Information Technology Reference
Peer-to-peer synchronization - Clocks are only kept synchronized between
neighboring sensor nodes. The rationale for this is that communication between
neighboring nodes involves only those nodes themselves (as opposed to a number
of intermediate nodes which route sync messages in central synchronization).
For more information on time synchronization in sensor networks, an interested
reader is kindly asked to consult [ 8 ].
Sensor networks typically consist of a very large number of nodes, so supervision
of each and every node is practically impossible. As a result, sensor networks are
highly susceptible to logical and physical attacks and communication interception.
For instance, a node could be seized, reprogrammed, and returned to the network;
or using reverse engineering, nodes could be built with an ability to “trick” the network
into treating them as authentic. Various forms of sensor network abuse are possible:
from eavesdropping on sensitive information, imputing falsified readings, to Distrib
uted Denial of Service (DDoS) attacks.
Since it is unfeasible to protect every single node, other approaches are used [ 9 ]:
Node-to-node authentication (nodes have to prove their identity to each other)
Node revocation: when an intruding node is discovered, it is forbidden to access
the network any further
Resilient protocols in the network - designed to continue working properly even
with a number of compromised nodes
As in traditional networks, privacy of sensed data is maintained by encryption.
However, the conventional approach - the use of very large keys - is unsuitable for
sensor networks, because of limited memory capacity. Instead, two commonly used
approaches are hop-to-hop encryption and multipath routing .
In hop-to-hop encryption, a message is encrypted using different short keys in
each node along the path from source to destination. One drawback of such a scheme
is that the takeover of any of the nodes on the path, while not exposing the contents
of the message, prevents any further communication along the path, as the chain of
encryption will be broken.
In multipath routing, messages are broken into several “chunks” before sending.
These chunks move along different routes and are not reassembled until they reach
the destination. In this way, message can be intercepted only if at least one node on
each path is compromised.
The final threat to the security in sensor networks are DDoS (Distributed Denial
of Service) attacks. Through these attacks, attackers can deliberately drain the bat-
teries of sensor nodes. Protection against these attacks can be physical and logical.
Physical means of protection is primarily spread spectrum communication (direct
sequence or frequency hopping); logical means are constant checking of incoming
messages for authencity and discarding messages with invalid authencity information.