CSE 5392By Dr. Donggang Liu1 CSE 5392 Sensor Network Security Course Introduction

CSE 5392By Dr. Donggang Liu2 About Instructor Dr. Donggang Liu, assistant professor, CSE department – –Tel: (817) –Office: 330NH –Office hours: Tuesday&Thursday 5:00PM-6:00PM

CSE 5392By Dr. Donggang Liu3 About TA TBD Office hours: –TBD

CSE 5392By Dr. Donggang Liu4 Course Objectives Understanding of fundamental concepts, principles, and mechanisms in sensor network security Prepare students for graduate research in sensor network security –Advanced topics: key management, security services, etc –Recently published research papers

CSE 5392By Dr. Donggang Liu5 Course Outcomes Basic –Explain known security problems in sensor networks –Explain how security mechanisms work for sensor networks –Distinguish difference between security problems in sensor networks and those in wired networks. Advanced –Identify and analyze new security problems in sensor networks –Develop mechanisms to solve security problems in sensor networks. –Design simulations to evaluate and analyze the performance of algorithms in sensor networks

CSE 5392By Dr. Donggang Liu6 Course Style By instructor –Sensor network basics –Cryptography and security basics –Sensor network security By students –Read research papers on sensor network security –Write reviews –Give in-class presentations (15~20 minutes)

CSE 5392By Dr. Donggang Liu7 Prerequisites Required –Computer network –Operating system Necessary for great success –Technical writing skills –Hardworking

CSE 5392By Dr. Donggang Liu8 Textbooks and Papers No textbooks Reference books –Handbook of Applied Cryptography by Alfred J. Menezes, Paul C. Van Oorschot, Scott A. Vanstone ( –Cryptography and Network Security: Principles and Practice by William Stallings. –Practical Cryptography by Niels Ferguson, Bruce Schneier Papers and Slides –Links in the course syllabus

CSE 5392By Dr. Donggang Liu9 Projects Group –2~3 students –Working alone must be justified –Roles can be negotiated inside the group Topics –Should be relevant to the class –Each group can come up with one –The instructor can also give topics (check website)

CSE 5392By Dr. Donggang Liu10 Projects (Cont’d) Survey paper Surveys a particular field on sensor network security Summarizes the trend in this field A proposal (due on 6/10) and a final paper (due on 1/12) Research paper Identify original research problems A research paper with original technical contribution A proposal (due on 6/10) and a final paper (due on 1/12) Start thinking about your team and topic NOW

CSE 5392By Dr. Donggang Liu11 On-line resource Course website – –For course materials, e.g., papers, homework, project assignment. –Check frequently for updates

CSE 5392By Dr. Donggang Liu12 Grading Paper review –20% Participation –10% Project –40% Class presentation –30% + 10% extra

CSE 5392By Dr. Donggang Liu13 Course Policies Assignment (paper review) and project deadlines will be firm. Late assignments will be accepted with a 10% reduction in grade for each day they are late by. All assignments must be turned in before the start of class on the due date

CSE 5392By Dr. Donggang Liu14 Academic Integrity The university, college, and department policies against academic dishonesty will be strictly enforced. –

CSE 5392By Dr. Donggang Liu15 Course Topics Cryptography and security basics Sensor network basics Useful security tools –One way hash chain –Merkle hash tree Security in Sensor Networks –Key management –Broadcast authentication –Secure localization –Secure data aggregation –Intrusion detection –Privacy

CSE 5392By Dr. Donggang Liu16 CSE 5392 Sensor Network Security Basic Security Concepts

CSE 5392By Dr. Donggang Liu17 Cryptography and Security Cryptography –Study of fundamental algorithms to protect data –Encryption/decryption, hash, digital signature, etc. Security –Study of protocols to protect a system –Usually build upon cryptographic techniques

CSE 5392By Dr. Donggang Liu18 Security Objectives Secrecy (Confidentiality) Integrity Availability (Denial of Service)

CSE 5392By Dr. Donggang Liu19 Secrecy (Confidentiality) Prevent/detect/deter improper disclosure of information Examples: –An employee should not come to know the salary of his manager –The target coordinates of a missile should not be improperly disclosed

CSE 5392By Dr. Donggang Liu20 Integrity Prevent/detect/deter improper modification of information Examples: –An employee should not be able to modify the employee's own salary –The target coordinates of a missile should not be improperly modified

CSE 5392By Dr. Donggang Liu21 Availability (Denial of Service) Prevent/detect/deter improper denial of access to services provided by the system Examples: –Paychecks should be printed on time as stipulated by law –When the proper command is issued the missile should fire

CSE 5392By Dr. Donggang Liu22 Other Security Objectives Non-repudiation –Prevent an entity from denying the previous commitments or actions Securing computing resources: –Prevent/detect/deter improper use of computing resources Hardware Resources Software resources Data resources Anonymity –Prevent the disclosure of the identify of an entity to others

CSE 5392By Dr. Donggang Liu23 Achieving Security Security policy — What? Security mechanism — How? Security assurance — How well?

CSE 5392By Dr. Donggang Liu24 Security Policy The set of rules that regulate how an organization manages, protects, and distributes sensitive information. Convert organization requirements to security policy that a computer system can understand –Interact with human being –Check and remove conflict rules

CSE 5392By Dr. Donggang Liu25 Security Mechanism Prevention — Access control Detection — Auditing and intrusion detection Tolerance — Practicality Good prevention and detection both require good authentication as a foundation

CSE 5392By Dr. Donggang Liu26 Security Mechanisms Security mechanisms implement functions that help prevent, detect, and respond to security attacks Prevention is more fundamental, but sometimes detection is the only option, e.g., –Accountability inproper use of authorized privileges Security functions are typically made available to users as a set of security services through APIs or integrated interfaces –Security services: confidentiality, authentication, integrity, non-repudiation, access control, monitor & response Cryptography underlies (almost) all security mechanisms

CSE 5392By Dr. Donggang Liu27 Security Assurance How well your security mechanisms guarantee your security policy Everyone wants high assurance High assurance implies high cost –May not be possible Trade-off is needed.