1 / 41

Security in Wireless Sensor Networks (WSN)

Security in Wireless Sensor Networks (WSN). Ad Hoc Networks Mira Vrbaski mvrbaski@gmail.com. Agenda. Introduction Attacks and Treats in WSN Information and node authentication Holistic security approach and ISA Quiz – questions and answers. Agenda. Introduction

dalmar
Download Presentation

Security in Wireless Sensor Networks (WSN)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Security in Wireless Sensor Networks (WSN) Ad Hoc Networks Mira Vrbaski mvrbaski@gmail.com

  2. Agenda • Introduction • Attacks and Treats in WSN • Information and node authentication • Holistic security approach and ISA • Quiz – questions and answers

  3. Agenda • Introduction • Attacks and Threats in WSN • Information and node authentication • Holistic security approach and ISA • Quiz – questions and answers

  4. Why WSN security is important? WSN applications are: • deployed in military, national security... • mission-critical tasks • deployed in hostile environments • more difficult to secure than in wired communication networks, the Internet or MANETs (Wireless mobile ad hoc networks) due to the resource limitations of sensor nodes: • Nodes can be physically removed by an adversary very easily • Small storage • Limited computational power • monitoring actively their surroundings, and it is often easy to deduce information other than the data monitored • open to packet injection by an adversary

  5. Some examples of WSN – medical • Monitoring patients conditions • Tracking medical equipments • Tracking patients • Personal, confidential and sensitive data • Data and time accuracy and reliability

  6. Some examples of WSN - residential • For example: Perimeter defence

  7. Some examples of WSN - military • Battlefield sensor networks high security and real-time response to fast changing events

  8. Security vs. Performance Tradeoffs • security mechanisms directly impact system performance • strong need to develop a rigorous analytical framework for measuring the security-performance tradeoffs of arbitrary key distribution schemes • [2004] Security-Performance Tradeoffs of Inheritance based Key Predistribution for Wireless Sensor Networks –R. Kannan, L. Ray, A. Durresi and S. S. Iyengar performance security

  9. WSN architecture • Sensor motes (Field devices) – Field devices are mounted in the process and must me capable of routing packets on behalf of other devices. • Gateway – enables communication between the Host and field devices • Network Manager -configures the network, schedules, monitors and reports on the health of the network. • Security Manager – generates, stores and manages keys.

  10. Protocol stack • The physical layer – determines frequency selection, carrier frequency generation, signal detection, and signal processing and data encryption. • The data link layer - requiresmultiplexing of data streams, data frame detection, medium access flow control and error control. It ensures reliable point-to-point and point-to-multipoint connections in a communication network. • The network layer - specifies the assignment of addresses and how packets are forwarded – Routing. • The transport layer - helps to maintain the flow of data if the sensor networks application requires it.

  11. Agenda • Introduction • Attacks and Threats in WSN • Information and node authentication • Holistic security approach and ISA • Quiz – questions and answers

  12. Attacks and Threats in WSN • Each sensor network layer has specific attacks • Threats in Wireless Sensory Networks (WSN): • Battery draining • Network control loss • Data leakage and ambiguity

  13. Attacks in sensor network Some more common attacks: • Node capture • Sybil attack • Cloning attack • Wormhole • Key interception • Denial of Service - DoS • Replay

  14. Node Capture Attack in WSN • attacker picks out a node and runs any cryptanalysis on its material • leaks all secret materials, and/or • allows reconfiguration to serve attacker Leaks, serves attacker captured

  15. Sybil Attack in WSN • introduces multiple entities for a single node • does not gain hardware advantage • undermines protocols in the network (leader election, voting, etc) • aimed against trust and reputation systems

  16. Cloning Attack in WSN • inserts multiple physical nodes • provides hardware advantage • in hybrid approach, the malicious nodes gain their own identity • original node still functions -> attacker uses additional node with the same identity for own purposes

  17. Wormhole Attack in WSN • In the wormhole attack, an attacker records packets (or bits) at one location in the network, tunnels them (possibly selectively) to another location, and retransmits them into the network. • The wormhole attack can form a serious threat in wireless networks, especially against many ad hoc network routing protocols and location-based wireless security systems. • For example, most existing ad hoc network routing protocols, without some mechanism to defend against the wormhole attack, would be unable to find routes longer than one or two hops, severely disrupting communication.

  18. Wormhole Attack in WSN (example) For example, traffic between nodes like a and e can now take a one-hop path via the wormhole instead of a multi-hop path. If the wormhole is placed carefully by the attacker and is long enough, it is easy to see that this link can attract a lot of routes. • Demonstration of a wormhole attack: • X and Y denote the wormhole nodes connected through a long wormhole link. As a result of the attack, nodes connected through a long wormhole link. As a result of the attack, nodes in Area A consider nodes in Area B their neighbours and vice versa.

  19. Key interception Attack in WSN • the key is compromised by physical extraction from the captured node, or • by breach in protocol • the attacker can use a powerful equipment (for example laptop) • threat to the communication and fake nodes Captured node receiver Attacker modifies message sender receiver Attacker modifies message Powerful equipment

  20. Denial of Service (DoS) Attack in WSN • performs on protocols • overloading with unnecessary operations • an attacker possesses many cloned nodes can perform Distributed DoS-> • difficult to localize and lock out • WSN – battery drainage • ruined trust

  21. Replay Attack in WSN an attacker records messages at one instance of time and replays them later on or at different location possible for stateless protocols

  22. Agenda • Introduction • Attacks and Threats in WSN • Information and node authentication • Holistic security approach and ISA • Quiz – questions and answers

  23. Shared authentication of information and node • Shared authentication • where the originator of the information uses a secret to mark the data in a way that allows verification of data by any other owners of the secret • One common secret among all • leak from single party • Each communication pair owns unique secret • exponential growth in storage requirements S1 Originator S1, S2 Owner of the S1 S2 S Originator S Owner of the S Owner of the S2 S Owner of the S

  24. Chaining protocols • In node to node communication data can be substituted with other information • Can be alleviated with MAC – Message Authentication Code: • Form of fingertip that can be calculated by both communication parties. • Chaining protocols – set of chained data packages that are transmitted at different times. • The whole chain can be trusted if each element can be trusted. • Deferred disclosure – wait for key to understand the message 1. MAC(M,K) where M-message, K-key originator receiver 2. Give me K 3. Here is the K 1. At t=t1 MAC(M,K) where M-message, K-key originator receiver 2. At t=t2 K

  25. Chaining protocols • TESLA • µTESLA • Hash-chained authentication • Merkele trees authentication

  26. TESLA • TESLA protocol for broadcast authentication – data does not have to be authenticated at the moment of reception • For broadcast authentication • Sender can be associated with more powerful base node • Responsibility shift to sender r r r r t packets MAC(r) sender receiver MAC temporarily accepted and stored in receiver buffer MAC generated using value r, known only by sender t>timeout r NOT received => drop all MACs

  27. µTESLA • Takes in consideration ad-hoc nature of WSN • Allows bootstrapping of a new receiver at any time • To join the network a node needs to verify the authentication of one, any already used key from sender’s key chain and get loosely time synchronized.

  28. Hash-chained authentication ALPHA protocol: • Sender S choose random ho and computes h1, h2 ... hn • n depends on storage capacity • Each result is stored in memory, hn made known to receiver R • That means if R knows hi can calculate hi-1 by H(hi-1) = hi • Good for: • broadcasting protocols • unwanted traffic dropped at the very first relaying node ->saves bandwidth • network protection against overloading • Bad for: • memory size linear f(n) where n-number of signatures hi=H(hi-1) S1(MAC(hi-1|| M)) sends MAC and hi-1 S A1(hi,hjR) acknowledges with hi and hjR R S2(hi-1,M)

  29. Merkele trees authentication • Merkele tree MT is a plain binary tree • Limits required memory size to log(n) where n is number of leaves in the tree r=H(hi-1||no||n1)

  30. Authentication with asymmetric cryptography • Each entity has two keys: • Secret key to be used for authentication • Publically known for verification by the information recipient • Existing problems: • Availability of public keys • Dealing with compromised secret keys • Complex system • Large numbers-> storage problems 1. Request signed requester originator 2. message

  31. Asymmetric methods • Rabin schema • Diffie –Hellman key exchange

  32. Rabin Schema • Data sent from sensor to more powerful base station, the base station utilized this disproportion and applied similar asymmetric operation to assure security of data. • Very effective method for encryption and signature verification. • Private key is a pair of large distinct primes (p, q) • Public key is their product n=pq • Decryption complex requires p and q Gathered encrypted data Base station Sensing network c= M²modn M=√cmodpq Authenticated commands

  33. Diffie-Hellman key exchange • Allows two nodes communication in open text to agree on a common secret • Two parameters publicly known: the generator g and prime modulus p. • A calculate Xa and send to B, a is a secret number of A • B calculate Xb and send to A, b is a secret number of B A B

  34. Agenda • Introduction • Attacks and Threats in WSN • Information and node authentication • Holistic security approach and ISA • Quiz – questions and answers

  35. Holistic security approach • Advantages: • Easy to develop • Protocols of different layer can be modified independently • Reducing inter layer interaction • Disadvantages: • Redundant security (waste of system resources) • Lack of self adaptive services • De-integrated solution • Cost and energy effective

  36. ISA – Intelligent Security Agent [2009]Kuldeep Wireless Sensor Networks Security: A new Approach • Cross layer security • Routing energy efficient (network layer), minimize number of packets, retransmission (link layer) and put energy transceivers on/off. • Key management schemas make sure that all nodes possess required keys and packets reach destination.

  37. References • PrzmyslawBlaskiewicz, MiroslawKutylowski “Security and Trust in Sensor Networks” • Hemanta Kumar Kalita1 and AvijitKar “Wireless sensor network security analyzes” 2009 • T.Kavitha, D.Sridharan “Security Vulnerabilities in Wireless in Sensor Networks: Survey” • Adrian Perrig, John Stankovic, and David Wagner “Security in Wireless Sensor Networks” • Kuldeep, Kalpana Sharma and M.K. Ghose “Wireless Sensor Networks Security: A New Approach” • PengNing and Donggang Liu “Broadcast Authentication and Key Management for Secure Sensor Networks”, north Carolina State University, Raleigh, North Carolina • Jeffery Undercoffer, SasikanthAvancha, Anupam Joshi and John Pinkston “Security for Sensor Networks” • R. Kannan, L. Ray, A. Durresi and S. S. Iyengar ”Security-Performance Tradeoffs of Inheritance based Key Predistribution for Wireless Sensor Networks” • Ritesh Maheshwari, Jie Gao and Samir R Das Department of Computer Science, Stony Brook University “Detecting Wormhole Attacks in Wireless Networks Using Connectivity Information” • Yih-Chun Hu, Member, IEEE, Adrian Perrig, Member, IEEE, and David B. Johnson, Member, IEEE“Wormhole Attacks in Wireless Networks”

  38. Agenda • Introduction • Attacks and Threats in WSN • Information and node authentication • Key management • Holistic security approach and ISA • Quiz – questions and answers

  39. Quiz – Question 1 • [Q1]Shared authentication can be done in two ways: one common secret among all and each pair shares its own secret. Explain the advantages and disadvantages of both approaches taking in consideration WSN limitations. (draw the picture) • [A1] One common secret among all:[disadvantage: leak from single party], [advantage: small number of keys] • Each communication pair owns a unique secret:[disadvantage: exponential growth in storage requirements],[advantage: more security]

  40. Quiz – Question 2 • [Q1]Explain how a wormhole attack occurs and the threats that attack produces • [A1]In the wormhole attack, an attacker records packets (or bits) at one location in the network, tunnels them (possibly selectively) to another location, and retransmits them there into the network. • The wormhole attack can form a serious threat in wireless networks, especially against many ad hoc network routing protocols and location-based wireless security systems. • For example, traffic between nodes like a and e can now take a one-hop path via the wormhole instead of a multi-hop path. If the wormhole is placed carefully by the attacker and is long enough, it is easy to see that this link can attract a lot of routes.

  41. Quiz – Question 3 • Explain how the Diffie-Hellman key exchange protocol works. Explain and show calculations if prime numbers are given: p=3 and g=2.

More Related