Research On Security In Wireless Sensor Networks

In recent years, with the in-depth research of related technologies and the improvement in hardware, more and more wireless sensor networks have been put into application and they go deep into the military detection, the resource protection and other data-sensitive areas. The security of wireless sensor network is the important guarantee of the normal operation of the applications. It makes it feasible that the wireless sensor network eliminates the interference of the enemy, normally interacts with the users and provides the data for the decision. But it is a great challenge, because the nodes in the wireless sensor network are limited to their energy, memories, computing capability and own security. So, how to make the efficient security protocols according to the characteristic of wireless sensor network become current research focuses.Aiming at the inherent characteristics of wireless sensor network and the limitation of current work, this dissertation takes the security of data in wireless sensor network as the goal and studies some key technologies of the security of wireless sensor network comprehensively. The main contributions of this dissertation can be summarized in the following three aspects.Key Management ProtocolKey management protocols are the cores of all security protocols of wireless sensor network and the bases of all encryption and decryption protocols. Two key management protocols have been presented in this dissertation: the improved random key pre-distribution protocol based on deployment knowledge in wireless sensor network and the anti-capture dynamic key management protocol in wireless sensor network. They are respectively abbreviated IRKPP and SELF.By analyzing the known key management protocols, we find there is the cross-regional transitivity problem of key leak in these protocols. That is to say, the enemy can know the keys used by the node in one sub-region by capturing the nodes in the other sub-regions. The security vulnerability of the applications will come forth due to the problem. Aiming at the cross-regional transitivity problem of key leak, IRKPP improves the random key pre-distribution protocol based on deployment knowledge in wireless sensor network. This protocol requires that the key pools to the normal nodes in the different sub-regions are mutual independent and introduces isolation-belt nodes at the boundary of adjacent sub-regions which are in charge of secure data transmission between the adjacent sub-regions. So, IRKPP not only ensures the secure data transmission between different sub-regions, but also reduces the damage caused by the cross-regional transitivity problem of key leak. And when the scale of WSN increases, the number of the keys which a node must have is a constant. So IRKPP is suitable for the key pre-distribution in the large scale wireless sensor network.At present, key management protocols in wireless sensor network place more emphases on how to distribute key before node deployment and how to update key dynamically after discovering the malice nodes. These key management protocols don't combine the detection of malice nodes and dynamic key update. So, this dissertation presents a dynamic key management protocol-SELF. In SELF, the control nodes in wireless sensor network send a key update command every one given slot. When the normal node receives the key update command, they will update their keys and report update result to the control nodes in their own cluster. The control nodes regard the normal nodes which have not update their own keys in time as captive nodes, and send making-invalid broadcast in the cluster. As a result, SELF can prevent the enemy from pretending to be a legal node by making use of the keys of captured sensor nodes.Secure Broadcast Based on Linear Network CodingThe broadcast is the most important data release way. How to efficiently and securely broadcast the data from the sink to the receivers is another important problem that is studied in the dissertation. As a new data coding method, the linear network coding can improve the data throughput of the broadcast, decrease the energy consumption of the node and reduce the data delay. Because each node can code the received data before it sends it, the traditional methods such as digital signature can't resist these threats. SBLNC, a security broadcast based on linear network coding in WSN, is presented. Firstly, for preventing eavesdropping, SBLNC requires that the sink broadcast the data in the form of the ciphertext. Secondly, for preventing tampering, based on the thought that the monitor area is divided into some sub-regions and the security check is done in every sub-region independently, SBLNC introduces the coding nodes into every sub-region. The coding nodes take charge of checking and coding the data. Thirdly, SBLNC requires that if the data pass through a sub-region, they will be checked by at least one coding node in the sub-region before they leave the sub-region. Then the useless data can't take part in the network coding. So the impact of the useless data and the energy consumption of the nodes will be reduced.Secure Gathering of Stream DataGathering of stream data is the familiar data collection way. Compared with the scalar data, the amount of stream data is very high and the requirement of transmission delay is very strict. Obviously, the traditional methods that protect all data can't meet the requirement of the applications. For solving the problems, two efficient data protection protocols have been presented in this dissertation: EASY and SOAR.In EASY, the super nodes are introduced as the cluster head nodes and the routers. The cluster head nodes probabilistically check the data that are reported by the nodes in the cluster. If they find the false data, the cluster head nodes will exclude the malicious nodes. The routers will route the true data to the sink. EASY works in the stream data transfer mode and randomly detects the false data injection attacks. The sink will receive small percentage of false packages with rather low load. But it assumes that the cluster head nodes and the routers can't be captured. The assumption will increase the cost of the cluster head nodes and the routers. For eliminating the limits of EASY, we present SOAR. By randomly selecting the cluster head nodes and the routers periodically, SOAR can eliminate the limits of EASY and achieve the similar effect of EASY. But SOAR needs to select cluster head nodes and the routers periodically, its energy consumption is larger than EASY. In practice, user can choose between EASY and SOAR according to the actual requirement.In summary, this dissertation studies the key management, the secure broadcast and the collecting of stream data technologies. In these key technologies, key management is the foundation. Secure broadcast and stream data gathering target the two main forms of the data transmission between sink and nodes. To ensure the security of data, these technologies are organized systematically. This dissertation provides a secure protection mechanism for user to publish and gather data, ensures the normal operation of wireless sensor network and improves the research and application of secure technologies in wireless sensor network. In the future work, we will study the secure problem which wireless sensor network with mobile sensor nodes is faced with.