Wireless networks - Lecture 37: Transport protocols/security in WSN

Wireless networks - Lecture 37: Transport protocols/security in WSN. The main topics covered in this chapter include: transport protocols for WSN; TCP/UDP for WSN; protocols; security threats in WSN; TinySec; motivations of link layer security; TinySec design goals; semantic secure encryption in TinySec;...

Wireless Networks

Lecture 37 Transport Protocols/Security in WSN Part IV

Dr Ghalib A Shah

 Motivations of Link Layer security

 TinySec Design goals

Last Lecture

 Routing Challenges and Design Issues

► Deployment, Routing method, heterogeneity, fault tolerance,

power, mobility etc

Sink-to-Node(s) Transport

Nodes-to-Sink Transport

Congestion Control

Why not TCP or its variants for WSN?

 Higher overheads for short data transmissions

 Flow and congestion control cause unfair bandwidth for

farther nodes

 Throughput degrades under wireless due to higher

packet losses

 End-to-end congestion needs longer time to mitigate

congestion, causing more congestion to occur

 End-to-end reliability consumes more energy and

bandwidth than hop-by-hop

 Packet-based reliability, which is not required for

event-driven applications

Why not UDP?

 Lower over overheads but

► No congestion control

► No flow control

► No reliability

Pump Slowly, Fetch Quickly (PSFQ)

 Nodes broadcast fragments, in-sequence to next hop,

which stores and forwards If a node detects gap it

broadcasts a NACK Hop-by-hop store and forward

Des cription Pump, Fetch, Report Msgs

C.Y Wan, A.T Campbell, and L Krishnamurthy, “PSFQ: A Reliable Transport Protocol for Wireless Sensor Networks,” WSNA'02,

Atlanta, Georgia, USA, September 28, 2002.

Pump Operation

 User Node broadcasts a packet to its neighbors every Tmin

 Decrements TTL and schedules a transmission

► Tmin < Ttransmit < Tmax

► If a node hears same transmission four times before Ttransmit it would cancel

its transmission Fetch Operation

 Sequence number gap is detected

► Node will send a NACK message upstream, NACK scope is 1 hop

► NACKs are generated every Tr; (Tr << Tmax)

► NACKs can be cancelled if neighbors have sent similar NACKs

 Node enters ‘proactive fetch’ mode if last segment hasn’t been received

and no packet has been delivered after Tpro = a * (Smax - Smin) * Tmax

Report Operation

 Used as a feedback/monitoring mechanism

When No Link Loss –  Multi­Hop 

Forwarding  takes place Error Recovery Control Messages are wasted

Error recovery – Store and Forward. PSFQ Pump Operation. If not  in­order  and  TTL not 0   Cache  duplicate and  Schedule   and 

for Forwarding  at time t (T min <t<T max )

3

Recover 2

Recover 2 Recover 2

t

Tmin

Tmax

1 1

1

Problems  with PSFQ

Tproc

last­1 last last

PSFQ Proactive Fetch Operation.

2 1

ESRT’s Definition of Reliability

 Reliability is measured in terms of the number of

packets received Or reporting frequency i.e.,

number of packets/decision interval

 Observed reliability: number of received data

packets in decision interval at the sink

 Desired reliability: number of packets required for

reliable event detection

 Normalized reliability = observed/desired

13 ESRT

ESRT Operations

Algorithm for ESRT

 If congestion and low reliability: decrease reporting

frequency aggressively (exponential decrease)

 If congestion and high reliability: decrease reporting

to relieve congestion No compromise on reliability (multiplicative increase)

 If no congestion and low reliability: increase reporting

frequency aggressively (multiplicative increase)

 If no congestion and high reliability: decrease

reporting slowing (half the slope)

CODA: Congestion Detection and Avoidance

of congestion in the network

this information to upstream nodes

Application General Purpose (event­to­sink)

Features Uses buffer occupancy and channel sampling to detect 

congestion, assumes event occurrence as source of  congestion not wireless links or interference

Conges tion Detection

► Buffer queue length or Buffer occupancy – not a good measure of the

or not, depending on its own local network condition

CODA

Clos ed­loop, multi­s ource regulation

throughput, it is more likely to contribute to congestion, so it enter into sink regulation

ACKs over a predefined period If source does not gets necessary ACKs it decreases its rate.

6

4 5

3

Congestion  detected

1,2,3 ACK 4,5,6

Congestio

n detected 7,8

Regulate  bit is set

ACK

Open loop, hop-by-hop backpressure Closed loop, multi-source regulation

Security threats in Sensor Networks

 Use of wireless communications -In a broadcast

medium, adversaries can easily eavesdrop on,

intercept, inject and alter transmitted data

 Adversaries can Interact with networks from a distance

by inexpensive radio transceivers and powerful

workstations

 Resource consumption attacks Adversaries can

repeatedly send packets to drain nodes battery and

waste network bandwidth, can steal nodes

 However , these threats are not addressed Focus is on

guaranteeing message authenticity, integrity and

confidentiality

TINYSEC

 Light weight and efficient link layer security

package

 A research platform that is easily extensible

and has been incorporated into higher level protocols.

 Developers can easily integrate into sensor

network applications.

Motivation for Link layer security in Sensor Networks

communications where intermediate routers only need to view the message headers

networks?

► If message integrity checked only at the destination, the networks may

route packets injected by an adversary many hops before they are

► In-network processing is done to avoid redundant messages-Requires

just not the headers as in conventional networks

when they are first injected onto the network.

Design Goals-Security Goals

 A link layer security protocol should satisfy three basic

security properties:

 Access control and Message integrity

-prevent unauthorized parties from participating

 Confidentiality

- keeping information secret form unauthorized parties

 Explicit omission: Replay protection

-an adversary eavesdropping a legitimate message sent b/w 2 authorized

parties replays it at a some time later

Design goals –Performance goals

 A system using cryptography will incur

increased overhead in length of the message

 Overhead limitations-REQUIRED

 Increased message length results

► decreased message throughput

► increased latency

► Increased power consumption ( Sensor Networks)

► Carefully tune the strength of security mechanisms

for reasonable security while limiting overheads

Design Goals-Ease of Use

 Security Platform-

► Higher level security protocols can use Tinysec to create

secure pair wise communication between neighboring nodes.

► Application programmers are unsure of security parameters

and can disable if standardized APIs are not provided

► Should be transparent to the user

 Portability

► should fit into the radio stack so that porting the radio stack

from one platform to another (ATmel, Intel, X86 etc) is a simple job.

 Motivations of Link Layer security

 TinySec Design goals