1 / 19

Denial of Service in Sensor Networks

Denial of Service in Sensor Networks. Anthony D. Wood John A. Stankovic. Ching-Yao Wang M9415027 資工碩一. Outline. Introduction Denial of Service Attack Physical Layer Attacks Link Layer Attacks Network and Routing Layer Attacks Transport Layer Attacks

Download Presentation

Denial of Service in Sensor Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Denial of Service in Sensor Networks Anthony D. Wood John A. Stankovic Ching-Yao Wang M9415027 資工碩一

  2. Outline • Introduction • Denial of Service Attack • Physical Layer Attacks • Link Layer Attacks • Network and Routing Layer Attacks • Transport Layer Attacks • Conclusion

  3. Introduction • Applications of Sensor Network • Military • Disaster relief • Monitoring • Security is important • protect against enemy’s accesses • protect location and status of casualties from unauthorized disclosure • protect patient privacy

  4. Denial of Service Attack • any event that diminishes or eliminates a network’s capacity to perform its expected function • Hardware failures, software bugs, resource exhaustion can cause a DoS.

  5. Physical Layer Attack-Jamming Attack • Method: • Randomly deploy some nodes that interfere with the radio frequencies of the victim nodes • Defense: • Spread-Spectrum • Priority messages • Region mapping • Lower duty cycle • Mode change

  6. Defense against a jamming attack, phase one. Nodes along the edge of a jammed region report the attack to their neighbors.

  7. Defense against a jamming attack, phase two. Neighboring nodes collaborate to map the jamming reports, then reroute traffic around the jammed region.

  8. Physical Layer Attack-Tampering Attack • Method: • Capture, destruct victim nodes. May also extract information, cryptographic key to gain access to higher levels of communication • Defense: • Tamper-proofing • Hiding

  9. Link Layer Attack-Collision Attack • Method: • Listen for transmissions, induce a collision to disrupt an entire packet. or try to corrupt ACK messages to force victim nodes go into back-off mode • Defense: • Error-correcting code

  10. Link Layer Attack-Exhaustion Attack • Method: • Repeatedly send out requests to access channel to elicit responses from victim nodes. Victim nodes’ energy is drained to exhaustion • Defense: • Rate limitation

  11. Link Layer Attack-Unfairness Attack • Method: • Use channel to send large packets, denying channel access of legitimate nodes • Defense: • Small frames

  12. Network Layer Attack-Neglect and Greed Attack • Method: • Malicious nodes neglect to forward, or intentionally drop, packets. They may only forward their packets • Defense: • Redundancy • Probing

  13. Network Layer Attack-Homing Attack • Method: • Passively monitor and detect critical nodes (group leader, cryptographic key managers, data aggregator, etc.). Call in other collaborators to perform active attacks on critical nodes • Defense: • Encryption

  14. Network Layer Attack-Misdirection Attack • Method: • Direct packets along wrong paths, by fabricating wrong route advertisements • One variant of misdirection, Internet smurf attack. • Defense: • Egress filtering • Authorization • Monitoring

  15. Network Layer Attack-Black Holes Attack • Method: • In distance vector routing based sensor net: a malicious node advertises zero-cost routes to other nodes. Thus, traffic will be routed towards the malicious node, creating a hole • Defense: • Authorization • Monitoring • Redundancy

  16. Transport Layer Attack-Flooding Attack • Method: • Send many connection establishment requests to a victim, forcing the victim to allocate resources to maintain the connections • Defense: • Limit number of connections

  17. Transport Layer Attack-Desynchronization Attack • Method: • Repeatedly send forged messages to both ends of a connection to force both ends to request retransmission of packets (i.e., both ends have to repeatedly synchronize), causing energy drain on all involved victim nodes • Defense: • Authentication

  18. Conclusion • Adaptive rate control • RAP (a real-time communication architecture for large-scale wireless sensor networks) • Security is important

More Related