1 / 25

Reliability of Wireless Sensors with Code Attestation for Intrusion Detection

Reliability of Wireless Sensors with Code Attestation for Intrusion Detection. Presented by: Yating Wang. Outline. Background Code attestation Problem definition Modeling Calculation Performance and Analysis Conclusion. Background. Security properties: authentication

artie
Download Presentation

Reliability of Wireless Sensors with Code Attestation for Intrusion Detection

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Reliability of Wireless Sensors with Code Attestation for Intrusion Detection Presented by: Yating Wang

  2. Outline • Background • Code attestation • Problem definition • Modeling • Calculation • Performance and Analysis • Conclusion

  3. Background • Security properties: authentication secrecy data integrity Security issues for Wireless Sensor Networks(WSN) Outsider attacks (key management) Insider attacks (Intrusion detection)

  4. Code Attestation • A software based method (verifier) • Assumption: original codes must be changed when sensors are compromised • Basic method: the trusted verifier evaluates the sensor compromised or not by comparing memory value (hash value) with its original value.

  5. Examples of Code Attestation • SWATT A sequence of memory address Verifier sensor Program memo checksum Judgement: responding a correct answer within a time boundary Cons: the time to generate challenge; and time out because of channel collision

  6. Examples of Code Attestation (cont’) Pre-deployed: Computing digest digital signiture Code attestation: Send ID Random hash function Program memo Verifier sensor Hashing value of codes Judgment: responding a correct hash value Cons: miss the intrusion not within a long service blockage

  7. Examples of Code Attestation (cont’) Pre-deployment: filling empty memory with random noise post-deployment: nodes sending distributes seeds to neighbors First scheme: Cluster Secret share1 Secret share2 neighbor1 Traversal Seed&noise seed checksum neighbor2 Node A

  8. Examples of Code Attestation (cont’) Pre-deployment: filling empty memory with random noise post-deployment: nodes sending distributes seeds to neighbors second scheme: neighbor3 neighbor1 C3 R3 C1 neighbor2 R1 R2 C2 Node A Judgment: Voting

  9. Problem Definition • Problem: the trade-off between energy consumption and code attestation; when should we trigger code attestation • Purpose: Maximizing reliability measured by Mean Time to Fail(MTTF) * Fail: either the sensor’s energy is depleted; or the sensor returns false reading

  10. Modeling System activities • Periodic sensing (plus transmitting) sensing interval – T; unit energy consumption – Es;

  11. Modeling (cont’) System activities • Periodic sensing (plus transmitting) T—sensing interval; Es – energy consumption; • Intrusion: intrusion rate – λ; if being successfully compromised after sensing, the probability : e^(- λT)

  12. Modeling (cont’) System activities • Periodic sensing (plus transmitting) T—sensing interval; Es – energy consumption; • Intrusion λ – intrusion rate; e^(-λT) – healthy when reading • Code attestation: Generating probability is q; energy consumption for code attestation is Ec;

  13. Modeling (cont’) System activities • Periodic sensing (plus transmitting) T—sensing interval; Es – energy consumption; • Intrusion λ – intrusion rate; e^(- λT) – probability of being compromised • Code attestation q -- generating probability; Ec– energy consumption: • Recovery: energy consumption – Er; generating rate depending on code attestation happening “q” and nodes being attested as unhealthy

  14. Calculation • Recovery probability case 1: compromised before sensing prob(x<T) = 1-e^(- λT) code attestation generated before sensing: prob(attestation happening) = q(1-e ^(- λT) ) the false node being recovered: prob1(recover) = q(1-e ^(- λT) )(1-Pfn)

  15. Calculation (cont’) • Case 2: uncompromised in a sensing round; prob(x>T) = e^(-λT) the code attestation still happened though prob(attestation happening) = q*e ^(-λT) recovery triggered prob2(recovery) = q*e ^(-λT)*Pfp So the probability of recovery happening during code attestation is: θ = (prob1 + prob2)/q

  16. Calculation (cont’) • Probability to return correct readings is prob(node is never compromised) + prob(node was compromised, but recovered) = prob(x>T) + prob1(recovery) = Rq

  17. Calculation (cont’) • Expected number of rounds before energy depleted (original energy is E) Nq = E(original)/(E(sensing)+E(attestation) + E(recovery)) = E/(Es+q*Ec+q* θ*Er) = E/(Es+q(Ec+ θEr)) • Expected life time – MTTF MTTF = false reading+ energy depleted = ∑i*Rq^i*(1-Rq) + Nq*Ra^Nq (0<i<Nq)

  18. Performance and Analysis MTTF = F(λ, T, q, E, Es, Ec, Er, Pfn, Pfp) MTTF = Gλ(q); MTTF = Gpfn(q); MTTF = Gpfp(q); MTTF = GEs(q); MTTF = GEc(q); MTTF = GEr(q)

  19. Performance and Analysis (cont’) -- MTTF = Gλ(q)

  20. Performance and Analysis (cont’) -- MTTF = Gpfn(q)

  21. Performance and Analysis (cont’) -- MTTF = Gpfp(q)

  22. Performance and Analysis (cont’) --MTTF_Es(q)

  23. Performance and Analysis (cont’) -- MTTF = GEc(q)

  24. Performance and Analysis (cont’) -- MTTF = GEr(q)

  25. Conclusion • Developing a probability model to analyze how often code attestation should be generated to maximize the lifetime; • Results showing that there is always an optimal q which can make sensor’s reliability maximized • Showing that code attestation should be generated more frequently when λ is high, Pfn(Pfp) is low, Ec is low, or Er is low compared with Es

More Related