DYNAMIC KEYING IN TINYSEC. SECURITY ARCHITECTURE FOR WIRELESS SENSOR NETWORKS

Abstract

Wireless sensor networks hold the promise of facilitating large-scale, real-time data processing in complex - environments. Sensors are vulnerable to serious security attacks and are subject to compromise, manipulation by adversaries, capture and dynamic addition/removal of sensors. An adversary with a simple radio receiver/transmitter can easily eavesdrop on conversations, inject/modify packets, and mount denial-of-service (DoS) attacks. These challenges, along with the severe resource constraints in each sensor node, limit both the security and the performance of a wireless sensor network. TinySec (Tiny Security) algorithm'has been implemented by University of California, Berkeley. It provides link layer security with confidentiality, data integrity, and authentication. These services must. be supported to prevent. adversaries from _ compromising the sensor network. Advanced cryptography cannot be used by resource-poor sensor nodes. This algorithm uses global keying (nodes are preloaded with same symmetric key) which are susceptible to node capture attacks. Once any node is compromised by the adversary, the very purpose of having security is defeated. In this dissertation, we have concentrated on detecting node capture and then dynamically changing the symmetric key. The dynamic key changing algorithm does intrusion detection when the node leaves the network. If it joins back the network for launching DOS attacks, the key is changed dynamically to counter the attacks. TinyOS is the operating system for sensor devices. TinyOS 1.0 is the official release by UC Berkeley. This. version did not have required modules and interfaces for implementing dynamic key change. It has been modified accordingly and is a new exe version on its own. The implementation has been done using 'NESC' (Network Embedded Systems C) language on a Cygwin (UNIX shell for Windows) platform and simulated using TOSSIM (TinyOS Simulator). JAVA is used for data gathering, controlling and monitoring the network.