Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing Wireless Sensor Networks

Published byΣωφρόνιος Μοσχοβάκης Modified over 6 years ago

Similar presentations

Presentation on theme: "Securing Wireless Sensor Networks"— Presentation transcript:

1 Securing Wireless Sensor Networks
Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University

2 Overview Overview of Wireless Sensor Networks (WSN).
Security in wireless sensor networks. Why is it different? Our work on key pre-distribution in WSN Deployment-based scheme (INFOCOM’04) Pair-wise Scheme (ACM CCS’03) Summary.

3 Wireless Sensors Berkeley Motes

4 Mica Motes Mica Mote: Processor: 4Mhz Memory: 128KB Flash and 4KB RAM Radio: 916Mhz and 40Kbits/second. Transmission range: 100 Feet TinyOS operating System: small, open source and energy efficient.

5 Spec Motes

6 Wireless Sensor Networks (WSN)
Sensors Deploy

7 Applications of WSN Battle ground surveillance
Enemy movement (tanks, soldiers, etc) Environmental monitoring Habitat monitoring Forrest fire monitoring Hospital tracking systems Tracking patients, doctors, drug administrators.

8 Securing WSN Motivation: why security?
Why not use existing security mechanisms? WSN features that affect security. Our work: Two key management schemes.

9 Why Security? Protecting confidentiality, integrity, and availability of the communications and computations Sensor networks are vulnerable to security attacks due to the broadcast nature of transmission Sensor nodes can be physically captured or destroyed

10 Why Security is Different?
Sensor Node Constraints Battery, CPU power, Memory. Networking Constraints and Features Wireless, Ad hoc, Unattended.

11 Sensor Node Constraints
Battery Power Constraints Computational Energy Consumption Crypto algorithms Public key vs. Symmetric key Communications Energy Consumption Exchange of keys, certificates, etc. Per-message additions (padding, signatures, authentication tags)

12 Constraints (Cont.) Public Key Encryption
Slow 1000 times slower than symmetric encryption Hardware is complicated Energy consumption is high Processor Energy Consumption (mJ/Kb) RSA/E/V RSA/D/S AES MIPS R4000 0.81 16.7 MC68328 42 840 0.0130

13 Memory Constraints Program Storage and Working Memory Mica Motes:
Embedded OS, security functions (Flash) Working memory (RAM) Mica Motes: 128KB Flash and 4KB RAM

14 Objectives of Our Research
Long-term Goals Study how WSN’s constraints/features affect the design of security mechanisms. Develop security mechanisms for WSN. Current Projects Key Management Problems Data Fusion Assurance

15 Key Management Problem

16 Key Management Problem
Sensors Deploy

17 Key Management Problem
Sensors Deploy Secure Channels

18 Approaches Trusted-Server Schemes Public-Key Schemes
Finding trusted servers is difficult. Public-Key Schemes Expensive and infeasible for sensors. Key Pre-distribution Schemes

19 Key Pre-distribution Loading Keys into sensor nodes prior to deployment Two nodes find a common key between them after deployment Challenges Memory/Energy efficiency Security: nodes can be compromised Scalability: new nodes might be added later

20 Naïve Solutions Master-Key Approach Pair-wise Key Approach
Memory efficient, but low security. Needs Tamper-Resistant Hardware. Pair-wise Key Approach N-1 keys for each node (e.g. N=10,000). Security is perfect. Need a lot of memory and cannot add new nodes.

21 Eschenauer-Gligor Scheme
Key Pool S Each node randomly selects m keys A B C D E When |S| = 10,000, m=75 Pr (two nodes have a common key) = 0.50

22 Establishing Secure Channels

23 Our Improvement Over Eschenauer-Gligor Scheme
Appeared in IEEE INFOCOM 2004

24 Observations and Objectives
F Property: Pr(A, B) = Pr(A, F) Our objective: Pr(A, B) >> Pr(A, F) Using deployment knowledge

25 Modeling Deployment Knowledge
Deployment points for a group of sensors I A J F

26 Probability Distribution Function of Each Deployment Group

27 Key Pre-distribution Scheme
Key Pools

28 Key Sharing Among Key Pools
Horizontal a B C A b b a D a a F Vertical Diagonal b a b G H I b a

29 Local Connectivity

30 Network Resilience What is the damage when x nodes are compromised?
These x nodes contain keys that are used by the good nodes. What percentage of communications can be affected?

31 Network Resilience

32 Key Pre-distribution Scheme
A Pairwise Key Pre-distribution Scheme Appeared in CCS’03: ACM Conference on Computer and Communications Security

33 Objectives Pairwise key pre-distribution scheme. Our Approach:
Each pair of sensor share a unique secret key Can be used for Authentication Our Approach: We use Blom Scheme to achieve Pairwise We use Random Key Selection scheme to improve performance and resilience

34 Blom Scheme Public matrix G Private matrix D (symmetric). +1 D +1 G
N Let A = (D G)T A G = (D G)T G = GT DT G = GT D G = (A G)T

35 Blom Scheme A = (D G)T G (D G)T G i j Kij i N Kji j N +1 N
X j N +1 N Node i carries: Node j carries:

36 -secure Property i k j Undesirable Situation: if
u*G(i) + v*G(j) = G(k) then u*A(i) + v*A(j) = A(k) G +1 N AT =D G i k j

37 -secure Property ANY +1 columns in G are linear independent.
Different from saying that G has rank +1 Rank: there exist +1 linear independent columns Can tolerate compromise up to  nodes. Once +1 nodes are compromised, the rest can be calculated if these +1 columns are linear independent. How to find such a matrix G?

38 Vandermonde Matrix G = 1 s s2 s3 sN (s2)2 (s3)2 (sN)2 s (s2) (s3)

39 Properties of Blom Scheme
Blom’s Scheme Network size is N Any pair of nodes can directly find a secret key Tolerate compromise up to  nodes Need to store +2 keys Challenge: Can we increase  without increasing the storage usage.

40 Multiple Space Scheme Key-Space Pool  spaces (D1, G)  spaces
Two nodes can find a pairwise key if they carry a common key space! (D, G)

41 How to select  and ? If the memory usage is m, the security threshold (probablistic) m is To improve the security, we need to increase /2. However, such an increase affects the connectivity.

42 Measure Local Connectivity
plocal = the probability that two neighboring nodes can find a common key.

43 Plocal for different  and 

44 Security Analysis Network Resilience:
When x nodes are compromised, how many other secure links are affected?

45 Resilience (p = 0.33, m=200) Blom

46 Resilience (p = 0.50, m =200) Blom

47 Improvement: Using Two-hop Neighbors
= 7  = 2 = 31  = 2

48 Summary Security in WSN is quite different from traditional (Wired) network security. We have proposed two key pre-distribution schemes for WSN. Our schemes substantially improves the performance and network resilience.

Download ppt "Securing Wireless Sensor Networks"

Similar presentations

Chris Karlof and David Wagner

Chris Karlof and David Wagner
Message Integrity in Wireless Senor Networks CSCI 5235 Instructor: Dr. T. Andrew Yang Presented by: Steven Turner Abstract.

Message Integrity in Wireless Senor Networks CSCI 5235 Instructor: Dr. T. Andrew Yang Presented by: Steven Turner Abstract.
Www.Mohammad.Ehdaie.com Introduction to Ad-hoc & Sensor Networks Security In The Name of God ISC Student Branch in KNTU 4 th Workshop Ad-hoc & Sensor Networks.

Introduction to Ad-hoc & Sensor Networks Security In The Name of God ISC Student Branch in KNTU 4 th Workshop Ad-hoc & Sensor Networks.
Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.

Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.
Michael Baswell WSN Security Wireless Ad Hoc Sensor Network Security Michael Baswell For CS591 S2007 5/7/20071.

Michael Baswell WSN Security Wireless Ad Hoc Sensor Network Security Michael Baswell For CS591 S2007 5/7/20071.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
CSE 5392By Dr. Donggang Liu1 CSE 5392 Sensor Network Security Introduction to Sensor Networks.

CSE 5392By Dr. Donggang Liu1 CSE 5392 Sensor Network Security Introduction to Sensor Networks.
An Efficient Scheme for Authenticating Public Keys in Sensor Networks Wenliang (Kevin) Du (Syracuse) Ronghua Wang (Syracuse) Peng Ning (North Carolina.

An Efficient Scheme for Authenticating Public Keys in Sensor Networks Wenliang (Kevin) Du (Syracuse) Ronghua Wang (Syracuse) Peng Ning (North Carolina.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.
Using Auxiliary Sensors for Pair-Wise Key Establishment in WSN Source: Lecture Notes in Computer Science (2010) Authors: Qi Dong and Donggang Liu Presenter:

Using Auxiliary Sensors for Pair-Wise Key Establishment in WSN Source: Lecture Notes in Computer Science (2010) Authors: Qi Dong and Donggang Liu Presenter:
Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University.

Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University.
1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.

1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.
Roberto Di Pietro, Luigi V. Mancini and Alessandro Mei.

Roberto Di Pietro, Luigi V. Mancini and Alessandro Mei.
A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks Wenliang (Kevin) Du, Jing Deng, Yunghsiang S. Han and Pramod K. Varshney Department.

A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks Wenliang (Kevin) Du, Jing Deng, Yunghsiang S. Han and Pramod K. Varshney Department.
Murat Demirbas Youngwhan Song University at Buffalo, SUNY

Murat Demirbas Youngwhan Song University at Buffalo, SUNY
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.

ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.
Security Issues In Sensor Networks By Priya Palanivelu.

Security Issues In Sensor Networks By Priya Palanivelu.
Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.

Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.
T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 1 Wenjun Gu, Xiaole Bai, Sriram Chellappan and Dong Xuan Presented by Wenjun.

T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 1 Wenjun Gu, Xiaole Bai, Sriram Chellappan and Dong Xuan Presented by Wenjun.

Similar presentations

Ads by Google