Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003."— Presentation transcript:

1 Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003 Chris Karlof and David Wagner University of California at Berkeley

2 Security in sensor networks Security is critical Military apps Building monitoring Burglar alarms Emergency response Yet security is hard Wireless links are inherently insecure Resource constraints Lossy, low bandwidth communication Lack of physical security

3 Our contributions Threat models and security goals New attacks against sensor network routing protocols Detailed security analysis of 15 routing protocols Countermeasure suggestions

4 Base stations and sensor nodes Low overhead protocols Specialized traffic patterns In-network processing These differences necessitate new secure routing protocols Routing in sensor networks base station sensor node

5 Secure routing goals and threat models Security goals: Confidentiality: messages are secret Integrity: messages are not tampered with Availability In-network processing makes end-to-end security hard Link layer security still possible Need to consider compromised nodes (insiders) and resourceful attackers

6 Attacks

7 TinyOS Beaconing

8 Attack: Bogus routing information Bogus routing information can cause havoc Example: spoof routing beacons and claim to be base station Lessons: Authenticate routing info Trust but verify

9 Attack: HELLO floods Assumption: the sender of a received packet is within normal radio range False! A powerful transmitter could reach the entire network Can be launched by insiders and outsiders Lesson: Verify the bidirectionality of links

10 Attack: Wormholes Tunnel packets received in one part of the network and replay them in a different part Can be launched by insiders and outsiders Lesson: Avoid routing race conditions

11 Attack: Sybil attack An adversary may present multiple identities to other nodes Lesson: Verify identities A B

12 Protocols analyzed ProtocolRelevant attacks TinyOS beaconingBogus routing information, selective forwarding, sinkholes, Sybil, wormholes, HELLO floods Directed diffusion and multipath variant Bogus routing information, selective forwarding, sinkholes, Sybil, wormholes, HELLO floods Geographic routing (GPSR,GEAR) Bogus routing information, selective forwarding, Sybil Minimum cost forwardingBogus routing information, selective forwarding, sinkholes, wormholes, HELLO floods Clustering based protocols (LEACH,TEEN,PEGASIS) Selective forwarding, HELLO floods Rumor routingBogus routing information, selective forwarding, sinkholes, Sybil, wormholes Energy conserving topology maintenance Bogus routing information, Sybil, HELLO floods All insecure

13 Countermeasures We have countermeasure suggestions and design considerations See paper for details

14 Conclusions End-to-end security is limited in sensor networks Link layer security is important It is not enough Design time security

15 Questions?

16 Extra Slides

17 Countermeasures Access control with link layer crypto Globally shared key  outsiders Per link keys  insiders Authenticated broadcast and flooding Verify neighbors’ identities Prevents Sybil attack Verify bidirectionality of links Prevents HELLO floods Multipath and probabilistic routing Limits effects of selective forwarding

18 Countermeasures (cont.) Wormholes are difficult to defend against Can be launched by insiders and outsiders Defenses exist for outsiders, but are not cheap Best solution  avoid routing race conditions Geographic routing protocols hold promise Nodes near base stations are attractive to compromise Overlays

19 Why is this a problem? Wireless security has been spotty WEP/802.11b GSM Secure routing mechanisms for ad-hoc wireless networks are not necessarily applicable Too much functionality  any-to-any routing Not enough functionality  sensor nets are often app. specific Too much overhead  public key cryptography

20 Wormhole attacks A wormhole is created when an adversary tunnels packets received in one part of the network and replays them in a different part. Exploits routing race conditions Enables other attacks Can be launched by insiders and outsiders

21

22

23

24

Download ppt "Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003."

Similar presentations

Chris Karlof and David Wagner

Chris Karlof and David Wagner
Authors: Chris Karlof and David Wagner

Authors: Chris Karlof and David Wagner
Security in Wireless Sensor Networks: Key Management Approaches

Security in Wireless Sensor Networks: Key Management Approaches
Jason Li Jeremy Fowers. Background Information Wireless sensor network characteristics General sensor network security mechanisms DoS attacks and defenses.

Jason Li Jeremy Fowers. Background Information Wireless sensor network characteristics General sensor network security mechanisms DoS attacks and defenses.
Presented By: Hathal ALwageed 1.  R. Anderson, H. Chan and A. Perrig. Key Infection: Smart Trust for Smart Dust. In IEEE International Conference on.

Presented By: Hathal ALwageed 1.  R. Anderson, H. Chan and A. Perrig. Key Infection: Smart Trust for Smart Dust. In IEEE International Conference on.
Security in Wireless Sensor Networks Adrian Perrig, John Stankovic, and David Wagner.

Security in Wireless Sensor Networks Adrian Perrig, John Stankovic, and David Wagner.
EKC Journal Paper Scouting A Presentation for the ResiliNets Group © 2008 Egemen Cetinkaya July 2008 Egemen Çetinkaya Department of Electrical Engineering.

EKC Journal Paper Scouting A Presentation for the ResiliNets Group © 2008 Egemen Cetinkaya July 2008 Egemen Çetinkaya Department of Electrical Engineering.
Distributed Detection of Node Replication Attacks in Sensor Networks Bryan Parno, Adrian Perrig Virgil Gligor Carnegie Mellon UniversityUniversity of Maryland.

Distributed Detection of Node Replication Attacks in Sensor Networks Bryan Parno, Adrian Perrig Virgil Gligor Carnegie Mellon UniversityUniversity of Maryland.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof David Wagner University of Califonia at Berkeley Paper review and.

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof David Wagner University of Califonia at Berkeley Paper review and.
Authors : Chris Karlof, David Wagner Presenter : Shan Bai Secure Routing in Wireless Sensor Networks : Attacks and Countermeasures.

Authors : Chris Karlof, David Wagner Presenter : Shan Bai Secure Routing in Wireless Sensor Networks : Attacks and Countermeasures.
A Distributed Security Framework for Heterogeneous Wireless Sensor Networks Presented by Drew Wichmann Paper by Himali Saxena, Chunyu Ai, Marco Valero,

A Distributed Security Framework for Heterogeneous Wireless Sensor Networks Presented by Drew Wichmann Paper by Himali Saxena, Chunyu Ai, Marco Valero,
Secure Routing in Wireless Sensor Network Soumyajit Manna Kent State University 5/11/2015Kent State University1.

Secure Routing in Wireless Sensor Network Soumyajit Manna Kent State University 5/11/2015Kent State University1.
Presented by Guillaume Marceau Using slides from Ivor Rodrigues Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures by Chris Karlof,

Presented by Guillaume Marceau Using slides from Ivor Rodrigues Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures by Chris Karlof,
Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.

Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.
Design of Secure and Energy- Efficient Wireless Ad-Hoc Sensor Networks Mukesh Singhal Laboratory For Advanced Networking Department of Computer Science.

Design of Secure and Energy- Efficient Wireless Ad-Hoc Sensor Networks Mukesh Singhal Laboratory For Advanced Networking Department of Computer Science.
Secure Routing in WSNs: Attacks & Countermeasures Chris Karlof & David Wagner, UC Berkeley 1 st IEEE International Workshop on Sensor Network Protocols.

Secure Routing in WSNs: Attacks & Countermeasures Chris Karlof & David Wagner, UC Berkeley 1 st IEEE International Workshop on Sensor Network Protocols.
1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.

1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures by Chris Karlof, David Wagner Presented by William Scott December 01, 2009 Note:

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures by Chris Karlof, David Wagner Presented by William Scott December 01, 2009 Note:
1 Somya Kapoor Jorge Chang Amarnath Kolla. 2 Agenda Introduction and Architecture of WSN –Somya Kapoor Security threats on WSN – Jorge Chang & Amarnath.

1 Somya Kapoor Jorge Chang Amarnath Kolla. 2 Agenda Introduction and Architecture of WSN –Somya Kapoor Security threats on WSN – Jorge Chang & Amarnath.
INSENS: Intrusion-Tolerant Routing For Wireless Sensor Networks By: Jing Deng, Richard Han, Shivakant Mishra Presented by: Daryl Lonnon.

INSENS: Intrusion-Tolerant Routing For Wireless Sensor Networks By: Jing Deng, Richard Han, Shivakant Mishra Presented by: Daryl Lonnon.

Similar presentations

Ads by Google