Monday, May 4, 2020
Security in Cellular Networks and Security in Wireless Sensor Networks
Question: Describe about the security in cellular networks and security in wireless sensor networks? Answer: Introduction Networks are evolving in its shape and functionalities very rapidly. Other than traditional networks, now we can see, different kinds of data communication networks around us. In our day-to-day life, we use numerous amounts of networks. Other than computers, we can use mobile and other types of cellular devices to access the Internet. Thus there are various techniques behind these facilities. Certainly a network of cellular devices, will not have the same component of a computer network, but the functionalities are quiet similar. These cellular networks also facilitates voice communication along with data transmission, internetworking. Thus the technologies are more complex. On the other hand, cellular networks are quiet new now in terms of data communications. Advancement in information and communication technologies are making these networks more robust and functional still there is a long way to go. Other than the technologies and functionalities, a big issue with any type of information sharing network is security. For cellular network, security of the data is essential. A common IT buzzword in recent days is Internet of Things. Other than computers, mobiles etc. there are number of smart devices now a days. Those devices share data across network and Internet. These devices are tiny sensors and the networks they are connected to are generally wireless networks. A wireless sensor network will have limited objective and functionalities, but they also take part in internetworking, data communication etc. Thus it also has security issues. (Vacca, 2013) In the rest of this report, I will be discussing the security in cellular networks and wireless sensor networks in details. The technologies used in both cases will be critically reviewed and several security aspects will be discussed. Technical Description Topic 1 Security in Cellular networks Cellular communication has become an important part of the communication networks around the world. Other than using voice-based communication through cellular phones, now Internet can be accessed through cellular networks. Activities like monetary transactions, sending important communication messages etc. are now very common. Day by day new services are being added over cellular networks. Cellular networks are solely dependent on wireless communication media and networks. There are many advantages of cellular networks. But there are certain disadvantages and security issues too. Limitation of wireless communication media has imposed several difficulties on the implementation of security principles like confidentiality, integrity and authentication to the cellular networks. (Mishra, 2008) Generation and Technologies behind Cellular Networks Cellular networks are working since 1980s. There are a number of generations of cellular networks. Each generation has its own technologies, benefits and challenges. The generations so far are, 1G, 2G, 3G and 4G. 4G cellular networks are rolling out but currently; the mostly used cellular network is the use of 3G networks. During the 1980s, 1G networks were used. It has a maximum of 9.6 Mbps speed. It was known as Advanced Mobile Phone System or AMPS in US and Nordic Mobile Telephony or NMT in European countries. The data used to be transmitted in a continuous waveform through analog modulation technologies. 1G cellular networks had security issues like lack of encryption, misuse of frequency spectrum etc. Then 2G cellular networks came into the picture and still these networks are in use in various parts of the world. These networks are also called Personal Communication Services or PCS. In 2G, digital modulation had been introduced. It overcomes various limitations of 1G. Technologies like Code Division Multiple Access or CDMA, Time Division Multiple Access TDMA, digital AMPS, Global system for Mobile Communication or GSM communication, Personal Digital Cellular or PDC etc. are used in 2G, in different countries. 1G communication networks were improved into 2G cellular networks. But the improvements were mainly in case of voice communication. Data transmission was still poor. An improvement of 2G, called 2.5G helped in better data communication over 2G networks. It bridged the gap between 2G and 3G networks. Technologies like EVDO, High Speed circuit switched data or HSCSD, enhanced GPRS, and EDGE etc. are examples of 2.5G cellular networks. (Halonen, et al., 2004) Then it was 3G networks. It provides faster Internet surfing than previous generations, supports video telephony. The main technologies used in 3G cellular networks are, CDMA 2000, Wideband CDMA or WCDMA, Time Division Synchronous Code Division Multiple Access or TD-SCDMA. Before fully deployment of 3G cellular networks, 4G cellular networks have started to be introduced in various parts of the world. 4G cellular networks will provide faster data transmission than 3G. It is expected that it will support near about 20 Mbps data rates. 4G supports wide array of next generation Internet technologies like Mo-IP, IPv6 etc. It will be cheaper yet more powerful. It is capable of supporting communication among mobile vehicles up to 250km/hour speed. (Pierre, 2010) Technologies in 2G and 2.5G The most widely accepted cellular technology is 2G and its later version of 2.5G. Short Messaging Service or SMS is a service in cellular networks than transfers text based messages between two cell phones. Larger messages are broken down into pieces before transmitting. Some other technologies in 2G and 2.5G networks are, High-Speed Circuit-Switched Data or HSCSD It provides faster data transmission than GSM. The speed can go up to 115 Kbps. But, it cannot carry larger bursts of data. And, that is why; GPRS is more popular than HSCSD. General Packet Radio Service or GPRS GPRS provides data transmission for larger bursts of data. This is facilitated by addition of two components in the cellular networks. Those are Service GPRS support Node or SGSN and Gateway GPRS support Node or GGSN. SCGN helps in implementing security in the access control and mobility. On the other hand GGSN supports connection to external packet switched networks. (Heine Sagkob, 2003) Enhanced Data Rates for GSM Evolution or EDGE This is a standard used in GSM technology. It is based on GMSK modulation techniques and uses 8PSK modulation. The data rate can go up to 384 kbps. (Seurre, et al., 2003) Cellular Digital Packet Data or CDPD This is a data service based on transmission of data packets. It is also able to detect some idle voice channel and further use of those channels for traffic management without harming voice communication. There are different variations of this technology in different countries. For example CDMA is used in USA for primary 2G networks, CDMAOne or IS-95a is the primary CDPD technique. It was capable of serve number of users than GSM and TDMA. The speed can go from 14.4 kbps to 115.2 kbps with CDMATwo extension. In 2.5G cellular networks, there are two techniques of CDMA. Those are 1xEVDV and 1xEVDO. The former one is used for data and voice transmission based on one radio frequency channels. The other one is used for same purpose but through separate channels. (Arokiamary, 2009) Technologies in 3G cellular networks 3G are focused on mobile networking based on worldwide standard and through a common frequency band. A new mobile network infrastructure called International mobile telecommunications 2000 or IMT 2000 was developed for supporting 3G cellular networks worldwide. 3G can support data transmission rate up to 2Mbps in 2 GHz frequency range. The main objectives of 3G cellular networks were set as, Supporting a wide range of services for voice and data communication without limitations of the geographic location. Supporting coverage of the network over a wide area and accommodating different kind of mobile stations. Supporting and expanding the services beyond constraints like inefficient spectrum, radio transmission, system economics etc. Supporting best QoS. Supporting an open architecture for easy deployment of different types of application. Supporting a modular architecture so that the size and complexity of the systems becomes manageable. 3G technologies are based on UMTS. UTMS provides Radio Access Network or RAN and the core network or CN. A RAN can have GSM, GPRS systems with connection to packet switched CNs even circuit switched CNs. To transit into a 3G network, it needs to connect to UTRAN systems. A UTRAN system has several sub systems. Each of these sub systems will have a Radio Network Controller or RNC. These are connected to a number of Base Transceiver Stations or BTN. UTMS provides the basic security implementation in 3G networks. (Hu Qian, 2013) Security in Cellular networks There are different kinds of security issues and attacks in cellular networks. These issues are closely related to the architecture and technologies of different cellular networks. With the advancements of cellular networks through different generations, these issues and attacks have become more common that there are difficulties in conforming to the basic security principles of confidentiality, integrity and availability. The security issues in cellular networks are, Confidentiality As the scope and application of cellular phones and networks in sensitive data transmissions are rising up, the confidentiality of all the information is becoming a serious issue. Integrity Integrity of the data and voice communication through the cellular networks is an essential part. It ensures that data has been transmitted properly from the sender to the receiver and no data is lost or modified whilst transmission. Authentication There is huge number of subscribers in cellular networks. It needs authentication to ensure that each of these subscribers are legitimate. 3G networks allow communication from people to different parts of the world. There may be problems related to cross-regions and cross service providers. Authentication may become an issue in cellular networks. A good authentication method will help to overcome these issues. Other security concerns are related to proper access control, web services and operating systems used in the cellular devices etc. some of the security issues are, Access control Access control to the data in the cellular devices may become an issue if there is any restricted data sharing among devices and across the networks. Web services Web services in cellular devices makes the devices and data exposes the devices and data to risks related to HTTP protocols. For example, issues like denial of services or DoS, buffer overflow, viruses etc. Operating system Cellular devices are small devices. There are different kinds of operating systems on different platforms, vendors etc. compatibility among these heterogeneous operating systems is an issue and may open up several security loopholes or vulnerabilities. Location detection Due to the privacy protection issues of the user, the actual location of a cellular device needs to be hidden. But, as the cellular networks are moving towards IP based networks, there are common issues that link to access point location etc. and this is leading towards the compromise of privacy, location, detection and sharing. Content Download Cellular networks let the user download different type of content from different sources just like traditional computer networks and Internet. Whilst downloading, adware may affect the user, and that may become a security issue. While the content is downloading, another issue is digital rights management. Users may download copyrighted content such as music, images, video etc. and there may be violation of the digital rights. Malware and virus Malware and viruses have become a daunting issue in case of cellular networks and cellular devices also. Liberty is the first virus that affected cellular networks and this was a part of a large occurrence of denial of service or DoS. Security of cellular devices The physical security of a cellular device is also a security issue. As these devices contains data, so there may be unauthorized access to those data and breach of security. Different types of attacks Different types of security attacks also affect cellular networks. The infrastructure is open to different types of attacks. They are as follows; Denial of Services or DoS and Distributed DoS or DDoS. Jamming of channels Eavesdropping Unauthorized access Forgery of message Man in the middle Message replay Session hijacking Etc. Counter measures There are several counter measures of the security attacks in cellular networks. Some of those are, In case of 3G cellular networks, UTMS is common and good security architecture. It has been developed based on the security measurements in 2G networks. Thus the robustness of the 2G networks are retained. Further the security implementations are extended. (Kaaranen, 2005) Wireless application protocol or WAP. Interlayer security in 4G networks. Use of cryptographic algorithms in data communication. Use of firewalls and antivirus. Use of advanced OS like Android etc. that have in built security infrastructure. Critical Review Cellular networks are widely used for long time. There are lots of technology and security measurements available for cellular networks. Wireless communication channels have some inherent security issues. Those are more prone to various information security attacks. But in case of cellular networks, security seems to be an important consideration and there are several counter measurs available to different types of cellular networks. Technical Description Topic 2 Security in Wireless Sensor Networks A wireless sensor network is a wireless communication network of tiny actuators and sensors. Wireless sensor networks have some specific purpose and usually those are used for monitoring different attributes of the environment. The micro sensors are low power and low computing resource devices. In a remote wireless sensor network, huge numbers of sensors are deployed densely. These sensors nodes are used to perform signal processing, routing and data communication. These are self-configurable in nature, scalable and have longer lives. In spite of several advantages and applications of WSN, there are significant security concerns. (Liu Ning, 2007) Architecture of a Wireless Sensor Network A WSN has different constituting components. Those are, a. Sensor nodes These sensor nodes are called sometimes as motes. A node can perform specific monitoring activities or routing activities. Thus a router in a WSN will have additional routing functionalities. Nodes do not interfere with one another. b. Gateway A gateway supports communication between nodes and external network like Internet. c. Network manager A network manager configures the network, schedules the communication process, manages and monitors the routing process, routing table etc. d. Security manager It manages the generation of data, storage and management of the same securely. (Sohraby, et al., 2007) Security analysis of a WSN The nodes in a WSN are simple enough and that makes the WSN simpler and popular. But this simplicity makes these networks more vulnerable from the security view point. WSNs suffers from different kinds of security attacks. For example, eavesdropping, injection of bits, packet replay etc. To make a WSN secure, it needs successful implementation of all security principles like confidentiality, integrity and availability along with other kind of security mechanisms and techniques. (Lpez Zhou, 2008) Attackers can easily mock a legitimate sensor code, damage any node. All these are easy with the sensor nodes as there is very little scope to secure these nodes. Those are low power consuming and limited computing resource devices. Thus implementation of some security measurements on those devices is really challenging. Some of the important and common categories of security attacks on WSNs are, Denial of Service or DoS There are several attacking techniques to attack a WSN. In a DoS attack the WSN network is made unavailable to the legitimate users. Or the capacity of the network is reduced deliberately so that the network fails to perform its activities. Different techniques of DoD attacks are, Jamming in physical layer. This is done by sending an interfering radio signal to the radio frequencies of the WSN. Basically, it is a process of interrupting the WSN by sending some interfering signal. Tampering in physical layer by causing damage of nodes. For example, reverse engineering can be used for this purpose. Collisions, exhaustion, unfairness etc. in data link layer. Homing, spoofing, flooding, black holes etc. in networking layer. De-synchronization, flooding etc. in transport layer. Interrogation attack in data link layer. Sybil Sybil is malicious device illegitimately taking on multiple identities type of attacks in WSNs. A single node can have multiple presence in a WSN as a result of this attack. Thus, it will reduce the effectively and fault tolerance of the network. The routing protocols are ale affected by this attack. Sybil attack can happen in physical layer, data link layer and network layer. In data link layer, the technique is data aggregation and voting. Wormhole In this kind of attack, an adversary sits near the base station and creates a wormhole in the network. Under this attack, the messages from the adversary are tunneled to one part of the network through some low latency link, then those are replayed in other parts of the network. A compromised node can play the role of the adversary. This attack happens in network layer. This is basically a routing based attack to disrupt the whole network. Black hole Black hole or sink hole attacks are carried out by compromising a node that is more attractive to its neighbor nodes in terms of some routing algorithm implemented in that WSN. This kind of attacks can be a part of another attack like selective forwarding. This type of attacks happen in network layer. Routing Information Manipulation Attacks of this type happens due to manipulation of routing information of the network. Selective Forwarding This kind of attack happens in network layer. Malicious nodes work like black holes. Messages are dropped by those nodes. Or the adversary can use these nodes to forward selective messages to the network. Flooding with Hello Packets Hello packets are forwarded by different protocols in a WSN. This is for knowing which nodes are within the range of data transmission. There may be some laptop class attack that may broad case information with more transmission power and convince some other node that the node is within the range. As a result it may take part in data transmission of the victim network. This happens in network layer. Spoofing Spoofing of the acknowledgement messages is very common in a WSN. This special kind of spoofing is called acknowledgement spoofing. There are various other types of attacks. Some of those are, cloning, impersonation, eavesdropping, traffic analysis, mote class, laptop class invasive and non-invasive etc. Counter measures Several countermeasures have been taken to secure WSNs from these wide ranges of security attacks. But the inherent architecture and constraints of a WSN makes those more prone to attacks. Still there are counter measures to combat with these attacks. Some of those counter measures are, a. Link layer security for outsider attacks Simple encryptions and authentication at link layer can save from major outsider attacks. This is done by a globally shared encryption public key. Attacks like wormholes, flooding by hello packets etc. can be prevented in this way. Even if an advisory is stopped from joining to a network, he/she cannot stop from being attacking the network through wormholes kind of attacks. Other link layer security mechanisms like described above cannot save a WSN from insider attacks like black holes, selective packet forwarding etc. b. Countermeasures for Sybil attacks Insider attacks are originated from within the network. Sharing of a global key can help the insider attacker to masquerade any node. There should be verification of the entities. Public key cryptography can help in this case however, generation and verification of digital signatures is not possible by the sensor nodes. A possible solution is to use unique symmetric key by each node, acquired from some trusted base station. Protocols like Needham-Schroeder can be used for verification the identities. To prevent insider attacks from a stationery network is possible by enforcing limitations on some compromised node. c. Countermeasures for help packet flooding Verification of a bi-directional sink can be useful to prevent attacks from hello packet flooding. d. Countermeasure for wormhole and black home attacks These kind of attacks are difficult to deal with. When these two types of attacks are combined in some network, then it becomes more difficult. Wormholes use some out of band and private channel for attack. This is generally invisible to the rest of the part of the WSN. On the other hand black holes or sinkholes are difficult because in this cases, the adversary use remaining energy of the nodes. The routing topology is used and the verification is harder. Routes having minimum hop count to a base station, can be verified easily. But in case of a wormhole attack, the hop count may be completely misinterpreting. Sinkholes can be easily created as there is no defender to verify the identity. A detection technique for wormholes can be very time consuming and requires high synchronization. Thus is not usable in sensor networks. (Patil Szygenda, 2013) Other types of countermeasures can be, Use of probabilistic selection and leveraging of global knowledge. This is difficult to implement due to the self-organizing nature of the nodes. There may be authenticated flooding and broadcasting. Critical Review Wireless sensor networks are an emerging field. These are being used for various types of networks and applications. In most of the cases those are used for monitoring purpose. Sensor networks are also a type of wireless networks but there are inherent differences between sensor networks when compared to IP networks. Thus, there are several other specific issues related to sensor networks. There is no issues with performance of the sensor networks. But as already described, security is a serious issue with sensor networks and there is some relation of security to performance. Rather there is a trade of between these two. Conclusion In this paper, two topics in network security has been discussed in details. The topics are security in cellular networks and security in wireless sensor networks. Both of these networks are different than traditional computer networks, quite new in operation. Both of these are becoming stronger with researches and application. However, security is a common issue for both of these. Types of security attacks and counter measures are different in both of the cases. In this paper those security aspects and counter measures are discussed in details. References Arokiamary, V. J., 2009. Mobile Communications. s.l.:Technical Publications. Chandrasekhar, V. Andrews, J. G., 2009. Spectrum allocation in tiered cellular networks. IEEE Transactions on Communications, 57(10), pp. 3059-3068. Halonen, T., Romero, J. Melero, J., 2004. GSM, GPRS and EDGE Performance. s.l.:John Wiley Sons. Heine, G. Sagkob, H., 2003. GPRS. s.l.:Artech House. Hu, R. Q. Qian, Y., 2013. Heterogeneous Cellular Networks. s.l.:John Wiley Sons. Kaaranen, H., 2005. UMTS Networks. s.l.:John Wiley Sons. Liu, D. Ning, P., 2007. Security for Wireless Sensor Networks. s.l.:Springer Science Business Media. Lpez, J. Zhou, J., 2008. Wireless Sensor Network Security. s.l.:IOS Press. Mishra, A., 2008. Security and Quality of Service in Ad Hoc Wireless Networks. s.l.:Cambridge University Press. Nichols, R. K. Lekkas, P. C., 2002. Wireless security. New York: McGraw-Hill. Patil, H. K. Szygenda, S. A., 2013. Security for Wireless Sensor Networks using Identity-Based Cryptography. s.l.:CRC Press. Pierre, S., 2010. Next Generation Mobile Networks and Ubiquitous Computing. s.l.:Idea Group Inc. Seurre, E., Savelli, P. Pietri, P.-J., 2003. EDGE for Mobile Internet. s.l.:Artech House. Sohraby, K., Minoli, D. Znati, T., 2007. Wireless Sensor Networks. s.l.:John Wiley Sons. Vacca, J. R., 2013. Network and System Security. s.l.:Elsevier.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.