LAD: Location Anomaly Detection for Wireless Sensor Networks Wenliang (Kevin) Du (Syracuse Univ.) Lei Fang (Syracuse Univ.) Peng Ning (North Carolina State.

Slides:



Advertisements
Similar presentations
Tests of Hypotheses Based on a Single Sample
Advertisements

Chris Karlof and David Wagner
Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,
Secure Location Verification with Hidden and Mobile Base Stations -TMC Apr, 2008 Srdjan Capkun, Kasper Bonne Rasmussen, Mario Cagalj, Mani Srivastava.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7.3 Secure and Resilient Location Discovery in Wireless.
© Tan,Steinbach, Kumar Introduction to Data Mining 4/18/ Other Classification Techniques 1.Nearest Neighbor Classifiers 2.Support Vector Machines.
Fault-Tolerant Target Detection in Sensor Networks Min Ding +, Dechang Chen *, Andrew Thaeler +, and Xiuzhen Cheng + + Department of Computer Science,
An Efficient Scheme for Authenticating Public Keys in Sensor Networks Wenliang (Kevin) Du (Syracuse) Ronghua Wang (Syracuse) Peng Ning (North Carolina.
Robust Range-Independent Localization for Wireless Sensor Networks Radha Poovendran Joint work with Loukas Lazos Network Security Lab University of Washington.
“Location-Aided Routing (LAR) in Mobile Ad Hoc Network” by Young-bae ko Nitin H. Validya presented by Mark Miyashita.
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.
Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University.
Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1
1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.
Assessing and Comparing Classification Algorithms Introduction Resampling and Cross Validation Measuring Error Interval Estimation and Hypothesis Testing.
A Beacon-Less Location Discovery Scheme for Wireless Sensor Networks Lei Fang (Syracuse) Wenliang (Kevin) Du (Syracuse) Peng Ning (North Carolina State)
Model Evaluation Metrics for Performance Evaluation
A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks Wenliang (Kevin) Du, Jing Deng, Yunghsiang S. Han and Pramod K. Varshney Department.
Murat Demirbas Youngwhan Song University at Buffalo, SUNY
A Key Management Scheme for Wireless Sensor Networks Using Deployment Knowledge Presenter: Todd Fielder.
Detecting Wormhole Attacks in Wireless Networks Using Connectivity Information 梁紀翔 王謙志 NETLab.
ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.
Evaluating Hypotheses Chapter 9. Descriptive vs. Inferential Statistics n Descriptive l quantitative descriptions of characteristics.
Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University.
Evaluating Hypotheses Chapter 9 Homework: 1-9. Descriptive vs. Inferential Statistics n Descriptive l quantitative descriptions of characteristics ~
© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 6: Securing neighbor discovery.
Novel Self-Configurable Positioning Technique for Multihop Wireless Networks Authors : Hongyi Wu Chong Wang Nian-Feng Tzeng IEEE/ACM TRANSACTIONS ON NETWORKING,
Probability Grid: A Location Estimation Scheme for Wireless Sensor Networks Presented by cychen Date : 3/7 In Secon (Sensor and Ad Hoc Communications and.
Establishing Pairwise Keys in Distributed Sensor Networks Donggang Liu, Peng Ning Jason Buckingham CSCI 7143: Secure Sensor Networks October 12, 2004.
The Sybil Attack in Sensor Networks: Analysis & Defenses James Newsome, Elaine Shi, Dawn Song, Adrian Perrig Presenter: Yi Xian.
Computer Science Detecting Malicious Beacon Nodes for Secure Location Discovery in Wireless Sensor Networks Presented by Akshay Lal.
Computer Science 1 Research on Sensor Network Security Peng Ning Cyber Defense Laboratory Department of Computer Science NC State University 2005 TRES.
Mitigating DoS Attacks against Broadcast Authentication in Wireless Sensor Networks Peng Ning, An Liu North Carolina State University and Wenliang Du Syracuse.
Speed and Direction Prediction- based localization for Mobile Wireless Sensor Networks Imane BENKHELIFA and Samira MOUSSAOUI Computer Science Department.
Secure Localization Algorithms for Wireless Sensor Networks proposed by A. Boukerche, H. Oliveira, E. Nakamura, and A. Loureiro (2008) Maria Berenice Carrasco.
Comparison of Data-driven Link Estimation Methods in Low-power Wireless Networks Hongwei Zhang Lifeng Sang Anish Arora.
07/21/2005 Senmetrics1 Xin Liu Computer Science Department University of California, Davis Joint work with P. Mohapatra On the Deployment of Wireless Sensor.
2008/2/191 Customizing a Geographical Routing Protocol for Wireless Sensor Networks Proceedings of the th International Conference on Information.
Localization With Mobile Anchor Points in Wireless Sensor Networks
1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from
ICC 2007 Robust Localization in Wireless Sensor Networks through the Revocation of Malicious Anchors International Conference on Communications 2007 Satyajayant.
Hao Yang, Fan Ye, Yuan Yuan, Songwu Lu, William Arbaugh (UCLA, IBM, U. Maryland) MobiHoc 2005 Toward Resilient Security in Wireless Sensor Networks.
Hypothesis Testing Hypothesis Testing Topic 11. Hypothesis Testing Another way of looking at statistical inference in which we want to ask a question.
Salah A. Aly,Moustafa Youssef, Hager S. Darwish,Mahmoud Zidan Distributed Flooding-based Storage Algorithms for Large-Scale Wireless Sensor Networks Communications,
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner (modified by Sarjana Singh)
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
A Two-Layer Key Establishment Scheme for Wireless Sensor Networks Yun Zhou, Student Member, IEEE, Yuguang Fang, Senior Member, IEEE IEEE TRANSACTIONS ON.
GPSR: Greedy Perimeter Stateless Routing for Wireless Networks EECS 600 Advanced Network Research, Spring 2005 Shudong Jin February 14, 2005.
Secure and Energy-Efficient Disjoint Multi-Path Routing for WSNs Presented by Zhongming Zheng.
A Passive Approach to Sensor Network Localization Rahul Biswas and Sebastian Thrun International Conference on Intelligent Robots and Systems 2004 Presented.
Localization and Secure Localization. Learning Objectives Understand why WSNs need localization protocols Understand localization protocols in WSNs Understand.
Secure In-Network Aggregation for Wireless Sensor Networks
Model Evaluation l Metrics for Performance Evaluation –How to evaluate the performance of a model? l Methods for Performance Evaluation –How to obtain.
Adversary models in wireless security Suman Banerjee Department of Computer Sciences Wisconsin Wireless and NetworkinG Systems (WiNGS)
An Energy-Efficient Geographic Routing with Location Errors in Wireless Sensor Networks Julien Champ and Clement Saad I-SPAN 2008, Sydney (The international.
1 An Interleaved Hop-by-Hop Authentication Scheme for Filtering of Injected False Data in Sensor Networks Sencun Zhu, Sanjeev Setia, Sushil Jajodia, Peng.
Hierarchical Trust Management for Wireless Sensor Networks and Its Applications to Trust-Based Routing and Intrusion Detection Wenhai Sun & Ruide Zhang.
A Key Management Scheme for Distributed Sensor Networks Laurent Eschaenauer and Virgil D. Gligor.
A Key Management Scheme for Wireless Sensor Networks Using Deployment Knowledge Wenliang Du et al.
Reliability of Wireless sensors with code attestation for intrusion detection Ing-Ray Chen, Yating Wang, Ding-Chau Wang Information Processing Letters.
Cooperative Location-Sensing for Wireless Networks Charalampos Fretzagias and Maria Papadopouli Department of Computer Science University of North Carolina.
A Secure Routing Protocol with Intrusion Detection for Clustering Wireless Sensor Networks International Forum on Information Technology and Applications.
Mingze Zhang, Mun Choon Chan and A. L. Ananda School of Computing
Presented by Edith Ngai MPhil Term 3 Presentation
Packet Leashes: Defense Against Wormhole Attacks
Location Cloaking for Location Safety Protection of Ad Hoc Networks
Attack-Resistant Location Estimation in Sensor Networks
Securing Wireless Sensor Networks
Maximizing MAC Throughputs by Dynamic RTS-CTS Threshold
Presentation transcript:

LAD: Location Anomaly Detection for Wireless Sensor Networks Wenliang (Kevin) Du (Syracuse Univ.) Lei Fang (Syracuse Univ.) Peng Ning (North Carolina State Univ.) Sponsored by the NSF CyberTrust Program

Location Discovery in WSN Sensor nodes need to find their locations Rescue missions Geographic routing protocols. Constraints No GPS Low cost

Existing Positioning Schemes Beacon Nodes

Attacks Beacon Nodes

Attacks Beacon Nodes

What is Anomaly Localization error: | L estimation – L actual | L e = L estimation L a = L actual Anomaly: |L e – L a | > MTE MTE: Maximum Tolerable Error. D-Anomaly: |L e – L a | > D

The Anomaly Detection Problem Is |L e – L a | > D ? Find another metric A and a threshold T A > T |L e – L a | > D 

False Positive and Negative Ideal Situation: A > T  |L e – L a | > D False Positive (FP): A > T, but |L e – L a | < D False Negative (FN): A D Detection Rate: 1 – (False Negative Rate)

Our Task We assume that the location discovery is already finished. Find a good metric A What metric can help a sensor find out whether it is in a “wrong” location? It should be more robust than the location discovery itself.

A Group-Based Deployment Scheme

Modeling of The Group-Based Deployment Scheme Deployment Points: Their locations are known.

The Observations A B Actual Observation Expected Observation

Modeling of the Deployment Distribution Using pdf function to model the node distribution. Example: two- dimensional Gaussian Distribution.

The Idea A B D C LaLa LeLe

The Problem Formulation Is Z abnormal? Observation a = (a 1, a 2, … a n ) LAD Location Discovery Z

The Problem Formulation Actual Observation a = (a 1, a 2, … a n ) Estimated Location: Z Expected Observation e(Z) = (e 1, e 2, … e n ) Are e(Z) and a consistent?

Various Metrics Diff Metric: A = | e(Z) – a | Probability Metric: A = Pr (a | Z) Others

How to Find the Threshold? Recall: we use A > T to decide |L e – L a | >? D How to obtain T T is obtained for a non-compromised network. One location discovery scheme is used Derivation: preferable but difficult Simulation: e.g., Find T, such that Pr(|L e – L a | > D | A > T) = 99.99%, We use T as the threshold for A. False positive = 1 – 99.99% = 0.01%.

Attacks A B

I am actually from group 5, But I am not telling anybody. Silence AttackRange-Change Attack

Attacks (continued) I am actually from group 5. Impersonation AttackMulti-Impersonation Attack and Wormhole Attack I am from group 9 Group 3 Group 5 Group 6

Arbitrary Attack Attackers can arbitrarily change a sensor’s observation (both increasing and decreasing). There is no hope. Observation: decreasing is more difficult. a = (1, 2, 8, 10) a’ = (10, 9, 3, 1) Arbitrary Change

Dec-Bounded Attack a’ i can be arbitrarily larger than a i (multi- impersonation attacks). But a’ i cannot be arbitrarily smaller than a i. Difficult in preventing non-compromised nodes from broadcasting their membership.  (a i – a’ i ) a’ i a = (1, 2, 8, 10)a’ = (10, 9, 7, 8)Dec-Bounded Change

Dec-Only Attack Prevent impersonation attacks Authentication No wormhole attacks. Attackers cannot move sensors. Attackers cannot enlarge the transmission power. a = (1, 2, 8, 10) a’ = (1, 2, 5, 7)Dec-Only Change

Evaluation via Simulation X nodes are compromised Random pick a node at L a (actual location) with the actual observation a Find a location L e s.t. |L e - L a | = D Compute expected observation u from L e Generate a new observation a ’ from a (attacking) Find L e, s.t. a ’ is as close to u as possible

The ROC Curves Evaluating Intrusion Detection Detection rate False positive We need to look at them both Receive Operating Characteristic (ROC) Y-axis: Detection rate X-axis: False positive ratio

ROC Curves for Different Metrics

ROC Curves for Different Attacks

Detection Rate vs. Degree of Damage False Positive = 0.01

Detection Rate vs. Node Compromise Ratio False Positive = 0.01

Conclusion We have developed an effective anomaly detection scheme for location discovery Future Studies How the deployment knowledge model affect our scheme How the location discovery schemes affect our scheme How to correct the location errors caused by the attacks.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.