1 Routing security against Threat models CSCI 5931 Wireless & Sensor Networks CSCI 5931 Wireless & Sensor Networks Darshan Chipade.

Slides:



Advertisements
Similar presentations
Chris Karlof and David Wagner
Advertisements

Authors: Chris Karlof and David Wagner
Security in Wireless Sensor Networks: Key Management Approaches
Jason Li Jeremy Fowers. Background Information Wireless sensor network characteristics General sensor network security mechanisms DoS attacks and defenses.
An Interleaved Hop-by-Hop Authentication Scheme for Filtering of Injected False Data in Sensor Networks Presenter: Dinesh Reddy Gudibandi.
Security in Wireless Sensor Networks Adrian Perrig, John Stankovic, and David Wagner.
EKC Journal Paper Scouting A Presentation for the ResiliNets Group © 2008 Egemen Cetinkaya July 2008 Egemen Çetinkaya Department of Electrical Engineering.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof David Wagner University of Califonia at Berkeley Paper review and.
Authors : Chris Karlof, David Wagner Presenter : Shan Bai Secure Routing in Wireless Sensor Networks : Attacks and Countermeasures.
A Distributed Security Framework for Heterogeneous Wireless Sensor Networks Presented by Drew Wichmann Paper by Himali Saxena, Chunyu Ai, Marco Valero,
Secure Routing in Wireless Sensor Network Soumyajit Manna Kent State University 5/11/2015Kent State University1.
Presented by Guillaume Marceau Using slides from Ivor Rodrigues Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures by Chris Karlof,
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.
Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1
1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.
Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.
SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures by Chris Karlof, David Wagner Presented by William Scott December 01, 2009 Note:
1 Somya Kapoor Jorge Chang Amarnath Kolla. 2 Agenda Introduction and Architecture of WSN –Somya Kapoor Security threats on WSN – Jorge Chang & Amarnath.
INSENS: Intrusion-Tolerant Routing For Wireless Sensor Networks By: Jing Deng, Richard Han, Shivakant Mishra Presented by: Daryl Lonnon.
1 Secure Routing in Wireless Sensor Networks : Attacks and Countermeasures Authors: Chris Karlof and David Wagner Presenter: Ivanka Todorova.
Chris Karlof, David Wagner Presented by Michael Putnam
SECURE ROUTING IN WIRELESS SENSOR NETWORKS
Chris Karlof David Wagner University of Califonia at Berkeley
CS 265 PROJECT Secure Routing in Wireless Sensor Networks : Directed Diffusion a study Ajay Kalambur.
Security Risks for Ad Hoc Networks and how they can be alleviated By: Jones Olaiya Ogunduyilemi Supervisor: Jens Christian Godskesen © Dec
Wireless Sensor Network Security Anuj Nagar CS 590.
Secure Routing in Wireless Sensor Networks. This Paper  One of the first to examine security on sensor networks prior work focused on wired and adhoc.
A Lightweight Hop-by-Hop Authentication Protocol For Ad- Hoc Networks Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date:2005/01/20.
Wireless Sensor Networks Security Lindsey McGrath and Christine Weiss.
LEAP: Efficient Security Mechanisms for Large-Scale Distributed Sensor Networks By: Sencun Zhu, Sanjeev Setia, and Sushil Jajodia Presented By: Daryl Lonnon.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures ProtocolRelevant Attacks TinyOS beaconingBogus routing information, selective forwarding,
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Presented by: Ivor Rodrigues Worcester Polytechnic Institute.
Secure Localization Algorithms for Wireless Sensor Networks proposed by A. Boukerche, H. Oliveira, E. Nakamura, and A. Loureiro (2008) Maria Berenice Carrasco.
Security in Wireless Sensor Networks
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof, David Wagner University of California at Berkeley
Security Protocols In Sensor Networks. Introduction –Security in sensor networks is important to prevent unauthorized users from eavesdropping, obstructing.
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner.
Secure Cell Relay Routing Protocol for Sensor Networks Xiaojiang Du, Fengiing Lin Department of Computer Science North Dakota State University 24th IEEE.
An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.
1 A Location-ID Sensitive Key Establishment Scheme in Static Wireless Sensor Networks Proceedings of the international conference on mobile technology,applications,and.
A survey of Routing Attacks in Mobile Ad Hoc Networks Bounpadith Kannhavong, Hidehisa Nakayama, Yoshiaki Nemoto, Nei Kato, and Abbas Jamalipour Presented.
Computer Science 1 CSC 774 Advanced Network Security Distributed detection of node replication attacks in sensor networks (By Bryan Parno, Adrian Perrig,
Wireless Sensor Networks. By. P. Victer Paul Dear, We planned to share our eBooks and project/seminar contents for free to all needed friends like u..
Thapar University, India, Oct. 4, 2013 Smartening the Environment using Wireless Sensor Networks in a Developing Country Presented By Al-Sakib Khan Pathan,
Chris Karlof and David Wagner University of California at Berkeley
Secure routing in wireless sensor network: attacks and countermeasures Presenter: Haiou Xiang Author: Chris Karlof, David Wagner Appeared at the First.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner (modified by Sarjana Singh)
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures – C. Karlof and D. Wagner Dr. Xiuzhen Cheng Department of Computer Science The.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof David Wagner University of California at Berkeley 1st IEEE International.
Security in Mobile Ad Hoc Networks: Challenges and Solutions (IEEE Wireless Communications 2004) Hao Yang, et al. October 10 th, 2006 Jinkyu Lee.
Shambhu Upadhyaya 1 Ad Hoc Networks – Network Access Control Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 20)
By Mike McNett 20 Oct 2003 Computer Science Department University of Virginia Secure Routing in Sensor Networks: Attacks and Countermeasures (Authors:
KAIS T SIGF : A Family of Configurable, Secure Routing Protocols for WSNs Sep. 20, 2007 Presented by Kim, Chano Brian Blum, Tian He, Sang Son, Jack Stankovic.
Shambhu Upadhyaya 1 Sensor Networks – Hop- by-Hop Authentication Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 22)
Aggregation and Secure Aggregation. Learning Objectives Understand why we need aggregation in WSNs Understand aggregation protocols in WSNs Understand.
1 An Interleaved Hop-by-Hop Authentication Scheme for Filtering of Injected False Data in Sensor Networks Sencun Zhu, Sanjeev Setia, Sushil Jajodia, Peng.
June All Hands Meeting Security in Sensor Networks Tanya Roosta Chris Karlof Professor S. Sastry.
Aggregation and Secure Aggregation. [Aggre_1] Section 12 Why do we need Aggregation? Sensor networks – Event-based Systems Example Query: –What is the.
Trusted Routing in IoT Dr Ivana Tomić In collaboration with:
Path key establishment using multiple secured paths in wireless sensor networks CoNEXT’05 Guanfeng Li  University of Pittsburgh, Pittsburgh, PA Hui Ling.
Wireless Sensor Networks (WSN’s) Security Lecture 13
Aggregation.
Chris Karlof and David Wagner Presenters: Hyowon Lee & Yongbae Bang
An Overview of Security Issues in Sensor Network
Presentation transcript:

1 Routing security against Threat models CSCI 5931 Wireless & Sensor Networks CSCI 5931 Wireless & Sensor Networks Darshan Chipade

2 Introduction Routing security a major issue Routing security a major issue Key contribution Key contribution -Show how they are different from ad hoc networks -Introduce two new classes of attacks Sinkhole attack Hello flood attack -Security analysis of all major routing protocols

3 WSN vs. Ad-Hoc Networks Multi-hop wireless communication Multi-hop wireless communication WSN WSN -Specialized communication patterns -Many-to-one-One-to-many -Local communication - More resource constrained i.e. limited energy - More trust needed for in-network processing, aggregation, duplicate elimination

4 Assumptions Radio links insecure Radio links insecure Malicious node can collude to attack WSN Malicious node can collude to attack WSN Sensor nodes are not tamper resistant Sensor nodes are not tamper resistant Base station are trustworthy Base station are trustworthy Aggregation points may not be trusted Aggregation points may not be trusted

5 Distinction of threat Models Mote class attacker have access to few sensor nodes with similar capabilities Mote class attacker have access to few sensor nodes with similar capabilities Laptop class attacker are powerful devices with greater battery power, more capable CPU, high power transmitter Laptop class attacker are powerful devices with greater battery power, more capable CPU, high power transmitter Attacker types-outside attacker, inside attacker Attacker types-outside attacker, inside attacker

6 Attacks on WSN routing protocol Spoof altered or replayed routing attack Target the routing information exchanged between nodes Target the routing information exchanged between nodes Spoofing, routing altering the routing information, Spoofing, routing altering the routing information, adversaries may create the routing loops, repel, extend or shorten the routing source routes adversaries may create the routing loops, repel, extend or shorten the routing source routes Generate false messages, partition network Generate false messages, partition network

7 Selective forwarding attack Malicious nodes may simply refuse to forward certain messages and simply drop them ensuring that they are not propagated further Malicious nodes may simply refuse to forward certain messages and simply drop them ensuring that they are not propagated further Adversary can also modify these packets and forward these messages Adversary can also modify these packets and forward these messages

8 Sinkhole attack All the packets are directed to base station All the packets are directed to base station A malicious node advertises a high quality link to the base station to attract a lot of packets A malicious node advertises a high quality link to the base station to attract a lot of packets Specialized communication pattern Specialized communication pattern Enable other attacks, e.g., selective forwarding Enable other attacks, e.g., selective forwarding

9 Sybil attack A single node represents multiple ID’s to other nodes A single node represents multiple ID’s to other nodes The attack affects the multiple path routing, topology maintenance The attack affects the multiple path routing, topology maintenance It is believed to affect a significant threat to the geographic routing protocols It is believed to affect a significant threat to the geographic routing protocols More than one place at same time More than one place at same time

10 Wormholes attack Tunneling of messages Tunneling of messages A node at one end of the wormhole advertises high quality link to the base station A node at one end of the wormhole advertises high quality link to the base station Another node at the other end receives the attracted packets Another node at the other end receives the attracted packets

11 Hello Flood attack Many protocols require nodes to broadcast HELLO packets to announce themselves to neighbors Many protocols require nodes to broadcast HELLO packets to announce themselves to neighbors Laptop-class attacker can convince it’s a neighbor of distant nodes by sending high power hello messages Laptop-class attacker can convince it’s a neighbor of distant nodes by sending high power hello messages Acknowledgement attack Adversary spoofs ACKs to convince the sender a weak/dead link supports good link quality Adversary spoofs ACKs to convince the sender a weak/dead link supports good link quality

12 Attacks on specific sensor network protocol Tiny OS beaconing Construct a Breadth First Spanning tree (BFS) rooted at the base station Construct a Breadth First Spanning tree (BFS) rooted at the base station Beacons are not authenticated Beacons are not authenticated Adversary can take over the whole WSN by broadcasting beacons Adversary can take over the whole WSN by broadcasting beacons

13 Directed Diffusion Base station floods interest for named data and setting up gradients designed to draw events Base station floods interest for named data and setting up gradients designed to draw events Suppression- Flow suppression is done by spoofing negative reinforcement Suppression- Flow suppression is done by spoofing negative reinforcement Cloning- Cloning a flow enables eavesdropping Cloning- Cloning a flow enables eavesdropping Path influence- Spoofing the data path as positive and negative path reinforcement Path influence- Spoofing the data path as positive and negative path reinforcement

14 Countermeasures Outsider attacks and link layer security Majority of the attacks against WSN routing protocols can be prevented by link layer encryption using shared key Majority of the attacks against WSN routing protocols can be prevented by link layer encryption using shared key Selective forwarding and sinkhole attacks are not possible as adversary is prevented from joining the topology Selective forwarding and sinkhole attacks are not possible as adversary is prevented from joining the topology Cannot handle insider attack like Wormhole, HELLO flood Cannot handle insider attack like Wormhole, HELLO flood

15 Sybil attack Every nodes shares unique symmetric key with the base station Every nodes shares unique symmetric key with the base station Creates a pair wise shared key for message authentication Creates a pair wise shared key for message authentication Base station limits the number of neighbors for a node Base station limits the number of neighbors for a node Hello Flood attack Verify link bidirectional Verify link bidirectional

16 Wormhole and sink hole attack They use private out of bound channel invisible to the underlying sensor network They use private out of bound channel invisible to the underlying sensor network Good routing protocol required Good routing protocol required Selective forwarding Multi path routing Multi path routing Route messages over disjoint Route messages over disjoint Dynamically pick up next hop from set of candidate Dynamically pick up next hop from set of candidate

17 Limitation of securing multi hop routing Nodes which are one or two hops away from the to base station are more likely to be attacked or compromised Nodes which are one or two hops away from the to base station are more likely to be attacked or compromised Using the cluster nodes which communicate directly to base station is one solution against node compromise Using the cluster nodes which communicate directly to base station is one solution against node compromise Using the virtual base station Using the virtual base station

18 Countermeasures Summary Link layer authentication, encryption, multi path routing, identity verification, bidirectional link verification and authenticated broadcast can protect the sensor network routing protocols Link layer authentication, encryption, multi path routing, identity verification, bidirectional link verification and authenticated broadcast can protect the sensor network routing protocols It is necessary to build such counter measures so that different attacks can be ineffective against them It is necessary to build such counter measures so that different attacks can be ineffective against them

19 Conclusion This paper covers the security issues at network level This paper covers the security issues at network level Securing the routing protocols is most essential Securing the routing protocols is most essential Link layer encryption can be used against the mote class outsiders Link layer encryption can be used against the mote class outsiders

20 THANK YOU!!!!

21 Question It is said that using the good routing protocol we can minimize the wormhole and sinkhole attack i.e. by minimizing the number of hops to the base station. How it can be done? It is said that using the good routing protocol we can minimize the wormhole and sinkhole attack i.e. by minimizing the number of hops to the base station. How it can be done?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.