skip to main content
10.1145/1503370.1503374acmconferencesArticle/Chapter ViewAbstractPublication PagesaintecConference Proceedingsconference-collections
research-article

Security and privacy in unattended sensor networks

Published: 18 November 2008 Publication History

Abstract

In recent years, sensors and sensor networks have been extremely popular in the research community. One of the most exciting aspects of sensor networks research is the confluence of diverse areas, such as databases, networking, distributed systems and security. In particular, security issues in WSNs have received a lot of attention. Due to low cost of individual sensors and commensurately meager resources, security in sensor networks poses some unique and formidable challenges. A large body of research has been accumulated in recent years, dealing with various aspects of sensor security, such as: key management, data authentication, privacy, secure aggregation, secure routing as well as attack detection and mitigation.
One common assumption in prior WSN security research has been that data collection is performed in (or near) real time: a trusted entity --- usually called a sink --- is assumed to be always (or mostly) present. Data sensing can be event-driven (triggered by some changes in the sensing environment), on-demand (initiated by a query from the sink) or scheduled (prompted by a timer). No matter how sensing is activated, the presence of an on-line sink allows nodes to submit measurements soon after sensing. In this model, an adversary capable of compromising nodes and corrupting data has relatively little time to pursue its goals.
While many WSNs operate in this general setting, there are emerging WSN scenarios and applications that fall outside the real-time data collection model. We refer to such networks as "Unattended WSNs" or UWSNs. For example, WSNs deployed in military or law enforcement environments might not have the luxury of an ever-present sink: sensed data can be off-loaded only when the sink visits the network. Another example might be a WSN monitoring compliance with a nuclear non-proliferation treaty operating in a rogue country.
We further narrow our scope to UWSNs operating in hostile environments. Unattended sensors deployed in such environment represent an attractive and easy target for an adversary. The sensors' inability to off-load data in real time exposes them and their data to increased risk. Without external connectivity, sensors can be compromised with impunity and collected data can be read, altered or simply erased. Sensor compromise is a realistic threat, since a typical sensor is a mass-produced commodity device with no specialized secure hardware or tamper-resistant components. Prior security research typically assumed that some number of sensors can be compromised during the entire operation of the network and the main challenge is to detect such compromise. This is a reasonable assumption, since --- with a constantly present sink --- attacks can be detected and isolated. The sink can then immediately take appropriate actions to prevent compromise of any more sensors.
In contrast, in the UWSN setting, the adversary can compromise up to a certain number of sensors within a particular time interval. This interval can be much shorter than the time between successive sink visits. Given enough intervals, the adversary can subvert the entire network as it moves between sets of compromised nodes, gradually undermining security. The adversary's goals might include: reading, erasing or modifying data collected by unattended sensors.
In this talk, we discuss in detail a number of security challenges in unattended WSNS. In doing so, our main goal is to bring the problem to light and engender interest from the research community to investigate it further.
  1. Security and privacy in unattended sensor networks

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    AINTEC '08: Proceedings of the 4th Asian Conference on Internet Engineering
    November 2008
    144 pages
    ISBN:9781605581279
    DOI:10.1145/1503370
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 18 November 2008

    Permissions

    Request permissions for this article.

    Check for updates

    Qualifiers

    • Research-article

    Conference

    AINTEC 2008
    Sponsor:
    AINTEC 2008: Asian Internet Engineering Conference 2008
    November 18 - 20, 2008
    Bangkok, Pratunam, Thailand

    Acceptance Rates

    Overall Acceptance Rate 15 of 38 submissions, 39%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • 0
      Total Citations
    • 363
      Total Downloads
    • Downloads (Last 12 months)0
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 05 Mar 2025

    Other Metrics

    Citations

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media