0% found this document useful (0 votes)

17 views77 pages

Ad Hoc MODULE-5

This document discusses security in Ad Hoc and Sensor Networks, highlighting key issues such as confidentiality, integrity, and availability, as well as various types of attacks including active and passive attacks. It outlines security mechanisms like encryption, authentication protocols, and intrusion detection systems, along with popular security protocols such as SPINS and LEAP. The document also addresses the advantages and disadvantages of implementing security measures in these networks, emphasizing the trade-offs between security and resource consumption.

Uploaded by

vikashmrh1

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

17 views77 pages

Ad Hoc MODULE-5

Uploaded by

vikashmrh1

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 77

MODULE: 5

Security in Ad Hoc and Sensor Networks

Security Attacks - Key Distribution and Management -Intrusion Detection - Software

based Anti-tamper techniques - Water marking techniques - Defense against routing
attacks - Secure Ad hoc routing protocols - Broadcast authentication WSN protocols -
TESLA - Biba - Sensor Network Security Protocols - SPINS

📘 Security in Ad Hoc and Sensor Networks

Security in Ad-Hoc and Sensor Networks (WSNs) is a critical concern due to the dynamic
and decentralized nature of these networks. Since these networks are often deployed in
untrusted environments, ensuring the confidentiality, integrity, and availability of data is a
major challenge. In this module, we will cover the key security issues, attacks,
countermeasures, and protocols used to safeguard these networks.

🔹 Key Security Issues in Ad-Hoc and Sensor Networks

1. Confidentiality:
Ensuring that sensitive information transmitted across the network is not exposed to
unauthorized nodes.
Example: In a military sensor network, it's important that the data related to enemy
locations is not intercepted by unauthorized parties.

2. Integrity:
Ensuring that data sent through the network is not altered or tampered with.
Example: In healthcare sensor networks, the data on a patient's vital signs should not
be tampered with.

3. Availability:
Ensuring that the network and its services are available when required, without
interruption due to attacks or failures.
Example: In smart home networks, it is important that devices like sensors and
security cameras remain operational at all times.

4. Authentication:
Ensuring that the entities (sensors or nodes) in the network can verify each other’s
identity before allowing communication.
Example: In a disaster recovery sensor network, it is important to ensure that data is
only received from trusted sensors.

5. Non-repudiation:
Ensuring that no sender can deny having sent a message. This is crucial for
accountability in networks.
Example: In a military communication network, ensuring that a message from a
command center is traceable.

🔹 Types of Attacks on Ad-Hoc and Sensor Networks

1. Active Attacks
These attacks involve altering the data in the network, causing disruptions. Examples include:

● Denial of Service (DoS):

Attackers flood the network with excessive data, preventing legitimate communication.
Example: A node in a sensor network might be overwhelmed with fake requests,
causing a denial of service.

● Replay Attacks:
Attackers intercept and replay messages in the network to trick nodes into thinking they
are receiving new data.
Example: A sensor node might receive old data as if it was freshly sent, leading to
wrong conclusions.

2. Passive Attacks
These attacks involve eavesdropping and monitoring the data without altering it. Examples
include:

● Eavesdropping:
Unauthorized nodes listen to the data being transmitted in the network, gaining sensitive
information.
Example: In a military sensor network, an attacker might eavesdrop to get strategic
information.

● Traffic Analysis:
Attackers observe traffic patterns and gain insight into the network's activity without
needing to decrypt the data.
Example: An attacker might track communication between nodes to predict the
network's behavior.
🔹 Security Mechanisms for Ad-Hoc and Sensor Networks
1. Encryption:
This technique is used to secure the data being transmitted by converting it into an
unreadable format. Only authorized parties can decrypt it.
Example: A smart city sensor network uses AES encryption to secure traffic data
from the sensors.

2. Authentication Protocols:

These protocols are used to verify the identity of nodes in the network before allowing
communication.
Example: A military network uses public-key cryptography to authenticate sensor
nodes before accepting data.

3. Key Management:

A mechanism for securely distributing and managing the cryptographic keys used for
encryption and authentication.
Example: A smart home network uses a key management system to securely share
keys between all devices for secure communication.

4. Intrusion Detection Systems (IDS):

These systems help detect unusual behaviors in the network that might indicate an
attack. They monitor traffic and identify potential security breaches.
Example: A sensor network in a forest fire detection system might use an IDS to
detect suspicious behavior like flooding of fake data from a compromised node.

5. Secure Routing Protocols:

These protocols are designed to securely transmit data between nodes, preventing
malicious nodes from disrupting the routing process.
Example: In an ad-hoc network used by emergency responders, a secure routing
protocol ensures data about the disaster scene is transmitted without tampering.

🔹 Popular Security Protocols

1. SPINS (Security Protocols for Sensor Networks):
A set of lightweight security protocols for sensor networks designed to provide data
confidentiality, authentication, and integrity.
Key Features:
○ Uses symmetric encryption (because sensor nodes have limited resources).

○ Tiny Encryption Algorithm (TEA) is often used for encryption.

Real-life Example: A healthcare network could use SPINS to secure the
transmission of patient data from remote sensors.

2. LEAP (Localized Encryption and Authentication Protocol):

LEAP provides security features like key management, authentication, and secure
data exchange within a sensor network.
Key Features:

○ Cluster-based security.

○ Uses localized encryption to minimize computation costs.

Real-life Example: In a smart farming network, LEAP could secure data from
different nodes like soil moisture sensors and weather stations.

3. Secured AODV (SAODV):

A modified version of the AODV (Ad hoc On-Demand Distance Vector) routing protocol,
designed to provide security features such as data integrity and node authentication.
Key Features:

○ Protects against route modification and impersonation attacks.

Real-life Example: A disaster recovery network could use SAODV to ensure
secure communication between rescue teams in a crisis zone.

🔹 Countermeasures Against Attacks

● Replay Attacks: Use time-stamping and sequence numbers to ensure data is not
replayed.

● Denial of Service (DoS): Implement rate-limiting and flow control to mitigate flood
attacks.

● Eavesdropping: Encrypt all data using strong encryption algorithms like AES to ensure
confidentiality.

● Node Compromise: Use multi-layered security and implement distributed trust to

prevent the compromise of single nodes.
🔹 Advantages of Security in Ad-Hoc and Sensor Networks
Advantage Explanation

🔒 Data Confidentiality Ensures sensitive data is protected from unauthorized access.

🔐 Data Integrity Guarantees that the data sent is not tampered with or altered.

🔑 Authentication Verifies the identity of nodes to prevent malicious entities from

joining the network.

🛡️ Network Availability Ensures that the network remains operational despite potential
attacks.

💡 Secure Provides mechanisms like encryption to protect data

Communication transmission.

🔹 Disadvantages of Security in Ad-Hoc and Sensor Networks

Disadvantage Explanation

🧠 Computational Security mechanisms like encryption require additional

Overhead processing power.

🔋 Power Consumption Encrypting and authenticating messages can consume more

power, reducing battery life.

💡 Complexity Implementing and managing security protocols increases the

complexity of the network.
🔹 Memory Retention Tips
1. Confidentiality = Secret Data:
Confidentiality ensures that data stays secret. Think of it as locking sensitive data in a
safe.

2. Integrity = Data Unchanged:

Integrity ensures that data remains unaltered during transmission. Think of it like a
tamper-proof seal on a package.

3. Availability = Always On:

Availability ensures that the network stays up and running, just like a secure bank
vault that is always accessible.

4. Authentication = Verifying Identity:

Authentication is about checking whether the sender is genuine before allowing
communication.

5. Attacks = Disruptions:

Active attacks cause disruptions, and passive attacks involve monitoring without
altering data.

🎯 Conclusion
Security in Ad-hoc and Sensor Networks is essential to ensure the confidentiality, integrity,
and availability of data. By employing various encryption, authentication, and intrusion
detection techniques, the risks of attacks can be minimized. However, security often comes at
the cost of higher power consumption and computational overhead, making it a trade-off
that needs careful planning for real-world deployment.

____________________________________________________________________________

📘 Security Attacks in Ad-Hoc and Sensor Networks

In Ad-Hoc and Sensor Networks (WSNs), the absence of a centralized infrastructure and the
dynamic nature of the network makes them vulnerable to a variety of security attacks. These
attacks can compromise data confidentiality, integrity, availability, and authentication. The
major types of security attacks in these networks are divided into active and passive attacks.
Let's go through each type of attack in detail:
🔹 Types of Security Attacks
1. Active Attacks

Active attacks involve altering the data being transmitted in the network. These attacks can
disrupt the normal functioning of the network.

a) Denial of Service (DoS) Attack

● Definition: In a DoS attack, the attacker floods the network with excessive data packets,
preventing legitimate communication.

● Impact: Network resources like bandwidth and memory are exhausted, causing
network failure or disruption.

● Real-life Example: Imagine an attacker targeting a military sensor network with fake
requests, causing it to become unavailable when real-time enemy data is needed.

b) Man-in-the-Middle (MITM) Attack

● Definition: In a MITM attack, the attacker intercepts and possibly alters the
communication between two nodes without them knowing.

● Impact: The attacker can read, modify, or inject messages into the network,
compromising the integrity and confidentiality of the data.

● Real-life Example: In a healthcare sensor network, an attacker might intercept and

alter a patient's heart rate data between sensors and the monitoring server.

c) Sybil Attack

● Definition: In a Sybil attack, one malicious node illegitimately creates multiple fake
identities (or nodes) to disrupt the network’s routing or decision-making process.

● Impact: Trust is undermined in the network, and the routing protocols fail to differentiate
between real and fake nodes.

● Real-life Example: In a disaster recovery network, fake nodes might be created to

mislead rescue teams, causing delays in finding survivors.

d) Wormhole Attack
● Definition: In a wormhole attack, the attacker captures data packets at one point and
tunnels them to another part of the network, possibly altering the path of communication.

● Impact: It can create routing loops, cause delays, or manipulate the network's routing
table.

● Real-life Example: In an emergency sensor network, an attacker could redirect

communication between rescue teams and the base station, delaying the response time.

e) Replay Attack

● Definition: The attacker intercepts and replays the messages in the network to mislead
or confuse the recipients.

● Impact: The nodes may process outdated or malicious information, which could result in
incorrect actions being taken.

● Real-life Example: An attacker might replay a supply chain sensor network’s data to
make it appear as if a shipment was delivered, even though it wasn't.

2. Passive Attacks

Passive attacks involve eavesdropping or monitoring the network traffic without altering the
data. While these attacks do not affect the functionality of the network directly, they can lead to
significant security breaches if sensitive data is intercepted.

a) Eavesdropping (Sniffing)

● Definition: The attacker listens to the communication between nodes to gather sensitive
information, such as private keys, data, or communication patterns.

● Impact: It compromises confidentiality, allowing attackers to collect private or sensitive

data.

● Real-life Example: In a military network, an attacker might listen to encrypted

communications to gain sensitive details about troop movements.

b) Traffic Analysis
● Definition: In a traffic analysis attack, the attacker observes patterns of communication
to infer network activity without decrypting the data.

● Impact: Attackers can gain insight into the network’s traffic behavior, such as
communication intervals and node locations, which could lead to an attack.

● Real-life Example: In a smart home network, an attacker might infer when someone is
at home based on the time intervals of sensor communication.

c) Location Privacy Breach

● Definition: Attackers use eavesdropping to track the location of specific nodes or users,
violating their privacy.

● Impact: It compromises the privacy of the users, revealing their movements and
potentially dangerous information about their position.

● Real-life Example: In a personal tracking system, an attacker might track someone's

movements through a GPS-based sensor network.

🔹 Security Attacks Classification

Type of Attack Nature Example Impact

Denial of Service Active Flooding a network with Network failure, service

(DoS) requests interruption

Man-in-the-Middle Active Intercepting and altering Loss of data integrity,

(MITM) communication confidentiality breach

Sybil Attack Active Malicious node creates Network mismanagement,

fake identities trust issues

Wormhole Attack Active Tunneling data to another Routing disruption, delays

location
Replay Attack Active Replaying intercepted Incorrect data processing
messages

Eavesdropping Passiv Intercepting Loss of confidentiality

e communication

Traffic Analysis Passiv Analyzing traffic patterns Data privacy breach, behavior
e inference

Location Privacy Passiv Tracking nodes based on Breach of personal privacy

Breach e their locations

🔹 Defense Mechanisms Against Attacks

1. Encryption:

○ Symmetric encryption (e.g., AES) or asymmetric encryption (e.g., RSA) can

be used to secure communication.

○ Example: Using RSA encryption to ensure the confidentiality of sensitive data

between nodes.

2. Authentication:

○ Use of cryptographic techniques to authenticate the identities of the nodes.

○ Example: Digital signatures for each node to prove authenticity.

3. Secure Routing Protocols:

○ AODV and DSR can be modified to include security features like

signature-based authentication and data integrity checks.

○ Example: Secure AODV (SAODV) ensures that no malicious nodes can disrupt
the route discovery process.
4. Intrusion Detection Systems (IDS):

○ IDS monitor network traffic to detect any unusual behavior indicating an attack.

○ Example: Anomaly-based detection might alert the network when a node’s

behavior is inconsistent with typical patterns.

5. Key Management:

○ Secure key distribution and management mechanisms are crucial to prevent

unauthorized access to network resources.

○ Example: LEAP protocol for managing keys in a sensor network.

🔹 Advantages of Securing Ad-Hoc and Sensor Networks

Advantage Explanation

🔒 Data Protects sensitive data from unauthorized access, ensuring

Confidentiality privacy.

🔐 Data Integrity Ensures the data remains unaltered and accurate throughout
transmission.

🛡️ Network Reliability Prevents malicious attacks that could disrupt network functionality
or availability.

🔑 Authentication Ensures that only authorized nodes can participate in the network.

🔹 Disadvantages of Securing Ad-Hoc and Sensor Networks

Disadvantage Explanation
🔋 Power Encryption and security protocols increase power usage, shortening
Consumption battery life.

💡 Network Security mechanisms like encryption and authentication add

Complexity complexity to network management.

⏳ Processing Security protocols require additional computation, leading to slower

Overhead data processing.

🔹 Memory Retention Tips for Security Attacks

1. Active Attacks = Disruptive:
Active attacks actively modify or disrupt data or network operations. Think of it like
someone tampering with a document.

2. Passive Attacks = Observing:

Passive attacks simply listen in on the network without altering it. It’s like someone
reading a book without changing any words.

3. DoS = Flooding:

Denial of Service (DoS) is like a traffic jam that prevents data from flowing smoothly.

4. MITM = Intercepting:

Man-in-the-Middle (MITM) is like an impersonator listening and altering your
conversation.

5. Replay = Repeating Old Data:

Replay attacks are like replaying a recorded conversation to deceive the recipient.

🎯 Conclusion
Security attacks in Ad-Hoc and Sensor Networks pose serious threats to the functioning of
these systems. However, by employing effective encryption, authentication, and intrusion
detection systems, we can mitigate the risks. It's important to stay aware of the different active
and passive attacks to ensure that these networks remain secure and reliable in real-world
applications.

____________________________________________________________________________

📘 Key Distribution and Management in Ad-Hoc and Sensor Networks

In Ad-Hoc and Sensor Networks (WSNs), Key Distribution and Management are critical
components for ensuring data confidentiality, integrity, and authentication. These networks
are vulnerable to attacks, and securing communication between nodes requires proper key
generation, distribution, storage, and revocation. Let's break down the key concepts in a
detailed manner.

🔑 Key Concepts
1. Key Distribution

● Definition: Key distribution refers to the process of securely distributing cryptographic

keys to nodes in a network so that they can encrypt and decrypt data, as well as
authenticate each other.

● Importance: Without secure key distribution, any malicious node can easily intercept or
forge messages, compromising the security of the network.

2. Key Management

● Definition: Key management involves the creation, distribution, storage, revocation,

and renewal of keys within a network.

● Importance: Effective key management ensures that keys are not compromised and
that communication remains secure even as nodes join or leave the network.

🔹 Types of Key Management

1. Symmetric Key Management

● Definition: Symmetric key management uses a single key for both encryption and
decryption. All nodes in the network share the same key or have pairwise keys for
communication.

● Real-life Example: In a home automation sensor network, all devices (like

temperature sensors, security cameras) might use the same symmetric key to
communicate securely.

● Advantages:

○ Faster encryption and decryption (since only one key is used).

○ Lower computational overhead.

● Disadvantages:

○ Difficult to securely distribute the key, especially in large networks.

○ If a key is compromised, the entire network is at risk.

Key Distribution Protocols (Symmetric Key):

● Key Pre-distribution: Keys are distributed to all nodes before deployment, often stored
in the nodes' memory.

○ Example: In pre-deployed sensor networks, every node has the same key
stored beforehand.

● Key Agreement: Nodes exchange public information and agree on a common secret
key for encryption.
○ Example: Diffie-Hellman key exchange protocol is used to agree on a secret
key between two communicating nodes.

2. Asymmetric Key Management

● Definition: Asymmetric key management uses public and private keys. Each node has
a pair of keys: a public key (shared with everyone) and a private key (kept secret).

● Real-life Example: In a military sensor network, each node uses its own public/private
key pair to authenticate messages securely and prevent unauthorized access.

● Advantages:

○ More secure, as there is no need to share private keys.

○ Easier to distribute the public key.

● Disadvantages:

○ Slower encryption/decryption due to the use of complex cryptographic algorithms.

○ Higher computational overhead compared to symmetric key methods.

Key Distribution Protocols (Asymmetric Key):

● Public Key Infrastructure (PKI): Uses a centralized certificate authority (CA) to issue
and verify digital certificates that contain public keys.
○ Example: In IoT sensor networks, certificates can be issued to nodes by a
trusted authority to verify their identity.

● Elliptic Curve Cryptography (ECC): A more efficient asymmetric algorithm used for
secure key exchange and data transmission.

○ Example: ECC-based protocols are commonly used in resource-constrained

sensor nodes.

🔹 Key Distribution Protocols (KDP)

1. Key Pre-distribution Scheme

● Definition: Each node is pre-loaded with a set of keys or a key that it can use for
communication with other nodes.

● Example: In a smart grid sensor network, each sensor node is pre-configured with a
key that allows it to communicate securely with other nodes during the network's
deployment.

● Advantages:

○ Simple to implement and fast key exchange.

● Disadvantages:

○ Vulnerable to compromise if the key distribution process is not secure.

2. Probabilistic Key Distribution

● Definition: Nodes are assigned a random set of keys, and keys are only shared if two
nodes share a common key.

● Example: In a mobile sensor network, nodes randomly choose a key from a set of
available keys and can communicate only with nearby nodes that share the same key.

● Advantages:

○ Reduces the complexity of the key management process.

● Disadvantages:

○ May lead to key sharing failures if nodes do not have common keys.

3. Trusted Third Party (TTP)

● Definition: A central trusted entity is used to distribute keys to nodes securely.

● Example: In a vehicular ad-hoc network (VANET), a trusted authority (like a traffic

management system) distributes keys to vehicles for secure communication.

● Advantages:

○ Provides a high level of security and control.

● Disadvantages:

○ Single point of failure; if the trusted party is compromised, the entire network is
vulnerable.

🔹 Key Revocation and Renewal

● Key Revocation:

○ Definition: The process of invalidating a key when it is no longer secure or when

a node is compromised. This is done to prevent the attacker from using the key
to decrypt messages.

○ Real-life Example: If a sensor node in a smart agriculture network is

compromised, its key must be revoked to prevent unauthorized access.

○ Methods:

■ Centralized Revocation: A central authority manages key revocation

(like in PKI).

■ Distributed Revocation: The network itself manages key revocation

without a central authority.

● Key Renewal:
○ Definition: The process of refreshing or replacing old keys with new keys at
regular intervals to maintain security.

○ Real-life Example: In a military wireless sensor network, keys may need to be

renewed periodically to prevent long-term exposure of encryption keys.

🔹 Key Management Challenges

1. Scalability:

○ As the network grows, the key management system should scale efficiently. For
example, in large-scale IoT sensor networks, distributing and managing keys
for thousands of nodes can be a challenge.

2. Energy Consumption:

○ Cryptographic operations (especially in asymmetric encryption) consume more

power, which is a critical concern for battery-powered sensor nodes.

3. Key Storage:

○ Storing keys securely on resource-constrained nodes is a challenge. If keys are

not stored securely, they could be exposed to attackers.

4. Node Compromise:

○ If a node is compromised, the attacker could gain access to all the keys
associated with that node. Key revocation is essential to mitigate this risk.

5. Key Synchronization:

○ When keys are updated or renewed, they must be synchronized across all
nodes, ensuring that all nodes use the latest keys.

🔹 Security of Key Management

1. Confidentiality:
○ Ensure that keys are not exposed to unauthorized entities, especially when
distributed over insecure channels.

2. Integrity:

○ Ensure that the keys are not altered during distribution. Digital signatures and
hashing can be used for integrity verification.

3. Authentication:

○ Ensure that the nodes requesting keys are legitimate. This can be done through
mutual authentication during key exchange.

🔹 Conclusion
Key Distribution and Management are crucial to maintaining the security of Ad-Hoc and
Sensor Networks. Effective key management ensures data confidentiality, integrity, and
authenticity while mitigating security risks. The use of symmetric, asymmetric, and hybrid
approaches for key management, along with protocols for key distribution, revocation, and
renewal, ensures secure communication in these dynamic, resource-constrained environments.

📝 Tips for Memory Retention

1. Symmetric = One Key:
For Symmetric Key Management, remember that it uses one key for both encryption
and decryption (e.g., AES).

2. Asymmetric = Public + Private Keys:

In Asymmetric Key Management, think of Public + Private Keys as each node’s
identity card (e.g., RSA).

3. Key Pre-distribution = Before Network Deployment:

Pre-distribute keys before deployment. It’s like pre-packing your luggage with
necessary things before going on a trip.

4. Key Agreement = Shared Secret:

In key agreement, nodes agree on a secret without directly sharing the key. Think of it
like agreeing on a handshake without revealing the handshake itself.
5. Revocation = Invalidating Old Keys:
Revocation is like deleting old passwords and generating new ones.

________________________________________________________________

📘 Intrusion Detection in Ad-Hoc and Sensor Networks

Intrusion Detection (ID) plays a crucial role in ensuring the security and integrity of Ad-Hoc
and Sensor Networks (WSNs). Since these networks are usually deployed in environments
with limited resources and are vulnerable to various attacks, detecting unauthorized or malicious
activity is vital to protecting the network. Intrusion detection helps identify security breaches,
malicious behaviors, or unauthorized access attempts.

Let’s break it down in detail.

🔐 Definition
Intrusion Detection refers to the process of monitoring and analyzing network traffic and node
behavior to identify security threats, such as unauthorized access, malicious actions, or
abnormal activities within the network.

🔹 Importance of Intrusion Detection

1. Network Protection: Prevents attacks like Denial of Service (DoS), eavesdropping,
and data manipulation that compromise network integrity.

2. Resource Conservation: Helps conserve battery and computational resources by

detecting attacks early and taking appropriate actions (like shutting down
compromised nodes).

3. Data Integrity and Confidentiality: Ensures the data exchanged between nodes
remains secure and private.

🔹 Types of Intrusion Detection Systems (IDS)

1. Anomaly-Based IDS
● Definition: This system detects intrusions by identifying deviations from normal
behavior or baseline traffic patterns.

● Example: If a sensor node in a smart agriculture network starts sending unusually

high amounts of data, an anomaly-based IDS would flag this as potential intrusion or
malicious activity.

● Advantages:

○ Detects unknown attacks (zero-day attacks).

○ Can adapt to new types of attacks as it identifies abnormal patterns.

● Disadvantages:

○ High false positive rate (legitimate traffic may also be flagged as abnormal).

○ Requires constant monitoring to establish accurate baseline behavior.

2. Signature-Based IDS

● Definition: This system uses predefined signatures or patterns of known attacks to

identify malicious activities.

● Example: If a known malware signature is detected in the data traffic between sensor
nodes in a military surveillance network, it is flagged as an intrusion.

● Advantages:

○ Very accurate for detecting known attacks.

○ Low false positive rate.

● Disadvantages:

○ Cannot detect new, unknown attacks.

○ Requires regular updates to the signature database to remain effective.

3. Hybrid IDS

● Definition: This system combines the benefits of both anomaly-based and

signature-based IDS. It detects known attacks using signatures and unknown attacks
using anomaly detection techniques.

● Example: A hybrid IDS in a smart home sensor network might detect a DoS attack
(known signature) and also flag unusual traffic patterns as a potential zero-day
attack.

● Advantages:

○ Flexible and able to detect both known and unknown attacks.

○ Reduced false positives compared to anomaly-based IDS.

● Disadvantages:

○ Complex and requires more resources (processing power and memory).

🔹 Intrusion Detection Techniques for Ad-Hoc and Sensor Networks

1. Distributed Intrusion Detection Systems (DIDS)

○ Definition: In Ad-Hoc Networks, DIDS is used where multiple nodes work

together to monitor network traffic and detect intrusions. The detection process is
distributed among several nodes rather than relying on a single node.

○ Real-life Example: In disaster recovery sensor networks, various sensor

nodes monitor each other’s activity, helping to detect intrusions or anomalies.

○ Advantages:

■ Scalable and does not depend on a single point of failure.

■ Can work in dynamic and decentralized environments.

○ Disadvantages:

■ Coordination among nodes can be difficult.

■ Communication overhead increases due to the need to share

information between nodes.

2. Centralized Intrusion Detection Systems (CIDS)

○ Definition: A centralized IDS relies on one central server or node to collect and
analyze all the data from the network nodes for potential intrusions.

○ Real-life Example: In smart grid networks, all data from individual nodes (like
energy meters) is sent to a centralized server for analysis.

○ Advantages:

■ Efficient analysis and centralized control.

■ Easier to update and maintain.

○ Disadvantages:

■ Single point of failure; if the central node is compromised, the entire

network's security can be jeopardized.

■ Scalability issues as the network grows larger.

🔹 Intrusion Detection Techniques Based on Data Traffic

1. Traffic Analysis

○ Definition: Analyzing network traffic to detect anomalies or patterns that

suggest malicious activity. This includes monitoring data packets for any unusual
patterns like flooding or repeated retransmissions.

○ Example: In a military ad-hoc network, if an attacker tries to flood the network

with excessive requests, the traffic analysis can help identify the attack.
○ Advantages:

■ Can detect early signs of an attack.

○ Disadvantages:

■ Requires high computational resources and may affect the

performance of the network.

2. Behavioral Analysis

○ Definition: This method focuses on monitoring the behavior of nodes and the
overall system. If a node behaves differently than expected (e.g., sending out
more data than usual or joining a different network), it could indicate an
intrusion.

○ Example: If a node in a healthcare sensor network starts accessing and

sending data outside its normal scope (e.g., heart rate sensor node starts
sending irrelevant data), it might be flagged as suspicious.

○ Advantages:

■ Can detect abnormal behavior without depending on signatures.

○ Disadvantages:

■ Can generate false positives if nodes’ behaviors change due to

legitimate reasons.

🔹 Challenges in Intrusion Detection for Ad-Hoc and Sensor Networks

1. Resource Constraints:
Nodes in sensor networks are typically resource-constrained, meaning they have
limited processing power, memory, and energy. Intrusion detection algorithms must be
lightweight and efficient to work in such environments.

2. Dynamic Topology:

The topology of Ad-Hoc networks is highly dynamic, with nodes frequently joining,
leaving, or moving around. This constantly changing network structure can make it
difficult to detect intrusions consistently.
3. Scalability:
As the network grows in size, intrusion detection must be able to scale without
significant performance degradation. Handling large amounts of data for analysis can be
challenging, especially in decentralized networks.

4. Energy Efficiency:

Since sensor nodes are typically powered by batteries, intrusion detection systems
need to be energy-efficient to prevent excessive battery consumption while still providing
accurate results.

🔹 Intrusion Detection Countermeasures

● Encryption:
Encrypting the communication between nodes ensures that even if data is intercepted, it
cannot be read or tampered with.

● Secure Authentication:
Authenticating each node in the network ensures that only authorized nodes can join
and communicate, reducing the chances of intrusion.

● Collaborative Detection:
Nodes in the network can collaborate to share intrusion detection information,
increasing detection accuracy and resilience against attacks.

● Periodic Updates:
Constantly updating signatures or patterns in signature-based IDS ensures that the
system can detect new threats and adapt to changing attack strategies.

📝 Tips for Memory Retention

1. Anomaly-Based = New Threats:
Anomaly-based IDS is like detecting unknown threats by noticing unexpected
behavior (like a leak in a pipe that you didn't expect).

2. Signature-Based = Known Threats:

Signature-based IDS works like a virus scanner on your computer that detects known
viruses based on predefined signatures.
3. Distributed = Many Eyes:
Think of Distributed IDS as multiple people keeping an eye on different corners of a
large room. They work together to notice any suspicious activity.

4. Centralized = One Boss:

Centralized IDS is like a central office managing all information and detecting
problems in one place.

5. Behavioral Analysis = Unusual Actions:

Behavioral analysis focuses on unusual actions (like a person doing something out of
character), just like how your phone detects unusual behavior to prevent fraud.

____________________________________________________________________________

📘 Software-Based Anti-Tamper Techniques

Anti-tamper techniques are crucial in ensuring the security of Ad-Hoc and Sensor
Networks. These techniques are designed to prevent or detect unauthorized modifications
(tampering) of the software running on sensor nodes, which could compromise the network's
integrity and functionality.

Tampering can occur in various forms, including:

● Modifying the software code.

● Accessing sensitive data or configuration parameters.

● Injecting malicious code.

Software-based anti-tamper techniques aim to protect the software itself, ensuring it remains in
its intended state even if an attacker gains physical access to a device.

Let’s dive into the details of these techniques.

🔐 Definition
Software-based anti-tamper techniques are security measures implemented at the software
level to detect, prevent, or respond to tampering attempts on the software of a system. These
techniques aim to preserve the integrity and authenticity of software code running on the
device, making it difficult for attackers to modify the software or gain unauthorized control.
🔹 Why is Anti-Tamper Important?
1. Preventing Unauthorized Access:
If an attacker gains access to the software of a sensor node, they could compromise the
entire network, steal data, or even manipulate its operation.

2. Ensuring Data Integrity:

Tampering could lead to the alteration of the sensor data, which is critical in applications
like healthcare monitoring, military operations, or environmental sensing.

3. Protecting Intellectual Property:

Many times, the software running on sensor nodes contains proprietary algorithms or
business logic. Anti-tamper techniques protect this intellectual property from being stolen
or copied.

4. Maintaining Network Security:

Since sensor networks are often deployed in hostile environments, software
tampering could lead to security breaches, causing data loss, denial of service, or even
loss of life in mission-critical applications.

🔹 Types of Software-Based Anti-Tamper Techniques

1. Code Obfuscation

○ Definition: This technique involves modifying the software’s source code to

make it difficult for an attacker to understand or reverse-engineer. The goal is to
disguise the original logic, making it challenging to tamper with.

○ Example: In a military sensor network, if an attacker tries to reverse-engineer

the code to disable security features, obfuscation would make the code
unreadable and prevent easy tampering.

○ Advantages:

■ Prevents reverse engineering.

■ Makes it harder to exploit vulnerabilities.

○ Disadvantages:
■ Increases complexity and may affect performance.

■ Difficult to apply to large software systems.

2. Control Flow Integrity (CFI)

○ Definition: Control flow integrity ensures that the execution flow of a program
follows its intended path. Any deviation from the expected flow (such as jumping
to malicious code) is detected and prevented.

○ Example: If an attacker tries to inject malicious code into a sensor node’s

firmware to change the flow of data, CFI ensures that only valid control flows are
executed.

○ Advantages:

■ Detects buffer overflow attacks and code injection.

■ Can be applied to both compiled and interpreted languages.

○ Disadvantages:

■ May introduce performance overhead.

■ Can be complex to implement in resource-constrained environments.

3. Encryption and Code Signing

○ Definition: Encrypting the software code and using digital signatures ensures
that only authorized users can modify or load the software. Any tampering with
the software will cause the signature verification to fail.

○ Example: In a healthcare sensor network, if an attacker tries to load malicious

code onto a sensor node, the system checks the digital signature, and if it doesn't
match, the node will refuse to execute the code.

○ Advantages:

■ Provides strong security against unauthorized modifications.

■ Helps to ensure authenticity and integrity of the software.

○ Disadvantages:
■ Requires secure storage for encryption keys, which may not be feasible in
low-resource environments.

■ Signature verification may add delays in processing.

4. Tamper Detection using Checksums

○ Definition: A checksum is a value calculated from the data in the software. The
checksum is stored securely, and during software execution, the system checks
whether the software code has been altered. If the checksum does not match,
tampering is detected.

○ Example: In a smart city sensor network, each node calculates a checksum of

its software and periodically checks it. If the checksum changes, it indicates that
the software has been tampered with.

○ Advantages:

■ Simple to implement.

■ Effective for detecting unauthorized changes.

○ Disadvantages:

■ Can be bypassed if the attacker knows the checksum method.

■ Requires periodic checks, which could affect performance.

5. Self-Modification Detection

○ Definition: This technique involves monitoring software for self-modifying code.

Self-modification refers to code that changes its own instructions while running. If
the software is modified during execution, this technique detects the modification.

○ Example: If an attacker injects code that alters the behavior of a sensor node in
an IoT-based agricultural monitoring system, self-modification detection would
catch this change.

○ Advantages:

■ Detects dynamic modifications to code.

■ Helps prevent malicious self-repair mechanisms used by malware.

○ Disadvantages:

■ Requires continuous monitoring, which might be resource-intensive.

■ Some software designs rely on self-modifying code for performance

optimizations.

6. Runtime Integrity Checking

○ Definition: Runtime integrity checking involves continuously monitoring the

execution of software during runtime to ensure it hasn’t been tampered with.
This can include checking function calls, memory addresses, and system
behavior.

○ Example: In a smart vehicle network, if an attacker attempts to modify the

control software running on a sensor node, the runtime integrity check will flag
this as a potential attack.

○ Advantages:

■ Real-time detection of tampering.

■ Can be integrated with other anti-tamper techniques for comprehensive

protection.

○ Disadvantages:

■ May introduce performance overhead due to constant monitoring.

■ Requires advanced hardware support for effective implementation.

🔹 Challenges with Software-Based Anti-Tamper Techniques

1. Resource Constraints:
Many sensor nodes have limited computational power, memory, and battery life,
which makes implementing complex anti-tamper techniques challenging.

2. False Positives/Negatives:

Some techniques, such as checksums or control flow integrity, can generate false
positives (legitimate changes flagged as tampering) or false negatives (tampering not
detected).

3. Performance Impact:

Anti-tamper techniques can introduce performance overhead. This may be particularly
problematic in real-time applications, where delays are undesirable.

4. Complexity:
Implementing multiple anti-tamper techniques in a resource-constrained environment
requires careful planning and may lead to a complex system.

📝 Tips for Memory Retention

1. Obfuscation = Confuse the Attacker:
Think of obfuscation as blurring the picture so the attacker can’t see the details
clearly.

2. Control Flow Integrity = Keep the Path:

Imagine the software as a railroad track; control flow integrity ensures that the train
follows the correct path and doesn’t derail.

3. Code Signing = Like a Verified Stamp:

Code signing is like a seal of approval on software; if the seal is broken, you know the
code has been tampered with.

4. Checksums = Software Fingerprint:

Think of checksums as the fingerprint of your software — it identifies the software, and
if it changes, it’s an indication of tampering.

5. Self-Modification Detection = Watchful Eye:

This is like watching someone editing their own homework — if they start changing the
answers, you’ll notice.

____________________________________________________________________________

💧 Watermarking Techniques for Ad-hoc and Sensor Networks

Watermarking refers to the process of embedding a hidden signal or pattern (usually in the
form of data) into a piece of content like software, images, audio, or videos. This hidden data
is typically used for copyright protection, authenticity verification, or tamper detection. In
the context of Ad-hoc and Sensor Networks, watermarking techniques can be utilized to
ensure data integrity and protect against unauthorized modifications.
Watermarking can be particularly important in wireless sensor networks where sensitive data is
transmitted, and ensuring the authenticity of the data is crucial.

Let’s dive into watermarking techniques and their role in security and tamper detection.

🔐 Definition
Watermarking in Ad-hoc and Sensor Networks refers to the process of embedding a unique,
invisible code or data pattern into sensor data or transmissions. The goal is to track,
authenticate, or detect tampering with the data. If someone tries to alter the data (e.g., modify a
sensor reading), the watermark would reveal that the data has been tampered with.

🔹 Types of Watermarking Techniques

1. Spatial Domain Watermarking

○ Definition: In spatial domain watermarking, the watermark is directly

embedded into the original data (e.g., sensor readings or image data) in the
time or space domain without any transformation.

○ Example: In an environmental sensor network, if a node records temperature

data, the watermark could be embedded in the data values (e.g., slightly
modifying readings in a predictable way).

○ Advantages:

■ Simple and easy to implement.

■ Direct embedding into the data makes it easy to integrate.

○ Disadvantages:

■ Susceptible to noise: Since the watermark is directly embedded in the

data, it might be easily detected or modified if the data is noisy or
subject to attack.

■ Low robustness in adversarial environments.

2. Frequency Domain Watermarking

○ Definition: This method embeds the watermark in the frequency domain of the
data. The data is first transformed (using techniques like Fourier or Wavelet
transforms), and the watermark is inserted into the transformed coefficients.

○ Example: In audio sensor networks for wildlife monitoring, frequency domain

watermarking could be used to embed an invisible signal into the frequency
spectrum of sound data captured by sensors.

○ Advantages:

■ More robust to signal processing attacks (e.g., compression or noise).

■ Difficult to detect or modify.

○ Disadvantages:

■ More computationally expensive than spatial domain methods.

■ May degrade the quality of data (e.g., audio or image quality).

3. Least Significant Bit (LSB) Watermarking

○ Definition: The Least Significant Bit (LSB) of data refers to the smallest bit of
information in a digital number. In LSB watermarking, the watermark is
embedded in the least significant bits of the data, making it invisible to the
human eye or unaided systems.

○ Example: In a military sensor network, where the data is highly sensitive, the
watermark could be hidden in the LSB of transmitted sensor values, ensuring that
unauthorized users can’t detect or alter the original data without leaving evidence
of tampering.

○ Advantages:

■ Simple and easy to implement.

■ Invisible to standard observation.

○ Disadvantages:
■ Susceptible to compression or noise, which may distort or remove the
watermark.

■ Not robust against tampering if the data is altered significantly.

4. Adaptive Watermarking

○ Definition: In adaptive watermarking, the watermark is inserted based on the

data content or the network’s operational conditions. This technique adapts
the watermarking process based on the characteristics of the data to improve the
robustness against tampering.

○ Example: In a sensor network monitoring water quality, the watermark may be

adapted to different types of sensor data (e.g., pH levels or temperature),
ensuring it’s robust against the specific data variations.

○ Advantages:

■ Highly robust to data distortions and adaptive to the type of data.

■ Can improve the security and reliability of the watermarking process.

○ Disadvantages:

■ Complex to implement and requires dynamic analysis of data.

■ More resource-intensive than simple methods like LSB.

5. Temporal Watermarking

○ Definition: This involves embedding the watermark in temporal data that varies
with time, making it harder for attackers to detect or remove. This is often used in
time-series data collected by sensor networks.

○ Example: In a healthcare sensor network (e.g., for heart rate monitoring), the
watermark could be embedded into the time-series data stream of heart rate
readings, ensuring that if the data is modified or replaced, the watermark is
altered as well.

○ Advantages:

■ More robust against attacks that alter data over time.

■ Time-sensitive watermarking that adapts to the temporal patterns of the
data.

○ Disadvantages:

■ May require additional time-synchronization techniques, which can be

computationally expensive.

■ Potential for data drift making the watermark less effective over longer
time periods.

🔹 Applications in Ad-hoc and Sensor Networks

1. Tamper Detection:

○ In military networks, where sensor nodes track weapon status or sensitive

location data, watermarking can be used to detect tampering with data to ensure
its integrity.

2. Data Authentication:

○ In environmental monitoring networks, watermarking ensures that data

transmitted from sensors (e.g., temperature or humidity) hasn’t been tampered
with by unauthorized actors.

3. Intellectual Property Protection:

○ For IoT-based smart cities, watermarking could be used to protect the

intellectual property of sensor network designs or algorithms by embedding
invisible signatures in data or firmware.

4. Securing Data Transmission:

○ In healthcare networks that collect sensitive patient data, watermarking ensures

that data is transmitted securely and hasn’t been modified during transmission.

🔹 Advantages of Watermarking in Sensor Networks

1. Security and Integrity:

○ Provides a method to ensure the authenticity of data, allowing detection of

tampered or counterfeit data.

2. Tamper Resistance:

○ Even if an attacker gains access to a node, tampering with the watermark can be
detected, making it a robust mechanism for tamper resistance.

3. Resource-Efficient:

○ Watermarking can be implemented with minimal overhead on sensor nodes with

low power and memory constraints, especially using LSB techniques.

🔹 Disadvantages of Watermarking
1. Data Distortion:

○ Embedding a watermark might cause distortion in the data, especially in highly

sensitive applications (e.g., healthcare).

2. Vulnerability to Attacks:

○ Some watermarking methods, such as LSB, are susceptible to compression,

noise, and other attacks, which may remove or alter the watermark.

3. Performance Overhead:

○ While watermarking techniques like frequency domain watermarking offer strong

security, they can cause performance overhead due to the computational
resources required to implement them.

📝 Memory Tips
1. Watermark = Hidden Mark:
Think of watermarking as a secret signature on your data — it’s invisible, but it proves
the data hasn’t been changed.

2. LSB = Tiny Changes:

LSB watermarking makes very small changes to the data (the least significant bit) —
just like tiny marks on a piece of paper that are hard to notice.

3. Frequency Domain = Data Hidden in Waves:

Frequency domain watermarking hides the watermark in the frequency spectrum,
much like hiding a message in radio waves — difficult to detect.

4. Adaptive = Custom Fit:

Adaptive watermarking adjusts based on the data type, just like tailoring a custom suit
to the wearer — it fits the data perfectly.

_______________________________________________________________

Defense Against Routing Attacks in Ad-hoc and Sensor Networks

Routing attacks are one of the most serious threats to the security of Ad-hoc and Sensor
Networks. These attacks aim to disrupt the normal operation of the network by tampering with
or poisoning the routing process, which is responsible for the data transmission path between
nodes.

There are various methods to defend against routing attacks. Let's dive into the common
defense strategies and explain them in simple terms.

1. Types of Routing Attacks

Before understanding the defenses, it's important to first know about the common routing
attacks that affect Ad-hoc and Sensor Networks:

1. Black Hole Attack:

○ A malicious node falsely advertises itself as the shortest path to the destination
and drops all the data packets that pass through it.

2. Wormhole Attack:

○ Two malicious nodes establish a tunnel between them and forward data through
it, causing disruption in the normal routing path.
3. Sybil Attack:

○ An attacker creates multiple fake identities to confuse the routing protocol and
cause misrouting.

4. Rushing Attack:

○ A malicious node rushes to forward a route request, making it look like a valid
route while blocking other legitimate requests.

5. Hello Flood Attack:

○ The attacker sends a Hello message to attract all nodes, pretending to be a

legitimate node and causing routing table manipulation.

6. Attacks on Route Discovery:

○ In this type of attack, the malicious node disrupts the route discovery process,
either by sending false route replies or incorrect path information.

2. Defense Mechanisms Against Routing Attacks

A. Intrusion Detection Systems (IDS)

● Definition: IDS are used to detect abnormal behavior in the network, such as unusual
routing behavior or suspicious packets, and alert the system or take corrective actions.

● Example: If a node detects that routing tables are being manipulated or unexpected
routes are being formed, it can alert other nodes to prevent further damage.

● Advantages:

○ Can detect malicious nodes early.

○ Provides real-time monitoring of the network.

● Disadvantages:

○ Requires extra resources like computation power, which might be limited in

resource-constrained sensor networks.
B. Authentication

● Definition: Every node in the network can be authenticated, ensuring that only
authorized nodes participate in the routing process.

● Example: A sensor node can verify the identity of the neighboring nodes before
exchanging routing information. If a node is not authenticated, it will be ignored.

● Advantages:

○ Prevents unauthorized access and routing manipulation by malicious nodes.

● Disadvantages:

○ Key management can be complex and difficult to implement, especially in large

networks.

C. Secure Routing Protocols

● Definition: These are modifications of existing routing protocols designed

specifically to handle attacks and ensure secure communication.

● Example: Secure AODV (Ad hoc On-demand Distance Vector) adds authentication
and encryption layers to prevent malicious modifications of routing tables.

● Advantages:

○ Provides secure communication even in the presence of attackers.

○ Can be customized based on the attack type (e.g., routing loops).

● Disadvantages:

○ Performance overhead due to encryption and additional checks.

D. Data Encryption and Integrity Checking

● Definition: This involves encrypting routing messages to ensure they are not
tampered with, and performing integrity checks on the routing data.

● Example: If a route update message is encrypted, attackers cannot change the route
information without breaking the encryption.
● Advantages:

○ Ensures the integrity of the routing data and prevents unauthorized

manipulation.

○ Confidentiality is preserved by keeping the routing information hidden.

● Disadvantages:

○ Processing overhead due to encryption/decryption, especially in low-powered

sensor nodes.

E. Reputation-based Systems

● Definition: Nodes in the network give reputation scores to their neighbors based on
their behavior. Malicious nodes can be identified if they consistently fail to behave
properly.

● Example: If a node drops packets intentionally (like in a black hole attack), other nodes
will reduce its reputation over time, and eventually, it will be excluded from the routing
table.

● Advantages:

○ Decentralized approach where nodes evaluate their neighbors independently.

○ Adaptive: The system can evolve as the network changes.

● Disadvantages:

○ It may be difficult to accurately measure reputation in highly dynamic

networks.

○ False positives (innocent nodes being flagged as malicious) can occur.

F. Path Randomization

● Definition: In this approach, nodes randomly select routes to the destination rather
than always taking the same path, making it harder for attackers to predict the route.

● Example: In case of a wormhole attack, the attacker might not know which route to
intercept, as the paths are being randomized regularly.
● Advantages:

○ Makes it difficult for an attacker to predict or control the routing paths.

○ Provides robustness against routing attacks.

● Disadvantages:

○ Increased overhead in route selection and path management.

G. Threshold Cryptography

● Definition: In threshold cryptography, multiple nodes are required to cooperate to

perform an action (such as generating a key or decrypting a message), making it more
difficult for an attacker to gain control of the network by compromising a single node.

● Example: If a node wants to send a secure routing message, it needs the cooperation of
k out of n nodes to decrypt the message or generate the encryption key.

● Advantages:

○ High security because compromising one node doesn't lead to a complete

system breach.

● Disadvantages:

○ More communication overhead due to collaboration between multiple nodes.

3. Summary of Defense Strategies

Defense Description Advantages Disadvantages

Mechanism

Intrusion Monitors abnormal Early detection, Requires extra

Detection behaviors in the network to real-time monitoring. resources for
System detect malicious activities. monitoring.
Authentication Verifies the identity of Prevents Key management
nodes before unauthorized access can be complex.
communication. and attacks.

Secure Routing Modifications of routing Provides secure Performance

Protocols protocols to secure data communication, overhead due to
transmission. customizable against extra processing.
attacks.

Data Encryption Encrypts routing messages Ensures data Processing

and Integrity and checks data integrity to integrity and overhead,
prevent tampering. confidentiality. especially in low
power devices.

Reputation-base Nodes rate their neighbors Adaptive, Difficult to measure

d Systems based on behavior. decentralized. reputation
accurately.

Path Routes are selected Hard for attackers to Increases overhead

Randomization randomly to avoid predict or control in route
predictability. routing paths. management.

Threshold Requires cooperation of High security, hard Communication

Cryptography multiple nodes for for attackers to overhead,
encryption/decryption. control the network. complexity.

4. Tips for Remembering Defense Mechanisms

1. "IDS = Watchdog":

Intrusion Detection Systems act as a watchdog for the network, constantly monitoring
for suspicious behavior.

2. "Authentication = Guarding the Gate":

Just like ID checks at a gate, authentication ensures only trusted nodes can
participate in routing.

3. "Encryption = Lock and Key":

Think of encryption as a lock on the data and key for authorized nodes to unlock it.
Unauthorized tampering would break the lock.

4. "Reputation = Friend or Foe":

Reputation systems act like friend lists: If a node misbehaves, it gets removed from
the network.

5. "Path Randomization = Hide and Seek":

Randomizing paths makes it harder for attackers to track the data flow — like playing
hide and seek.

6. "Threshold = Teamwork":

Multiple nodes need to work together to secure the network, just like teamwork to
solve a complex task.

____________________________________________________________________________

Secure Ad-hoc Routing Protocols

In Ad-hoc networks, where nodes dynamically form a network without any fixed infrastructure,
the security of the routing protocols is crucial. Ad-hoc networks are vulnerable to various
attacks like black hole attacks, wormhole attacks, Sybil attacks, and more. To combat these,
secure routing protocols are designed to ensure that only trusted nodes participate in the
communication process, and the network remains resilient against malicious actions.

1. Need for Secure Ad-hoc Routing Protocols

Since ad-hoc networks operate in open, dynamic, and decentralized environments, it is

essential to protect against threats that exploit the routing process. Standard protocols, like
AODV or DSR, were not originally designed with security in mind. As a result, secure routing
protocols enhance the routing process by incorporating authentication, integrity checks, and
encryption to mitigate vulnerabilities.

2. Types of Secure Ad-hoc Routing Protocols

Secure ad-hoc routing protocols are often based on the traditional protocols like AODV, DSR,
and OLSR, but they incorporate additional security mechanisms.

A. Secure AODV (SAODV)

● Definition: SAODV is a modification of the Ad-hoc On-demand Distance Vector

(AODV) routing protocol that enhances security. It introduces cryptographic
techniques to prevent unauthorized nodes from participating in route discovery and
route maintenance.

● Key Features:

○ Digital Signatures: Used to authenticate routing messages.

○ Message Authentication Code (MAC): Ensures the integrity of routing

messages.

○ Secure Route Discovery: Encrypts the route request and response to prevent
tampering.

● Real-life Example: Think of SAODV as a secure email system where each message
sent requires a digital signature, ensuring that the sender is legitimate and the content
has not been altered in transit.

● Advantages:

○ Provides authentication and integrity to prevent unauthorized nodes from

injecting malicious routes.

○ Can prevent replay attacks by using timestamps in the routing messages.

● Disadvantages:

○ Processing overhead due to encryption and decryption operations.

○ Key management becomes complex in large networks.

B. Secure DSR (S-DSR)

● Definition: Secure DSR is a modification of the Dynamic Source Routing (DSR)

protocol. It incorporates security measures like digital signatures and certificates to
ensure route authenticity and protect against attacks such as black hole and wormhole
attacks.
● Key Features:

○ Route Signature: Ensures that the route in the route request is valid and
originates from a legitimate source.

○ Certificate-based Authentication: Verifies the identity of the nodes before they

can participate in routing.

○ Route Integrity: Prevents malicious nodes from tampering with the route
information.

● Real-life Example: Secure DSR is like an official document where every route is
digitally signed, ensuring the authenticity of the sender and preventing tampering of
information.

● Advantages:

○ Provides route verification to ensure that the route data is not modified.

○ Uses public-key cryptography to verify the identity of nodes.

● Disadvantages:

○ High computation cost due to the digital signatures and certificates.

○ Increased packet size due to additional security headers.

C. Ariadne

● Definition: Ariadne is a secure on-demand routing protocol that is resistant to both

black hole and wormhole attacks. It uses cryptographic methods to authenticate
route discovery messages, ensuring that the paths chosen by the nodes are safe and
trustworthy.

● Key Features:

○ Cryptographic Authentication: Ensures that routing control messages are from

trusted nodes.

○ Secure Route Request and Reply: Prevents attackers from modifying or

injecting malicious routes.

● Real-life Example: Ariadne acts like a secure bank transaction system, ensuring that
only verified and authorized users can participate in the routing process, just like how
only authenticated bank users can access their accounts.

● Advantages:

○ Resistant to black hole attacks where malicious nodes try to absorb data
packets.

○ Efficient cryptographic design with a focus on low overhead.

● Disadvantages:

○ Complexity in large-scale networks.

○ Overhead caused by cryptographic operations like signing and verification.

D. SEAD (Secure Efficient Ad-hoc Distance Vector)

● Definition: SEAD is a secure routing protocol designed to enhance the security of

Distance Vector Routing (DVR) in ad-hoc networks. It uses hash chains to securely
propagate distance vector updates.

● Key Features:

○ Hash Chains: Protect routing messages from manipulation during propagation.

○ Efficient Security: Low overhead compared to other secure protocols due to its
lightweight cryptographic approach.

● Real-life Example: SEAD is like a bank vault where every update or transaction is
logged securely, preventing attackers from altering the records.

● Advantages:

○ Efficient in low-resource environments because it uses lightweight

cryptography.

○ Low overhead due to the use of hash chains for security.

● Disadvantages:

○ Vulnerable to some attacks (like wormhole or Sybil) due to the lack of node
authentication.
3. Comparison of Secure Routing Protocols

Protoco Key Security Advantages Disadvantages

l Mechanism

SAODV Digital Signatures, Authentication, Integrity Processing overhead, Key

MAC management complexity

S-DSR Digital Signatures, Route Verification, Public High computation cost,

Certificates Key Cryptography Increased packet size

Ariadne Cryptographic Resistant to black hole Complexity in large networks,

Authentication and wormhole attacks High cryptographic overhead

SEAD Hash Chains Lightweight cryptography, Vulnerable to some attacks,

Low overhead Lacks node authentication

4. Tips to Remember Secure Routing Protocols

1. "SAODV = Secure AODV":

Think of SAODV as the secure version of the standard AODV protocol, where digital
signatures and encryption ensure that only trusted nodes can participate in the
routing process.

2. "S-DSR = Secure DSR":

Secure DSR (S-DSR) ensures that routes are verified, like official documents, and
no one can alter them without being caught.

3. "Ariadne = Safe Path":

Ariadne is like a safe path for routing because it prevents any malicious node from
hijacking the route (like preventing a black hole or wormhole).

4. "SEAD = Secure Distance Vector":

SEAD ensures that your distance vector routes are logically secure, with hash
chains protecting the routing messages from tampering.

5. Conclusion

Secure ad-hoc routing protocols provide essential protection against various attacks that aim to
disrupt the routing process in ad-hoc and sensor networks. By implementing cryptographic
methods, authentication, and integrity checking, these protocols ensure that only legitimate
nodes are part of the network and can communicate effectively without being compromised.
Understanding the various security mechanisms and their advantages and disadvantages will
help you choose the most suitable protocol based on your specific network needs.

Broadcast Authentication in Wireless Sensor Networks (WSNs)

Broadcast authentication in Wireless Sensor Networks (WSNs) is a crucial aspect of

ensuring the integrity, authenticity, and security of messages sent across the network. Since
WSNs are often deployed in open, unattended environments, where nodes may be
vulnerable to attacks, ensuring that broadcast messages (messages sent to all nodes) are from
legitimate sources and not tampered with is essential.

Broadcast authentication aims to verify the identity of the sender, protect against malicious
node behavior, and ensure that the messages are not altered during transmission.
1. Why Broadcast Authentication is Important in WSNs?

● Resource Constraints: Sensor nodes are typically low-powered and have limited
memory, processing capacity, and battery life. This makes it difficult to use
traditional, heavy cryptographic techniques.

● Unattended Operation: WSNs are often deployed in remote or inaccessible locations,

making physical security harder to maintain. Attackers can easily inject malicious
packets or compromise the network.

● Broadcast Nature of Communication: Most communication in WSNs is broadcast

since sensor nodes send data to multiple nodes (like sink nodes or base stations) at the
same time. This increases the risk of attacks like message injection or message
tampering.

● Integrity and Authentication: Since WSNs often operate in environments where

untrusted nodes might be present, broadcast authentication ensures that messages are
from legitimate sources and remain unaltered during transmission.

2. Key Requirements for Broadcast Authentication in WSNs

1. Authentication: Verifying the source of the message. Only trusted nodes should be
able to send messages to the network.

2. Integrity: Ensuring that the broadcast messages are not altered during transmission,
preventing attackers from modifying the data.

3. Efficiency: Since sensor nodes have limited resources, broadcast authentication
schemes should be lightweight and energy-efficient.

4. Scalability: As WSNs can consist of hundreds or thousands of nodes, the broadcast
authentication protocol must work effectively in large-scale networks.

5. Minimal Overhead: The protocol should add minimal communication overhead,
ensuring that the network resources are not overly burdened.
3. Broadcast Authentication Techniques in WSNs

There are several methods used for broadcast authentication in WSNs. The primary goal of
these techniques is to protect the network from attackers while preserving node resources.

A. Symmetric Key-Based Broadcast Authentication

In symmetric key-based broadcast authentication, all nodes in the network share a common
secret key or have pairwise shared keys with each other. This shared key is used to encrypt
and authenticate the messages.

● Key Features:

○ A message authentication code (MAC) is generated for each broadcast

message using the shared key.

○ Receiver nodes can verify the authenticity of the message using the MAC and
the common secret key.

○ If the message is tampered with, the MAC will not match, indicating the
message’s lack of integrity.

● Real-life Example: Think of symmetric key-based authentication like a shared

password between friends. When you send a message (broadcast) to your friends, you
include the password (MAC). Only your friends, who know the password, can
authenticate that the message is from you and hasn't been changed.

● Advantages:

○ Simple and fast, as it uses a common key.

○ Lightweight in terms of computational overhead.

● Disadvantages:

○ Scalability issues in large networks, as maintaining a shared key can be

complex.

○ Key management is difficult if the key is compromised.

B. Public Key-Based Broadcast Authentication

In public key-based broadcast authentication, each node has a pair of cryptographic keys:
a public key (known to everyone) and a private key (kept secret). The node signs its broadcast
messages with its private key.

● Key Features:

○ The public key can be used by the receiver nodes to verify the signature.

○ Digital signatures are used to authenticate the message and verify its integrity.

● Real-life Example: Public key-based broadcast authentication is similar to how email

encryption works with PGP (Pretty Good Privacy). You sign your email with your
private key, and anyone can verify your email using your public key. If the signature
matches, they know it's authentic and hasn't been altered.

● Advantages:

○ Scalable, as each node only needs to share its public key.

○ Strong message integrity and non-repudiation.

● Disadvantages:

○ High computational overhead due to the asymmetric encryption.

○ Public key distribution can be complex, especially in dynamic networks.

C. Hierarchical Broadcast Authentication

In hierarchical broadcast authentication, the network is structured in layers or groups, with

some nodes acting as trusted authorities or aggregators. These nodes handle the
authentication process on behalf of others, reducing the overhead on resource-constrained
nodes.

● Key Features:

○ Lower level nodes send data to a higher level node for authentication.

○ These high-level nodes sign the messages and then broadcast them to
lower-level nodes.

● Real-life Example: This can be compared to how a central server authenticates and
approves requests before they are sent out to a larger network, like a website
verification system where only the trusted server handles sensitive transactions.

● Advantages:

○ Reduces overhead on resource-constrained nodes.

○ Scalable as it minimizes the work done by each individual node.

● Disadvantages:

○ Single point of failure if the higher-level node is compromised.

○ Complex node hierarchy management.

4. Security Challenges in Broadcast Authentication

● Key Management: Efficient management of cryptographic keys (symmetric or

asymmetric) is crucial to ensuring the integrity and authenticity of broadcast messages.

● Replay Attacks: Malicious nodes may capture broadcast messages and replay them
later. Mechanisms like timestamps or nonce values can be added to prevent such
attacks.

● Malicious Nodes: Nodes that do not follow the protocol can broadcast false or altered
messages. Ensuring node authentication and message integrity is key to preventing
this.

● Communication Overhead: Broadcast authentication methods often involve additional

data being sent (like signatures or MACs), which increases the communication
overhead. Minimizing this overhead while maintaining security is a challenge.

5. Broadcast Authentication Protocols in WSNs

Here are some commonly used protocols for broadcast authentication:

1. LEAP (Localized Encryption and Authentication Protocol):

○ LEAP provides efficient authentication by utilizing symmetric cryptography
and assigning localized keys to nodes. It is energy-efficient but faces
challenges in large-scale networks.

2. BM (Broadcast Authentication Mechanism):

○ BM utilizes hash chains and sequential keys for authentication, providing low
communication overhead while ensuring message integrity.

3. μTESLA (Micro TESLA):

○ μTESLA is a symmetric key-based broadcast authentication protocol

designed for low-power networks like WSNs. It relies on time-based delayed
disclosure of keys to authenticate messages.

6. Tips to Remember Broadcast Authentication

● "Public key = Secure Identity": Remember that public key-based protocols

authenticate the sender using the public key to verify the signature.

● "Hierarchical = Group Work": Hierarchical broadcast authentication means that the

trusted node in a group handles the authentication, reducing the load on others.

● "Symmetric = Shared Password": In symmetric key-based protocols, think of a

shared password for all nodes to authenticate each other.

● "LEAP = Efficient Local Keying": LEAP is all about local encryption with shared
keys, making it lightweight but still secure.

Conclusion

Broadcast authentication is essential for ensuring the security, integrity, and authenticity of
messages in Wireless Sensor Networks (WSNs). By employing methods like symmetric key
authentication, public key infrastructure, and hierarchical systems, WSNs can safeguard
against common attacks while maintaining efficiency. Understanding the trade-offs in terms of
computation, communication overhead, and scalability will help in choosing the right
authentication method for a given WSN deployment.
__________________________________________________________________________

TESLA (Timed Efficient Stream Loss-tolerant Authentication)

TESLA is an authentication protocol designed for use in low-power and

resource-constrained networks like Wireless Sensor Networks (WSNs). It is primarily used
for broadcast authentication of messages sent across the network. The protocol aims to
provide data authenticity while ensuring efficiency and energy conservation—two key
challenges in WSNs.

TESLA is used to secure broadcast communications by ensuring that nodes can verify the
source of a message and its integrity, even in situations where the network is vulnerable to
attackers trying to inject malicious or altered data.

1. Key Features of TESLA

1. Efficient Authentication:

○ TESLA is designed for networks with limited resources (like WSNs), where
conventional methods like public-key cryptography would be too costly in terms
of both computation and energy.
2. Time-based Key Disclosure:

○ TESLA uses a timed approach to authenticate messages. A key idea behind

TESLA is the use of delayed key disclosure. A node will send a message along
with a partial key to authenticate the message, but the full key is revealed only
after a certain period of time. This ensures that attackers cannot easily spoof the
message without knowing the corresponding key.

3. Stream-oriented Authentication:

○ TESLA is optimized for streaming data, where continuous data (e.g., sensor
readings) is being transmitted, and the protocol allows for the efficient
authentication of each message in the stream.

4. Low Communication Overhead:

○ TESLA minimizes the communication overhead by using symmetric key

cryptography, which is computationally cheaper compared to asymmetric
methods (e.g., RSA or digital signatures).

5. Loss-Tolerant:

○ TESLA is designed to tolerate occasional packet loss (common in wireless

networks), making it more resilient to typical network issues in WSNs.

2. Working Principle of TESLA

How TESLA Works:

1. Key Chain Generation:

○ The sender node generates a key chain of secret keys. These keys are
generated in a sequential manner, where each key is derived from the previous
one.

○ For example, if the key chain consists of keys K1,K2,K3,…K_1, K_2, K_3, \dots,
the sender will start with K1K_1 and keep generating subsequent keys
K2,K3,…K_2, K_3, \dots until the last key.

2. Message Authentication:

○ When a node broadcasts a message, it attaches the first key (say K1K_1) from
the key chain to the message as a MAC (Message Authentication Code) or
hash.

○ The receiver node cannot authenticate the message immediately because the
next key in the chain (e.g., K2K_2) is required for verification, but it is not
disclosed yet.

3. Delayed Key Disclosure:

○ After a predefined time period, the sender node reveals the next key in the key
chain (e.g., K2K_2). This key allows the receivers to verify the authenticity of the
previous messages that were sent.

○ This delayed disclosure ensures that even if an attacker intercepts a message,

they cannot forge or modify messages without knowing the future keys.

4. Authentication by Receiver:

○ When a node receives a message, it waits for the appropriate key (revealed at
the next time step) to authenticate the message. Once the key is disclosed by the
sender, the receiver can verify the authenticity of the message using that key.

5. Chaining of Keys:

○ After the key K1K_1 is used to authenticate a message, the next key K2K_2 in
the chain is revealed for use in authenticating the following message. This
process continues in a timed sequence.

3. Advantages of TESLA

1. Efficient:

○ TESLA uses symmetric key cryptography, which is computationally lighter and

more energy-efficient than public-key cryptography methods like RSA.

2. Energy Conservation:

○ The protocol is designed to be energy-efficient, which is crucial for

resource-constrained networks like WSNs where nodes have limited power.
3. Secure Broadcast Authentication:

○ TESLA offers a secure way to authenticate broadcast messages in a network

without requiring heavy cryptographic operations, making it ideal for real-time
applications like sensor data streaming.

4. Tolerates Packet Loss:

○ TESLA is loss-tolerant, meaning that it can still provide message authenticity

even if some packets are lost during transmission, which is common in wireless
networks.

5. Scalability:

○ TESLA can be effectively scaled for large networks of sensor nodes, making it
suitable for massive deployments.

4. Disadvantages of TESLA

1. Delay in Authentication:

○ Since keys are revealed after a delay, there is a time gap between when the
message is sent and when it can be authenticated. This can introduce latency.

2. Key Management:

○ The protocol requires careful key management and synchronization across

nodes, which can become challenging if there are a large number of nodes or if
nodes join/leave the network frequently.

3. Vulnerability to Replay Attacks:

○ TESLA may be vulnerable to replay attacks if keys are not updated frequently or
if an attacker intercepts and replays old messages. This can be mitigated by
using timestamps or sequence numbers.

4. Single Point of Failure:

○ If the sender’s key chain is compromised, the entire chain becomes vulnerable,
leading to potential security breaches.
5. Real-Life Example of TESLA

Example 1: Environmental Monitoring System

● Imagine a sensor network deployed to monitor environmental conditions like

temperature, humidity, or air quality. Each sensor node sends its data periodically, and
the data is broadcasted to a central server or base station.

● TESLA can be used to ensure that the data received at the base station is authentic
and has not been tampered with, even if some of the sensor nodes are located in remote
or insecure locations.

Example 2: Military Surveillance

● In military surveillance, where sensor nodes are deployed to monitor a battlefield or a

sensitive area, TESLA ensures that the broadcast messages, which could include critical
information about enemy movements, are authentic and cannot be altered by an
attacker.

6. Applications of TESLA

1. Wireless Sensor Networks (WSNs):

○ Environmental monitoring, healthcare applications, military surveillance,

smart grids, etc., where sensor nodes need to broadcast data securely and
efficiently.

2. Internet of Things (IoT):

○ TESLA can be used in IoT networks for device-to-device communication,

ensuring that messages exchanged between IoT devices are authentic.

3. Streaming Data Applications:

○ TESLA is especially useful in applications that involve continuous data streams,

such as real-time data collection from remote sensors or smart devices.
7. Tips and Tricks to Remember TESLA

● "Time is Key": TESLA relies on the timed disclosure of keys. Remember that the key
you receive to authenticate a message is revealed after a certain time.

● "Symmetric is Energy Efficient": TESLA uses symmetric key cryptography, making

it energy-efficient compared to asymmetric methods.

● "Delayed Authentication": The authentication is delayed until the next key in the chain
is disclosed. So, time-based delays in key disclosure are a key characteristic of TESLA.

● "Key Chain = Secure Messages": TESLA’s security is based on the key chain: each
key is linked to the next, ensuring secure transmission of data.

Conclusion

TESLA is an efficient and scalable solution for broadcast authentication in low-power

networks like Wireless Sensor Networks (WSNs). By leveraging time-based key disclosure
and symmetric cryptography, TESLA ensures message authenticity while minimizing
computational and energy costs. Although it has some trade-offs, such as delayed
authentication and key management challenges, TESLA is highly suitable for applications
where low overhead and energy conservation are crucial.

___________________________________________________________________________

Biba Security Model

The Biba Security Model is a formal security model focused on maintaining data integrity. It
was designed to prevent data from being modified inappropriately by unauthorized users or
processes. Unlike models that emphasize confidentiality (like Bell-LaPadula), the Biba model
is focused on ensuring that data is not altered in an unauthorized or accidental manner.
1. Key Features of Biba

1. Integrity-Focused:

○ Biba prioritizes data integrity rather than confidentiality. The goal is to prevent
unauthorized users from modifying or tampering with data.

2. No Write Down:

○ The No Write Down (NWD) policy prevents users from writing data to a lower
integrity level (e.g., writing high-level data to low-level classified areas).

3. No Read Up:

○ The No Read Up (NRU) policy ensures that users at a lower integrity level
cannot read data from a higher integrity level, which might be considered to be
more trustworthy.

4. Integrity Levels:

○ In the Biba model, each subject (user, process) and object (data) in the system is
assigned an integrity level. These levels determine how subjects can interact
with objects.
2. Working Principle of Biba Model

The Biba model operates based on two main rules:

1. The Simple Integrity Property (No Write Up):

○ A subject (user or process) at a lower integrity level cannot write to an object at

a higher integrity level. This is known as No Write Up (NWU).

○ Example: If a user with a low integrity level (like a regular user) tries to write to a
highly secure or trusted system (like a database containing critical data), this is
not allowed.

2. The *Integrity Property (No Read Down):

○ A subject at a higher integrity level cannot read data from an object at a lower
integrity level. This is called No Read Down (NRD).

○ Example: A highly trusted user (like a system administrator) cannot access data
that is considered untrustworthy or corrupted (low integrity level), as reading
such data could lead to incorrect processing or decisions.

3. The *-Integrity Property (No Write Down):

○ A subject cannot write to an object at a lower integrity level, ensuring that data
cannot be downgraded by a less trusted user.

3. Types of Integrity in Biba

1. High Watermark Integrity:

○ A subject’s integrity level is the highest integrity level it has ever been granted.

○ If a subject is granted a high-level integrity, it remains at that level even if it

interacts with lower-level data.

2. Low Watermark Integrity:

○ A subject’s integrity level is based on the lowest integrity level it has been
granted.

○ If a subject interacts with lower-level data, it is restricted to that lower integrity

level.

4. Advantages of the Biba Model

1. Strong Data Integrity:

○ Biba provides strong integrity guarantees, preventing accidental or malicious

data modification from unauthorized users.

2. Clear Data Access Controls:

○ The model enforces strict rules for reading and writing data, ensuring that only
authorized users can modify or view data at certain levels.

3. Prevention of Data Corruption:

○ It minimizes the risk of data corruption by ensuring that only higher-integrity

users can modify high-level data.

5. Disadvantages of the Biba Model

1. Complexity in Implementation:

○ Implementing Biba can be complex, especially in systems where there are many
levels of integrity and access control rules.

2. No Confidentiality Control:

○ The Biba model does not address data confidentiality, so it cannot protect
against unauthorized data disclosure. For confidentiality, another model (like
Bell-LaPadula) would be required.

3. Limits Flexibility:

○ Since the Biba model is focused solely on integrity, it may be too rigid for
environments where both confidentiality and integrity are important.

6. Real-Life Example of Biba Model

● Example 1: Online Banking Systems

○ In a banking application, it's crucial that no one with low-level access (such as
a cashier) can tamper with the account balance of a high-level account (like that
of a manager or director). Using the Biba model, cashiers (low integrity) cannot
write to or alter the high-level account balances. Moreover, managers (high
integrity) cannot accidentally access or alter low-level data (like routine
customer records).

● Example 2: Government Records

○ A government document management system uses the Biba model to ensure

that only users with the highest clearance can modify important legal
documents. Users with lower-level access can read data but cannot modify it,
preventing data tampering and corruption.

7. Applications of the Biba Model

1. Data Integrity Systems:

○ Biba is commonly used in systems where data integrity is the highest priority,
like financial systems, medical records, or legal documents.

2. Military Systems:

○ The Biba model can be used in military applications to ensure that lower-level
users do not alter or corrupt classified information.

3. Database Systems:

○ In database management, Biba can be used to enforce integrity levels and

ensure that only authorized users can write to critical database entries.
8. Biba Model vs Bell-LaPadula Model

Biba Model Bell-LaPadula Model

Focuses on data integrity and prevents Focuses on data confidentiality and

unauthorized modification. prevents unauthorized access.

Implements No Write Up (NWU) and No Implements No Read Up (NRU) and No

Read Down (NRD) policies. Write Down (NWD) policies.

Ensures that users cannot tamper with or Ensures that sensitive data is not disclosed
corrupt data. to unauthorized users.

Does not address data confidentiality. Does not address data integrity.

9. Tips and Tricks to Remember the Biba Model

1. "Integrity First, No Corruption":

○ The Biba model is all about ensuring that data remains uncorrupted, and no
unauthorized user can change it.

2. "No Write Up, No Read Down":

○ The simple rules: Users can’t write to a higher level, and they can’t read from a
lower level. Write Up and Read Down are key restrictions.

3. "High Integrity, High Trust":

○ The higher the integrity level, the more trusted the data and the user interacting
with it.

4. "Two Principles: No Write Down, No Read Down":

○ Just remember Write and Read should follow the integrity principle.

Conclusion

The Biba Security Model provides a strong foundation for ensuring data integrity by enforcing
rules that prevent unauthorized modification of data. It is especially useful in systems where
trustworthiness and accuracy of data are paramount. While it does not address
confidentiality, it plays a critical role in securing data from corruption or tampering, particularly
in industries like banking, government, and healthcare.

____________________________________________________________________________

Sensor Network Security Protocols

Wireless Sensor Networks (WSNs) are deployed in various applications like military
surveillance, environment monitoring, and smart cities. Due to the sensitive nature of the
data they collect and transmit, security is a crucial concern in these networks. Sensor networks
face several challenges such as limited computational resources, energy constraints, and
unreliable communication. Thus, security protocols in sensor networks must be designed to
ensure data confidentiality, integrity, and availability while being energy-efficient.

Key Aspects of Sensor Network Security Protocols

1. Confidentiality:

○ Ensures that sensitive information collected by the sensor nodes is not exposed
to unauthorized entities.

○ Achieved through encryption techniques such as AES (Advanced Encryption

Standard) or RSA.

2. Integrity:

○ Ensures that the data is not altered during transmission.

○ Achieved using hash functions and digital signatures.

3. Authentication:
○ Ensures that the nodes communicating in the network are legitimate and trusted.

○ Achieved using cryptographic techniques for mutual authentication between

sensor nodes.

4. Availability:

○ Ensures that the sensor network remains operational and that data can be
accessed when needed.

○ Prevents attacks like Denial of Service (DoS).

5. Energy Efficiency:

○ Security protocols in sensor networks need to be lightweight and

energy-efficient since sensor nodes typically have limited battery life.

Types of Sensor Network Security Protocols

1. Encryption Protocols:

○ These protocols are designed to encrypt data to ensure confidentiality during

communication between nodes.

○ Symmetric encryption (e.g., AES) and asymmetric encryption (e.g., RSA) are
commonly used.

○ Example: TinySec (an end-to-end security protocol for sensor networks) uses
symmetric encryption for efficient and low-latency communication.

2. Authentication Protocols:

○ These protocols help verify the identity of the nodes and ensure that only
authorized nodes can participate in the communication.

○ Public-key infrastructure (PKI) and certificate-based authentication are

widely used.

○ Example: LEAP (Localized Encryption and Authentication Protocol) enables

authentication between nodes in WSNs.
3. Key Management Protocols:

○ These protocols are responsible for securely distributing and managing keys
between sensor nodes to ensure secure communication.

○ Key management protocols are essential to preventing attacks like

man-in-the-middle attacks.

○ Example: SPINS (Security Protocols for Sensor Networks) uses symmetric

key encryption and provides a lightweight approach to key management.

4. Intrusion Detection Protocols:

○ These protocols are designed to detect malicious activities or intrusions in the

network, ensuring that the network is secure from attacks.

○ Example: Misuse detection and anomaly-based detection approaches can be

used in WSNs to detect and respond to threats in real time.

5. Secure Routing Protocols:

○ Routing protocols ensure that data is transmitted securely from one node to
another.

○ They prevent attacks such as black hole attacks (where malicious nodes drop
or alter data) and selective forwarding attacks.

○ Example: SEAD (Secure Efficient Ad hoc Distance Vector) routing protocol

provides secure routing in sensor networks by using cryptographic hashes to
ensure integrity.

Examples of Specific Sensor Network Security Protocols

1. SPINS (Security Protocols for Sensor Networks):

○ SPINS is a pair of cryptographic protocols that aim to provide security in WSNs.

○ It consists of two main components:

■ SNEP (Secure Network Encryption Protocol): Provides confidentiality
and authentication for data.

■ μTESLA (Micro TESLA): Provides authentication and integrity for

sensor network communication.

○ Example: SPINS is used in environments where energy is constrained, as it

offers lightweight security while ensuring the confidentiality, authentication, and
integrity of the transmitted data.

2. LEAP (Localized Encryption and Authentication Protocol):

○ LEAP is a key management and authentication protocol designed to provide

efficient security in sensor networks.

○ It allows sensor nodes to share keys efficiently and securely with their neighbors
without requiring a global key management scheme.

○ Key Features:

■ Individual and group key management.

■ Efficient authentication.

○ Example: LEAP is used in applications where sensor nodes need to

communicate securely but do not have enough resources to maintain complex
encryption algorithms.

3. TinySec:

○ TinySec is a security protocol that provides link-layer encryption and

authentication for WSNs.

○ It operates at the data link layer and uses symmetric encryption (such as
AES) to secure the data.

○ Example: TinySec is particularly suited for applications like environmental

monitoring or healthcare monitoring where sensors need to send sensitive
data securely but with low overhead.

4. SEAD (Secure Efficient Ad hoc Distance Vector):

○ SEAD is a routing protocol designed for secure communication in WSNs.

○ It uses cryptographic hashes to ensure that the route information in the network
is not tampered with, ensuring the integrity of the data routing process.

○ Example: SEAD can be used in military or surveillance applications where the

integrity of the routing path is critical for the security of the network.

Security Challenges in Sensor Networks

1. Resource Constraints:

○ Sensor nodes have limited processing power, memory, and energy, so

security protocols must be lightweight to avoid draining these resources.

2. Scalability:

○ As the number of sensor nodes in the network increases, security protocols must
be able to scale effectively without causing significant overhead.

3. Physical Security:

○ Sensor nodes are often deployed in hostile environments and can be

physically tampered with. Security protocols need to account for the possibility
that attackers may have direct access to the hardware.

4. Communication Security:

○ Wireless communication is susceptible to eavesdropping and interference,

making the protection of data confidentiality and integrity crucial.

Security Protocols: Advantages & Disadvantages

Protoco Advantages Disadvantages

SPINS Provides lightweight security; efficient Limited scalability, as key management

in terms of energy consumption. can be cumbersome in large networks.
LEAP Provides localized key management, Requires all nodes to have shared keys,
minimizing overhead. which might not always be feasible.

TinySec Operates at the link layer, reducing Not suitable for networks with high-speed
the need for high-level encryption. data transmission.

SEAD Secure routing using cryptographic Complexity in implementation; may add

hashes ensures data integrity. overhead in resource-constrained nodes.

Conclusion

Security in Wireless Sensor Networks (WSNs) is critical for ensuring the integrity,
confidentiality, and authenticity of the data transmitted across the network. Given the limited
resources of sensor nodes, security protocols must be efficient and lightweight. Protocols like
SPINS, LEAP, TinySec, and SEAD provide effective security solutions for WSNs by addressing
key concerns such as key management, encryption, and secure routing. However,
challenges such as resource limitations, scalability, and physical security need to be
considered when designing and implementing these protocols.

____________________________________________________________________________

SPINS (Security Protocols for Sensor Networks)

SPINS is a pair of cryptographic protocols designed specifically for ensuring security in

Wireless Sensor Networks (WSNs). It addresses the key challenges of security, such as
confidentiality, authentication, and integrity, while being lightweight enough to run on
resource-constrained sensor nodes. SPINS is designed to work in environments where nodes
have limited energy, processing power, and storage capacity, which makes it suitable for
sensing applications like environment monitoring, military surveillance, and healthcare
monitoring.
Key Components of SPINS

SPINS consists of two primary components:

1. SNEP (Secure Network Encryption Protocol):

○ Purpose: Provides confidentiality, authentication, and data freshness for the

data transmitted in the network.

○ How it works:

■ Confidentiality: Encrypts the data being sent over the network using a
shared symmetric key.

■ Authentication: Ensures that the data came from a trusted source by

attaching a message authentication code (MAC) to the data.

■ Data Freshness: Prevents replay attacks by ensuring that the data is

fresh and not reused.

○ Real-life Example: In an environmental monitoring network, SNEP ensures

that the data sent from sensor nodes (e.g., temperature, humidity) is encrypted,
authenticated, and cannot be tampered with or replayed.

2. μTESLA (Micro TESLA):

○ Purpose: Provides authenticated broadcast communication in the network,
which ensures that a sensor node sending a message can be trusted, and the
message is not tampered with during transmission.

○ How it works:

■ Authenticated Broadcasting: μTESLA uses delayed disclosure of a

symmetric key to authenticate messages. Each node in the network
shares a key chain with a future key used to authenticate a message.

■ The nodes in the network authenticate messages after they have been
sent, ensuring that messages are genuine and not altered by an attacker.

○ Real-life Example: In military sensor networks, μTESLA can be used to

ensure that the sensor nodes transmitting data (such as detection of enemy
movement) are not compromised and are trusted sources.

Advantages of SPINS

1. Energy Efficient:

SPINS is designed to be lightweight and energy-efficient, making it well-suited for
resource-constrained devices. Since sensor nodes typically run on batteries, low
energy consumption is a critical requirement.

2. Provides Confidentiality, Authentication, and Integrity:

○ SNEP ensures that the data is encrypted, keeping it confidential.

○ μTESLA ensures that the broadcast data is authenticated.

○ Both protocols together ensure that the data is not tampered with, and only
legitimate nodes can participate in the network.

3. Scalable:
SPINS scales well in terms of its ability to securely manage communication between
large numbers of sensor nodes, as it doesn’t require a centralized management
system and works on a distributed key management scheme.

4. Lightweight Cryptography:

SPINS uses lightweight cryptographic techniques that don’t require significant
computational resources, which is perfect for nodes with limited processing power and
memory.

Disadvantages of SPINS

1. Key Distribution Overhead:

SPINS still requires a shared key between nodes for encryption, which could introduce
overhead in terms of key management. Key distribution in large networks can be
challenging without a centralized authority.

2. Delayed Authentication (in μTESLA):

While μTESLA provides authenticated broadcast communication, it works by
delaying the key disclosure for authentication, which may introduce a slight delay in
ensuring that messages are authenticated. This may not be suitable for applications
requiring real-time authentication.

3. Vulnerability to Physical Attacks:

SPINS does not provide protection against physical attacks on the sensor nodes. If an
attacker gains physical access to a node, they could extract the key and compromise the
security of the system.

4. Limited to Symmetric Cryptography:

SPINS mainly uses symmetric key encryption (shared keys), which can be less
flexible and secure in some cases compared to asymmetric cryptography
(public/private key systems). This makes the system more vulnerable if the shared key is
compromised.

Working Principle of SPINS

1. Key Setup:

○ Each node in the WSN is pre-configured with a shared key with neighboring
nodes for secure communication.

○ Keys are distributed during the deployment of the network, and each node can
only communicate securely with those to which it shares a key.

2. Message Transmission:

○ When a node sends a message, it encrypts the message using the shared key
(using SNEP), ensuring confidentiality.

○ A message authentication code (MAC) is added to ensure the message has

not been altered during transmission.

○ The recipient node verifies the message by checking the MAC and decrypting
the message using the shared key.

3. Broadcast Authentication (μTESLA):

○ When a node broadcasts a message, the μTESLA protocol ensures the integrity
and authenticity of the message. The sender uses a key chain and shares a
series of keys with future disclosure to prove the authenticity of the broadcast
message.

○ The receiving node can authenticate the message by checking the integrity and
verifying the authenticity of the key chain.

Example Use Cases for SPINS

1. Environmental Monitoring:

In environmental monitoring, sensor nodes may need to send sensitive data such as
temperature, humidity, or gas levels. SPINS ensures that the data is encrypted to
maintain confidentiality, authenticated to ensure it comes from a trusted source, and
protected against replay attacks.

2. Military Surveillance:

In military networks, SPINS can be used to authenticate messages from sensor nodes
deployed for surveillance purposes, ensuring that only valid messages are transmitted
and protecting sensitive military data from unauthorized access.

3. Healthcare Monitoring:

Sensor nodes in a healthcare monitoring system could be used to collect biometric
data like heart rate or blood pressure. SPINS ensures that this data is protected from
unauthorized access and tampering, ensuring data integrity and confidentiality.

Conclusion
SPINS is a robust and energy-efficient security protocol designed to ensure data
confidentiality, authentication, and integrity in Wireless Sensor Networks (WSNs). By
using lightweight encryption techniques and efficient broadcast authentication, it addresses the
challenges posed by the resource-constrained nature of sensor nodes. While it does have
limitations such as key distribution overhead and delayed authentication (μTESLA), it
remains a suitable solution for securing sensor networks in applications like environmental
monitoring, military surveillance, and healthcare systems.

Module 3
No ratings yet
Module 3
63 pages
Security
No ratings yet
Security
43 pages
Asn 5
No ratings yet
Asn 5
25 pages
Hybrid Approach For Secure Routing Using Trust Mechanism: Prof. Tejas Patel
No ratings yet
Hybrid Approach For Secure Routing Using Trust Mechanism: Prof. Tejas Patel
59 pages
UNIT-IV Ad Hoc Network
No ratings yet
UNIT-IV Ad Hoc Network
128 pages
Module 11
No ratings yet
Module 11
21 pages
Designing Architecture For Security of Wireless Sensor Networks Environmental
No ratings yet
Designing Architecture For Security of Wireless Sensor Networks Environmental
8 pages
Ad HOC UNIT IV
No ratings yet
Ad HOC UNIT IV
29 pages
Security Vulnerabilities in Wireless Sen
No ratings yet
Security Vulnerabilities in Wireless Sen
14 pages
AD Hoc Unit-3
No ratings yet
AD Hoc Unit-3
14 pages
ADOC
No ratings yet
ADOC
16 pages
Xiaojiangdu 2008
No ratings yet
Xiaojiangdu 2008
7 pages
FALLSEM2024-25 CSI3009 ETH VL2024250101791 2024-11-11 Reference-Material-I
No ratings yet
FALLSEM2024-25 CSI3009 ETH VL2024250101791 2024-11-11 Reference-Material-I
61 pages
Seminar
No ratings yet
Seminar
38 pages
Adhoc Assignment 2 Answers
No ratings yet
Adhoc Assignment 2 Answers
22 pages
Humanized
No ratings yet
Humanized
7 pages
Security Issues in WSN by Dr. Anoop Kumar Mishra - Modified
No ratings yet
Security Issues in WSN by Dr. Anoop Kumar Mishra - Modified
34 pages
CYBER SECURITY COMPLETE NOTES All Module
No ratings yet
CYBER SECURITY COMPLETE NOTES All Module
26 pages
WSN 6
No ratings yet
WSN 6
17 pages
Key Encryption in Wireless Sensor Network
No ratings yet
Key Encryption in Wireless Sensor Network
12 pages
Adhoc Network Security
No ratings yet
Adhoc Network Security
3 pages
Security
No ratings yet
Security
20 pages
A A C W S N: Ttacks ND Ounterattacks ON Ireless Ensor Etworks
No ratings yet
A A C W S N: Ttacks ND Ounterattacks ON Ireless Ensor Etworks
15 pages
Wsnallunits
No ratings yet
Wsnallunits
61 pages
Pentesting Presentation
100% (1)
Pentesting Presentation
99 pages
Security in Ad Hoc and Sensor Networks
No ratings yet
Security in Ad Hoc and Sensor Networks
32 pages
Complete Infrastructure Penetration Testing
No ratings yet
Complete Infrastructure Penetration Testing
96 pages
Adhoc 4
No ratings yet
Adhoc 4
16 pages
Sharma - 2021 - IOP - Conf. - Ser. - Mater. - Sci. - Eng. - 1099 - 012044
No ratings yet
Sharma - 2021 - IOP - Conf. - Ser. - Mater. - Sci. - Eng. - 1099 - 012044
16 pages
Security in Wireless Sensor Networks
No ratings yet
Security in Wireless Sensor Networks
39 pages
Sensor Network Security A survey-YyC
No ratings yet
Sensor Network Security A survey-YyC
22 pages
Security in WSN
No ratings yet
Security in WSN
53 pages
A Condition-Based Distributed Approach For Secured Privacy Preservation of Nodes in Wireless Sensor Networks IoT
No ratings yet
A Condition-Based Distributed Approach For Secured Privacy Preservation of Nodes in Wireless Sensor Networks IoT
9 pages
Security in Ad Hoc Networks
No ratings yet
Security in Ad Hoc Networks
11 pages
Wireless Sensor Networks: Current State and Security Issues: Chukwu Jeremiah, Igwe Sylvester Agbo and Ugwu, G.E
No ratings yet
Wireless Sensor Networks: Current State and Security Issues: Chukwu Jeremiah, Igwe Sylvester Agbo and Ugwu, G.E
7 pages
The Bug Hunters Methodology
No ratings yet
The Bug Hunters Methodology
79 pages
Wireless Sensor Network
No ratings yet
Wireless Sensor Network
13 pages
Securing Ad Hoc Networks
No ratings yet
Securing Ad Hoc Networks
12 pages
Wireless Sensor Networks: Security Issues, Challenges and Solutions
No ratings yet
Wireless Sensor Networks: Security Issues, Challenges and Solutions
9 pages
Unit-IV-Ad Hoc & WSN
No ratings yet
Unit-IV-Ad Hoc & WSN
44 pages
Security PDF
No ratings yet
Security PDF
23 pages
Zhou 99 Securing
No ratings yet
Zhou 99 Securing
12 pages
Deepali Virmani, Ankita Soni, Shringarica Chandel, Manas Hemrajani
No ratings yet
Deepali Virmani, Ankita Soni, Shringarica Chandel, Manas Hemrajani
8 pages
Security in Wireless Sensor Networks: Comparative Study
No ratings yet
Security in Wireless Sensor Networks: Comparative Study
11 pages
A Survey On Comparison of Secure Routing Protocols in Wireless Sensor Networks
No ratings yet
A Survey On Comparison of Secure Routing Protocols in Wireless Sensor Networks
5 pages
SN
No ratings yet
SN
20 pages
Dept. of Information Science and Technology: A Paper On
No ratings yet
Dept. of Information Science and Technology: A Paper On
11 pages
UNIT-4-EC-Adhoc and Sensor Networks
No ratings yet
UNIT-4-EC-Adhoc and Sensor Networks
37 pages
Analysis of Security Protocols For Wireless Sensor Networks: Fasee Ullah, Masood Ahmad, Masood Habib, Jawad Muhammad
No ratings yet
Analysis of Security Protocols For Wireless Sensor Networks: Fasee Ullah, Masood Ahmad, Masood Habib, Jawad Muhammad
5 pages
A Survey of Attacks, Security Mechanisms and Challenges in Wireless Sensor Networks
No ratings yet
A Survey of Attacks, Security Mechanisms and Challenges in Wireless Sensor Networks
9 pages
GitHub Fabacab Awesome Cybersecurity Blueteam ? A Curated Collection
100% (1)
GitHub Fabacab Awesome Cybersecurity Blueteam ? A Curated Collection
19 pages
Aboelaze, M and Aloul, F
No ratings yet
Aboelaze, M and Aloul, F
15 pages
Security Protocols For Wireless Sensor Network
No ratings yet
Security Protocols For Wireless Sensor Network
39 pages
CIS Controls and Sub-Controls Mapping To ISO
No ratings yet
CIS Controls and Sub-Controls Mapping To ISO
47 pages
Access Control Schemes & Its Security Measurements in Wireless Sensor Networks: A Survey
No ratings yet
Access Control Schemes & Its Security Measurements in Wireless Sensor Networks: A Survey
7 pages
An Algorithmic Framework For Robust Access Control in Wireless Sensor Networks
No ratings yet
An Algorithmic Framework For Robust Access Control in Wireless Sensor Networks
8 pages
Security Issues in Wireless Sensor Networks
No ratings yet
Security Issues in Wireless Sensor Networks
5 pages
Wireless Sensor Network
No ratings yet
Wireless Sensor Network
13 pages
Security Issues in Wireless Sensor Networks: Tanveer Zia and Albert Zomaya
No ratings yet
Security Issues in Wireless Sensor Networks: Tanveer Zia and Albert Zomaya
4 pages
Spins: Security Protocol in Wireless Sensor Networks: Contents
No ratings yet
Spins: Security Protocol in Wireless Sensor Networks: Contents
10 pages
Koneru Lakshmaiah College of Engineering: Dept. of Information Science and Technology
No ratings yet
Koneru Lakshmaiah College of Engineering: Dept. of Information Science and Technology
11 pages
Analysis of Security Protocols in Wireless Sensor Network: Ritu Sharma Yogesh Chaba
No ratings yet
Analysis of Security Protocols in Wireless Sensor Network: Ritu Sharma Yogesh Chaba
7 pages
Ch01 Crypto7e
No ratings yet
Ch01 Crypto7e
42 pages
Help
No ratings yet
Help
13 pages
Evolution Need of Cyber Law
No ratings yet
Evolution Need of Cyber Law
20 pages
MeitY - Cyber Security - 13 Feb - Final
No ratings yet
MeitY - Cyber Security - 13 Feb - Final
16 pages
Ad-Hoc and Sensor Network MODULE-3
No ratings yet
Ad-Hoc and Sensor Network MODULE-3
44 pages
Ad-Hoc and Sensor Network MODULE-1
No ratings yet
Ad-Hoc and Sensor Network MODULE-1
26 pages
Accenture 2021 Cyber Threat Intelligence Report
No ratings yet
Accenture 2021 Cyber Threat Intelligence Report
24 pages
Rubicon
No ratings yet
Rubicon
20 pages
CSX F
No ratings yet
CSX F
4 pages
Cyber Security Unit 1 & 2
No ratings yet
Cyber Security Unit 1 & 2
33 pages
Edited - PROJECT REPORT - Amisha
No ratings yet
Edited - PROJECT REPORT - Amisha
24 pages
Akash Internship
No ratings yet
Akash Internship
40 pages
Sophos Future of Cybersecurity Apj 2022 WP
No ratings yet
Sophos Future of Cybersecurity Apj 2022 WP
40 pages
NIS - Network Security
No ratings yet
NIS - Network Security
77 pages
2024 ISRG Annual Report
No ratings yet
2024 ISRG Annual Report
45 pages
Soft Skills
No ratings yet
Soft Skills
14 pages
Metso Janne
No ratings yet
Metso Janne
27 pages
E Comm
No ratings yet
E Comm
10 pages
Bsideslondon15 Wifiphisher
No ratings yet
Bsideslondon15 Wifiphisher
41 pages
E Commerce Module 1
No ratings yet
E Commerce Module 1
9 pages
ENISA Report - CSIRT Capabilities in Healthcare Sector
No ratings yet
ENISA Report - CSIRT Capabilities in Healthcare Sector
54 pages
Vulnerabilities in Credit Card Security S.Krishnakumar
No ratings yet
Vulnerabilities in Credit Card Security S.Krishnakumar
12 pages
Impossible Differential Cryptanalysis and A Security Evaluation Framework For and-RX Ciphers
No ratings yet
Impossible Differential Cryptanalysis and A Security Evaluation Framework For and-RX Ciphers
16 pages
Arshad Seminar
No ratings yet
Arshad Seminar
11 pages
NFE Digital Signature Guide
No ratings yet
NFE Digital Signature Guide
16 pages
Case Study 2.1
No ratings yet
Case Study 2.1
12 pages
Batvh 6
No ratings yet
Batvh 6
9 pages
Cybersecurity Lab 7
No ratings yet
Cybersecurity Lab 7
7 pages
Networking Assignment
No ratings yet
Networking Assignment
73 pages
Honeypot
No ratings yet
Honeypot
4 pages
Study On Modbus/DNP3 Protocol: Topics Covered
No ratings yet
Study On Modbus/DNP3 Protocol: Topics Covered
9 pages
Spotlight Overview Transcript
No ratings yet
Spotlight Overview Transcript
2 pages
Cersai: Central Registry of Securitisation Asset Reconstruction and Security Interest of India
No ratings yet
Cersai: Central Registry of Securitisation Asset Reconstruction and Security Interest of India
2 pages
Study Guide Cisco 300-730 SVPN Implementing Secure Solutions with Virtual Private Networks
From Everand
Study Guide Cisco 300-730 SVPN Implementing Secure Solutions with Virtual Private Networks
Anand Vemula
No ratings yet
VPN - Security, Privacy, and Internet Freedom
From Everand
VPN - Security, Privacy, and Internet Freedom
Mostafizur Rahman
No ratings yet
Advanced Network Defense: Architectures and Best Practices for Today’s Perimeter
From Everand
Advanced Network Defense: Architectures and Best Practices for Today’s Perimeter
Lawrence Bennier
No ratings yet
Security+ Boot Camp Study Guide
From Everand
Security+ Boot Camp Study Guide
Chad Russell
5/5 (1)

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

Ad Hoc MODULE-5

Uploaded by

Ad Hoc MODULE-5

Uploaded by

MODULE: 5

Security in Ad Hoc and Sensor Networks

Security Attacks - Key Distribution and Management -Intrusion Detection - Software

📘 Security in Ad Hoc and Sensor Networks

🔹 Key Security Issues in Ad-Hoc and Sensor Networks

🔹 Types of Attacks on Ad-Hoc and Sensor Networks

●​ Denial of Service (DoS):​

2.​ Authentication Protocols:​

3.​ Key Management:​

4.​ Intrusion Detection Systems (IDS):​

5.​ Secure Routing Protocols:​

🔹 Popular Security Protocols

○​ Tiny Encryption Algorithm (TEA) is often used for encryption.​

2.​ LEAP (Localized Encryption and Authentication Protocol):​

○​ Uses localized encryption to minimize computation costs.​

3.​ Secured AODV (SAODV):​

○​ Protects against route modification and impersonation attacks.​

🔹 Countermeasures Against Attacks

●​ Node Compromise: Use multi-layered security and implement distributed trust to

🔒 Data Confidentiality Ensures sensitive data is protected from unauthorized access.

🔑 Authentication Verifies the identity of nodes to prevent malicious entities from

💡 Secure Provides mechanisms like encryption to protect data

🔹 Disadvantages of Security in Ad-Hoc and Sensor Networks

🧠 Computational Security mechanisms like encryption require additional

🔋 Power Consumption Encrypting and authenticating messages can consume more

💡 Complexity Implementing and managing security protocols increases the

2.​ Integrity = Data Unchanged:​

3.​ Availability = Always On:​

4.​ Authentication = Verifying Identity:​

5.​ Attacks = Disruptions:​

📘 Security Attacks in Ad-Hoc and Sensor Networks

a) Denial of Service (DoS) Attack

b) Man-in-the-Middle (MITM) Attack

●​ Real-life Example: In a healthcare sensor network, an attacker might intercept and

●​ Real-life Example: In a disaster recovery network, fake nodes might be created to

●​ Real-life Example: In an emergency sensor network, an attacker could redirect

●​ Impact: It compromises confidentiality, allowing attackers to collect private or sensitive

●​ Real-life Example: In a military network, an attacker might listen to encrypted

c) Location Privacy Breach

●​ Real-life Example: In a personal tracking system, an attacker might track someone's

🔹 Security Attacks Classification

Denial of Service Active Flooding a network with Network failure, service

Man-in-the-Middle Active Intercepting and altering Loss of data integrity,

Sybil Attack Active Malicious node creates Network mismanagement,

Wormhole Attack Active Tunneling data to another Routing disruption, delays

Eavesdropping Passiv Intercepting Loss of confidentiality

Location Privacy Passiv Tracking nodes based on Breach of personal privacy

🔹 Defense Mechanisms Against Attacks

○​ Symmetric encryption (e.g., AES) or asymmetric encryption (e.g., RSA) can

○​ Example: Using RSA encryption to ensure the confidentiality of sensitive data

○​ Use of cryptographic techniques to authenticate the identities of the nodes.​

○​ Example: Digital signatures for each node to prove authenticity.​

3.​ Secure Routing Protocols:​

○​ AODV and DSR can be modified to include security features like

○​ Example: Anomaly-based detection might alert the network when a node’s

5.​ Key Management:​

○​ Secure key distribution and management mechanisms are crucial to prevent

○​ Example: LEAP protocol for managing keys in a sensor network.​

🔹 Advantages of Securing Ad-Hoc and Sensor Networks

🔒 Data Protects sensitive data from unauthorized access, ensuring

🔹 Disadvantages of Securing Ad-Hoc and Sensor Networks

💡 Network Security mechanisms like encryption and authentication add

⏳ Processing Security protocols require additional computation, leading to slower

🔹 Memory Retention Tips for Security Attacks

2.​ Passive Attacks = Observing:​

3.​ DoS = Flooding:​

4.​ MITM = Intercepting:​

5.​ Replay = Repeating Old Data:​

📘 Key Distribution and Management in Ad-Hoc and Sensor Networks

●​ Definition: Key distribution refers to the process of securely distributing cryptographic

●​ Definition: Key management involves the creation, distribution, storage, revocation,

🔹 Types of Key Management

●​ Real-life Example: In a home automation sensor network, all devices (like

○​ Faster encryption and decryption (since only one key is used).​

○​ Lower computational overhead.​

○​ Difficult to securely distribute the key, especially in large networks.​

● Denial of Service (DoS):

2. Authentication Protocols:

3. Key Management:

4. Intrusion Detection Systems (IDS):

5. Secure Routing Protocols:

○ Tiny Encryption Algorithm (TEA) is often used for encryption.

2. LEAP (Localized Encryption and Authentication Protocol):

○ Uses localized encryption to minimize computation costs.

3. Secured AODV (SAODV):

○ Protects against route modification and impersonation attacks.

● Node Compromise: Use multi-layered security and implement distributed trust to

2. Integrity = Data Unchanged:

3. Availability = Always On:

4. Authentication = Verifying Identity:

5. Attacks = Disruptions:

● Real-life Example: In a healthcare sensor network, an attacker might intercept and

● Real-life Example: In a disaster recovery network, fake nodes might be created to

● Real-life Example: In an emergency sensor network, an attacker could redirect

● Impact: It compromises confidentiality, allowing attackers to collect private or sensitive

● Real-life Example: In a military network, an attacker might listen to encrypted

● Real-life Example: In a personal tracking system, an attacker might track someone's

○ Symmetric encryption (e.g., AES) or asymmetric encryption (e.g., RSA) can

○ Example: Using RSA encryption to ensure the confidentiality of sensitive data

○ Use of cryptographic techniques to authenticate the identities of the nodes.

○ Example: Digital signatures for each node to prove authenticity.

3. Secure Routing Protocols:

○ AODV and DSR can be modified to include security features like

○ Example: Anomaly-based detection might alert the network when a node’s

5. Key Management:

○ Secure key distribution and management mechanisms are crucial to prevent

○ Example: LEAP protocol for managing keys in a sensor network.

2. Passive Attacks = Observing:

3. DoS = Flooding:

4. MITM = Intercepting:

5. Replay = Repeating Old Data:

● Definition: Key distribution refers to the process of securely distributing cryptographic

● Definition: Key management involves the creation, distribution, storage, revocation,

● Real-life Example: In a home automation sensor network, all devices (like

○ Faster encryption and decryption (since only one key is used).

○ Lower computational overhead.

○ Difficult to securely distribute the key, especially in large networks.

○ If a key is compromised, the entire network is at risk.

○ More secure, as there is no need to share private keys.

○ Easier to distribute the public key.

○ Slower encryption/decryption due to the use of complex cryptographic algorithms.

○ Higher computational overhead compared to symmetric key methods.

○ Example: ECC-based protocols are commonly used in resource-constrained

○ Simple to implement and fast key exchange.

○ Vulnerable to compromise if the key distribution process is not secure.

○ Reduces the complexity of the key management process.

● Definition: A central trusted entity is used to distribute keys to nodes securely.

● Example: In a vehicular ad-hoc network (VANET), a trusted authority (like a traffic

○ Provides a high level of security and control.

○ Definition: The process of invalidating a key when it is no longer secure or when

○ Real-life Example: If a sensor node in a smart agriculture network is

■ Centralized Revocation: A central authority manages key revocation

■ Distributed Revocation: The network itself manages key revocation

○ Real-life Example: In a military wireless sensor network, keys may need to be

2. Energy Consumption:

○ Cryptographic operations (especially in asymmetric encryption) consume more

3. Key Storage:

○ Storing keys securely on resource-constrained nodes is a challenge. If keys are

4. Node Compromise:

5. Key Synchronization:

2. Asymmetric = Public + Private Keys:

3. Key Pre-distribution = Before Network Deployment:

4. Key Agreement = Shared Secret:

2. Resource Conservation: Helps conserve battery and computational resources by

● Example: If a sensor node in a smart agriculture network starts sending unusually

○ Detects unknown attacks (zero-day attacks).

○ Can adapt to new types of attacks as it identifies abnormal patterns.

○ Requires constant monitoring to establish accurate baseline behavior.

● Definition: This system uses predefined signatures or patterns of known attacks to

○ Very accurate for detecting known attacks.

○ Low false positive rate.

○ Cannot detect new, unknown attacks.

○ Requires regular updates to the signature database to remain effective.

● Definition: This system combines the benefits of both anomaly-based and

○ Flexible and able to detect both known and unknown attacks.

○ Reduced false positives compared to anomaly-based IDS.