Computer Science 1 Research on Sensor Network Security Peng Ning Cyber Defense Laboratory Department of Computer Science NC State University 2005 TRES.

Slides:



Advertisements
Similar presentations
Chris Karlof and David Wagner
Advertisements

Message Integrity in Wireless Senor Networks CSCI 5235 Instructor: Dr. T. Andrew Yang Presented by: Steven Turner Abstract.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7.3 Secure and Resilient Location Discovery in Wireless.
Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.
Presented By: Hathal ALwageed 1.  R. Anderson, H. Chan and A. Perrig. Key Infection: Smart Trust for Smart Dust. In IEEE International Conference on.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Introduction to Wireless Sensor Networks
An Efficient Scheme for Authenticating Public Keys in Sensor Networks Wenliang (Kevin) Du (Syracuse) Ronghua Wang (Syracuse) Peng Ning (North Carolina.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.
Using Auxiliary Sensors for Pair-Wise Key Establishment in WSN Source: Lecture Notes in Computer Science (2010) Authors: Qi Dong and Donggang Liu Presenter:
Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University.
Presented By : Ankita Jaiswal Guided By : Dr. Agrawal sir.
Computer Science 1 Efficient Self-healing Group Key Distribution With Revocation Capability Archana Rajagopal CSC 774 Presentation Based on Original Slides.
1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.
A Beacon-Less Location Discovery Scheme for Wireless Sensor Networks Lei Fang (Syracuse) Wenliang (Kevin) Du (Syracuse) Peng Ning (North Carolina State)
A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks Wenliang (Kevin) Du, Jing Deng, Yunghsiang S. Han and Pramod K. Varshney Department.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
A Key Management Scheme for Wireless Sensor Networks Using Deployment Knowledge Presenter: Todd Fielder.
ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.
Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.
T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 1 Wenjun Gu, Xiaole Bai, Sriram Chellappan and Dong Xuan Presented by Wenjun.
Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University.
Security In Wireless Sensor Networks by Adrian Perrig, John Stankovic, and David Wagner.
1 Security and Privacy in Sensor Networks: Research Challenges Radha Poovendran University of Washington
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
LAD: Location Anomaly Detection for Wireless Sensor Networks Wenliang (Kevin) Du (Syracuse Univ.) Lei Fang (Syracuse Univ.) Peng Ning (North Carolina State.
Revisting Random Key Pre-distribution Schemes for Wireless Sensor Network By Joengmin Hwang and Yongdae Kim, Computer Science and Engineering, University.
ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.
Establishing Pairwise Keys in Distributed Sensor Networks Donggang Liu, Peng Ning Jason Buckingham CSCI 7143: Secure Sensor Networks October 12, 2004.
The Sybil Attack in Sensor Networks: Analysis & Defenses James Newsome, Elaine Shi, Dawn Song, Adrian Perrig Presenter: Yi Xian.
Security Considerations for Wireless Sensor Networks Prabal Dutta (614) Security Considerations for Wireless Sensor Networks.
S ecurity I N W IRELESS S ENSOR N ETWORKS Prepared by: Ahmed ezz-eldin.
Security in Wireless Sensor Networks. Wireless Sensor Networks  Wireless networks consisting of a large number motes  self-organizing  highly integrated.
A scalable key pre-distribution mechanism for large-scale wireless sensor networks Author: A. N. Shen, S. Guo, H. Y. Chien and M. Y. Guo Source: Concurrency.
Leveraging Channel Diversity for Key Establishment in Wireless Sensor Networks Matthew J. Miller Nitin H. Vaidya University of Illinois at Urbana-Champaign.
Aggregation in Sensor Networks
Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.
KAIS T Decentralized key generation scheme for cellular-based heterogeneous wireless ad hoc networks 임 형 인 Ananya Gupta, Anindo Mukherjee, Bin.
GZ06 : Mobile and Adaptive Systems A Secure On-Demand Routing Protocol for Ad Hoc Networks Allan HUNT Wandao PUNYAPORN Yong CHENG Tingting OUYANG.
1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from
A Design for Secure and Survivable Wireless Sensor Networks Yi Qian, Kejie Lu, David Tipper Presented by: William Newton University of Maryland, Baltimore.
A Routing-Driven Elliptic Curve Cryptography Based Key Management Scheme for Heterogeneous Sensor Networks Author: Xiaojiang Du, Guizani M., Yang Xiao.
Providing Transparent Security Services to Sensor Networks Hamed Soroush, Mastooreh Salajegheh and Tassos Dimitriou IEEE ICC 2007 Reporter :呂天龍 1.
Hao Yang, Fan Ye, Yuan Yuan, Songwu Lu, William Arbaugh (UCLA, IBM, U. Maryland) MobiHoc 2005 Toward Resilient Security in Wireless Sensor Networks.
Group Rekeying for Filtering False Data in Sensor Networks: A Predistribution and Local Collaboration-Based Approach Wensheng Zhang and Guohong Cao.
Securing Distributed Sensor Networks Udayan Kumar Subhajit Sengupta Sharad Sonapeer.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner (modified by Sarjana Singh)
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
A Highly Scalable Key Pre- Distribution Scheme for Wireless Sensor Networks.
A Two-Layer Key Establishment Scheme for Wireless Sensor Networks Yun Zhou, Student Member, IEEE, Yuguang Fang, Senior Member, IEEE IEEE TRANSACTIONS ON.
Computer Science CSC 774 Adv. Net. Security1 Presenter: Tong Zhou 11/21/2015 Practical Broadcast Authentication in Sensor Networks.
Computer Science 1 TinySeRSync: Secure and Resilient Time Synchronization in Wireless Sensor Networks Speaker: Sangwon Hyun Acknowledgement: Slides were.
Applied cryptography Project 2. 2CSE539 Applied Cryptography A demo Chat server registration Please enter a login name : > Alice Please enter the.
Efficient Distribution of Key Chain Commitments for Broadcast Authentication in Distributed Sensor Networks Donggang Liu and Peng Ning Department of Computer.
Author: Hangyang Dai and Hongbing Xu
Shambhu Upadhyaya 1 Sensor Networks – Hop- by-Hop Authentication Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 22)
CSCI Research Topics in Computer Science (Fall 2007) A Key-Management Scheme for Distributed Sensor Networks Deepesh Jain Wireless and Sensor Networks.
A secure and scalable rekeying mechanism for hierarchical wireless sensor networks Authors: Song Guo, A-Ni Shen, and Minyi Guo Source: IEICE Transactions.
Key Pre-distribution Approach in Wireless Sensor Networks Using LU Matrix Authors: Hangyang Dai and Hongbing Xu Source: IEEE Sensor Journal, vol.10, no.8,
1 An Interleaved Hop-by-Hop Authentication Scheme for Filtering of Injected False Data in Sensor Networks Sencun Zhu, Sanjeev Setia, Sushil Jajodia, Peng.
June All Hands Meeting Security in Sensor Networks Tanya Roosta Chris Karlof Professor S. Sastry.
A Key Management Scheme for Distributed Sensor Networks Laurent Eschaenauer and Virgil D. Gligor.
A Key Management Scheme for Wireless Sensor Networks Using Deployment Knowledge Wenliang Du et al.
Efficient Pairwise Key Establishment Scheme Based on Random Pre-Distribution Keys in Wireless Sensor Networks Source: Lecture Notes in Computer Science,
1 Self-Certified Group Key-Generation for Ad Hoc Clusters in Wireless Sensor Networks Ortal Arazi, Hairong Qi Dept. Electrical & Computer Engineering The.
A Secure Routing Protocol with Intrusion Detection for Clustering Wireless Sensor Networks International Forum on Information Technology and Applications.
A Key Pre-Distribution Scheme Using Deployment Knowledge for Wireless Sensor Networks Zhen Yu & Yong Guan Department of Electrical and Computer Engineering.
Key Management Techniques in Wireless Sensor Networks
Securing Wireless Sensor Networks
Path key establishment using multiple secured paths in wireless sensor networks CoNEXT’05 Guanfeng Li  University of Pittsburgh, Pittsburgh, PA Hui Ling.
Presentation transcript:

Computer Science 1 Research on Sensor Network Security Peng Ning Cyber Defense Laboratory Department of Computer Science NC State University 2005 TRES meeting

Computer Science 2 Outline Background Challenges Our research strategy Investigated problems –Key management –Broadcast authentication –Secure location discovery –Secure clock synchronization Possible collaboration

Computer Science 3 Background on Sensor Networks A sensor network consists of a large number of sensor nodes –Low cost –Resource constrained –Wireless communication Sensor networks are ideal candidates for –Critical infrastructure protection –Environment monitoring –Military operations –…–…

Computer Science 4 Challenges in Sensor Network Security Resource constraints –Limited storage, computation, and communication Expensive mechanisms such as public key cryptography is not practical –Depletable resources (e.g. battery power) Resource consumption attacks Threat of node compromises –Sensor nodes are usually deployed in an unattended fashion –Subject to node captures

Computer Science 5 Challenges (Cont’d) Local computation/communication v.s. global threat –Sensor network applications often depend on local computation and communication due to resource constraints –A determined attacker may Attack any node in a network, and Use information gathered from compromised nodes to attack non-compromised ones

Computer Science 6 Research Strategy Cryptographic services –Broadcast authentication –Key management Security mechanisms for fundamental services –Clock synchronization –Secure location discovery –Secure aggregation and in-network processing –Cluster formation/cluster head election

Computer Science 7 Research Strategy (Cont’d) Securing sensor network applications –Surveillance –Tracking of moving targets –…–… Other desirable security services –Example: Intrusion detection A desirable component Require different solutions than traditional techniques

Computer Science 8 Investigated Research Problems Pairwise key establishment Broadcast authentication Secure location discovery Secure clock synchronization Supported by NSF Cyber Trust and CAREER

Computer Science 9 Pairwise Key Establishment Problem: How to establish pairwise keys between nodes that may communicate with each other? –Between arbitrary pairs of nodes –Between neighbor nodes Challenges –Resource constraints (limited computation, storage, communication capabilities) –Threat of compromised nodes Our solutions –Polynomial-pool based key pre-distribution (TinyKeyMan) –Location-based key pre-distribution –Group-based key pre-distribution

Computer Science 10 The Polynomial-Based Scheme Blundo et al. CRYPTO’92 Pre-distribution: –A t-degree f(x,y) over finite field F q : f(x,y)=f(y,x) –Each node i gets assigned a polynomial share f(i,x) f(i,x) f(j,x) Node i Node j f(i,j) f(j,i) =

Computer Science 11 Properties and Limitations Properties –Threshold property: unconditionally secure for up to t compromised nodes even they collude together –Storage: (t +1)log q bits –Computation: t modular multiplications and t modular additions –No communication overhead Limitations –Insecure when more than t sensor nodes are compromised –An invitation for node compromise attacks

Computer Science 12 Polynomial Pool Based Key Pre-Distribution The main idea –Use multiple polynomials (polynomial pool) Three phases: –Pre-Distribution: pre-distribute secrets –Direct key establishment: setup direct keys –Path key establishment: setup indirect keys

Computer Science 13 Phase 1: Pre-Distribution f 1 (x,y), f 2 (x,y), …, f n (x,y) Random polynomial pool F A subset: {f j (i, y), …, f k (i, y)} RandomPredetermination i The key issue: Subset Assignment

Computer Science 14 Phase 2: Direct Key Establishment The key issue: Share Discovery j i {f 1 (i,y), f 3 (i,y), f 9 (i,y)}{f 2 (j,y), f 3 (j,y), f 8 (j,y)} 1,3,9 2,3,8 1. Real-time Discovery j  {2,3,8} 2. Predetermination

Computer Science 15 Phase 3: Path Key Establishment The key issue: Path Discovery j i {1,3,9} {2,4,8} 1. Real-time Discovery 2. Predetermination {1,5,6} {2,7,10} {1,2,7} j  {k}

Computer Science 16 One Simple Instance: Random Subset Assignment Scheme Phase 1: Subset assignment –Random f 1 (x,y), f 2 (x,y), …, f n (x,y) Random polynomial pool F A random subset: {f j (i, y), …, f k (i, y)} i

Computer Science 17 Random Subset Assignment (Cont’d) Phase 2: Polynomial share discovery –Real-time discovery i f j, …, f k Broadcast IDs in clear text. j Broadcast a list of challenges. i , E kv (  ), v = 1, …, m. j

Computer Science 18 Random Subset Assignment (Cont’d) Phase 3: Path discovery –Node i contacts nodes with which it shares a key; any node that also shares a key with j replies. i j k

Computer Science 19 Resilience against Compromised Sensors Comparison with basic probability and q-composite schemes –Probability to establish direct keys p = 0.33 –Each sensor has storage equivalent to 200 keys

Computer Science 20 More Schemes Random key pre-distribution –Grid-based pairwise key pre-distribution –Hybercube-based pairwise key pre-distribution Location-based key pre-distribution –Pre-deployment knowledge sensors’ expected locations –Post-deployment knowledge Group-based key pre-distribution Related publications –ACM CCS 03, ACM SASN 03, ACM TISSEC 05, ACM TOSN (under revision)

Computer Science 21 Implementation: TinyKeyMan Observations –Node IDs are chosen from a field much smaller than keys Field for cryptographic keys: F q Field for node IDs: F q’ –Special fields: q’= , q’ = No division operation is needed for modular multiplications l bits each f 1 (i,y)f 2 (i,y)f r (i,y) node ID j Key: n bits Polynomials over F q’ Same storage as 1 polynomial over F q

Computer Science 22 Computational Cost

Computer Science 23 Memory Requirements SchemeROM(bytes)RAM(bytes) q' = q' = Random subset assignment 2, Grid-based scheme 1,16067

Computer Science 24 Broadcast Authentication Problem: How to broadcast authenticated messages in large sensor networks –Previous solution  TESLA isn’t scalable Our solutions –Multi-level  TESLA (NDSS 03, ACM TECS 04) –Merkle tree based  TESLA (under review) Also address revocation of broadcasting nodes

Computer Science 25 Secure Location Discovery Problem: How can sensors securely determine their locations even if there are malicious external or insider attacks Our solutions –Detect localization anomalies using deployment knowledge (IPDPS 05) –Beaconless location discovery (Infocom 05) –Tolerate malicious location references (under review) –Detect malicious beacon nodes (under review)

Computer Science 26 Secure Clock Synchronization Problem: How to distribute a common clock throughout sensor networks Our solutions –Resilient clock distribution (under review) –Multi-path-based resilient clock distribution (under review) –Cluster-wise fault tolerant clock synchronization (under revision)

Computer Science 27 Possible Collaboration My interests –Long-term Anything about information security –Short-term Sensor and ad-hoc network security Intrusion detection Software security

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.