Download presentation
Presentation is loading. Please wait.
Published byRuth Sherman Modified over 9 years ago
1
Distributed Detection Of Node Replication Attacks In Sensor Networks Presenter: Kirtesh Patil Acknowledgement: Slides on Paper originally provided by Bryan Parno, Adrian Perrig and Virgil Gligor By Bryan Parno, Adrian Perrig and Virgil Gligor
2
Sensor Networks Wireless sensor networks contain thousands of nodes Each node has limited processing, storage capacity and power Low Cost Easy to deploy – No Tamper proof
3
Replication Attack Capture one node – pressure, voltage and temperature sensing not built-in to detect intrusion – Read memory Replicate nodes – same IDs – Affects data aggregation protocols – Replicated nodes can be used to kick legitimate nodes out (node-revocation protocol)
4
Outline Introduction Problem Statement and Previous Work Solution Evaluation Discussion IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion
5
Assumptions Adversary can’t deploy nodes with arbitrary ID – paper assumes n/w implements required safeguards Adversary has limited node capturing capability Cloned node has at least one legitimate node in neighborhood (Can be eliminated) All node know their geographical location and node are primarily stationary IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion
6
Objectives Detect node replication with high probability Secure against adaptive adversary – Unpredictable to adversary – No central point of failure Minimize communication overhead IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion
7
Previous Approaches Centralized scheme – Each node sends location to central base station – Central base station examines list for conflicts – Revocation: flood network with authenticated revocation message – Disadvantages: Vulnerable to single point failure – Compromise base station – Interfere with its communication Node surrounding base station – undue routing of traffic Revocation can be delayed – Advantages: 100% detection IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion
8
Previous Approaches (Contd.) Local Detection Scheme – Neighbor try to detect replicated nodes – Fails to detect distributed node replicated in disjoint neighborhood IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion
9
Emergent Properties They are properties that only emerge through collective action of multiple nodes Advantages: – No Central Point of Failure – Attractive approach to thwart unpredictable and adaptive adversary IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion
10
Simple Approach Node-To-Network Broadcast – Each node broadcast location information – 100% detection – Assumption: Broadcast reaches all nodes Attacker can easily jam or interfere with communication IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion
11
Simple Approach (Contd.) Deterministic Multicast – Node sends location to neighbors – Neighbors choose witness and forward location to them – Problem: Predictable – attacker can jam all messages to witnesses Witnesses become target to subversion IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion
12
Approach Overview STEP1: Announce location – Sign and broadcast location to neighbors STEP 2: Detect Replicas – Use Emergent properties – Ensure at least one witness receives two conflicting locations STEP 3: Revoke replicas – Flood network with conflicting location claims (signed) IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion
13
Randomized Multicast Protocol STEP 2 Witness chosen randomly Each neighbor chooses witnesses So n neighbor send location to witnesses By Birthday Paradox – if there are clones then location conflict will occur. Probability of detection IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion
14
Line Selected Multicast Use routing topology of network to select witnesses All the intermediate nodes between neighbor and witness check for conflict Geometric probability says replicated nodes will be detected IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion
15
Line Selected Multicast Detection IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion
16
Line Selected Multicast Detection IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion Y
17
Line Selected Multicast Detection IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion Y With five line segments per point : 95%
18
Theoretical Communication Overhead Detection SchemeAverage # of Messages / Nodes Centralized Detection Randomized Multicast Line Selected Multicast IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion
19
Communication Overhead IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion
20
Topologies IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion
21
Probability of Detection in Irregular Topologies IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion
22
Timing Issue And Masked-Replication How often to perform detection 1.Every T unit of time – node forgets previous claims 2.Time slots Time slots based on ID Witness remember claims during time slot Adversary captures neighbors – Solution: pseudo-neighbors – neighbors ask for location claim IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion
23
Conclusion And Future Work Use of emergent properties to tackle node replication – High probability of detection – Resilient to adaptive adversary – Minimum communication overhead Scheme assumes captured nodes follow protocol – Implicit sampling to detect nodes that suppress or drop messages IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion
24
Comments and Questions? IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.