290 likes | 430 Views
Distributed Detection of Node Replication Attacks in Sensor Networks ∗ Parno , B.; Perrig , A.; Gligor , V., "Distributed detection of node replication attacks in sensor networks," Security and Privacy, 2005 IEEE Symposium on , vol., no., pp.49,63, 8-11 May 2005. Sree Harsha Konduri
E N D
Distributed Detection of Node Replication Attacksin Sensor Networks∗Parno, B.; Perrig, A.; Gligor, V., "Distributed detection of node replication attacks in sensor networks," Security and Privacy, 2005 IEEE Symposium on , vol., no., pp.49,63, 8-11 May 2005. SreeHarshaKonduri SaiSamratKarlapudi Tiksha Milan Choksi
Nodes in the sensor networks are vulnerable • With little effort, an adversary may replicate these nodes within the network • In this paper we will discuss about Node replication detection schemes • Previous Approaches and their limitations • Centralized approach • Voting Mechanism • New Approaches and their efficiencies • Robust Multicast • Line selected Multicast Abstract
Why use Nodes and Sensor Networks? • Easy to deploy • Scalable • Low cost commodity hardware • Problem! • No physical Shielding • To join the network, new nodes require neither administrative intervention nor interaction with a base station • Done through neighborhood discovery protocol • Hence, Nodes can easily be replicated by the adversary Introduction
What can an adversary do? • If compromises even a single node, he/she can replicate it indefinitely • Inject false data • Subvert legitimate data • Network becomes vulnerable to attacks if undetected • How to stop them from replicating nodes! • Previous approaches used Centralized approach • Problem – Single point of failure • Localized Voting Systems • Problem - Cannot detect distributed replication • Hence two new algorithms have been suggested in this paper, which would stop distributed node replication
Goals • Detect a node replication attack • Ideally, without centralized monitoring • The protocol must provide robust detection • Evaluate efficiency of each protocol • Minimizing communication is our first priority • Node replication attack is to be detected soon after it occurs Background
Consists of hundreds, or even thousands, of small, low-cost nodes distributed over a wide area • The nodes are expected to function in an unsupervised fashion • Data collection may occur at irregular intervals • We assume that the adversary cannot readily create new IDs for nodes • How? By tying each node’s ID to the unique knowledge it possesses • node’s ID could correspond to the set of secret keys it shares with its neighbors • Hence adversary cannot create a new ID without guessing the appropriate keys Sensor Network Environments
We assume that the adversary has the ability to capture a limited number of legitimate sensor nodes • Once captured, the adversary can employ arbitrary attacks on the nodes to extract their private information • The adversary could read the cryptographic information from the node and clone the node by loading that information • We also make the assumption that any cloned node has at least one legitimate node as a neighbor • We assume that the nodes under the adversary’s control follow protocols • We assume that the adversary operates in a stealthy manner, attempting to avoid detection Adversary Model
Each node sends a list of its neighbors and their claimed locations to the Base Station • Base station looks for replicated nodes using this information • A replicated node if discovered, base station will revoke the replicated nodes by flooding the network with an authenticated revocation message • Problem! • Single point of failure • Load on the network, particularly for the nodes near the station • Revocation is delayed • Centralized Detection Previous Protocols
Centralized Detection • In terms of security, this protocol achieves 100% detection of all replicated nodes, assuming all messages successfully reach the base station • Efficiency • if we assume that the average path lengthto the base station is O(√n) and each node has an average degree d • This protocol requires O(n√n) for communication • The storage required at each node is O(d) • The storage required at Base station is O(n.d)
Avoid relying on a central base station • Replicated nodes can be detected with the help of node’s neighbors using a Voting Mechanism • The neighbors reach a consensus on the legitimacy of a given node • Problem! • This method fails to detect distributed node replication in disjoint neighborhoods within the network • If replicated nodes are at least two hops away from each other, a purely local approach cannot succeed. Local Detection
Try Node-Network Broadcast: Uses a simple broadcast protocolwhere each node floods the network with its location. • Every node stores neighboring node’s location information, so when conflicting information is received, they can revoke offending node. • Pros: achieves 100% detection (if each node receives the broadcast) • Cons: Communication cost is way too much for large networks – O(n2). • Way to overcome : What if adversary blocks out key areas of the network?? Brute-Force Idea-1
Try to improve on the communication cost of O(n2). • Approach : A node will share its location claim to a deterministically chosen subset of nodes called witness nodes. • Witness nodes are chosen based on a function of the node’s unique ID. Formally when a is heard, then is computed where w1,w2,….wg are the set of witness nodes and F maps each node ID in the set of possible node IDs, S, to a set of g node IDs: Using • Detection of replication : The witnesses will receive conflicting location claims, and then trigger the revocation of that node by flooding the network with the conflicting pair of locations. Brute-Force Idea-2
Analysis: For communication, assuming α’s neighbors do not collaborate, we will need each of α’s neighbors to probabilistically decide which of the witnesses to inform. If each node selects (g lng)/d random destinations from the set of possible witnesses then the coupon collector’s problem assures us that each of the witnesses will receive at least one of the location claims. Assuming an average network path length of O(√n) nodes, this results in O( (g ln g√n)/d ) messages sent per node. • Pros: Improved Communication cost, high possibility of distributed detection. • Cons : Not strong enough. • Ways to break: What if the adversary captures a nodes witnesses and jam them? Remember, the function F is deterministic. Brute-Force Idea-2 cont…
Idea: Improve on Deterministic Multicast and instead of choosing witnesses deterministically, choose them randomly. Neighboring nodes send location claim to a set of randomly chosen witnesses. • Detection of Replication : If an adversary replicates a node, 2 different witness sets are chosen. If each node choses √n witnesses then Birthday Paradox predicts a high probability of collision i.e at least one witness will receive a conflicting pair of locations. • Assumptions : Each node knows its own location. We also assume that the network utilizes an identity-based public key system and every node can calculate the α’s private key using a function F(α) or use a traditional PKI system with network authorities using master public/private key to sign α’s key. Later topics will explain how symmetric key cryptography reduces computation overhead at the expense of additional communication. Randomized Multicast
The Protocol: Formally each node α broadcasts location claim to a set o f neighbors βi in the format where lα is the location information. Upon receiving a location claim β verifies α’s signature and with probability p, each neighbor selects g random locations within the network and uses geographic routing forwards α’s location claim. • We have seen how the detection, revocation is performed. • Security : If Pclaim is the probability that a node hears at least one claim and Pnoneis the probability that a node hears no location claims, then we have: Since the neighbors choose their destinations independently, we have: Randomized Multicast cont…
The probability of a collision is 1 – probability of no collision. • Thus, if n = 10, 000, g = 100, d = 20, and p = 0.05, we will detect a single replication of with probability greater than 63%, and if is replicated twice, we will detect it with probability greater than 95%. • Analysis: Communication costs are still roughly O(n2) Randomized Multicast cont…
We can improve on the costs of Randomized multicast by using some other schemes to detect conflicting location claims. • A location claim from A -> B passes through several intermediate nodes. If these nodes also store the location information forming a line, then whenever a conflicting location claim passes the line, it can revoke the node. Line Selected Multicast
The Idea Line-Segment Intersection Line-Selected Multicast Line Selected Multicast
Analysis: Protocol draws line-segments, probability of intersection of line-segments can be found using the solution of Sylvester’s Four-Point Problem. • We can detect attacks using a constant number of line-segments. • If we assume each line-segment of O(√n) length the Line-Selected Multicast uses O(n*√n). Line Selected Multicast
Deploy n nodes uniformly within a 500 x 500 square, n between 1,000 and 10,000. • Each node has approx. 40 neighbors. • Communication requirements = Average of total number of messages sent/received per node. • Resiliency = Number of times the protocol is run in order to detect a single node replication. • Probability of detection, Pd = 1/# of repetitions • Randomized Multicast Protocol:p.d.g = √n => 63% probability to detectreplication • Line-Selected Multicast: r = 6 => each location claim creates 6 line segments Simulations
Communication Overhead Probability of Detection • Simulations closely matched theoretical predictions. • Randomized Multicast => Communication increases linearly with number of nodes. • Line-Selected Multicast => Communication increases at the rate O(√n). • Probability of node replication detection for Line-Selected Multicast is almost constant in different network configurations.
PROTOCOL COMPARISON: SYNCHRONIZED DETECTION: • Deciding how often detection is performed trades efficiency of detection against communication and storage costs. • However, since the protocols require loose synchronization, we leverage it to reduce cost of running the protocols through some modifications. Discussions
HIGH NOON: Detection happens only during a fixed length of time t for every T units of time, rest of the time (T-t) nodes can utilize their entire memory for non-detection purposes. • TIME SLOTS: Time is divided into epochs of length T, each epoch consisting of k time slots (k – protocol parameter). • SECURITY REQUIREMENTS: Each node remembers the neighboring nodes which participated in the previous epoch. Later, if a node hears from a new neighbor, it refuses to communicate with that node until the node participates in a detection epoch. AUTHENTICATION: • Public Key Security Adjustments: Prevention against DoS attack by adversary by making nodes verify faulty signatures or by reporting its neighbor’s claim to every node in the network rather than only to g nodes. • Symmetric Alternatives: Using one-time signatures or one-way chains for authentication.
MASKED REPLICATION ATTACKS: • An adversary needs to compromise an additional d nodes for each replica of a node he wants to create. • In a masked-replication attack, the compromised nodes mask the replicated nodes, giving the adversary the influence of k2nodes after compromising k nodes. • Pseudo-neighbors are used to overcome the masked-replication attacks. EMERGENT PROPERTIES: • Randomized Multicast and Line-Selected Multicast are emergent algorithms. • Emergent algorithms operate in a distributed fashion and are thus robust against individual node failures and also avoid problems faced in centralized solutions. • They represent the first application of emergent algorithms to problem of security in sensor networks.
Eschenauer and Gligor => Centralized node revocation in sensor networks • Chan, Perrig and Song => Localized mechanism for sensor network node revocation • Douceur => Countermeasures for peer-to-peer networks involving resource verification • Newsome et al. => Techniques to defend against Sybil attack in sensor networks • Bawa et al. => Algorithm for counting the number of nodes in a peer-to-peer network Related Work
The nodes controlled by the adversary are assumed to follow the protocols. • Future work related to this topic would explore mechanisms that ensure the working of the protocols even in the case of misbehaving nodes. • McCune et al. describes a technique that uses secure implicit sampling to detect nodes that suppress or drop messages. • Also, the modifications described previously - High Noon and Time Slots, would be implemented to periodically check the network for replicas, preventing the adversary from forming a strong foothold in the network. Future Work
Centralized algorithms place excessive trust in base station and excessive load on nodes near it. Local voting techniques are not useful for detecting distributed node replication. • Randomized Multicast and Line-Selected Multicast enable distributed detection of distributed events. • Line-Selected Multicast provides excellent resiliency with near optimal communication overhead and modest memory requirements. • Randomized Multicast and Line-Selected Multicast are emergent algorithms which help to resolve security problems in sensor networks. Conclusion