1 / 24

SIGF : A Family of Configurable, Secure Routing Protocols for WSNs

SIGF : A Family of Configurable, Secure Routing Protocols for WSNs. Brian Blum, Tian He, Sang Son, Jack Stankovic Security of Ad Hoc and Sensor Networks ( SASN’06). Sep. 20, 2007 Presented by Kim, Chano. Contents. Introduction IGF : Implicit Geographic Forwarding Assumptions and Attacks

jihan
Download Presentation

SIGF : A Family of Configurable, Secure Routing Protocols for WSNs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SIGF : A Family of Configurable, Secure Routing Protocols for WSNs Brian Blum, Tian He, Sang Son, Jack Stankovic Security of Ad Hoc and Sensor Networks (SASN’06) Sep. 20, 2007 Presented by Kim, Chano

  2. Contents • Introduction • IGF : Implicit Geographic Forwarding • Assumptions and Attacks • SIGF : Secure IGF • Evaluation • Conclusion SIGF : A Family of Configurable, Secure Routing Protocols for WSNs

  3. Introduction • Resource bound security solution • Efficiency of individual security mechanism • Efficiency of all security mechanisms installed together at a node • Access control, routing, localization, time synchronization, Power management • SIGF(Secure Implicit Geographic Forwarding ) • B.blum at al, IGF : A state free robust communication protocol for wireless sensor networks. CS-2003-1, Univ. of Virginia, 2003 • A family of configurable secure routing protocols • Three protocols (SIGF-0, SIGF-1, SIGF-2) • State ↑ &Security ↑ SIGF : A Family of Configurable, Secure Routing Protocols for WSNs

  4. IGF(Implicit Geographic Forwarding) – 1/2 • Quick overview of IGF R A : Candidate nodes Fig-1. Forwarding Area for Source S Fig-2. IGF handshake timeline SIGF : A Family of Configurable, Secure Routing Protocols for WSNs

  5. IGF(Implicit Geographic Forwarding) – 2/2 • Keeps no routing state information • Lazy binding → Fault tolerance, robust topology changes • Eliminate maintenance overhead and routing latency • Ten-fold increase in delivery ratio • Reduce end to end delay and control overhead • A point of view from security • Confines the attacker’s impact to the neighborhood • Prevents attackers that proof, alter, replace routing information • Vulnerable in black-hole attack SIGF : A Family of Configurable, Secure Routing Protocols for WSNs

  6. Assumptions and Attacks – 1/3 • System assumption • Insecure radio links • Attacker’s possibilities • Nodes know their own location • Additionally know that of their neighbors (SIGF-1, SIGF-2) • Pairwise-shared keys in the neighbors(SIGF-2 ) • Routing attacks (applicable to IGF) • Routing state corruption, Wormhole, Hello-flood => prevented • Black hole attack, Selective forwarding attack, Sybil attack • Denial of services : ORTS replay attack, CTS replay attack SIGF : A Family of Configurable, Secure Routing Protocols for WSNs

  7. Assumptions and Attacks – 2/3 Routing Attacks Fig-3. CTS Rushing Attack by A Fig-4. Node A performs a Sybil attack SIGF : A Family of Configurable, Secure Routing Protocols for WSNs

  8. SIGF : Secure IGF • Tradeoff between security and state maintenance • Configurability can be adapted at runtime • Higher cost must be borne even when no attacks are occurring • Each protocol is a subset of the next • SIGF-0 : no state at all • SIGF-1 : locally generated state • Limited information learned from interactions with neighbors • SIGF-2 : Cryptographic guarantees in routing • Use keys and sequence numbers shared among neighbors SIGF : A Family of Configurable, Secure Routing Protocols for WSNs

  9. SIGF : Secure IGF-0 • Lessen but not eliminate the chance of selecting an attackers Fig-3. SIFG-0 next hop selection for message from current node S to ultimate Destination D SIGF : A Family of Configurable, Secure Routing Protocols for WSNs

  10. SIGF : Secure IGF-0 • Configurable dimension • Forward Area {60° sextant, closer, whole neighborhood} • Collection Window {one responder, fixed multiple, dynamically lengthened} • Forwarding Candidate Choice {first, by priority, random, multiple} • Omit location { yes, no} Robust against a black-hole attack cased by CTS rushing attack SIGF : A Family of Configurable, Secure Routing Protocols for WSNs

  11. SIGF : Secure IGF-1 • Reduce the chance of selecting an attacker as the next-hop • State • T : Total # of messages sent to all neighbors) • Nsent = # of messages sent to N • Nforward = # of messages forwarded by neighbor N on this node’s behalf • Nlocation = Last claimed location of node N • Ndelay = average delay between relaying a message to node N • Nsuccess = Nforward / Nsent = forwarding success ratio (reliability) • Nfairness = (T- Nsent ) / T = forwarding fairness ratio • Nconsistency = A consistency score based on N’s claimed location • N performance = (D – N delay) / D SIGF : A Family of Configurable, Secure Routing Protocols for WSNs

  12. SIGF : Secure IGF-1 • Per Neighbor Reputation Value • System Parameters for SIGF-1 SIGF : A Family of Configurable, Secure Routing Protocols for WSNs

  13. SIGF : Secure IGF-2 • Shared state secure IGF (for cryptographic operations) • Message Authentication { all messages, only DATA, node) • Message Sequence { yes, no) • Payload Encryption { yes, no} • Attacks resisted by IFG and SIGF protocols • State & Cost ↑ • Security ↑ SIGF : A Family of Configurable, Secure Routing Protocols for WSNs

  14. Evaluation • Use GloMoSim Simulator Table. Simulation parameter Fig. Final node location (S,D, A1-4) SIGF : A Family of Configurable, Secure Routing Protocols for WSNs

  15. Evalutation (2/2) Base System (No attacks) SIGF : A Family of Configurable, Secure Routing Protocols for WSNs

  16. Evalutation (2/2) Selective Forwarding Attack (by A3) Black Hole Attack SIGF : A Family of Configurable, Secure Routing Protocols for WSNs

  17. Evalutation (2/2) Sybil Attack (by A3) SIGF : A Family of Configurable, Secure Routing Protocols for WSNs

  18. Conclusion • SIGF (Secure Implicit Geographic Forwarding) • Chooses the next hop dynamically and nondeterministically • Increase robustness to node mobility and failure • SIGF-0, SIGF-1, SIGF-2 • Future studies • Evaluate lower densities • How failure-recovery mechanism impacts the performance of SIGF family SIGF : A Family of Configurable, Secure Routing Protocols for WSNs

  19. Thank you SIG – WORK (4)

  20. EXTRA : Wormhole attack (1/4) Routing Tree Adapted from Chris Karlof and David Wagner's WSNPA slides

  21. Wormhole attack (2/4) Routing Adapted from Chris Karlof and David Wagner's WSNPA slides

  22. Wormhole Attack (3/4) • Tunnel packets received • in one place of the network • and replay them in another • place • The attacker can have no • key material. All it requires • is two transceivers and one • high quality out-of-band • channel Adapted from Chris Karlof and David Wagner's WSNPA slides

  23. Disrupted Routing (4/4) • Most packets will be • routed to the wormhole • The wormhole can drop • packets or more subtly, • selectively forward packets • to avoid detection Blackhole / Selective forwarding attack Adapted from Chris Karlof and David Wagner's WSNPA slides

  24. Sybil attack & Rushing attack Sybil Attack Rushing Attack

More Related