ECC-
160)[25] provides almost the same security even with smaller key
size,same is for RSA-1024[8].
3
TABLE I. PUBLIC KEY CRYPTOGRAPHY
KEY SIZE SPECIFICATIONS
RSA-1024 1024 bit keys Offer equal security for
smaller key size, smaller
overhead
ECC-160 160 bit keys
RSA-2048 2048 bit keys New minimum key size
,both are equivalent
ECC-224 224 bit keys
2. Providing security at network level
WSNs are prone to various attacks,one such attack is the Black
hole [18] attack which affects data collection.Active Trust [19]
protocol is proposed to tackle such type of attacks.This model
creates numerous routes for detection,thus provides trust in the
entire network and so it improves data route security. A
detection route refers to a route without data packets whose
goal is to convince the adversary to launch an attack so the
system can identify the attack behavior and then mark the
black hole location.For the implementation of this algorithm
two types of model i.e. the system model as well as the
adversaries model have to be created.This model simply uses
residue energy to createdetection routes,it improves network
security performance and also increases the lifetime of the
wireless sensor networks.
Ju Ren et al. proposed channel aware-reputation system with
adaptive detection threshold (CRS-A) [20] to detect selective
forwarding attack in WSNs.This is responsible for evaluation
of the data forwarding behavior of sensor nodes,according to
the deviation of the monitored packet loss and the estimated
normal loss.In this the optimal threshold is theoretically
derived,this is done to optimize the detection accuracy of
CRS-A.For improving the data delivery ratio of the
network,an attack tolerant data forwarding method is
developed that cooperates with the CRS-A model.Various
simulations reveal that it detects selective forwarding attack
very accurately and also detect the compromised nodes
present in the network.
Fig.5. Architecture of CRS-A[20]
 3rd IEEE International Conference on "Computational Intelligence and Communication Technology" (IEEE-CICT 2017)
A. Secure Routing Protocols
Secure routing is an important necessity in Wireless Sensor
Network WSNs for efficient and secure transmission of data
from nodes to sink.The goal of these are to provide integrity
and authentication .SPIN protocol[10] which is the secure
routing protocol has two building blocks:- SNEP and
µTesla.Secure Network Encryption Protocol (SNEP) provides
data confidentiality,peer to peer communication and two party
data authentication. µTesla provides authenticated broadcast.If
X wants to send any data or message to Y it is done as
follows:-
X→Y:D(୏౛౤ౙ౨,ౙ) ,MAC(K ୫ୟୡ, ‫୏()ܦ|ܥ‬౛౤ౙ౨,಴)
D-data transmitted
C-shared counter between sender and receiver
K ୣ୬ୡ -encryption key
K ୫ୟୡ - MAC key
MAC-Message Authentication Code
Counter value is incremented after every message thus same
message can be encrypted in different forms providing
semantic security.
MAC is the message authentication Code that is sent along
with the data from source to destination for either node to
node authentication or broadcast authentication. For broadcast
authentication a MAC is computed on the packet with a secret
key, the secrecy of the key is only at that point of time. The
node send the authenticated packet to the destination,
meanwhile it is assured that the MAC key has not been
disclosed by the base station(BS). So the secrecy of the MAC
key has to be maintained by the BS throughout the
transmission time. As a consequence the packet does not get
altered in between, and is stored properly. After some point of
time the key is disclosed or broadcasted to all the receivers in
the network to verify the correctness of the key, thus packets
are authenticated if key is found to be correct.
Fig.6 shows broadcast authentication by µTesla[10].
Fig.6. µTesla for broadcast authentication
A. Securing WSNs using efficient keying mechanism
Key management is an integral part of security in Wireless
Sensor Networks.The ultimate goal is to provide proper
establishment of required keys between sensor nodes so that
data can be exchanged securely.There are various key
management protocols based on network sharing as well on
the probability of key sharing.Key management can be
4
centralized or distributed based on the network
structure.Centralized scheme consists of a central coordinator
that controls the generation and distribution of keys. One such
example of is the LKHW[21] scheme i.e. Logical Key
Hierarchy based model.Another protocol called LEAP[22]
Localized Encryption and Authentication Protocol is based on
deterministic approach.It deals with the establishment of 4
types of keys –an individual key shared with the sink,a group
key that is shared by all the nodes in the
network,pairwise key shared with neighboring nodes and a
cluster key.
An efficient key management scheme is certificateless-
effective key management (CL-EKM)[23] protocol for secure
communication in dynamic Wireless Sensor Networks.This
protocol has the feature to update the keys when node leaves
or join the cluster,thus ensuring thesecrecy from back and
front both. This also has establishment of 4 types of keys:-
• A certificateless public/private key pair
• An individual key
• Pairwise key
• Cluster key
CL-EKM comprises of 7 phases,they are system set
up,pairwise key generation,cluster formation,key update,node
movement,key revocation and addition of new node.This
model also utilizes main algorithm of CL-HSC [24].It is
mainly used in deriving certificateless public/private keys and
pairwise keys.In this even if any node of the network is
attacked by the adversary, the entire network remain
unaffected as the generation of pairwise keys shared between
two nodes are independent of others .Even though any cluster
key is extracted by the compromised node, it cannot get the
information about other clusters and their nodes.This model
protects against clone attack,prevent node compromise,
impersonation attacks and also provide confidentiality and
integrity.
TABLE II.SECURITY PROTOCOLS OF WSN
PROTOCOLS CONTRIBUTION
Line Selected Clone detection, less energy efficient, clone
Multicast(LSM) detection probability less
[11]
Randomized Clone detection, more energy efficient,
Efficient and clone detection probability more
Distributed
(RED) [12]
Low-Storage Clone detection, most energy efficient,
Clone small storage requirement as compared to
Detection LSM and RED, clone detection probability
(LSCD) [26] most, increases lifetime of the network
SPIN [10] SPEN- data confidentiality, node to node
authentication
µTesla-broadcast authentication
Logical Key Centralized keying mechanism
Hierarchy
based model
(LKHW) [21]
 3rd IEEE International Conference on "Computational Intelligence and Communication Technology" (IEEE-CICT 2017)
Localized Deterministic keying mechanism, pairwise
Encryption and keys provide peer to peer protection ,cluster
Authentication key used for broadcast purpose
Protocol
(LEAP) [22]
certificateless- Certificateless keying mechanism, prevent
effective key node compromise and clone attack, entire
management network remain unaffected even if any
(CL-EKM) [23] node of the network is attacked
CRS-A [20] Channel aware reputation system, prevents
selective forwarding
V. CONCLUSION
As the requirement of WSNs is growing rapidly,security in
WSNs is becoming more apparent thus preventing the network
from attacks has become the prime goal for researchers.In the
absence of proper security the WSNs are vulnerable to various
attacks like sinkhole, Sybil,selective forwarding etc.
Confidentiality,integrity, authentication and data freshness are
some of the prime concerns of security in WSNs.All the above
security protocols add much computational complexity like
storage overhead in WSNs, acquire more energy etc, however
these security measures are highly desirable and are needed in
many applications. In this article various aspects of security
like cryptography, key management,secure routing protocols
etc have been surveyed which enhances the security
mechanism in the wireless sensor networks. Most of the
defined protocols are for stationary base station and stationary
nodes, new protocols should be developed for the security of
mobile nodes, this futuristic approach will lead to various
advancement in security of WSNs.
REFERENCE
[1] D. Estrin., “Instrumenting the World with Wireless Sensor Networks,”
Proc. Int’l. Conf. Acoustics, Speech and Signal Processing,Salt Lake City,
UT, May 2001.
[2] Yong Wang, Garhan Attebury, and Byrav Ramamurthy, “A Survey of
securituy issues in wireless sensor networks, IEEE Communications
Surveys& Tutorials ,2nd Quarter 2006 .
[3] A. J. Menezes, S. A. Vanstone, and P. C. V. Oorschot, “Handbook
ofApplied Cryptography, Boca Raton, FL: CRC Press,1996.
[4] R. L. Rivest, “The RC5 Encryption Algorithm, “Fast Software Encryption,
B. Preneel (Ed.), Springer, 1995, pp. 86–96.
[5] D. Eastlake III and P. Jones, “US Secure Hash Algorithm 1(SHA1), “RFC
3174 (Informational), Sept. 2001.
[6] R. L. Rivest, “The MD5 Message-Digest Algorithm, “ RFC 1321,Apr.
1992.
[7] W. Diffie and M. E. Hellman, “New Directions in Cryptography,”IEEE
Trans. Info. Theory, vol. 22, no. 6, Nov. 1976, pp.644–54.
[8] R. L. Rivest, A. Shamir, and L. Adleman, “A Method for Obtaining
Digital Signatures and Public-Key Cryptosystems,”Commun. ACM, vol. 26,
no. 1, 1983, pp. 96–99.
[9] D.Mansouri, “Detecting DOS attacks in WSN based on Clustering
Technique,2013 Wireless Communications and Networking Conference.
[10] A.Perrig.,“SPINS: Security Protocols for Sensor Networks,Wireless
Networks, vol. 8, no. 5, Sept. 2002, pp.521–34.
[11] V.D. Gligor, “Emergent Properties in Ad-Hoc Networks: A Security
Perspective,” Proc. ACM Symp. Information, Computer------- LSM and
Comm. Security (ASIACCS ’06), p. 1, 2006.
[12] Mauro Conti et al, “Distributed detection of clone attacks in Wireless
Sensor Networks,IEEE Transactions on Dependable and Secure
Communication, VOL.8,NO. 5,September/October 2011.
[13] V.D. Gligor, “Emergent Properties in Ad-Hoc Networks: A Security
Perspective,” Proc. ACM Symp. Information, Computer and Comm. Security
(ASIACCS ’06), p. 1, 2006.
[14] Nivedita Mukherjee, “A Dynamic Cryptographic Algorithm To Provide
Nodal Level Security in Wireless Sensor Network,2010 International
Conference on Innovative Computing and Communication and 2010 Asia-
Pacific Conference on Information Technology and Ocean Engineering.
[15] D. Hong, J. Sung, S. Hong, J. Lim, S. Lee, B.S; Koo,C. Lee, D.Chang, J.
Lee, K. Jeong, H. Kim, J. Kim, and S. Chee. HIGHT: A New Block Cipher
Suitable for LowResource Device, In L. Goubin and M. Matsui, editors,
Proceedings of CHES 2006, LNCS, volume4249, pp.4659, SpringerVerlag,
2006.
[16] A. Bogdanov et al., PRESENT: An UltraLightweight Block Cipher,
Proc. Workshop Cryptographic Hardware and Embedded
Systems (CHES 07), LNCS 4727, Springer, 2007, pp. 450466.
[17] Xiaoyong Li, “LDTS:A Lightweight and dependable Trust System for
Clustered Wireless Sensor Networks,IEEE Transactions on Information
Forensics and Security,vol.8.no.6 June 2016.
[18] Binod Kumar Mishra, “Security against Black Hole Attack in Wireless
sensor Network-A Review,2014 Fourth International Conference on
Communication Systems and Network Technologies.
[19].Yuxin Liu, “Active Trust: Secure and Trustable Routing in Wireless
Sensor Networks,IEEE Transactions on Information Forensics and
Security,vol.11,no.9 ,September 2016.
[20] Ju Ren, “Adaptive and Channel -Aware detection of Selective
Forwarding Attacks in Wireless Sensor Networks, IEEE Transactions on
Information Forensics and Security,vol.15,no.5 ,May,2016.
[21] R. D. Pietro et al., “LKHW: A Directed Diffusion-Based Secure
Multicast Scheme for Wireless Sensor Networks,” ICPPW ’03:Proc. 32nd
Int’l. Conf. Parallel Processing Wksps., IEEE Computer Society Press, 2003,
pp. 397–406.
[22] S. Zhu, S. Setia, and S. Jajodia, “LEAP: Efficient Security Mechanisms
for Large-Scale Distributed Sensor Networks,” CCS’03: Proc. 10th ACM
Conf. Comp. and Commun. Security, New York: ACM Press, 2003, pp. 62–
72.
[23] S.H. Seo, “Effective Key Management in Dynamic Wireless Sensor
Networks, IEEE Transactions on Information Forensics and
Security,vol.10,no.2 February 2015.
[24] S. Seo and E. Bertino, “Elliptic curve cryptography based certificateless
hybridsigncryption scheme without pairing,” CERIAS, West Lafayette,
IN, USA, Tech. Rep. CERIAS TR 2013-10, 2013.
[25] Elliptic Curve Cryptography, SECG Std. SEC1, 2000, available
atwww.secg.org/collateral/sec1.pdf.
[26] M.Dong, “LSCD:A Low storage Clone Detection Protocol for Cyber
Physical Systems, IEEE Transactions on Computer aided Design of Integrated
Circuits and Systems,vol.35, no.5,May 2016.