Presentation is loading. Please wait.

Presentation is loading. Please wait.

Michael Baswell WSN Security Wireless Ad Hoc Sensor Network Security Michael Baswell For CS591 S2007 5/7/20071.

Published byKristofer Adcock Modified over 9 years ago

Similar presentations

Presentation on theme: "Michael Baswell WSN Security Wireless Ad Hoc Sensor Network Security Michael Baswell For CS591 S2007 5/7/20071."— Presentation transcript:

1 Michael Baswell WSN Security Wireless Ad Hoc Sensor Network Security Michael Baswell For CS591 S2007 5/7/20071

2 Michael Baswell WSN Security Introduction Wireless networking is becoming prevalent, and presents unique security concerns Physical access is trivial since the physical layer is a broadcast radio signal Physical access is trivial since the physical layer is a broadcast radio signal Ad Hoc network – no centralized control mechanisms (routers, switches, etc.); Nodes may serve the routing and relay functions. MANET (Mobile Ad Hoc Network) – one emerging example Nodes can be added or removed at any time Nodes can be added or removed at any time Nodes may move to different regions Nodes may move to different regions Nodes may be constrained (PDA, cell phone) Nodes may be constrained (PDA, cell phone) assumption of trust among nodes – dangerous! assumption of trust among nodes – dangerous! 5/7/20072

3 Project Goal Present an overview of existing research in WSN security Look for related research (MANET literature in particular) Offer some insight into potential security mechanisms and implementation constraints & possibilities 5/7/2007 Michael Baswell WSN Security 3

4 Wireless Sensor Networks WSN share a number of key features with MANET Ad hoc nature – WSN must self-configure and reconfigure at intervals Ad hoc nature – WSN must self-configure and reconfigure at intervals More or less random deployment More or less random deployment Motes are constrained in terms of CPU, battery life, storage, etc. Motes are constrained in terms of CPU, battery life, storage, etc. Size of network – potentially 10k or 100k nodes Size of network – potentially 10k or 100k nodes A few key differences Motes usually are stationary Motes usually are stationary A trust relationship can be defined prior to deployment A trust relationship can be defined prior to deployment 5/7/20074

5 Michael Baswell WSN Security WSN Security – Constraints Computational Power is minimal, and draws power Storage is minimal – no HDD, etc. Limited broadcast/reception range, and low bandwidth. Also, the stronger the broadcast signal, the more power it takes Power is limited by the battery life – in short, the more active the mote, the quicker it dies. Crossbow Technologies (www.xbow.com) offers a “Mote Battery Life Calculator” spreadsheet for download, for several research motes Crossbow Technologies (www.xbow.com) offers a “Mote Battery Life Calculator” spreadsheet for download, for several research moteswww.xbow.com 5/7/20075

6 Michael Baswell WSN Security WSN Security – Key Points Security in proportion to sensitivity of data Any security mechanism should address limitations of CPU, energy, and network resilience Any security mechanism WILL require more computation and power, as well as add to latency Two scenarios: WSN with laptops or other high-power computer in direct communication / monitoring range WSN with laptops or other high-power computer in direct communication / monitoring range Ad hoc node-to-node only; all work must be done by motes Ad hoc node-to-node only; all work must be done by motes 5/7/20076

7 Michael Baswell WSN Security Objectives Data Confidentiality – keeping it secret Data Authentication – knowing that the broadcaster is legitimate Data Integrity – broadcast data is sent and received accurately and completely Data Freshness – data is delivered in timely manner (old data may be useless, or a rebroadcast) 5/7/20077

8 Michael Baswell WSN Security Example Threats Insertion of Malicious Code (on a WSN supporting code mobility) Interception of node location broadcasts or other sensitive data Sleep Deprivation Torture attack (almost as bad as the dreaded Semester Project Deadline attack) (almost as bad as the dreaded Semester Project Deadline attack) Protection of data within a captured / compromised node 5/7/20078

9 Michael Baswell WSN Security Security Mechanisms - Encyption Network shared symmetric key is the only practical approach Unique key pairs between nodes impractical Unique key pairs between nodes impractical Could keep a series of keys and change at intervals – longer expected life -> more keys are needed Could keep a series of keys and change at intervals – longer expected life -> more keys are needed Scalable algorithm is preferable due to storage stronger encryption through more iterations (DES/AES as examples), when it is critical stronger encryption through more iterations (DES/AES as examples), when it is critical Fewer iterations when less essential Fewer iterations when less essential Burn power only to the extent that it is necessary Burn power only to the extent that it is necessary 5/7/20079

10 Michael Baswell WSN Security Security Mechanisms - IDS “traditional” IDS not an option no centralized control mechanisms no centralized control mechanisms Limited monitoring due to reception range Limited monitoring due to reception range Critical Node monitor / trigger mechanism MANET literature suggests this approach which might be adaptable to WSN – better results in low-mobility, densely populated networks. That describes WSN! MANET literature suggests this approach which might be adaptable to WSN – better results in low-mobility, densely populated networks. That describes WSN! Identify and monitor only critical nodes – they’re worth protecting! Identify and monitor only critical nodes – they’re worth protecting! Watchdog type IDS uses 60-70% CPU, 450k storage initially Watchdog type IDS uses 60-70% CPU, 450k storage initially Trigger / critical event approach results in less than 1% utilization, 125kb storage initially Trigger / critical event approach results in less than 1% utilization, 125kb storage initially 5/7/200710

11 Michael Baswell WSN Security Conclusions WSN security is severely limited by WSN constraints of power, CPU, etc. These constraints are not going away WSN do better when many nodes are deployed WSN do better when many nodes are deployed nodes will get cheaper, not more powerful, so that more can be deployed nodes will get cheaper, not more powerful, so that more can be deployed MANET research lends some insight into resource-friendly mechanisms Encryption – shared symmetric key; predefined trust relationship set up prior to deployment Encryption – shared symmetric key; predefined trust relationship set up prior to deployment IDS – critical nodes, triggers / critical events IDS – critical nodes, triggers / critical events 5/7/200711

12 Michael Baswell WSN Security References Lindsey McGrath and Christine Weiss, “Wireless Sensor Networks Security.” UCCS Presentation / Semester Project, cCS591, 2005. Slijeocevic, Potkonjac, Tsiatsis, Zimbeck, and Srivastrava, “On Communication Security in Wireless Ad-Hoc Sensor Networks.” UCLA, 2002 Karygiannis, Antonakakis, and Apostolopoulos, “Detecting Critical Nodes for MANET Intrusion Detection Systems.” 2006, National Institute of Standards and Technology (NIST). http://csrc.nist.gov/manet/Critical-Nodes- MANET.pdf http://csrc.nist.gov/manet/Critical-Nodes- MANET.pdfhttp://csrc.nist.gov/manet/Critical-Nodes- MANET.pdf Karygiannis and Antonakakis, “mLab: a Mobile Ad Hoc Network Test Bed.” 2005, National Institute of Standards and Technology. http://csrc.nist.gov/manet/SecPerU2005-Karygiannis-Antonakakis.pdf http://csrc.nist.gov/manet/SecPerU2005-Karygiannis-Antonakakis.pdf Ioannis G. Askoxylakis, Diomedes D. Kastanis and Apostolos P. Traganitis, “Secure Wireless Ad Hoc Networking.” ERCIM News No. 63, October 2005. http://www.ercim.org/publication/Ercim_News/enw63/askoxylakis.html http://www.ercim.org/publication/Ercim_News/enw63/askoxylakis.html 5/7/200712

Download ppt "Michael Baswell WSN Security Wireless Ad Hoc Sensor Network Security Michael Baswell For CS591 S2007 5/7/20071."

Similar presentations

Chris Karlof and David Wagner

Chris Karlof and David Wagner
Trust relationships in sensor networks Ruben Torres October 2004.

Trust relationships in sensor networks Ruben Torres October 2004.
Decentralized Reactive Clustering in Sensor Networks Yingyue Xu April 26, 2015.

Decentralized Reactive Clustering in Sensor Networks Yingyue Xu April 26, 2015.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Presenter : Stuart Stent Lecturer : Robert Dale Supervisor: Rajan Shankaran.

Presenter : Stuart Stent Lecturer : Robert Dale Supervisor: Rajan Shankaran.
A Mobile Ad hoc Biosensor Network Muzammil KP S7,ECE Govt. Engg. College, Wayanad.

A Mobile Ad hoc Biosensor Network Muzammil KP S7,ECE Govt. Engg. College, Wayanad.
Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.

Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.
Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University.

Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University.
1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.

1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.
Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.

Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.
1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.

1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.
Jorge Hortelano, Juan Carlos Ruiz, Pietro Manzoni

Jorge Hortelano, Juan Carlos Ruiz, Pietro Manzoni
Lightweight Key Establishment and Management Protocol (KEMP) in Dynamic Sensor Networks draft-qiu-6lowpan-secure-router-01 Ying QIU, Jianying ZHOU, Feng.

Lightweight Key Establishment and Management Protocol (KEMP) in Dynamic Sensor Networks draft-qiu-6lowpan-secure-router-01 Ying QIU, Jianying ZHOU, Feng.
CS 239: Advanced Security Spring 04 Security in Pervasive and Ubiquitous Environments Sam Irvine

CS 239: Advanced Security Spring 04 Security in Pervasive and Ubiquitous Environments Sam Irvine
ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.

ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Key Distribution in Sensor Networks (work in progress report) Adrian Perrig UC Berkeley.

Key Distribution in Sensor Networks (work in progress report) Adrian Perrig UC Berkeley.
Security Risks for Ad Hoc Networks and how they can be alleviated By: Jones Olaiya Ogunduyilemi Supervisor: Jens Christian Godskesen © Dec. 2006.

Security Risks for Ad Hoc Networks and how they can be alleviated By: Jones Olaiya Ogunduyilemi Supervisor: Jens Christian Godskesen © Dec
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Similar presentations

Ads by Google