Bagci, Ibrahim Ethem and Roedig, Utz (2016) Novel security mechanisms for wireless sensor networks. PhD thesis, Lancaster University.
thesis_iebagci.pdf - Published Version
Available under License Creative Commons Attribution.
Download (6MB)
Abstract
Wireless Sensor Networks (WSNs) are used for critical applications such as health care, traffic management or plant automation. Thus, we depend on their availability, and reliable, resilient and accurate operation. It is therefore essential that these systems are protected against attackers who may intend to interfere with operations. Existing security mechanisms cannot always be directly transferred to the application domain of WSNs, and in some cases even novel methods are desirable to give increased protection to these systems. The aim of the work presented in this thesis is to augment security of WSNs by devising novel mechanisms and protocols. In particular, it contributes to areas which require protection mechanisms but have not yet received much attention from the research community. For example, the work addresses the issue of secure storage of data on sensor nodes using cryptographic methods. Although cryptography is needed for basic protection, it cannot always secure the sensor nodes as the keys might be compromised and key management becomes more challenging as the number of deployed sensor nodes increases. Therefore, the work includes mechanisms for node identification and tamper detection by means other than pure cryptography. The three core contributions of this thesis are (i) Methods for confidential data storage on WSN nodes. In particular, fast and energy-efficient data storage and retrieval while maintaining the required protection level is addressed. A framework is presented that provides confidential data storage in WSNs with minimal impact on sensor node operation and performance. This framework is further advanced by combining it with secure communication in WSNs. With this framework, data is stored securely on the flash file system such that it can be directly used for secure transmission, which removes the duplication of security operations on the sensor node. (ii) Methods for node identification based on clock skew. Here, unique clock drift patterns of nodes, which are normally a problem for wireless network operation, are used for non-cryptographic node identification. Clock skew has been previously used for device identification, requiring timestamps to be distributed over the network, but this is impractical in duty-cycled WSNs. To overcome this problem, clock skew is measured locally on the node using precise local clocks. (iii) Methods for tamper detection and node identification based on Channel State Information (CSI). Characteristics of a wireless channel at the receiver are analysed using the CSI of incoming packets to identify the transmitter and to detect tampering on it. If an attacker tampers with the transmitter, it will have an effect on the CSI measured at the receiver. However, tamper-unrelated events, such as walking in the communication environment, also affect CSI values and cause false alarms. This thesis demonstrates that false alarms can be eliminated by analysing the CSI value of a transmitted packet at multiple receivers.