Security in Sensor Networks By : Rohin Sethi Aranika Mahajan Twisha Patel

Outline Introduction Time Syncronization Attacks Denial of Service (DoS) Attacks Conclusion

Need for Security in Sensor Networks Broadcast nature of Wireless Communication Lack of tamper-resistant hardware Limited storage & computational resources rendering public key cryptography impractical

Time Synchronization Attacks

Time Synchronization Protocols Time synchronization protocols : – provide a mechanism for synchronizing the local clocks of the nodes in a sensor network – used by many applications of sensor networks, such as tracking and localization. Attacks on time-synchronization protocols: – have one main goal, to somehow convince some nodes that their neighbors clocks are at a different time than they actually are.

Time-sync Protocol for Sensor Networks (TPSN) TPSN initially creates a spanning tree of the sensor network. While the tree is being built, the nodes perform pair-wise synchronization along the edges of the tree. Each node exchanges synchronization messages with its parent in the spanning tree.

Time-sync Protocol for Sensor Networks

Flooding Time Synchronization Protocol (FTSP) Root node broadcasts its local time and any nodes that receive that time synchronize their clocks to that time. Synchronization messages: 1. rootID 2. seqNum 3. sendingTime Whenever a node receives a message from the root node, it updates its global time. In addition, it broadcasts its own global time to its neighbors.

Flooding Time Synchronization Protocol Each node retains the highest sequence number it has received and the rootID of the last received message used. If a node does not hear a time synchronization message for a ROOT_TIMEOUT period, it declares itself to be the new root. If a root hears a time synchronization message from another root with lower ID than itself, it gives up its root status.

Attacks on Time Synchronization Protocol for Sensor Networks Send Incorrect Information to its children Lie about its level in the tree It can avoid participating in the tree building phase.

Attacks on FTSP The compromised node can claim to be the root node with ID 0 and begin at a higher sequence number than the original root All updates originating at the actual root node will be ignored.

Counter Measure For Time Synchronization Attacks Corrupted Root: – A subset of the nodes act as the root on a rotating basis. – All nodes share a private key with that subset of the nodes that may become a root. – Any corrupted nodes might continue to send erroneous updates under this scheme, but the effects on the nodes' calculations of the skew and offset would be reduced.

Counter Measure For Time Synchronization Attacks (contd…) Increasing Reliability : – The nodes record a subset S of the updates from their neighbors. Preventing False Updates: – Skeptic Node may cease sending updates to its neighbors – Policy of containment

Denial of Service Attacks

Denial of Service (DoS) Attacks Attempt to make a computer resource unavailable to intended users Force victims to reset/consume resources – Service no longer available Obstructs communication media between intended users and victim

DoS in WSNs Sleep Deprivation Attacks Path Based DoS Attacks Jamming Attacks

Sleep deprivation Attacks Also known as Battery Exhaustion Attacks Attacker drains the battery of pervasive computing device – Device rendered inoperable Successful Attack Currently not widespread but the potential exists

Forms of Sleep deprivation Attacks Service Request Power Attacks Benign Power Attacks Malignant Power Attacks

Remedy for Sleep Deprivation Attacks Existing security techniques Power Secure Architecture – Goal: Provide some guaranteed fraction of the systems expected battery life. – Fundamental Security Features: - 1. Multilayer Authentication 2. Energy Signature Monitoring

Power Secure Architecture Multilayer Authentication – Service Request Attacks – Energy profile of service Crippling energy level – Initial authentication must be lightweight process Energy Signature Monitor – Benign and Malignant Attacks – Energy Monitoring Unit (EMU) : Self-contained unit for dynamically measuring the systems power consumption – Concerns Allows Attacker to more easily tune a sleep deprivation attack Checking signature must be lightweight process

Power Secure Architecture (contd..) Energy Signature Monitor – Benign and Malignant Attacks – Energy Monitoring Unit (EMU) : Self-contained unit for dynamically measuring the systems power consumption – Concerns Allows Attacker to more easily tune a sleep deprivation attack Checking signature must be lightweight process

Path Based DoS Attacks Damaging form of DoS Attacks Hierarchical organization of sensor networks – Member Nodes – Aggregator Nodes – Base Station Easy to launch and disable large portions of WSNs PDoS Attack in End-to-End Communication in WSNs

Remedy for PDoS Attacks One-way Hash Chains (OHCs) Detect spurious packets using separate shared key Detect spurious packets using single path key Rate Control

Jamming Attacks Well-known attack on wireless communication Adversary can disrupt entire network with k randomly distributed jamming nodes, putting N nodes out of service, where k << N Attacks is simple and effective for single frequency networks

Remedy for Jamming Attacks Standard Defense: Various forms of spread-spectrum communication Phase I Phase II

Conclusion AttacksSeverityEase of implementation of solution PDoSHighMedium Sleep DeprivationMedium TPSNMedium JammingMediumHigh (Hardware cost involved) FTSPLowMedium

THANK YOU