Wireless Sensor Networks (WSN’s) Security Lecture 13
Mote A very low cost low power computer Monitors one or more sensors External Memory Digital I/O ports Radio Transceiver Analog I/O Ports Microcontroller A/D D/A Sensor A very low cost low power computer Monitors one or more sensors A Radio Link to the outside world Are the building blocks of Wireless Sensor Networks (WSN)
Wireless Sensor Network “A wireless sensor network (WSN) is a wireless network consisting of spatially distributed autonomous devices using sensors to cooperatively monitor physical or environmental conditions, such as temperature, sound, vibration, pressure, motion or pollutants, at different locations.” - Wikipedia
Wireless Sensor Networks Formed by hundreds or thousands of motes that communicate with each other and pass data along from one to another Research done in this area focus mostly on energy aware computing and distributed computing
WSN Applications Environmental/Habitat monitoring Acoustic detection Seismic Detection Military surveillance Inventory tracking Medical monitoring Smart spaces Process Monitoring
TinyOS What is TinyOS open-source operating system wireless embedded sensor networks component-based architecture Developed at UCB in collaboration with Intel Research Current Stable Version is 1.1.15 TinyOS 2.0 (T2) released on 6/11 Main Ideas – Low complexity Conserve power – sleep as frequently as possible Written in nesC – next generation C compiler
Different Targets mica mica2 mica2dot micaz telos telosb rene2 pc
Problems applying traditional network security techniques Sensor devices are limited in their energy, computation, and communication capabilities. • Sensor nodes are often deployed in open areas, thus allowing physical attack. • Sensor networks closely interact with their physical environments and with people, posing new security problems. • In-network processing requires intermediate nodes to access and modify information.
Security in sensor networks For many sensor network applications, security is critical. Public safety, special operations, healthcare, etc. Sensor network protocols should incorporate security mechanisms in the original design.
Security in sensor networks For many sensor network applications, security is critical. Public safety, special operations, healthcare, etc. Sensor network protocols should incorporate security mechanisms in the original design.
DoS in Sensor Networks [Wood et al.] What is DoS? Attack that reduces or eliminates the network’s ability to perform its function. E.g., hardware failures, software bugs, resource exhaustion, etc. What are the possible DoS attacks at various protocol layers? (Explained in the following slides)
Physical layer Attacks: Defenses: Jamming. Tampering. Jamming: Spread-spectrum techniques. Lower duty cycle with priority messages. Alternate modes of communication. Tampering: “Self-destruction” Hiding nodes.
Link layer Attacks: Defenses: Collision induction. Battery exhaustion. Unfairness. Defenses: Collision induction. . Fairness. Error correcting codes (?) .Small frames. Collision detection. Collision-free MAC. Rate limitation. Streamlined protocols.
Network layer: attacks Misdirection. An adversary misdirects packets by identity deception through replaying routing information. With such identity deception, the adversary is capable of launching harmful and hard-to-detect attacks to misdirect traffic Gray/black holes. In a black hole attack, the malicious node replies to every routing request saying that it has a route to the given destination. So, unsuspecting nodes start sending data to the destination through the black hole. This way a black hole diverts most of the traffic in the network to itself, and later dumps it. A gray hole attack is a variation of the black hole attack, where the malicious node is not initially malicious, it turns malicious sometime later.
Network layer: defenses Authorization. Only authorized nodes participate in routing. Need authentication mechanisms. Monitoring. Monitor node behavior. Probing. Redundancy.
Transport layer Attacks: Defenses: Flooding. Desynchronization. Message fabrication to get end points out of sync. Defenses: Flooding: Limit number of connections. Challenges/puzzles to clients. Desynchronization: Authenticate all messages (including header fields)
Security Focus in WSN’s Communication security in sensor networks. Data classification and related security threats. Location-based security mechanism.
Types of data Mobile code. Sensor node location. Application data. Goals: Minimize security-related energy consumption. Different protection levels.
Target sensor net architecture Localized algorithms. Local broadcast. Mobile code.
Security threats Insertion of malicious code. Interception of messages with node location information. Interception of application data. Injection of false data. Lower risk.
Security architecture Symmetric key encryption. All messages encrypted. Three security levels: Level I: mobile code. Level II: node location information. Level III: application data. Encryption strength: Level I > level II > level III. Encryption algorithm with adjustable strength (number of rounds).
Security architecture (cont’d) Group keys. Every user: set of keys, pseudorandom generator, and seed. Periodically and synchronously, nodes change keys.
Security levels Level I uses strongest encryption for mobile code injection. 32 rounds. Level II: Location-based keys. Different for different “cells”. Protect network from compromised keys. Level I: Weakest security. 22 rounds.
Performance Cost of encryption/decryption. Energy considerations. Rockwell WINS node.
Focus Routing security in sensor networks. Problem: Current routing protocols for sensor networks do not consider security. Vulnerable to attacks. Not easy to make these protocols secure.
Contributions Threat models and security goals for sensor network routing. Two new attacks: sinkhole and HELLO floods. Security analysis of routing and topology control algorithms. Attacks against these protocols. Countermeasures and design issues for secure routing in sensor networks.
Deployment and platform Heterogeneous deployment. Mica motes with TinyOS. Base stations. Aggregation points.
Sensor- and ad-hoc networks Traffic considerations: Ad hoc networks exhibit more general patterns. Sensor networks: Many-to-one. One-to-many. Local. Capabilities. Sensor nodes are typically more limited. Trust relationships. E.g., to perform aggregation, duplicate pruning, etc.
Attacks Spoofed, altered, replayed routing information. Selective forwarding. Black/gray hole. Sinkhole. Sybil. Single nodes presents multiple id’s to others. Wormhole. HELLO flood. (Link-layer) ACK spoofing.
Countermeasures Outsider attacks: Insider attacks: Link layer encryption and authentication. Shared keys. Insider attacks: Identity verification. Multipath routing. Bi-directional link verification. Limiting number of neighbors. Sinkhole and wormhole attacks are harder to circumvent. Design routing protocols where these attacks are ineffective. E.g., geographic routing. ???
References CMPE259-Sensor Networks - Katia Obraczka http://www.cs.wayne.edu/~weisong/papers/walters05-wsn-security-survey.pdf www.cs.berkeley.edu/.../SASN03.ppt CMPE259-Sensor Networks - Katia Obraczka Shali Jain et al., Advanced Algorithm for Detection and Prevention of Cooperative Black and Gray Hole Attacks in Mobile Ad Hoc Networks, 2010 International Journal of Computer Applications (0975 – 8887), Volume 1(7). Guoxing Zhan et. Al. TARF:A Trust-Aware Routing Framework for Wireless Sensor Networks