1 Diversifying Sensors to Improve Network Resilience Wenliang (Kevin) Du Electrical Engineering & Computer Science Syracuse University.

Slides:



Advertisements
Similar presentations
Protecting Software Code By Guards - by Hoi Chang and Mikhail J. Atallah “Many software-based mechanisms for protecting program code are too weak[…] or.
Advertisements

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7.3 Secure and Resilient Location Discovery in Wireless.
Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.
Physical Unclonable Functions and Applications
Tamper-Tolerant Software: Modeling and Implementation International Workshop on Security (IWSEC 2009) October 28-30, 2009 – Toyama, Japan Mariusz H. Jakubowski.
An Efficient Scheme for Authenticating Public Keys in Sensor Networks Wenliang (Kevin) Du (Syracuse) Ronghua Wang (Syracuse) Peng Ning (North Carolina.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 20 Slide 1 Critical systems development.
Cryptography and Data Security: Long-Term Challenges Burt Kaliski, RSA Security Northeastern University CCIS Mini Symposium on Information Security November.
Software Hardening & FIPS 140 Eugen Bacic & Gary Maxwell September 27th, 2005.
Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University.
Presented By : Ankita Jaiswal Guided By : Dr. Agrawal sir.
1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.
Roberto Di Pietro, Luigi V. Mancini and Alessandro Mei.
A 100,000 Ways to Fa Al Geist Computer Science and Mathematics Division Oak Ridge National Laboratory July 9, 2002 Fast-OS Workshop Advanced Scientific.
Introduction to Cryptography and Security Mechanisms: Unit 5 Theoretical v Practical Security Dr Keith Martin McCrea
FIT3105 Smart card based authentication and identity management Lecture 4.
A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks Wenliang (Kevin) Du, Jing Deng, Yunghsiang S. Han and Pramod K. Varshney Department.
CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.
Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
Revisting Random Key Pre-distribution Schemes for Wireless Sensor Network By Joengmin Hwang and Yongdae Kim, Computer Science and Engineering, University.
Establishing Pairwise Keys in Distributed Sensor Networks Donggang Liu, Peng Ning Jason Buckingham CSCI 7143: Secure Sensor Networks October 12, 2004.
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.
Computer Science 1 Research on Sensor Network Security Peng Ning Cyber Defense Laboratory Department of Computer Science NC State University 2005 TRES.
Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.
Security Considerations for Wireless Sensor Networks Prabal Dutta (614) Security Considerations for Wireless Sensor Networks.
Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.
KAIS T A lightweight secure protocol for wireless sensor networks 윤주범 ELSEVIER Mar
Revolutionizing the Field of Grey-box Attack Surface Testing with Evolutionary Fuzzing Department of Computer Science & Engineering College of Engineering.
Hardware Support for Trustworthy Systems Ted Huffmire ACACES 2012 Fiuggi, Italy.
Software Obfuscation from Crackers’ viewpoint Y, Hiroki; K, Yuichiro; M Akito, N Masahide; M Ken-ichi Proceedings of the IASTED International Conference.
Abstraction Interpretation Abstract Interpretation is a general theory for approximating the semantics of dynamic systems (Cousot & Cousot 1977) Abstract.
A Novel Cache Architecture with Enhanced Performance and Security Zhenghong Wang and Ruby B. Lee.
Requirements 101 CS3300 Fall 2015.
Aggregation in Sensor Networks
Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.
Distributed Computation in MANets Robot swarm developed by James Rice University.
1 Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University Excerpted from
Ether: Malware Analysis via Hardware Virtualization Extensions Author: Artem Dinaburg, Paul Royal, Monirul Sharif, Wenke Lee Presenter: Yi Yang Presenter:
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 3 Slide 1 Critical Systems 1.
4.2.1 Programming Models Technology drivers – Node count, scale of parallelism within the node – Heterogeneity – Complex memory hierarchies – Failure rates.
Taiming Feng, Chuang wang, Wensheng Zhang and Lu Ruan INFOCOM 2008 Presented by Mary Nader.
Attacking Cryptographic Schemes Based on ‘Perturbation Polynomials’ Martin Albrecht (Royal Holloway), Craig Gentry (IBM), Shai Halevi (IBM), Jonathan Katz.
Protecting Software Code By Guards The George Washington University Cs297 YU-HAO HU.
Mangai Vetrivelan Snigdha Joshi Avani Atre. Sensor Network Vulnerabilities o Unshielded Sensor Network Nodes vulnerable to be compromised. o Attacks on.
Computer Science 1 TinySeRSync: Secure and Resilient Time Synchronization in Wireless Sensor Networks Speaker: Sangwon Hyun Acknowledgement: Slides were.
1 Security for distributed wireless sensor nodes Ingrid Verbauwhede Department of Electrical Engineering University of California Los Angeles
Cybersecurity: Expanding the Front Lines of Defense Dr. George K. Kostopoulos Professor Electrical and Computer Engineering Cybersecurity New York Institute.
The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Authentication Protocols (I): Secure Handshake.
Computer Science in Context Evangelos E. Milios Professor and Graduate Coordinator Faculty of Computer Science Dalhousie University.
Grid Defense Against Malicious Cascading Failure Paulo Shakarian, Hansheng Lei Dept. Electrical Engineering and Computer Science, Network Science Center,
Cryptography Against Physical Attacks Dana Dachman-Soled University of Maryland
Presented by: Dr. Munam Ali Shah
Informal Security Seminar: Key Pre-distribution Scheme for Wireless Sensor Networks Joengmin Hwang Dept. Computer Science Univ. of Minnesota, Twin Cities.
Tamper Resistant Software: An Implementation By David Aucsmith, IAL In Information Hiding Workshop, RJ Anderson (ed), LNCS, 1174, pp , “Integrity.
A Key Management Scheme for Distributed Sensor Networks Laurent Eschaenauer and Virgil D. Gligor.
IT Security CS5493(74293). IT Security Q: Why do you need security? A: To protect assets.
Presentation subtitle: 20pt Arial Regular, green R223 | G255 | B102 Recommended maximum length: 2 lines Confidentiality/date line: 13pt Arial Regular,
Attacking an obfuscated cipher by injecting faults Matthias Jacob Dan Boneh Edward.
Pouya Ostovari and Jie Wu Computer & Information Sciences
Intrusion Tolerance for NEST
Software Usability and Design
Secure Processing On-Chip
Securing Wireless Sensor Networks
Adversarial Evasion-Resilient Hardware Malware Detectors
RHMD: Evasion-Resilient Hardware Malware Detectors
Erica Burch Jesse Forrest
USN Introduction Computer Engineering Sejin Oh.
Hash Function Requirements
Presentation transcript:

1 Diversifying Sensors to Improve Network Resilience Wenliang (Kevin) Du Electrical Engineering & Computer Science Syracuse University

Diversifying Sensors2 Hiding Secrets Secrets are essential for sensor networks Pre-distributed keys Pair-wise keys Private keys Other secrets Fundamental Challenge: hiding secrets is difficult

Diversifying Sensors3 Existing Approaches Physical security is difficult to achieve Hardware approaches are expensive Software approaches Code obfuscation: extensively studied in traditional systems Bad news: adversaries eventually win

Diversifying Sensors4 Rethinking of Software Approaches Observation: fault tolerance of sensor networks Should be able to tolerate a small # of bad sensors Ideal Goals Hiding secrets in sensor nodes Make it difficult to derive secrets from each sensor Make it N times difficult to derive secrets from N sensors

5 Threat Model: Physical Compromise Memory Dumping Static Analysis Dynamic Analysis Reverse Engineering

6 Proposed Approach Data Obfuscation (Secret Hiding) Memory dump: difficult to find secrets Adversaries must understand the program Code Obfuscation Make it difficult to understand one program Code Diversification (Randomization) Make adversary’s effort non-repeatable

7 Data/Code Obfuscation Existing Techniques Code flattening Self-modification code White-box encryption algorithms Various techniques against reverse engineering Challenges Achieving obfuscation with limited Memory Computation can’t be too expensive Tradeoff needs to be made (optimization) Quantify code complexity

8 Diversifying Code Turn the same piece of software into many diversified versions Difference from traditional diversity Diversity for fault tolerance Diversity for attack tolerance (vulnerabilities) Attacks are quite fragile Diversity for code-analysis tolerance Attacks are adaptive and intelligent (human involved)

9 Diversifying Code: Challenges Quantify diversity and manageability Manageability prefers uniformity Diversity destroys uniformity Manageability is application dependent Optimal tradeoff Comparative study: already compromised node and newly-captured node Static matching attacks Dynamic matching attacks

10 Difference from Protecting Intellectual Right Intellectual Right Success = breaking one copy Sensor Networks Success = breaking more than k copies

11 Unique Properties of Sensor Networks Code usually has small size Some applications has static configurations The OS can be obfuscated too Hardware specific code obfuscation

12 Preliminary Results: SASN’06

13 Complexity: Line of Code

14 Cyclomatic Complexity

15 Running Time

16 Summary Diversified code obfuscation is quite unique for sensor networks Require understanding from both engineering and theory perspectives