A Tutorial Wireless Sensor Networks - Old Dominion …olariu/HICSS38-tutorial.pdf · ·...

HICSS-38, Big Island, January 3, 2005 11

A Tutorial A Tutorial onon

Wireless Sensor Networks Wireless Sensor Networks

Stephan OlariuStephan Olariu

Sensor Network Research GroupSensor Network Research Group

Old Dominion UniversityOld Dominion University

[email protected]@cs.odu.eduedu


Tutorial roadmapTutorial roadmap

The vision: The vision: smart environmentssmart environments

What are wireless sensor networks?What are wireless sensor networks?

ApplicationsApplications

Conquering scale: a virtual infrastructureConquering scale: a virtual infrastructure

Middleware for wireless sensor networksMiddleware for wireless sensor networks

TaskTask--based managementbased management

Leveraging the virtual infrastructureLeveraging the virtual infrastructure

Information assurance in wireless sensor networksInformation assurance in wireless sensor networks

Concluding remarksConcluding remarks


Bricks and mortarBricks and mortar……


How it all started How it all started ……

SmartDustSmartDust program (sponsored by DARPA) defined program (sponsored by DARPA) defined sensor networks as:sensor networks as:

A sensor network is a deployment of massive numbers of small, inexpensive, self-powered devices that can sense, compute, and communicate with other devices for the purpose of gathering local information to make global decisions about a physical environment


SmartDust –– the vision

An airplane traverses a battlefield and deploys massive numbers of small sensorsThe sensors randomly scatter spatially as they landThe sensors self-organize into an ad hoc network such that information can be transmitted in a multi-hop route to a collection pointThe sensors monitor and report on troop movements, armaments, mine fields, etc


The National Research Council expanded the DARPA definition:

Sensor networks are massive numbers of small, inexpensive, self-powered devices pervasive throughout electrical and mechanical systems and ubiquitous throughout the environment that monitor (i.e., sense) and control (i.e., effect) most aspects of our physical world

Later NRC got involved, too…


What are sensors?

Sensors pack:Sensors pack:micromicro--sensor technologysensor technologylow power signal processinglow power signal processinglow power computationlow power computationlow power shortlow power short--range communications capabilitiesrange communications capabilitiesmodest nonmodest non--renewable energy budgetrenewable energy budget

As a rule, sensors linked by some wireless mediumAs a rule, sensors linked by some wireless medium

No fabricationNo fabrication--time identity!time identity!


Typical sensor diagram

Transceiver

Embedded Processor

Sensor

Battery

Memory

Transceiver

Embedded Processor

Sensor

Battery

Memory

1Kbps- 1Mbps3m-300m

Lossy Transmission

8 bit, 10 MHzSlow Computation

Limited Lifetime

Requires Supervision

Multiple sensors

128Kb-1MbLimited Storage


Types of sensors

PressurePressureTemperatureTemperatureLightLightBiologicalBiologicalChemicalChemicalStrain, fatigueStrain, fatigueTiltTiltAccelerationAccelerationSeismicSeismicMetal detectors

What are some What are some examples of examples of

sensors?sensors?

Metal detectors


Thus, sensors can measureThus, sensors can measure……

Distance to an objectDistance to an objectDirection of objectDirection of objectAmbient temperatureAmbient temperaturePresence of chemicalsPresence of chemicalsLight intensityLight intensityVibrationsVibrationsMotionMotionSeismic/tremor dataSeismic/tremor dataAcoustic dataAcoustic data

http://www.wave-lynk.com/images/CT-5300-Logic Link.jpg





Goal: mmGoal: mm33 devices!devices!

MICA mote (1MICA mote (1stst generation sensor node)generation sensor node) Specs (2Specs (2ndnd generationgeneration sensor node)sensor node)

Size Size 2mm x 2.5mm2mm x 2.5mmProcessor/Memory Processor/Memory AVRAVR--like RISC processor, 3K of memory, 8 bit onlike RISC processor, 3K of memory, 8 bit on--chip ADC, chip ADC,

paged memory system, 32 KHz oscillatorpaged memory system, 32 KHz oscillatorRadioRadio:: FSK radio transmitter,FSK radio transmitter,OtherOther: : Programming interface, RS232 compatible UART, 4Programming interface, RS232 compatible UART, 4--bit bit

input port, 4input port, 4--bit output port, encrypted communication bit output port, encrypted communication hardware supporthardware support

CostCost less than $1.00 (in quantity)less than $1.00 (in quantity)What can it do?What can it do? Communicate 40+ feet indoors (walls), 19,200Kbps, frequenCommunicate 40+ feet indoors (walls), 19,200Kbps, frequency cy

separation 180KHzseparation 180KHz


Sensors: modus operandi…

Conserve energysleep a lot, wake up periodicallywork locally, communicate sparingly

Work unattendedMust be adaptive to the environmentSupplement modest energy budget by scavenging(remember the night-vision goggles?)Hopefully, energy will not be a major problem


Wireless sensor networks (WSN)Wireless sensor networks (WSN)

Distributed system with no central controlDistributed system with no central control

MassiveMassive numbernumber of sensors of sensors densely deployeddensely deployed in in the area of interest the area of interest

Random deploymentRandom deployment: individual sensor positions : individual sensor positions cannot be engineered cannot be engineered

Main goal:Main goal: global info from local dataglobal info from local dataOnly as good as the information it produces

information qualityinformation quality

information assuranceinformation assurance


Wireless networks 101

InfrastructureInfrastructure--based networksbased networkscellular networkscellular networks

satellite networkssatellite networks

RapidlyRapidly--deployable networksdeployable networksadad--hoc networkshoc networks

wireless sensor networkswireless sensor networks

heterogeneous networksheterogeneous networks

Hybrid networksHybrid networkswireless Internetwireless Internet


WSN versus ad hoc networksWSN versus ad hoc networks

Number of nodes: orders of magnitude higher in WSNorders of magnitude higher in WSNDensity of deployment:Density of deployment: orders of magnitude higher in orders of magnitude higher in WSNWSNReliability:Reliability: Sensors are prone to failure!Sensors are prone to failure!Topology:Topology: highly dynamic in WSN due to sleephighly dynamic in WSN due to sleep--awake awake cyclecycleCommunications:Communications: broadcast in WSN, pointbroadcast in WSN, point--toto--point in point in ad hoc networksad hoc networksModest resources Modest resources power budget, computational and power budget, computational and communications capacitycommunications capacityAnonymityAnonymity of nodes in WSNof nodes in WSN


Communication issuesCommunication issues

Sink: longSink: long--range radio connecting WSN to outside range radio connecting WSN to outside world world

Communication: Communication: sensorsensor--toto--sink(s): multisink(s): multi--hop hop

sink(s)sink(s)--toto--sensors: broadcast or multicastsensors: broadcast or multicast

Modest power budget/onModest power budget/on--board memory imposeboard memory imposesimple and powersimple and power--efficient communication protocolsefficient communication protocols

optimaloptimal number of sensors performing given tasknumber of sensors performing given task

multimulti--hop communicationshop communications

minimalminimal MAC layer contentionMAC layer contention


Sample WSN deploymentsSample WSN deployments

Military security Military security

Industrial sensing networks Industrial sensing networks (temperature, pressure, (temperature, pressure, displacement, tilt)displacement, tilt)

Civil structural monitoring (strain, Civil structural monitoring (strain, fatigue and corrosion)fatigue and corrosion)

Environmental monitoring Environmental monitoring

Agricultural applications Agricultural applications (temperature, humidity, etc.)(temperature, humidity, etc.)

Typical size: 4.3 x 2.4 x 1 inchesTypical size: 4.3 x 2.4 x 1 inches


Basic functional view of WSNBasic functional view of WSN

Deployment area

Sink

End user

Satellite

Internet

Event

Multi-hop routing


Detailed view of WSN systemDetailed view of WSN system

sensorssensorslocal sink nodelocal sink node

(in(in--network data repositories)network data repositories)

Sink Sink (mobile/airborne)(mobile/airborne)

(connection to outside world)(connection to outside world)

deployment areadeployment area

highhigh--level level InterestsInterests

(tasks/queries)(tasks/queries)

useruserReturnedReturned

resultsresults

Internet/satelliteInternet/satellite LowLow--level level tasks/queriestasks/queries


Interfacing Interfacing WSNsWSNs

sink sinksink← ←


Applications of WSNApplications of WSN


Broad application classes

Monitoring of static environmentsenvironmental monitoringhabitat monitoringsurveillance

Monitoring of moving objects/targetstracking animals in wildlife preservesmovement tracking of enemy vehiclescross-border infiltration


Specific application domains

Environmental forest fire detection and control (real-time reaction)precision agriculture (monitoring pesticide level in the water supply, level of soil erosion)

Biomedicaltele-monitoring of physiological data (storage for medical research, help the elderly)drug administration in hospitals (attach guard sensors to medication to prevent errors)


Medical applicationsMedical applications


Habitat monitoringHabitat monitoring

Courtesy: USC WebsiteCourtesy: USC Website


Ecosystem monitoringEcosystem monitoring

Primary node

Secondary nodes

•Dense network of physical, chemical sensors in soil and canopy

•Measure and characterize previously unobservable ecosystem processes


Supply chain managementSupply chain management


Traffic control

Can networked sensors control traffic flow better than a loose network of people?


EmbedSense™A wireless sensor data acquisition system

Can be used in monitoringCan be used in monitoringtemperature, pressure, andtemperature, pressure, andnoise level in jet enginesnoise level in jet engines

Uses a Uses a piezopiezo--electric powerelectric powersourcesource

No batteries No batteries -- big advantagebig advantage

http://http://www.microstrain.comwww.microstrain.com


SecuritySecurity--related applicationsrelated applications

Military/homeland security Military/homeland security monitoring friendly forces equipment and ammunition (via monitoring friendly forces equipment and ammunition (via attached sensors)attached sensors)

battlefield surveillance (monitoring critical terrain, battlefield surveillance (monitoring critical terrain, routes, bridges and straits for enemy activity)routes, bridges and straits for enemy activity)

battle damage assessment (field reports from attached battle damage assessment (field reports from attached sensors give reports in realsensors give reports in real--time)time)

early detection of biological, chemical, or nuclear attack early detection of biological, chemical, or nuclear attack detection detection

containment of terrorist attacks: sensors deployed across containment of terrorist attacks: sensors deployed across metropolitan areas to guide public and first respondersmetropolitan areas to guide public and first responders


Securing US portsSecuring US ports

Only 2% Only 2% of the containers entering our ports are checked!


Securing container transitSecuring container transit


…… and handlingand handling


What futurists predictWhat futurists predict……

Exponential improvements in size, power, computation, Exponential improvements in size, power, computation, communication, etc. will continue to expand the communication, etc. will continue to expand the definition and application domains of WSN definition and application domains of WSN

The ever increasing capabilities of pervasive and ubiquitous sensor networks will improve the intelligence, autonomy, and adaptability of electrical and mechanical systems such that they will soon converge with and surpass the capabilities of humans


The future: smart environments The future: smart environments

Primitive elements, massively embedded in the physical Primitive elements, massively embedded in the physical world, that canworld, that can sense, compute, actuate and network sense, compute, actuate and network togethertogether

These primitives selfThese primitives self--organize to create a smart organize to create a smart environment that encapsulates the real physical world environment that encapsulates the real physical world

Endowing the physical world with these primitives is Endowing the physical world with these primitives is prerequisite to constructing smart environmentsprerequisite to constructing smart environments

Smart environment exported to the users!Smart environment exported to the users!


BioBio--mimetic modelsmimetic models……

How do we get from the basic implementations of SmartDust to the future of intelligent, autonomous sensor networks?

Possible solution: We can learn much about the progression from simple to complex by mimicking the evolution of Life


Acquiring location awareness in WSNAcquiring location awareness in WSN


Why localization? Why localization?

Security Office

Sensors

Intrusion monitoring system

Reporting node

Security Personnel


Localization Localization –– approachesapproaches

Vary with assumptions and requirementsVary with assumptions and requirementsenvironment of deployment (indoor vs. outdoor)environment of deployment (indoor vs. outdoor)

network makeup (homogeneous vs. heterogeneous)network makeup (homogeneous vs. heterogeneous)

hardware availablehardware available

anchor/beacon densityanchor/beacon density

signal propagation models signal propagation models

timing and energy requirementstiming and energy requirements

time synchronization time synchronization

error requirements, and error requirements, and

device mobilitydevice mobility


Localization Localization –– a taxonomya taxonomy

CoarseCoarse--grain localization (training)grain localization (training)

FineFine--grain localizationgrain localization

Triangulation Triangulation LaterationLateration: use multiple distance measurements between : use multiple distance measurements between known pointsknown points

AngulationAngulation: measures angle or bearing relative to points : measures angle or bearing relative to points with known separationwith known separation

ProximityProximity: measures nearness to a known set of : measures nearness to a known set of pointspoints

Scene analysis:Scene analysis: examine a view from a certain examine a view from a certain vantage pointvantage point


Localization Localization –– a taxonomy (conta taxonomy (cont’’d)d)

Approaches based on extensive specialized hardware:Approaches based on extensive specialized hardware:OutdoorsOutdoors

GPSGPS

IndoorsIndoorsActive Badge (cellular proximity, infrared badges, central Active Badge (cellular proximity, infrared badges, central server)server)Active BAT (ultrasoundActive BAT (ultrasound--based; more accurate location based; more accurate location identification)identification)Cricket (ultrasound emitters and object receivers, objects Cricket (ultrasound emitters and object receivers, objects selfself--localize)localize)RADAR (IEEE802.11 based, uses signal strength and S/N RADAR (IEEE802.11 based, uses signal strength and S/N ratio to deduce 2D position of wireless devices indoors)ratio to deduce 2D position of wireless devices indoors)


Refresher: how triangulation worksRefresher: how triangulation works

Anchor 1 Anchor 2

d1 d2

Arbitrary Node


How triangulation works (contHow triangulation works (cont’’d)d)

Anchor 1 Anchor 2

A

B

d1 d2



Anchor 1 Anchor 2

A

B

D

d1

d2

Anchor 3



Anchor 1 Anchor 2

A

B

D2D1

d1

d2

Anchor 3


A simple localization protocol


Conquering scaleConquering scale


How do we conquer scale?How do we conquer scale?

Golden Rule: Divide and Conquer!Golden Rule: Divide and Conquer!

Graft a virtual infrastructure on top of physical Graft a virtual infrastructure on top of physical networknetwork

How is this done?How is this done?specialspecial--purpose: protocol drivenpurpose: protocol driven

general purpose: designed without regard to protocolgeneral purpose: designed without regard to protocol

GeneralGeneral--purpose infrastructure should be leveraged purpose infrastructure should be leveraged by by manymany protocols!protocols!


Localized protocolsLocalized protocols

WSN topology changes frequentlyWSN topology changes frequently

SelfSelf--organization must be adaptive to local changesorganization must be adaptive to local changes

Global protocols require global information for Global protocols require global information for making local decisions: making local decisions: global protocols do not scale!global protocols do not scale!

Localized protocols require Localized protocols require only localonly local information for information for sensor decisionssensor decisions

Maintenance must also remain localMaintenance must also remain local


Simple hierarchical view of WSNSimple hierarchical view of WSN

The entire WSN is divided The entire WSN is divided into a number of clustersinto a number of clusters

Sensors talk only to their Sensors talk only to their cluster head (CH)cluster head (CH)

CHs at increasing levels in the CHs at increasing levels in the hierarchy need to transmit hierarchy need to transmit data over relatively longer data over relatively longer distancesdistances

To distribute energy To distribute energy consumption evenly, all the consumption evenly, all the nodes take turns in becoming nodes take turns in becoming the CH for a time interval the CH for a time interval called the cluster periodcalled the cluster period


ClusteringClustering

Used in most existing WSNUsed in most existing WSNClustering by self-organization: many protocols availableLocal changes may trigger global updates


Components of the virtual infrastructureComponents of the virtual infrastructure

Dynamic coordinate systemDynamic coordinate systemlocationlocation--based identifiersbased identifiers

coarsecoarse--grain location awarenessgrain location awareness

Clustering schemeClustering schemecheap scalabilitycheap scalability

MiddlewareMiddlewarework modelwork model

hierarchical specification of work and hierarchical specification of work and QoSQoS

tasktask--based management modelbased management modellowlow--level implementation of work modellevel implementation of work model


The dynamic coordinate systemThe dynamic coordinate system

CentrallyCentrally--places places training training agent (TA)agent (TA)

Components:Components:

coronascoronas

wedgeswedges

Individual sensors acquireIndividual sensors acquire

corona numbercorona number

wedge numberwedge number

Coordinate system is Coordinate system is dynamic and does not dynamic and does not require sensor IDsrequire sensor IDs

My coordinates My coordinates are (4,2)are (4,2)


Training optionsTraining options

CoarseCoarse--grain location grain location awareness essentialawareness essential

Training with GPS?Training with GPS?

CoCo--located TA?located TA?

Several TAs?Several TAs?

External TA? (e.g. External TA? (e.g. helicopter)helicopter)












The cluster structureThe cluster structure

Cluster: locus of all sensors having the same Cluster: locus of all sensors having the same coordinatescoordinates

Clustering falls out for free once coordinate system Clustering falls out for free once coordinate system availableavailable

Accommodates sensors with no IDsAccommodates sensors with no IDs

Clusters can be further subdivided Clusters can be further subdivided –– color graphscolor graphs


What are color graphs?What are color graphs?

Simple way to enrich Simple way to enrich hierarchyhierarchy

Clusters are furtherClusters are further

subdivided into subdivided into pp color color

sets sets

What result are What result are pp(global) color graphs(global) color graphs


WhatWhat’’s so nice about color graphs?s so nice about color graphs?

Very robust: each color graph is connected with high probabilityThus, can serve for routing!They are (rich) cousins of circular arc graphs: vast body of knowledge to tap into for protocol design!Graceful degradation as energy budget depleted


Middleware for WSN?Middleware for WSN?

Appropriate middleware must provide standardized Appropriate middleware must provide standardized and portable system abstractionsand portable system abstractions

Standardize interface to WSNStandardize interface to WSN

Requirements for middleware for WSNRequirements for middleware for WSNnegotiate negotiate QoSQoS parameters on behalf on WSNparameters on behalf on WSN

support and coordinate concurrent applicationssupport and coordinate concurrent applications

translate hightranslate high--level complex goals into lowlevel complex goals into low--level taskslevel tasks

coordination among sensorscoordination among sensors

handle heterogeneity of sensorshandle heterogeneity of sensors


The work modelThe work model

Application levelApplication levelInterestInterest

TaskTask Network/cluster levelNetwork/cluster level

CapabilityCapabilitySensor levelSensor level

Primitive operationsPrimitive operations


The work modelThe work model

Application layer

--

Event

Interest Interest Result set, status

(error conditions, etc.)

Clusterr level

Communication

Capability(P-tasks+QoS)

Negotiated QoS

Sink

Sensor Network Layer

Middleware

sensor 1 sensor 2 sensor n

Micro-taskResults, status

CPL CPL CPL


A taskA task--based management schemebased management scheme


Developing a taskDeveloping a task--based management schemebased management scheme

The problem is to develop, based on the work model, a task-based management scheme that supports:

Automated mapping of application level units of work to network level units of work subject to the negotiated QoSconstraintsFor a given network level unit of work, a scalable recruitment scheme for dynamically assigning sensors to the workforce performing this unit of work, subject to energy constraintsSupporting secure group communications among sensors


TaskTask--based managementbased management

A task is a A task is a tupletuple T(A,c,S,D,T(A,c,S,D,ππ,q) where:,q) where:

A A –– action to be performedaction to be performed

c c –– color set to be usedcolor set to be used

S S –– source clustersource cluster

D D –– destination clusterdestination cluster

ππ –– routing path from S to Drouting path from S to D

q q –– desired desired QoSQoS levellevel


Complexity of collaboration in WSN

Sensor limitations make collaboration imperiousFundamental problems for effective collaboration

anonymityscale

For example, consensus building protocols such as contention resolution, leader election, synchronization, invariably assume unique identifiersTherefore, classical collaboration schemes are not adequate for WSNs with anonymous nodes


In-network storage(WSN as databases)


Interacting with WSN

Querying: standard way of interacting with WSNMiddleware pushes queries into WSNQuery types:

one-shot: run once on the current data set; provides snapshot view of data/networkpersistent: issued once and then logically run recurrently on the database; useful for analysis of data collected over time (especially for in-network storage)

Responding to a query:push/pull –– application-specificdata aggregation capability desirable


Sensor databasesSensor databases

One-shot Persistent

WSN

Sink

WSN

Sink

Persistent query

Push-based:whenever change in data occurs, results are pushed to user

Pull-based:pulls results based on current data

One-shot query

In-network storage and processing reduces energy expenditure and promotes WSN longevityTrades off communication with local computation Makes sense: communication more expensive than

computation


Persistent queries (PQ)Persistent queries (PQ)

PQ=(Q, PQ=(Q, triggertrigger, , terminationtermination))

Execution of PQExecution of PQexecuted when the query is issuedexecuted when the query is issued

subsequently executed when subsequently executed when triggertrigger condition holdscondition holdstimertimer--basedbasedeventevent--basedbased

stops execution when stops execution when terminationtermination condition satisfiedcondition satisfied


Trigger conditionsTrigger conditions

TimerTimer--basedbasedimmediateimmediate

at a specific timeat a specific time

at regular time intervalsat regular time intervals

EventEvent--basedbaseda simple conditiona simple condition

an aggregate condition (based on the combined value of data an aggregate condition (based on the combined value of data in a locale)in a locale)

a relationship between previous and current data valuesa relationship between previous and current data values


Challenges in PQChallenges in PQ

Example: Intrusion detection/target tracking

Internet+

-S

+

-S +

-SS +

-S +

-S

+

-STarget

WSNS

S

AdaptivityAdaptivity to dynamically changing environmentsto dynamically changing environmentsScalabilityScalabilityGraceful degradation under extreme conditionsGraceful degradation under extreme conditions

fluctuations such as increased workloads, fluctuations such as increased workloads, burstybursty datadatahow can the system keep up? how can the system keep up? maybe drop some data or work with filtered datamaybe drop some data or work with filtered data


Information assurance inInformation assurance inWSNWSN


What is information assurance?

Information operations that protect and defend information and information systems ensuring their availability, integrity, authentication, confidentiality, and non repudiation. This includes providing for restoration of information systems by incorporating protection, detection, and reaction capabilities


Key componentsKey components

Network survivability:Network survivability: ability of the WSN to function ability of the WSN to function in the wake of failures by minimizing their impactin the wake of failures by minimizing their impact

Information availability (information survivability):Information availability (information survivability):need for a user to have uninterrupted and secure need for a user to have uninterrupted and secure access to information on the WSN access to information on the WSN

Network security:Network security: attempts to provide basic security attempts to provide basic security services services

Information security:Information security: an ongoing process that utilizes an ongoing process that utilizes software and hardware to help secure information software and hardware to help secure information flow flow


ThusThus……

Information assurance is more inclusive than Information assurance is more inclusive than information securityinformation security

Assurance involves not only Assurance involves not only protectionprotection and and detection but also detection but also reaction reaction (mainly survivability and (mainly survivability and dependability of the system that has been subject dependability of the system that has been subject to successful attack)to successful attack)

It also includes proactive (offensive) information It also includes proactive (offensive) information operations, termed operations, termed information warfareinformation warfare, against , against attackersattackers


Extending WSN longevity

Sink

Path of the query

Path of the reply

Enforce (quasi-) optimal number of sensors per taskPower control to maintain network connectivity in spite of sensor failure/energy depletionTopology control to enhance effective functional lifetime of WSN


Problems with sleeping

Basic schemeBasic schemesleep sleep –– wakeup cycleswakeup cyclesat wakeup: check for at wakeup: check for ““calls for participationcalls for participation””if eligible to participate stay awakeif eligible to participate stay awake

Sleeping affects Sleeping affects density of deploymentdensity of deploymentreadiness of the WSNreadiness of the WSNresponse timeresponse time

Adjusting sleep time dynamically promotesAdjusting sleep time dynamically promotessystem longevitysystem longevityconnectednessconnectedness


WSN health monitoringWSN health monitoring

Query resource availabilityQuery resource availabilityEnergy map: spatial and temporal energy gradient of Energy map: spatial and temporal energy gradient of the WSNthe WSNUsage pattern: identifyUsage pattern: identify

periods of activity for sensorsperiods of activity for sensorshot spotshot spots

Selectively place additional sensors at hot spots to Selectively place additional sensors at hot spots to improve performance (not always an option)improve performance (not always an option)SelfSelf--healing a must!healing a must!Who should be responsible?Who should be responsible?


Information security inInformation security inWSNWSN


What happens in the wired world?

In wired communications signal confined in copper or optical fiberPrecautions taken to avoid unauthorized access

devices are physically protectedcabling is protected from eavesdroppingfirewalls are installed

Attacks of interruption and interception of data unlikely (but possible)The main thrust is securing the access point rather than theapplication!


What happens in the wireless?

It is not possible to avoid unauthorized devices to reach the network areaAny device within reach of radio-frequency signals can get access to data being transmittedThus, attacks of interruption and interception of data are likelyWhat can be done: spread spectrum increases the difficulty for

signal interruptioneavesdropping

It is important to understand that wireless communications affect only the physical, data link and network layers of the OSI stackIn particular, all methods of cryptography developed at transport layer and above remain valid: can we afford them??


A taxonomy of security-related problems

Operational security concernsOperational security concerns

Application levelApplication levelthe main focus is on techniques that guarantee a desired the main focus is on techniques that guarantee a desired applicationapplication--level functionalitylevel functionality

Network levelNetwork levelthe main concern revolves around techniques that ensure the main concern revolves around techniques that ensure secure communications in WSNsecure communications in WSN


A taxonomy of security-related problems

Infrastructure security concernsInfrastructure security concernsGoal: protect the infrastructure throughout the network lifetimeProblem: develop a scheme to secure infrastructure against an external adversary such that:

the scheme will work uniformly during training (construction of the infrastructure), and network operation phases the scheme will work assuming threats to confidentiality, integrity, availability, as well as threats to the physical layer (jamming)


Major insecurities in WSN

Problems arising from lack of individual IDsauthentication is hardnon-repudiation is hard to enforcenode impersonation is easy

Problems arising from sleep-awake cycles and system longevity

trust relationships hard to establish

Eavesdropping: may give an adversary access to secret information violating confidentialitySensors run the risk of being compromised

by infiltrationby tampering


Security goals

Availability: ensures the survivability of network services despite denial-of-service (DoS) attacksConfidentiality: ensures that information is not disclosed to unauthorized entitiesIntegrity: guarantees that a message being transferred is never corruptedAuthentication: enables a node to ensure the identity of the peer node with which it communicatesNon-repudiation: ensures that the origin of a message cannot deny having sent the messageAnonymity: hide sources, destinations and routes


A succinct list of attacks

Eavesdropping: an attacker that monitors traffic can read the data transmitted and gather information by examining the source of a packet, its destination, size, number, and time of transmissionTraffic analysis: allows an attacker to determine that there is activity in the network, the location of base stations, and the type of protocol being used in the transmissionMan-in-the-middle: attack establishes a rogue intermediary pretending to be a valid sensor Tampering: involves compromising data stored inside sensor usually by node capturingDoS attacks: can be grouped into three categories

disabling of service (e.g., sinkhole, HELLO flood attack),exhaustion, and service degradation (e.g., selective forwarding attack)

Can we guard against them?


Philosophy of our solutionPhilosophy of our solution

““An ounce of prevention An ounce of prevention is worth is worth

a pound of curea pound of cure””


What do we do?

Physical-layer encoding: virtually stamps out infiltration by the adversary Also, leverage the virtual infrastructure!Problems discussed

tamper resistanceauthenticationtraffic anonymity


Genetic materialGenetic material

Prior to deployment sensors are injected with the Prior to deployment sensors are injected with the following following genetic material:genetic material:

a publica public--domain pseudodomain pseudo--random number generatorrandom number generator

an initial time an initial time ---- at this point all the sensors are at this point all the sensors are synchronous to the sinksynchronous to the sink

Each sensor can generate pointers into:Each sensor can generate pointers into:a random sequence a random sequence tt11, t, t22, , ……, , ttii, , ……, , of time epochsof time epochs

a random sequence a random sequence nn11, n, n22, , ……, , nnii, , ……, , of frequency channelsof frequency channels

for every for every nnii a random hopping sequence a random hopping sequence ffi1i1, f, fi2i2, , ……, , ffipip, , ……,,


Illustrating time epochs, etcIllustrating time epochs, etc


Synchronization Synchronization –– generalitiesgeneralities

Synchronization does not scale!Synchronization does not scale!Thus, synchronization must beThus, synchronization must be

shortshort--livedlivedtasktask--basedbased

Just prior to deployment, the sensors are Just prior to deployment, the sensors are synchronized synchronized Due to clock drift reDue to clock drift re--synchronization is necessarysynchronization is necessarySensors synchronize by following the master clock Sensors synchronize by following the master clock running at the sinkrunning at the sinkIdea: determine the epoch and the position of the Idea: determine the epoch and the position of the sink in the hopping sequence corresponding to the sink in the hopping sequence corresponding to the epoch epoch


Synchronization Synchronization –– the detailsthe details

The sink dwells The sink dwells ττ micromicro--seconds on each seconds on each frequency in hopping sequencefrequency in hopping sequenceAssume that when a sensor wakes up during its Assume that when a sensor wakes up during its locallocal time epoch time epoch ttii the master clock is in one of the master clock is in one of the time epochs the time epochs ttii--11, , ttii,, or or tti+1i+1

Each sensor knows the Each sensor knows the lastlast frequencies frequencies λλii--11, , λλii,,and and λλi+1i+1 on which the sink will dwell in the time on which the sink will dwell in the time epochs epochs ttii--11, , ttii,, and and tti+1i+1

The strategy:The strategy: tune in, cyclically, to tune in, cyclically, to λλii--11, , λλii,, and and λλi+1i+1spending time spending time ττ/3/3 units on each of themunits on each of them


Synchronization – the details (cont’d)

Assume the sensor meets the sink on frequency Assume the sensor meets the sink on frequency λλii in in some unknown slot some unknown slot ss of of ttii--11, , ttii,, or or tti+1i+1

To verify the synchronization, the sensor attempts To verify the synchronization, the sensor attempts to meet the sink in slots to meet the sink in slots s+1, s+2s+1, s+2 and and s+3s+3 according according to its own frequency hopping for epoch to its own frequency hopping for epoch tti+1i+1

If a match is found, the sensor declares itself If a match is found, the sensor declares itself synchronizedsynchronizedOtherwise, it will return to scanning frequenciesOtherwise, it will return to scanning frequencies


Making sensors tamper-resistant

Philosophy: no additional hardware!Tampering threat model for sensors

forcing open in-situremoval from the deployment area

Play it safe: if in doubt blank out memory


Using neighborhood signatures

Immediately after deployment each sensor transmits on a specified sets of frequencies, using a special frequency hopping sequenceEach sensor collects an array of signal strengths from the sensors in its localeNSA – the Neighborhood Signature ArrayRemoval from deployment area changes in the NSA!


NSANSA--based authenticationbased authentication

Idea: neighbors exchange NSA information, Idea: neighbors exchange NSA information, creating a matrix of signatures creating a matrix of signatures A sensor that wishes to communicate with a A sensor that wishes to communicate with a neighbor identifies itself with its own NSAneighbor identifies itself with its own NSAUpon receiving the NSA the sensor checks its Upon receiving the NSA the sensor checks its validityvalidityAdditional twist: store several instances of the Additional twist: store several instances of the matrix of matrix of NSAsNSAsAuthentication dialogue: Authentication dialogue: ““what is your second to the what is your second to the last NSA?last NSA?””


Handling DoS attacks

Our physicalOur physical--layer encoding layer encoding

+ Tamper resistance + Tamper resistance

+ Infrastructure anonymity+ Infrastructure anonymity

Make Make DoSDoS attacks nextattacks next--toto--impossible!impossible!


What is anonymity?

Think of eThink of e--voting: the voting: the sourcesource of a message must be of a message must be protectedprotected

Denial of service: the Denial of service: the destinationdestination must be anonymousmust be anonymous

Mutual anonymity: both Mutual anonymity: both sourcesource and and destinationdestination of a of a communication remain anonymous to each othercommunication remain anonymous to each other

TrafficTraffic anonymity is extremely important!anonymity is extremely important!

StructuralStructural anonymityanonymity


Anonymity in WSN

Goal: prevent Goal: prevent DoSDoS attacksattacksdata sinksdata sinkstraffic patternstraffic patternscommunication pathscommunication pathsvirtual infrastructurevirtual infrastructure

Threat modelThreat modelinternal adversary internal adversary –– observes local traffic observes local traffic external adversaryexternal adversary –– observes the entire networkobserves the entire networknetwork has not been infiltratednetwork has not been infiltrated

Strategy: hide source, destination and routing pathsStrategy: hide source, destination and routing pathsTactics: add noise to trafficTactics: add noise to trafficHowever, adding noise (spurious traffic) is expensiveHowever, adding noise (spurious traffic) is expensive


An exampleAn example


Our solution

Randomize destinations Randomize destinations timetime--dependent destinationsdependent destinations

tasktask--dependent destinationsdependent destinations

Randomize trafficRandomize trafficstipulating paths in transactionstipulating paths in transaction

computing timecomputing time--dependent pathsdependent paths


Traffic anonymity: centralized solutionTraffic anonymity: centralized solution


Traffic anonymity: distributed solutionTraffic anonymity: distributed solution

Idea: time-dependent routing!Time is rules into epochs t1, t2, … ti …Generic epoch ti has own routing scheme


Secure group communications in WSNSecure group communications in WSN

WSN environments are inherently collaborativeGroups of sensors need to communicate securely, e.g.

nodes participating in a transactionnodes collocated in a cluster

Conventional public key cryptography is infeasible (why?)Group key management and distribution is one way to support secure group communicationsGroup key management challenges in WSN include sensor anonymity, massive large scale, resource limitations, etc.


A key distribution scheme for secure communications

This scheme supports group key initialization and subsequent group key management in the trained WSNThe scheme draws on Exclusion Basis Systems (EBS), a combinatorial formulation of the key distribution problemThe scheme leverages the infrastructure in two ways:

it leverages the training protocol for the purpose of group key initialization, and it leverages the coordinate system during network operation for mapping a particular node, using its location as hash key, to the set of EBS keys the node currently holds


Major highlights of EBS

In EBS systems, each group member is assigned a In EBS systems, each group member is assigned a unique subset of keys from a key pool unique subset of keys from a key pool

Specifically, an EBS is defined as a collection Specifically, an EBS is defined as a collection ΓΓ of of subsets of the set of memberssubsets of the set of members

Each subset corresponds to a key and the elements Each subset corresponds to a key and the elements of a subset are the sensors that have that key of a subset are the sensors that have that key

An EBS is characterized by the triple E(An EBS is characterized by the triple E(n,k,m), where), wheren is number of members numbered 1 to nis number of members numbered 1 to nk is size of the subset of keys each member holds, and is size of the subset of keys each member holds, and m is the number of reis the number of re--key messages needed to evict any key messages needed to evict any

member (and remember (and re--key the systemkey the system))


Major highlights of EBS (contMajor highlights of EBS (cont’’d)d)

To construct EBS(n,k,m) for feasible n,k, and m, we employ a canonical enumeration of all possible ways of forming k-subsets of objects from a set of k+m objects

Canonical matrix for EBS(10,3,2)Canonical matrix for EBS(10,3,2)Rows correspond to keys in the key pool (not shaded), and session key (shaded) Columns correspond to members

M0 M1 M2 M3 M4 M5 M6 M7 M8 M9 K1 1 1 1 1 1 1 0 0 0 0 K2 1 1 1 0 0 0 1 1 1 0 K3 1 0 0 1 1 0 1 1 0 1 K4 0 1 0 1 0 1 1 0 1 1 K5 0 0 1 0 1 1 0 1 1 1 T 1 0 0 0 0 1 0 0 1 0 S 1 1 0 0 0 1 1 0 0 0 U 1 1 1 1 1 1 1 1 0 0


EBS at work: key initialization

Let the EBS system in use be EBS(Let the EBS system in use be EBS(n,k,mn,k,m))At preAt pre--deployment each node is loaded with deployment each node is loaded with k, mk, m and the set and the set {{kk11,k,k22, , ……,,kkk+mk+m} that represent the EBS key pool, in addition to } that represent the EBS key pool, in addition to the state loaded for training purposesthe state loaded for training purposesEach node Each node xx computes independently the set of keys assigned to computes independently the set of keys assigned to it as follows:it as follows:

do the training protocol (node side)do the training protocol (node side)

hash key = Calculate the unique cluster Id(C(x),W(x))hash key = Calculate the unique cluster Id(C(x),W(x))

Corona(x), Wedge(x)Corona(x), Wedge(x)

myKmyK--subset = Hash(Canonical matrix of EBS(n,k,m) hash key) subset = Hash(Canonical matrix of EBS(n,k,m) hash key)

stopstop

startstart

Calculate subCalculate sub--cluster Idcluster Idand use that as hash keyand use that as hash key


Key initialization Key initialization –– an examplean example

Assume EBS(32,3,4), and a coordinate system with Assume EBS(32,3,4), and a coordinate system with 2 coronas and 8 wedges2 coronas and 8 wedges

Also, assume that the population in each cluster is Also, assume that the population in each cluster is to be divided to 2 subto be divided to 2 sub--clustersclusters

the details of the subthe details of the sub--clustering scheme are clustering scheme are omitted here: each node places itself in a subomitted here: each node places itself in a sub--cluster in its own clustercluster in its own cluster

Suppose Corona(x)= 1 and Wedge(x)=4Suppose Corona(x)= 1 and Wedge(x)=4

Node Node xx computes the set of keys assigned to itcomputes the set of keys assigned to it


Key initialization – an example (cont’d)

(0,0)(0,0)(0,1)(0,1)(0,2)(0,2)

(0,3)(0,3)(0,7)(0,7)

(0,6)(0,6)(0,5)(0,5)(0,4)(0,4)

(1,0)(1,0)

(1,1)(1,1)(1,2)(1,2)

(1,3)(1,3)

(1,4)(1,4)

(1,5)(1,5) (1,6)(1,6)

(1,7)(1,7)

(0,0)(0,0)(0,1)(0,1)(0,2)(0,2)

(0,3)(0,3)(0,7)(0,7)

(0,6)(0,6)(0,5)(0,5)(0,4)(0,4)

(1,0)(1,0)

(1,1)(1,1)(1,2)(1,2)

(1,3)(1,3)

(1,4)(1,4)

(1,5)(1,5) (1,6)(1,6)

(1,7)(1,7)

The coordinate systemThe coordinate system

1. 1. Choose at random a sub cluster (say 0)Choose at random a sub cluster (say 0)2. Compute the globally unique sub2. Compute the globally unique sub--cluster cluster

ID (24)ID (24)3. Derive the hash key (24+1)3. Derive the hash key (24+1)4. Hash in to Canonical(32,3,4)4. Hash in to Canonical(32,3,4)5. The bit string 0100011 corresponding to 5. The bit string 0100011 corresponding to

keys Kkeys K22,k,k66,k,k7 7 is returned is returned [0,1][0,1]

[2,3][2,3][4,5][4,5][6,7][6,7]

[14,15][14,15]

[12,13][12,13][10,11][10,11][8,9][8,9]

[16,17][16,17]

[18,19][18,19][20,21][20,21]

[22,23][22,23]

[24,25][24,25]

[26,27][26,27] [28,29][28,29]

[30,31][30,31]

[0,1][0,1][2,3][2,3][4,5][4,5]

[6,7][6,7][14,15][14,15]

[12,13][12,13][10,11][10,11][8,9][8,9]

[16,17][16,17]

[18,19][18,19][20,21][20,21]

[22,23][22,23]

[24,25][24,25]

[26,27][26,27] [28,29][28,29]

[30,31][30,31]

A map of all subA map of all sub--clustersclusters


To sum upTo sum up

Wireless sensor networks Wireless sensor networks –– the next paradigm shiftthe next paradigm shift

Sensors: Sensors: ““smart dustsmart dust”” –– like entitieslike entities

Virtual infrastructure Virtual infrastructure –– generalgeneral--purposepurpose

Can be leveraged for all sorts of applicationsCan be leveraged for all sorts of applications

Research in its infancyResearch in its infancy

Stay tuned for moreStay tuned for more……

Date post:	13-May-2018
Category:	Documents
Upload:	phungphuc
View:	217 times
Download:	2 times

A Tutorial Wireless Sensor Networks - Old Dominion …olariu/HICSS38-tutorial.pdf · ·...

Documents