150 likes | 254 Views
Toward Resilient Security in Wireless Sensor Networks. Rob Polak Feb 23 2006 CSE 535. What is Wireless Security on the Link Level?. Message Authenticity Verify Sender Verify Message has not been forged Message Privacy The messages can not be read by a third party. Previous research.
E N D
Toward Resilient Security in Wireless Sensor Networks Rob Polak Feb 23 2006 CSE 535
What is Wireless Security on the Link Level? • Message Authenticity • Verify Sender • Verify Message has not been forged • Message Privacy • The messages can not be read by a third party.
Previous research • Pairwise Key Distribution • Nodes contain a pool of symmetric keys, with a probability they contain shared keys. • These shared keys are then used to create a pairwise key used to endorse messages. • What are the problems with this method?
Problems with Pairwise • As more nodes are compromised the fraction of affected pairwise keys increases quickly. • Insider Attacks are not accounted for in the system. • Some sensors may not be able to communicate if they do not share keys.
Solution? • Location-Based Resilient Security (LBRS) • Split terrain into grids, and use a locally binded key
Overview LBRS • When an event occurs it is endorsed by multiple nodes within a cell. • Message is then forwarded to a node up stream towards the Sink. • Messages are verified en-route to ensure validity.
Grid Construction • How to construct a grid with no real infrastructure. • Solution: construct a virtual grid of cells, and bind keys to certain cells. • How to determine cell size? What are the tradeoff’s? • As cell size increases nodes are required to have less keys, however, if a large cell is compromised an attacker can forge events of a larger area.
Bootstrapping • Time when node is first deployed, and needs to generate it’s keys • Node determines its position • Node generates keys based upon its location, a master secret, and a one way function. • Then the node identifies all of the nodes in its sensing range and generates keys for those nodes. (used later in en-route message filtering) • Master secret is then erased permanently (no more keys can be generated).
En-Route Filtering • Any given report requires (m-1) distinct MAC endorsements (message authentication codes) • Reports are collectively processed and endorsed by surrounding nodes within a cell. • Once a message is sent to it’s upstream node (using geographic routing) the senders mac’s is then verified by the receiving node.
Routing • LBRS uses a concept of beam width routing, which is a subset of a geographic routing.
Analysis • Analysis Info • Given: a circular terrain of radius R and N sensor nodes • For fabricated attacks where m-1 distinct MAC’s are needed to verify a report the detection ratio is : 1 - ½^(8s(m-1)) = 0.999 =99% detection rate for our simulation. • In a simulation network of 10km with 400K nodes, the forged reports were found in an average of 4.2 hops, and 6 hops at most.
Node Compromise • Can we prove our hypothesis that LBRS is less vulnerable to node compromise. • Results from the simulation show that when 100 nodes are compromised only 11 cells or 0.68% of the total terrain. (30k nodes) • No comparisons to pairwise system.
Implementation • Implementation • Only talks about very basic setup of nodes. • Seems to be “missing” any results.
Future Work • Implementing the system and study the performance
Discussion • What are some of the problems with this system? • Can not handle networks with nodes that change location. • Does not scale well into system with low density of nodes. • Is this a viable network security solution? Are you convinced?