190 likes | 407 Views
Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks. Mingyan Li, Iordanis Koutsopoulos, Radha Poovendran (InfoComm ’07) Presented by Choi, Chang-Beom. Introductions (1/2). Characteristic of jamming attacks (DoS)
E N D
Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks Mingyan Li, Iordanis Koutsopoulos, Radha Poovendran (InfoComm ’07) Presented by Choi, Chang-Beom
Introductions (1/2) Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks • Characteristic of jamming attacks (DoS) • No special hardware is needed in order to be launched • It can be implemented by simply listening to the open medium and broadcasting in the same frequency band as the network • If launched wisely, it can lead to significant benefits with small incurred cost for the attacker
Introductions (2/2) Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks • Vulnerabilities of Sensor Network • Sensor networks rely on deployed miniature energy constrained devices to perform a certain task without a central powerful monitoring point • Controllable Jamming Attacks • Easy to launch and difficult to detect and confront • Jammer controls probability of jamming and transmission range in order to cause maximal damage to the network
Modeling Assumptions(1/4) Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks • Sensor network model • Each node cannot transmit and receive simultaneously • There are always packets in each node’s buffer in each slot • Sensor nodes are uniformly distributed in a region with spatial density ρnodes per unit area • Sensor network topology is static
Modeling Assumptions(2/4) Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks • Multiple access protocols are characterized by a common channel access probability γ for all nodes in a slot • Probability that a packet is transmitted to j is γ/ni • Case of collision • Receiver node j experiences collision if at least two nodes in its neighborhood transmit packet simultaneously • Probability of collision • 1 – Pr{only one or no neighbor transmits}=
Modeling Assumptions(3/4) Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks • Attacker model • The objective of the jammer is to corrupt transmissions of legitimate nodes by causing packet collisions at receivers • Jammer controls the probability q of jamming the area within its transmission range in a slot to control the aggressiveness of the attack • Probability of collision
Modeling Assumptions(4/4) Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks • Attack detection model • The monitoring mechanism • Determination of a subset of nodes that will act as network monitors • Employment of a detection algorithm at each monitor node • Detection • During normal network operation, and in the absence of a jammer, it give a large enough training period (percentage of collisions) • Fix attention to a time window and check whether the percentage of collisions over this time window exceeds the learned long-term average or not • Wald’s Sequential Probability Ratio Test(SPRT) • A. Wald, Sequential Analysis, Wiley 1947
Attacker Payoff(1/5) Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks • Instantaneous Payoff of the attacker UmI • It depends on jamming probability q and network access probability γ • Transmitters are uniformly distributed with densityργ • Total number of transmitters in the jammed area A is Poisson distributed with spatial density λ =ργ which is Aργ • The number of potential receivers isAρ(1-γ) • The probability of success of an attempted transmission is
Attacker Payoff(2/5) Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks • Instantaneous Payoff of the attacker UmI • The number of successful transmission links Y follows the binomial distribution • Payoff for the jammer • Instantaneous pay off for the attacker that jams with probability q • The instantaneous payoff for the network in the absence of jammer
Attacker Payoff(3/5) Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks • Cumulative Payoff • The number of jammed links until the jammer is detected and the notification message is transferred out of the jammed area • The probability of successful channel access for a node on the route of the notification message in the presence of jamming • Average waiting time for node before successful transmission
Attacker Payoff(4/5) Cumulative Payoff Where D(q,r)is detection time Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks • Let average number of hops needed to deliver the alarm out of area be H • The Average time needed for the alarm to propagate out of the jamming area is where is the average number of neighbors of a node along the path • The total time until the jamming activity stops is
Attacker Payoff(5/5) Cumulative Payoff Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks Cumulative payoff Cumulative payoff for the network
Problem Formulation Network Problem Attacker Problem Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks • Constant Jamming Power and one monitor node • The objective function is the total delay • An adversary tries to maximize total delay by controlling q • The network tries to minimize total delay by selecting γ
Problem Formulation Network Problem Attacker Problem Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks • Constant Jamming Power and one monitor node • With perfect knowledge • Solution is determined by the energy and payoff constraints • Without perfect knowledge • Approximate the solution of the max-min(min-max) problem
Numerical Result For Lack of Knowledge Case Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks Sensor node transmission range R = 20m Node density ρ=0.0025 Energy constraint E/P = 500 Payoff threshold U0 = 500 transmission Attacker transmission range Rm = 200m Energy constraint Em/Pm = 1000 Target payoff U0m = 500 pFA = 0.02, pD = 0.98
Problem Formulation Detection delay balancing problem Since detection time is decreasing in q regardless of number of neighbors, the smallest feasible q imposed by the energy constraint is the solution for the attacker Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks • Constant Jamming Power and several monitor nodes • Nodes can be classified in different classes C1, … Ck such that nodes in class Cn have n neighbors • Assign the role of monitor to nodes of a class with n* neighbors to minimize detection time
Problem Formulation Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks • Controllable Jamming Power and several monitor nodes • Jammer can choose transmission power level with probability qj such that • With probability q0 = 1 – q the jammer remains silent • Different jamming power levels lead to different jamming area • Monitor nodes located in outer zones • Perceive lower jamming probability, pass notification message faster • Monitor nodes located in inner zones • Detect faster, delay in passing the message out of the jamming area
Problem Formulation From numerical solutions for different , Optimal solution without knowledge of monitor neighborhood is to jam the inner region The theoretical proof or disproof of this observation is deferred for future study Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks • Controllable Jamming Power and several monitor nodes • Detection plus notification time for inner zone • Detection plus notification time for outer zone
Conclusion Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks • Controllable jamming attacks • Easy to launch • Difficult to detect and confront • Comparisons between • Perfect knowledge of the attacker and network strategy • Lack of knowledge of the attacker and network strategy • Further research • Consider about multi-channel networks • Find alternatives for modeling lack of knowledge for the attacker and the network • Considering multiple potentially co operating attackers