International Journal for Research in Applied Science & Engineering Technology (IJRASET)

ISSN: 2321-9653; IC Value: 45.98; SJ Impact Factor:6.887

Volume 5 Issue VIII, August 2017- Available at www.ijraset.com

A Survey on Security Techniques of Wireless

Sensor Networking
Neetu
Post-Graduation Student, Department of Computer Engineering, Punjabi University, Patiala, Punjab, India

Abstract: The wireless sensor networks (WSN) are the network made of various types of sensors for the purpose of various
specific applications. The WSNs are deployed in the various environment, healthcare, pollution-monitoring, traffic-monitoring,
etc purposes. The WSN suffers from various security concerns, which involves the denial of service (DoS), replication attack,
man-in-the-middle attack, selective jamming attacks, etc. The protection of WSN depends upon various factors, which involves
the robustness of the security scheme, which suffers in the various functionalities due to limitation of computational capacity.
An idle security model involves the end to end authentication, data encryption, etc, which must be incorporated to ensure the
prospective security of the sensor network. This paper consists of WSN security issues, security solutions and other related
techniques are discussed in detail. In this work includes the comparison of various techniques. So it has been analyzed that Role-
based access control is better in terms of security than Discretionary access control and Mandatory access control.
Keywords: WSN, Security, Authentication, Security mechanism, Discretionary access control, Mandatory access control, Role-
based access control.

I. INTRODUCTION
Remote Sensor Networks (WSNs) comprise of thousands of small hubs having the ability of detecting, calculation, and remote
correspondences. Many directing, control administration, and information spread conventions have been particularly intended for
WSNs where vitality utilization is a fundamental outline issues. Since remote sensor organize conventions are application particular,
so the concentration has been given to the steering conventions that may vary contingent upon the application and system design.
The investigation of different directing conventions for sensor systems displays a grouping for the different methodologies sought
after. The three principle classes investigated are information driven, various leveled and area based. Each of the directing plans and
calculations has the normal target of attempting to improve throughput and to broaden the lifetime of the sensor organize. To start
with directing calculations for remote sensor systems took after the customary approach of topology based steering. Deadlocks can't
forward the bundles they create or get. These parcels will never achieve their goal and will inevitably be disposed of. There are
multiple geographic (location-oriented) routing mechanisms for the purpose of wireless network security, which is enabled with the
access control protocol:

A. The access control models helps to avoid the connectivity holes, which verifies the security of routing protocol.
B. An efficient routing model must offer resilience to variety of connectivity or localization errors.
C. Also, the routing mechanism must be efficient for the purpose of data forwarding (channel relay) mechanism.

The principle objective is to give stack adjusting among the hubs and to defeat the parcel misfortune and deadlock. Along these
lines, ALBA component performs stack adjusting in view of part of bundles, key era and mark on information. The part of parcels
depends on number of data sources. The typical topology of remote sensor systems includes having many system hubs scattered all
through a particular physical region. There is typically no particular engineering or chain of command set up and along these lines,
the remote sensor systems are thought to be specially appointed systems. An impromptu remote sensor system may work in an
independent form, or it might be associated with different systems, for example, the bigger Internet through a base station. Base
stations are generally more unpredictable than more system hubs and ordinarily have a boundless power supply. With respect to
constrained power supply of remote sensor hubs, spatial reuse of remote data transfer capacity, and the idea of radio correspondence
cost which is a component of the separation transmitted squared, it is perfect to send data in a few littler jumps as opposed to one
transmission over a long correspondence remove.

©IJRASET (UGC Approved Journal): All Rights are Reserved 1814

 International Journal for Research in Applied Science & Engineering Technology (IJRASET)
ISSN: 2321-9653; IC Value: 45.98; SJ Impact Factor:6.887
Volume 5 Issue VIII, August 2017- Available at www.ijraset.com

Figure 1.2: A standard clustering algorithm example

The latest advancements in the routing models are contained in the various domains related to the information propagation among
the wireless cluster. The efficiency of the routing mechanism is based upon the variety of factors altogether, where the routing
targets are evolved or analyzed for the construction or selection of the routing paths among the given network segment. The
maximum usefulness of the routing mechanism must based upon the handling of multiple aspects, which includes the link quality,
security perspective, link failures, network density, available bandwidth, node energy, etc. The reasons of link failure and security
perspectives of the security models require the layered approach to resolve the issues related to the path failure, connectivity hole,
blackhole, etc on the network, which can be the major reasons behind the data drop in the wireless network. Various network attacks
on the resource availability, like DDoS, DoS, SJ (selective jamming), are the major causes behind the jamming of the networks.
These network attacks are required to be analyzed by the network input data rate analysis, pattern analysis, etc for the incorporation
of the wireless network security.

II. BRIEF LITERATURE SURVEY

Different information directing plans processing most brief course to goal hub for information bundle circulation have been
checked on in the writing. Daniel Zappala proposed a recipient situated interchange way convention which is a nearby inquiry
heuristic that enables collectors to discover substitute ways utilizing just fractional system data. This convention is particularly
intended with the end goal of load adjusting. Albeit some examination has been completed for secure convention outline too.
Single-goal most limited Some of them incorporates Dijkstra's calculation [5] which explains the single-combine, single-source,
and way issues. Vast number of calculations for elective course calculation has been composed till now however their primary
target did not rotate around secure transmission. A significant part of the examination work completed in the writing has
concentrated on stack adjusting or powerful usage of exceptionally asset compelled sensor hubs. Marta M.B. Pascoal, M. Eugenia
V. Captivo and Joao C.N. Climaco [8] introduced a calculation for positioning loopless ways in undirected systems. Villeneuve and
G. Desaulniers [9] outlined a calculation for most brief way issue alongside taboo ways. It includes utilization of two calculations in
particular most limited way issue and catchphrase coordinating calculation to process the coveted way. Bellman-Ford calculation [6]
which takes care of the single source issue where edge weights are given negative esteems, Floyd-Warshall calculation [7] which
explains all sets briefest ways and so on. Yet, secure information transmission is not the principle objective for every one of them.
As the busybody takes after ravenous approach, for example, Dijkstra's calculation for taking the private data, let us put some light
on Dijkstra's calculation.
The answer for most limited way calculation issue was given by Dijkstra's calculation which is a diagram look calculation that
explains the single-source briefest way issue for a chart having positive edge weights, delivering a briefest way tree. This calculation
is generally utilized by different sensor hubs with the end goal of directing information bundles over remote sensor systems. For a
given source vertex (hub) in the diagram, the calculation finds the way with most minimal cost (i.e. the most brief way) between that
vertex and each other vertex as appeared in Fig.1.2 It can likewise be utilized for discovering expenses of briefest ways from a
solitary vertex to a solitary goal vertex by halting the calculation once the briefest way to the goal vertex has been resolved. Huge
number of calculations for elective course calculation has been composed till now yet their principle objective did not spin around
secure transmission. A significant part of the examination work completed in the writing has concentrated on stack adjusting or
successful use of very asset compelled sensor hubs.

III. SECURITY MECHANISMS

There are several components required to establish the security framework over the wireless networks, which involves the
authentication, encryption, privacy protection, end-to-end link identity preservation, etc. There are several kinds of applications,
which include the monitoring of the temperature, humidity, pollution, wind, rainfall, activity and several other kinds of data. There
are several kinds of information security models, which has been implemented under the security models such as SPINS, MiniSec

©IJRASET (UGC Approved Journal): All Rights are Reserved 1815

 International Journal for Research in Applied Science & Engineering Technology (IJRASET)
ISSN: 2321-9653; IC Value: 45.98; SJ Impact Factor:6.887
Volume 5 Issue VIII, August 2017- Available at www.ijraset.com

and TinySec. There are three major factors behind the security of the information and data security, which involves the integrity,
confidentiality and authentication. The security protocols for sensor networks (SPINS) are the schemes for security models, which
includes all required security implications for the implementation of security among the wireless network. Cyclic block cipher
(CBC) models are used to secure the data during the transmissions among the network links. The CBC models are used in the
layered or repetitive architecture to conceal the information in the secure blocks by using the security keys, which secures the data
during the transmissions once they are acquired by the means of sniffing, masquerading or man-in-the-middle (MITM) attacks.
The wireless network of sensors is usually designed for the incorporation of the standalone security atmosphere. The in-depth
testing of the security methods among the networks along with the routing schemes, clustering methods, etc is very important in
order to build the foolproof security models. The wireless networks suffer from the limited battery or energy, which limits the
lifetime of the sensor nodes. The authentication and cryptographic algorithm are the major sources of energy consumption other
than the authentication models, hence there are several types of security models, which require the multi-directional data for the
incorporation of the security models. The access control models are build to verify the integrity of the nodes up to various levels in
order to offer the layered or conditional access of the network. The following sections define the various access control models,
which are popularly used among the wireless networks:

A. Discretionary Access Control (DAC)

The DAC model for access control is considered as the controlled measure to control the access the network resources, where the
access requesting nodes are within or outside of the network segment. For the purpose of access control under DAC, the limited
access is provided to the selected set of users, specific user types or essential property holding users in order to avoid the network
breaches. DAC strategy has a tendency to be extremely adaptable and is generally utilized as a part of the business and government
areas. Be that as it may, DAC is known to be innately feeble for two reasons. In the first place, assigning the access of some media
to the user is to provide the user authority to acquire the data stored in the file or object. For example, if the access to the media or
data owned by Bob is provided with the access to Ann, there will no authority of Bob afterwards to prevent the Ann from using the
data in different ways, such as row duplication, data acquisition, etc. Hence, it has been found that DAC is not capable of analyzing
the user’s behavior after assigning the access to the specific user. Also, the DAC mode is learnt to lack against the malicious codes,
such as Trojan horses, which are transferred as the files or zipped data. The following points can explain the major drawbacks in the
DAC model:
1) The information can be duplicated after acquiring the access to the specific data, which does not analyze the user’s behavior.
2) No extra layer of security has been applied under DAC for the authority or usage of the target information.
3) The benefits of acquiring the data files from the data source, once the affiliation of the file is provided to the user after the
access estimation mechanism.
Get to Control Lists (ACLs) and proprietor/gathering/different get to control components are by a long shot the most widely
recognized system for actualizing DAC strategies. Different systems, despite the fact that not composed because of DAC, may have
the capacities to execute a DAC approach.

B. Mandatory Access Control

The MAC models are usually designed to apply the essential access control verification for all of the requesting nodes on the given
wireless network. The MAC model does not keep any exceptions to grant access to the network resources or services and applies the
similar level of security with required information verification on all of the wireless network nodes. First implementations of the
MAC models are proposed by Bell and LaPadula, which were designed to focus upon the application of the mandatory verification,
whereas Sandhu is known to further improve the MAC model known as BLP. Sandhu’s BLP model is primarily designed by
implementing the encapsulation layer over the Bell-LaPadula model. All of the MAC models focus upon granting the access on the
basis of subjective information.
The very sensitive information clusters are usually designed to implement the MAC model, because there are no exceptions
considered to grant the access to some of the users. The security labels are applied over all of the nodes after the verification of the
required information for the purpose of authentication, which is usually verified using the confidential information such as login
credentials, layered authentication keys, pre-shared keys, node ID, connection ID, etc. The following are some of the points
mentioned for the implementation of the MAC models:
1) The “simple security property”, which is also known as “no read up”, states that a subject can only read an object if λ(o) ≤ λ(s).

©IJRASET (UGC Approved Journal): All Rights are Reserved 1816

 International Journal for Research in Applied Science & Engineering Technology (IJRASET)
ISSN: 2321-9653; IC Value: 45.98; SJ Impact Factor:6.887
Volume 5 Issue VIII, August 2017- Available at www.ijraset.com

2) The “*-property”, or “no write down” property, allows a subject to write an object only if λ(s) ≤ λ(o). This property addresses
information leakage by malicious programs. It does not allow programs to write information to objects that can be read by
subjects with a less privileged security clearance. A variation on this property called the “strict *-property” requires that
information can be written at, but not above, the subject’s clearance level, formally λ(s) = λ(o).
There is another popular MAC model other than BLP, known as Biba model, which uses the integral information to consider the
authenticity of the users or nodes before assigning the required access to the network resources or services.

C. Role-Based Access Control

On account of the unbending idea of MAC, where clients had next to zero control over the get to control approach, and the issues
related with arrangement changes in DAC, early get to control models couldn't meet useful prerequisites of business associations. It
was additionally understood that in vast associations information is not possessed by singular clients, but rather by the association
itself, in this way access to information ought to think of one as' position in the hierarchical progression. This motivated further
work, an aftereffect of which was Role-Based Access Control (RBAC). In spite of the fact that RBAC is in fact a type of non-
optional get to control, late PC security messages regularly list RBAC as one of the three essential get to control approaches (the
others are DAC and MAC). Early work on part based get to control backpedals to 1988, when Lochovsky and Woo characterized
parts and sorted out them into a chain of command [LW88]. Throughout the years, numerous specialists have proposed models for
RBAC. While the distinctions in these models are very huge, the center idea remains genuinely reliable between them. In RBAC,
get to choices depend on the parts that individual clients have as a feature of an association. Clients go up against alloted parts, (for
example, specialist, medical caretaker, teller, or chief). The use case of the different segments of the network can control the
flexibility and creation of the information upheld under the specific security cases and strategies and for streamlining the security
administration handle. A client sets up a session and enacts some subset of parts doled out to him/her. The authorizations accessible
to the client in a session are those allocated to all the dynamic parts in that session. Under RBAC, clients are conceded participation
into parts in light of their skills and duties in the association. At the point when a client is related with a part, the client can be given
no more benefit than is important to play out the employment; since a hefty portion of the duties cover between work classifications,
most extreme benefit for each occupation class could cause unapproved get to. This idea of slightest benefit requires recognizing the
client's occupation capacities, deciding the base arrangement of benefits required to play out those capacities, and confining the
client to an area with those benefits and nothing more.

Comparison Between Techniques

Schema Title Functions Security Hardening Remarks
Discretionary Applied over the 1. Applied over the selected users in 1. Must be applied over the
access control selected users or the networks. networks with highly dependable staff
connections 2. Hardens the security against the on premises.
requesting the connection originating from out of 2. Should include the
network for the network. hybridization with other access control
uniform access. 3. Local connections are accumulated mechanism in the case of multiple
on IP policies only. departments in the local network.
Mandatory Applied over all 1. Applied over all of the incoming 1. Evolution of the mandatory
access control of the users or connections in the network. access policies with physical and
connections 2. No access control redemption dynamic access information and access
requesting the policy for selected users. keys must add more strength to the
network for 3. Applied over the highly sensitive networks.
uniform access. networks like, military, space 2. Mandatory access control
agencies, intelligence agencies, etc. mechanisms require very high
computational power and
authentication time, hence unable to
apply over normal networks.

©IJRASET (UGC Approved Journal): All Rights are Reserved 1817

 International Journal for Research in Applied Science & Engineering Technology (IJRASET)
ISSN: 2321-9653; IC Value: 45.98; SJ Impact Factor:6.887
Volume 5 Issue VIII, August 2017- Available at www.ijraset.com

Role-based Applied over all 1. Applied over the organizational 1. Role based access control must be very
access control of the users or networks with multiple hierarchies flexible to handle the complex role
connections and versatile departments. combinations.
requesting the 2. Role based access is provided to the 2. Role based access control mechanism
network for different users, which ensures the are required to collect the pre-assigned
versatile access. access to different kinds of data database to map the users and their
varying from user to user according roles.
to the role.
3. Multiple roles can be applied to
some of the users in the special
cases.

D. Key Management in WSN

The assaults in WSNs are typically caused on account of the absence of security in the sensor hub bury interchanges. For example, a
programmer can without much of a stretch make an association with the uncertain remote sensor hubs to contaminate or stick the
entire sensor organizes. These sorts of assaults can be decreased or halted by utilization of legitimate key administration conspires in
the whole system to give secure correspondence as the productive key administration methods trade the safe cryptographic keys
between the hubs.

IV. CONCLUSION
In this work we analyses of various techniques in the existing algorithm to select the best security technique. We analyzed the three
mechanism Discretionary access control, Mandatory access control and Role-based Access control. Discretionary access Control is
applied over the selected users or connections requesting the network for uniform access, and Mandatory access control is applied
over the highly sensitive networks like, military, space agencies, intelligence agencies, etc., and Role-based access control multiple
roles control is applied over all of the users or connections requesting the network for versatile access. So It has been analyzed that
Role-based access control is better in terms of Security than Discretionary access control and Mandatory access control.

REFERENCES
[1] Bagajewicz, M. J., & Sanchez, M. C. (1999). Design and upgrade of nonredundant and redundant linear sensor networks. AIChE journal, 45(9), 1927-1938.
[2] Bojkovic, Z., & Bakmaz, B. (2008). A survey on wireless sensor networks deployment. WSEAS Transactions on Communications, 7(12), 1172-1181.
[3] Curiac, D. I., Banias, O., Dragan, F., Volosencu, C., & Dranga, O. (2007). Malicious Node Detection in Wireless Sensor Networks Using an Autoregression
Technique. ICNS, 7, 83-88
[4] Curiac, D. I., Volosencu, C., Doboli, A., Dranga, O., & Bednarz, T. (2007). Discovery of malicious nodes in wireless sensor networks using neural
predictors. WSEAS Transactions on Computers Research, 2, 38-43.
[5] DeMers, M. N. (2008). Fundamentals of geographic information systems. John Wiley & Sons.
[6] Petrioli, C., Nati, M., Casari, P., Zorzi, M., & Basagni, S. (2014). ALBA-R: load-balancing geographic routing around connectivity holes in wireless sensor
networks. Parallel and Distributed Systems, IEEE Transactions on, 25(3), 529-539.
[7] Shim, D. S., & Yang, C. K. (2012). U.S. Patent No. 8,122,333. Washington, DC: U.S. Patent and Trademark Office.
[8] Singh, M. P., & Gore, M. M. (2005, January). A solution to sensor network coverage problem. In Personal Wireless Communications, 2005. ICPWC 2005.
2005 IEEE International Conference on (pp. 77-80). IEEE.
[9] Zhang, F., Zhang, W., & Ling, Q. (2012). Non-cooperative game for capacity offload. Wireless Communications, IEEE Transactions on, 11(4), 1565-1575.
[10] Si, Weisheng, Albert Y. Zomaya, and Selvadurai Selvakennedy. "A geometric deployment and routing scheme for directional wireless mesh
networks." Computers, IEEE Transactions on 63, no. 6 (2014): 1323-1335.

©IJRASET (UGC Approved Journal): All Rights are Reserved 1818