Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Security and Privacy in Sensor Networks: Research Challenges Radha Poovendran University of Washington

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Security and Privacy in Sensor Networks: Research Challenges Radha Poovendran University of Washington"— Presentation transcript:

1 1 Security and Privacy in Sensor Networks: Research Challenges Radha Poovendran University of Washington http://www.ee.washington.edu/people/faculty/radha

2 2 Outline Panda-Hunter Game Sensor Network Security How is it different? Incomplete List of challenges Problem #1- Problem #5

3 3 Panda-Hunter Game Model A generic asset monitoring sensor network application Panda-Hunter Game:  Sensor Network monitors Panda  Hunter observes Panda_Here messages and go after Panda Panda’s Challenge  Want Location Privacy Hunter’s Challenge  Want valid message  Want the network to work reliably  Detect any faulty or compromised sensor Both need different services Data Sink Sensor Node

4 4 Sensor Network Security What do we mean by sensor network security?  Conventional view of security from cryptography community: cryptographically unbreakable design in practical sense  Network Reality: very few security breaches in practice are to exploit flaws in cryptographic algorithms; side channel attacks Malicious versus selfish (DoS vs. resource gobbler) Security v.s. robustness, fault tolerance, resiliency Security is not a black/white world, it is progressive We must secure entire networked system, not just an individual component Solutions must be robust/adapt to new threats as much as possible

5 5 How is it Different? Wireless Sensor networks have NO clear line of defense  Each node is a host as well as a “router”  Security solutions in wired or cellular networks may leverage the networking infrastructure  Secure Network/service “infrastructure” has to be collaboratively established Wireless channel is easily accessible by both good citizens and attackers Resource constraints on portable devices  Energy, computation, memory, etc.  Some devices may be compromised  Heterogeneity prevents a single security solution

6 6 BN RN BN RN Processing Capabilities Network Granularity Capability-based Abstraction A B Capability based Abstraction of a Heterogeneous Network BN-Backbone node RN-Regular Node

7 7 Incomplete List of Challenges Resource-Efficient Secure Network Services  Network Initialization, single/multihop neighbor discovery  Multihop path establishment & Routing  Supporting application services Cryptographic services  Broadcast authentication  Key management Security mechanisms for fundamental services  Clock synchronization  Secure location discovery and verification of claims  Location privacy  Secure aggregation and in-network processing  Cluster formation/cluster head election  Middleware (will not discuss further)

8 8 Incomplete List of Challenges Modeling vulnerabilities  VERY POOR state of understanding  Needed by services and applications Cross-layer design techniques  Routing/location-aware protocols that are also robust!  Incorporating semantics such as geometry, radio model and range for context-based security  Functionality instead of optimality

9 9 Problem #1: Robust Designs Attacks and compromise of network are reality  Misconfiguration cannot be fully eliminated  Maybe we can never enumerate  Software bugs are #1 cause for all possible attacks  Not every device can implement maximum-strength solutions Shift from prevention to tolerance  Building trustworthy system out of untrustworthy components  Ability to detect, and function, even in the presence of problems  Similar analogy to IP building reliable system out of unreliable components  How? Can be application specific

10 10 Problem #2: Adaptive Security Adaptation to handle many dimensions of dynamics:  Adaptive to user requirements Differential security services used in government and military  Adaptive to user devices  Adaptive to channel dynamics: Partial connectivity, disconnectivity, full connectivity  Adaptive to mobility Cross-domain service for roaming users  Adaptive to dynamic membership Node join, leave, fail

11 11 Problem #3: Joint Design of QoS and Security Incorporating network metrics and security: scalability, communication overhead, computation complexity, energy efficiency, device capability, … Different performance metrics may be in (partial) conflict  Probably the most secure system is of minimal usability  Example: energy efficiency/computation complexity versus cryptography strength Many conventional security solutions take a centralized approach

12 12 Problem #4: Evaluation of Design Current designs have an explicit threat model in mind NOT Realistic –Real trace analysis for practical attacks? Benchmarking ? –Other areas in computer systems have well defined benchmarks: SPEC CPU, TPC-C Analytical tools Current effort: game theory, graph theory

13 13 Problem #5: Securing the Chain The system is only as secure as the weakest link  Many supporting components: DNS, ARP, DHCP,…  Other supporting protocols: bootstrapping, discovery, time synchronization How to secure these supporting components  Often ignored  Secure the entire system chain Build multiple fences  Each fence is built based on a component’s resource constraint

Download ppt "1 Security and Privacy in Sensor Networks: Research Challenges Radha Poovendran University of Washington"

Similar presentations

ACHIEVING NETWORK LEVEL PRIVACY IN WIRELESS SENSOR NETWORKS.

ACHIEVING NETWORK LEVEL PRIVACY IN WIRELESS SENSOR NETWORKS.
Chris Karlof and David Wagner

Chris Karlof and David Wagner
Security in Mobile Ad Hoc Networks

Security in Mobile Ad Hoc Networks
Multicasting in Mobile Ad hoc Networks By XIE Jiawei.

Multicasting in Mobile Ad hoc Networks By XIE Jiawei.
Trust relationships in sensor networks Ruben Torres October 2004.

Trust relationships in sensor networks Ruben Torres October 2004.
A Survey of Secure Wireless Ad Hoc Routing

A Survey of Secure Wireless Ad Hoc Routing
CSE 5392By Dr. Donggang Liu1 CSE 5392 Sensor Network Security Introduction to Sensor Networks.

CSE 5392By Dr. Donggang Liu1 CSE 5392 Sensor Network Security Introduction to Sensor Networks.
CSE 6590 Department of Computer Science & Engineering York University 1 Introduction to Wireless Ad-hoc Networking 5/4/2015 2:17 PM.

CSE 6590 Department of Computer Science & Engineering York University 1 Introduction to Wireless Ad-hoc Networking 5/4/2015 2:17 PM.
URSA: Providing Ubiquitous and Robust Security Support for MANET

URSA: Providing Ubiquitous and Robust Security Support for MANET
Computer Science 1 CSC 774 Advanced Network Security Enhancing Source-Location Privacy in Sensor Network Routing (ICDCS ’05) Brian Rogers Nov. 21, 2005.

Computer Science 1 CSC 774 Advanced Network Security Enhancing Source-Location Privacy in Sensor Network Routing (ICDCS ’05) Brian Rogers Nov. 21, 2005.
Sogang University ICC Lab Using Game Theory to Analyze Wireless Ad Hoc networks.

Sogang University ICC Lab Using Game Theory to Analyze Wireless Ad Hoc networks.
1 Intrusion Tolerance for NEST Bruno Dutertre, Steven Cheung SRI International NEST 2 Kickoff Meeting November 4, 2002.

1 Intrusion Tolerance for NEST Bruno Dutertre, Steven Cheung SRI International NEST 2 Kickoff Meeting November 4, 2002.
1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.

1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.
1 Sensor Networks and Networked Societies of Artifacts Jose Rolim University of Geneva.

1 Sensor Networks and Networked Societies of Artifacts Jose Rolim University of Geneva.
1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.

1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.
Lightweight Key Establishment and Management Protocol (KEMP) in Dynamic Sensor Networks draft-qiu-6lowpan-secure-router-01 Ying QIU, Jianying ZHOU, Feng.

Lightweight Key Establishment and Management Protocol (KEMP) in Dynamic Sensor Networks draft-qiu-6lowpan-secure-router-01 Ying QIU, Jianying ZHOU, Feng.
1 Key Management in Mobile Ad Hoc Networks Presented by Edith Ngai Spring 2003.

1 Key Management in Mobile Ad Hoc Networks Presented by Edith Ngai Spring 2003.
1 Next-Generation Secure Internet: Security Overview and Context Adrian Perrig in collaboration with Steven Bellovin, David Clark, Dawn Song.

1 Next-Generation Secure Internet: Security Overview and Context Adrian Perrig in collaboration with Steven Bellovin, David Clark, Dawn Song.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Similar presentations

Ads by Google