180 likes | 300 Views
Secure positioning in Wireless Networks. Srdjan Capkun, Jean-Pierre Hubaux IEEE Journal on Selected area in Communication 2006. 2 2006. 11. 28 Jeon, Seung Woo. Contents. Introduction Position attack and distance estimation techniques Verifiable Multilateration (VM)
E N D
Secure positioning in Wireless Networks Srdjan Capkun, Jean-Pierre Hubaux IEEE Journal on Selected area in Communication 2006. 2 2006. 11. 28 Jeon, Seung Woo
Contents • Introduction • Position attack and distance estimation techniques • Verifiable Multilateration (VM) • Secure positioning in Sensor network • Conclusion
Introduction • Positioning and distance estimation techniques for wireless network • Vulnerable to attack from internal and external attacks • Internal attack • Internal attacker can report false position and distance information • External attack • External attacker can modify (spoof) the measured positions and distances of nodes • The secure positioning mechanism is necessary
Positioning Attacks • Distance enlargement and reduction attack External attacker Claimant Verifier Internal attacker Claimant
Attacks on network systems [1] • Global Positioning system (GPS) • Satellites based system • 3-D positioning with an accuracy of around 3m • Limitation • Not available for indoor and dense urban positioning • Civilian GPS was never designed for secure positioning • Can be spoofed by GPS satellite simulator (External attack) • The authority or another mobile node have no way to verify the correctness of node’s position (Internal attack)
Attacks on network systems [2] • Ultrasound (US) positioning • Measuring time of flight (TOF) of the sound signal between two node • Limitation • Only available in indoor systems • Vulnerable to distance reduction and enlargement attacks • Enlargement attack • Attackers can send Jamming or replaying signals • Reduction attack • Attackers can send faster signals
Attacks on network systems [3] • Radio (RF) positioning • Based on the transmitted and received signal strength • RF TOF-based systems • Node measures their mutual distance based on the time of propagation of the signal • External attacker can only increase distance • Distance is based on the signal speed • Internal attackers can increase and decrease distance • By reporting false report signal • RF distance bounding techniques • Allows nodes to distance bound to others • Prevents an internal attackers from reducing the measured distance
Attacks on network systems [4] • Distance bounding • Prevent distance reduction External attacker Distance bound Internal attacker
Secure positioning protocol • Distance bounding protocol • A Verifier node can verify that a claimant nodes being at certain distance • Vulnerable to distance enlargement attacks but not to distance reduction attacks • Authenticated ranging protocol • Assumes that the claimant and the verifiers are mutually trusted • Claimant nodes report its processing time to the verifier which then computes the range based on the report times • Do not need high speed HW than distance bound • Same resistance to External attackers • Not resistant to distance reduction of internal attackers
Verifiable Multilateration • Verifiable Multilateration (VM) • Secure computation and verification of the positions • Verifiers can specify the position reported by nodes • Proposition of VM • The position of device in two (three) dimension can be computed to three or four reference point • Characteristic of VM • At least three reference points • Computations performed by an authority
Verifiable Multilateration • Verifiable Multilateration algorithm [1] • The verifiers perform distance bounding to the claimant • With power range of verifiers • The authority computes an estimate position from all of the verifiers • The authority runs the following test • δ-test • Distance bounding - Distance in verifiers and claimants < δ • Point in the triangle test • Whether claimant point is within the triangle of verifiers • If both tests are positive, the authority accepted as real, otherwise the position is rejected • otherwise, the authority regard it as the enlargement attack
Verifiable Multilateration • Verifiable Multilateration algorithm [2] Verifier 1. Distance bounding 2. Estimation of claimants 3. δ-test 4. Triangle Position test Claimant Verifier Verifier
Security properties of VM • Verifiable Multilateration (VM) with several protocol • VM with distance bounding • An external attacker cannot cheat any positions within the triangle • The attacker can owns several devices and each device authenticate to the authority • VM with authenticated ranging • Protection against external attacker, but not against untrusted claimants • Most suitable for mutually trusted positioning systems
Positioning in sensor network • Threat analysis • More severe than if positioning is performed directly to base stations • Temporal or permanent displacement of the nodes undetected to the verifier • Attacks by internal attacker are simpler and more harmful than those performed by external attackers • Internal attackers can modify the computed network topology by reporting non-existing links
Positioning in sensor network • Direct sensor positioning • Sensors are being positioned directly by the landmark stations • The verification depends on the number of verifiers and their power ranges • Optimal number of verifiers In L*L area, • N=[(2L/R)+3][(2L/R)+1]/2 • An optimal placement of verifiers is much more efficient than their random placement • But the random placed verifiers can prevent the cloning attack
Positioning in sensor network • Cooperative Positioning (SPINE) • Sensors measure distance bounds to their neighbors • The distance bounds are verified using VM • The positions of the nodes are computed by the neighbor sensors • BDV (Basic Distance Verification) • Verification triangles around claimants with verifiers and its neighbors • Verification triangles around verifiers and its neighbors • The measured distance bounds are verified in all triangles, by performing VM
Positioning in sensor network • Security analysis of BDV • The resistance of BDV to attacks • Depends on the number and on the mutual dependence of triangles • K verification triangle in network • If the triangles are node disjoint • Can resists up to 2k distance enlargement • If the triangles are node joint and edge-disjoint • Can resists up to 2k distance enlargement by external attackers • Not resist attacks by a single compromised node adjacent to the spoofed distance • If the triangles are edge joint • the BDV can resists to up to k+1 distance enlargements by external attackers
Conclusion • Security analysis • Analyzing positioning and distance estimation techniques • The effective techniques for secure positioning • Verifiable Multilateration (VM) techniques shows good performance compared to other techniques • The proposal techniques in sensor network : SPINE • Mode detailed analysis and implementation of distance bounding is necessary