270 likes | 379 Views
CMSC 681 Project. Secure Time Synchronization in Wireless Sensor Networks. Agenda. Overview Background Security Threats Time Synchronization Protocols Countermeasures Summary. Overview. Scope Time Synchronization in wireless sensor networks and security measures Intent
E N D
CMSC 681 Project Secure Time Synchronization in Wireless Sensor Networks Carl J Ochs Jr
Agenda • Overview • Background • Security Threats • Time Synchronization Protocols • Countermeasures • Summary Carl J Ochs Jr
Overview • Scope • Time Synchronization in wireless sensor networks and security measures • Intent • Survey and evaluation of current time synchronization protocols and the effectiveness of their security measures Carl J Ochs Jr
Background • Wireless Sensor Networks • Network of multiple resource-constrained sensor nodes that monitor and forward information • Typically has a centralized node that collects the data and another node that will be used for processing the data. Carl J Ochs Jr
Background • Why is Time Synchronization Important • Location and proximity of siblings • Intranetwork coordination • Proper functioning of security measures • Maintain ordering of messages • Use of Time Division Multiplexing (TDMA) • Energy efficiency Carl J Ochs Jr
Background • Why not NTP or GPS? • The majority of sensor nodes are designed with minimal resources available and consumed • NTP requires highly accurate clocks • GPS requires an additional receiver for the GPS transactions • Some networks with less restrictions may be able to afford a GPS sensor infrastructure. • Additional details are available in chapter 1 of the Handbook of Sensor Networks: Algorithms and Architectures: Time Synchronization and Calibration in Wireless Sensor Networks by Kay Römer, Philipp Blum, Lennart Meier available from http://www.vs.inf.ethz.ch/publ/papers/wsn-time-book.pdf Carl J Ochs Jr
Background • Clock Synchronization Basics • Clock Offset • Difference between clocks at 2 nodes • Clock Skew • Change in offset over time • One clock running faster than another • Drift Error • Random changes in clock frequency • Temperature differences • Aging of the hardware Carl J Ochs Jr
Background • Effects of Unsynchronized clocks • Invalid observations • Inefficient/ineffective coverage • Areas left uncovered during certain timeslots • Disabled communications architecture (worst case Carl J Ochs Jr
Threat Overview • Vectors of Attack • Malicious Outsider • Attacker with Jamming and Replay abilities • Compromised Node Carl J Ochs Jr
Threat Overview • Malicious Outsider • Wireless device inserted into the network • Can eavesdrop, but cannot contribute • No knowledge of security keys (at least initially) • Similar in behavior to the “snoop”/Ethereal/Wireshark network capturing utility Carl J Ochs Jr
Threat Overview • Attacker with Jamming and Replay ability • Can initiate Pulse Delay Attacks • Jam a message, store, and replay later • Real message sent out of sequence (confusion) • Jamming detection possible, but expensive Carl J Ochs Jr
Threat Overview • Compromised Node • Most difficult to defend against • Friendly node taken over by enemy (brainwashed) • Primarily physical attack • In theory, it could be a pure software attack • Node has correct security keys and can contribute to the network communication Carl J Ochs Jr
Reference Broadcast Synchronization (RBS) • External unit broadcasts a synchronization signal • Signal causes all nodes to record their current local time and then exchange this information amongst each other • Processing time and propagation delays can cause imprecise measurements • Solution: multiple reference signals broadcast, nodes exchange message arrival times, use least squares fit approximation • Attacks • Compromised node can exchange an incorrect time causing the other node to calculate an incorrect offset Carl J Ochs Jr
Reference Broadcast Synchronization (RBS) • Receiver-Receiver synchronization • Single node transmits a synchronization message to multiple nodes • Receiver nodes synchronize the arrival timestamp amongst themselves (transmitter does not interact). Carl J Ochs Jr
Time Synchronization Protocol Sensor Networks • Create a spanning tree with a designated “root” node • Each pair of nodes can be considered a root-child, where the child becomes the root for the next node • Child requests synchronization from the root, which responds with an acknowledgement message • The message data is the departure and arrival time of each, so the child, upon receipt of the last message can calculate its clock offset relative to the parent • Attacks • Compromised node can cause it's child node to calculate an incorrect offset, and this will trickle down the tree Carl J Ochs Jr
Time Synchronization Protocol Sensor Networks • Typical sender-receiver synchronization • Hierarchical • Root nodes at each level synchronize with child nodes Carl J Ochs Jr
Flooding Time Synchronization Protocol • Root node is elected (lowest ID wins) and is the node that sends out the synchronization message • If no synchronization message is received after a preset time period, a node can elect itself root and initiate the synchronization • Self healing tree structure in case of node failures • Attacks • Any compromised node could declare itself root since the lowest ID always wins • Node then sends incorrect time synchronization data that corrupts the entire tree Carl J Ochs Jr
Flooding Time Synchronization Protocol • Root node broadcasts time synchronization initiation message • Non-root sensors coordinate root message amongst neighbors • Non-root sensors use multiple neighbors timestamps to determine their own time.
Countermeasures • General • Cryptographic-based • Key sharing • Pre-shared or exchanged using Diffie-Hellman protocol • Random nonce's are inserted in the initial messages to prevent playback attacks • Proposals reviewed by article • Ganeriwal et al. • Song et al. • 2 by Sun et al. • Manzo et al. Carl J Ochs Jr
Ganeriwal et al. • Extended the Key-sharing with initial nonce by adding end-to-end delay calculations • Prevents “Pulse Delay Attacks” Carl J Ochs Jr
Song et al. • Statistical approach that intends to filter out the compromised nodes • Assumption is that compromised nodes will behave significantly different from uncompromised nodes – called outliers. • Implementations • Generalized Extreme Studentized Deviate (GESD) • Outputs estimated number of outliers • Predetermined Delay thresholds • At startup, nodes determine the maximum delay tolerated and ignore any messages exceeding this threshold • No cryptographic techniques employed Carl J Ochs Jr
Sun et al.Original Approach • Statistical method with more resiliency in the face of compromised nodes • Synchronization can be level based – heirarchical – or diffusion based – synch with nearest neighbors • The synchronization method selects the median of 2t + 1 candidate measures • Tolerates up to t compromised nodes • Requires pairwise-key-based authentication to prevent Sybill attack (single node masquerading as multiple nodes) Carl J Ochs Jr
Sun et al.Revised Approach • TinySeRSync • http://discovery.csc.ncsu.edu/software/TinySeRSync/ • Improved version of original approach proposed by Sun et al. • Still relies on the selection of a median from 2t + 1 candidates • Has 1+ source/root nodes that have highly precise time (i.e. GPS set) Carl J Ochs Jr
TinySeRSync • Staggers the global synchronization into 2 asynchronous phases • First phase has pairs of nodes synchronizing to each other, independent of the source node • MAC layer timestamping is used for authenticating the source • Continuously done to maintain precision between pairs • Second phase is initiated by the source node broadcasting a synchronization message • This message is flooded to neighboring nodes who then forward it on to their neighbors • μTESLA is used as the authentication method • Does not require signature verification overhead, which can be a vector for Denial of Service attacks Carl J Ochs Jr
Summary • Majority of the proposed countermeasures provide protection against compromised nodes • Ganeriwal et al. Is the only method that does not • All apply some form of statistical filtering to weed out the attacks • Cryptography is not a necessary component to defend against attacks • Method proposed by Song et al. Protects against all 3 attacks, yet uses no cryptography for authentication Carl J Ochs Jr
References • A. Boukerche and D. Turget, “Secure Time Synchronization Protocols For Wireless Sensor Networks,” IEEE Wireless Communications, October 2007, pp. 64-69 • Kun Sun, Peng Ning, Cliff Wang, An Liu, Yuzheng Zhou, "TinySeRSync: Secure and Resilient Time Synchronization in Wireless Sensor Networks'', in Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS'06), Alexandria, VA, November 2006. Carl J Ochs Jr
References • Roche, Michael. "Time Synchronization in Wireless Networks." CSE574S: Advanced Topics in Networking: Wireless and Mobile Networking (Spring 2006) Website.23 Apr. 2006. Washington University in St. Louis. 04 Dec. 2007 <http://www.cs.wustl.edu/~jain/cse574-06/ftp/time_sync/index.html>. • K. Römer, P. Blum, L. Meier: Time Synchronization and Calibration in Wireless Sensor Networks, In: I. Stojmenovic (Ed.), Handbook of Sensor Networks: Algorithms and Architectures, pp. 199-237, Wiley and Sons, October 2005, ISBN 0-471-68472-4. Carl J Ochs Jr