Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.

Published byLoraine Nichols Modified over 9 years ago

Similar presentations

Presentation on theme: "Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4."— Presentation transcript:

1 Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University http://rabieramadan.org rabie@rabieramadan.org 4

2 Security in WSN 2

3 3 Security Requirements Availability Data Confidentiality Data Integrity Non-repudiation Authorization and Key Management

4 4 Security Solution Constraints Lightweight Decentralized Reactive Fault-tolerant

5 5 Challenges in WSNs Sensor node hardware, resource constraints Algos must be energy- and storage-efficient Nodes operate unattended Adversary can compromise any node Nodes not tamper-resistant Adversary can compromise any node’s keys No fixed infrastructure Cannot assume any special- function node in vicinity No pre-config’ed topology Nodes don’t know neighbours in advance Communicate in an open medium Communications are world- readable and world-writeable by default ConstraintsImplications

6 6 Security design principles Favour computation over communication Communication 1000 times more energy-consuming than computation Favour resilience (tolerance) over absolute security

7 7 WSN Security Research Fields Routing security Data forwarding security Link layer security Key management.

8 Security issues in WSN The discussed applications require communication in WSN to be highly secure Main security threats in WSN are: Radio links are insecure – eavesdropping / injecting faulty information is possible Sensor nodes are not temper resistant – if it is compromised attacker obtains all security information Attacker types: Mote-class: attacker has access to some number of nodes with similar characteristics / laptop-class: attacker has access to more powerful devices Outside (discussed above) / inside: attacker compromised some number of nodes in the network

9 Attacks on WSN Main types of attacks on WSN are: Spoofed, altered, or replayed routing information Selective forwarding Sinkhole attack Sybil attack Wormholes HELLO flood attacks Acknowledgment spoofing

10 False routing information Injecting fake routing control packets into the network, examples: attract / repeal traffic, generate false error messages. Consequences: routing loops, increased latency, decreased lifetime of the network, low reliability B A1 A3 A2 A4 Example: captured node attracts traffic by advertising shortest path to sink, high battery power, etc

11 Selective forwarding Multi hop paradigm is prevalent in WSN It is assumed that nodes faithfully forward received messages Compromised node might refuse to forward packets, however neighbors might start using another route More dangerous: compromised node forwards selected packets

12 Sinkhole and Sybil attacks Sinkhole attack: Idea: attacker creates metaphorical sinkhole by advertising for example high quality route to a base station Laptop class attacker can actually provide this kind of route connecting all nodes to real sink and then selectively drop packets Almost all traffic is directed to the fake sinkhole WSN are highly susceptible to this kind of attack because of the communication pattern: most of the traffic is directed towards sink – single point of failure. Sybil attack: Idea: a single node pretends to be present in different parts of the network. Mostly affects geographical routing protocols

13 Wormholes Idea: tunnel packets received on one part of the network to another Well placed wormhole can completely disorder routing Wormholes may convince distant nodes that they are close to sink. This may lead to sinkhole if node on the other end advertises high-quality route to sink

14 Wormholes (cont.) Wormholes can exploit routing race conditions which happens when node takes routing decisions based on the first route advertisement Even encryption can not prevent this attack Wormholes may be used in conjunction with sybil attack

15 HELLO flood attack Many WSN routing protocols require nodes to broadcast HELLO packets after deployment, which is a sort of neighbor discovery based on radio range of the node Laptop class attacker can broadcast HELLO message to nodes and then advertises high-quality route to sink

16 Acknowledgment spoofing Some routing protocols use link layer acknowledgments Attacker may spoof acks Goals: convince that weak link is strong or that dead node is alive. Consequently weak link may be selected for routing; packets send through that link may be lost or corrupted

17 Overview of Countermeasures Link layer encryption prevents majority of attacks: bogus routing information, Sybil attacks, acknowledgment spoofing, etc. This makes the development of an appropriate key management architecture a task of a great importance Wormhole attack, HELLO flood attacks and some others are still possible: attacker can tunnel legitimate packets to the other part of the network or broadcast large number of HELLO packets Multi path routing, bidirectional link verification can also be used to prevent particular types of attacks like selective forwarding, HELLO flood

18 Part One Secure data aggregation

19 19 Phase 1: Query dissemination Sample query: SELECT AVERAGE(temperature) FROM sensors WHERE floor = 6 EPOCH DURATION 30s

20 20 Phase 2: Data aggregation aggregate Types of aggregation: (1) basic aggregation, (2) data compression, (3) parameter estimation

21 21 Phase 3: Result verification (optional) “Did you really report this?”

22 22 Security goals of data aggregation Robustness: Byzantine corruption of data would not make aggregation result totally meaningless Confidentiality: To ensure that other than the sink and the sources, no intermediate node should have knowledge of the raw data or the aggregation result perform averaging 1 2 3 1000 So the average is 251.5… Oh wait a minute sources sink What the hell am I aggreg ating? What the hell am I forwardi ng?

23 23 Voting Resource-intensive, only good for mission-critical, small-scale networks 1 1 2 3 300 malicious No Yes “is mean = 61.4 reasonable?” malicious Alright, 61.4 is not reasonable!

24 24 Interactive proof algo By [Przydatek et al. 2003], algo for proving probabilistically a given figure is indeed the median of the samples Example for the sake of intuition: 123456 1 Prover must have the samples sorted first 2 Prover tells the verifier median is 3.5 and the no. of samples is 6 3 Verifier asks for the 3 rd sample, prover tells the 3 rd sample is 3 < 3.5, verifier is happy but still suspicious 4 Verifier asks for the 4 th sample, prover tells the 4 th sample is 4 > 3.5, verifier is happy but still suspicious 5 Verifier asks for the 1 st and 6 th sample, prover tells 1 st is 1 3.5, verifier says: “Alright, I’ve sampled enough, median should be 3.5 at high probability”. Relies on the trustworthiness of the samples, but how do we make sure?

25 Key Management Techniques Eng. Ahmed Ezz

26 Location verification – SerLoc (Secure Range-independent localization) 26

27 What is location verification? Different assumptions from general localization What if some malicious nodes lie about their location? Sample attack scenario Claim to be very close to the sink Attract many packets Drop some or all of them Very easy DoS attack especially for geographic routing protocols

28 28 Secure Verification of Location Claims [Sastry et al. WISE 2002]. Location Privacy Privacy-aware Location Sensor Networks [Gruteser et al. USENIX 2003]. Secure Localization: Ensure robust location estimation even in the presence of adversaries. SeRLoc: [Lazos and Poovendran, WISE 2004]. S-GPS: [Kuhn 2004]. SPINE: [Capkun & Hubeaux, Infocom 2005]. Secure Location Services

29 29 SeRLoc: SEcure Range-independent LOCalization. SeRLoc features No ranging hardware required. Decentralized Implementation, Scalable. Robust against attacks - Lightweight security. SeRLoc

30 30 Locators: Randomly deployed Known Location, Orientation Directional Antennas (X 1, Y 1 ) (X 3, Y 3 ) (X 4, Y 4 ) (X 5, Y 5 ) (X 2, Y 2 ) Two-tier network architecture Sensors: Randomly deployed, unknown location r R Locator range R Beamwidth θ θ Omnidirectional Antennas Sensor range r Locator Sensor

31 31 LocatorSensor L1L1 L4L4 L3L3 (0, 0) s L3L3 ROI The Idea of SeRLoc Each locator L i transmits information that defines the sector S i, covered by each transmission. Sensor defines the region of intersection (ROI) from all locators it hears.

32 How SerLoc works Node i claims its location is (x, y) Node i needs to send (x, y) a location verification request msg to a nearby verifier A verifier can be a normal sensor node The verifier sends a random nonce to node i and start the clock Node i has to immediately return the challenge through both radio and ultrasonic channels The verifier measures the time for node i returning the challenge and take the difference between the radio & ultrasonic signal propagation. Based on this observation, verify the claimed location

33 Weakness of SerLoc Requires extra hardware, i.e., ultrasonic channel Innocent victims may respond late due to backlog Not location verification but range verification Verifier M’s Real Location M’s claimed Location sink Oops... Verifier cannot tell the difference! Big trouble...

34 Possible Research Issues Most localization work is mathematical and evaluated via (high level) simulations More realistic work is needed Indoor localization is harder Look at CodeBlue project at Harvard Location verification Can’t trust sensors Secure localization Can’t trust anchors

Download ppt "Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4."

Similar presentations

Chris Karlof and David Wagner

Chris Karlof and David Wagner
Security in Wireless Sensor Networks: Key Management Approaches

Security in Wireless Sensor Networks: Key Management Approaches
Secure Location Verification with Hidden and Mobile Base Stations -TMC Apr, 2008 Srdjan Capkun, Kasper Bonne Rasmussen, Mario Cagalj, Mani Srivastava.

Secure Location Verification with Hidden and Mobile Base Stations -TMC Apr, 2008 Srdjan Capkun, Kasper Bonne Rasmussen, Mario Cagalj, Mani Srivastava.
Denial of Service in Sensor Networks Anthony D. Wood and John A. Stankovic.

Denial of Service in Sensor Networks Anthony D. Wood and John A. Stankovic.
Denial of Service in Sensor Networks Szymon Olesiak.

Denial of Service in Sensor Networks Szymon Olesiak.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof David Wagner University of Califonia at Berkeley Paper review and.

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof David Wagner University of Califonia at Berkeley Paper review and.
Authors : Chris Karlof, David Wagner Presenter : Shan Bai Secure Routing in Wireless Sensor Networks : Attacks and Countermeasures.

Authors : Chris Karlof, David Wagner Presenter : Shan Bai Secure Routing in Wireless Sensor Networks : Attacks and Countermeasures.
A Distributed Security Framework for Heterogeneous Wireless Sensor Networks Presented by Drew Wichmann Paper by Himali Saxena, Chunyu Ai, Marco Valero,

A Distributed Security Framework for Heterogeneous Wireless Sensor Networks Presented by Drew Wichmann Paper by Himali Saxena, Chunyu Ai, Marco Valero,
Range-Based and Range-Free Localization Schemes for Sensor Networks

Range-Based and Range-Free Localization Schemes for Sensor Networks
Secure Routing in Wireless Sensor Network Soumyajit Manna Kent State University 5/11/2015Kent State University1.

Secure Routing in Wireless Sensor Network Soumyajit Manna Kent State University 5/11/2015Kent State University1.
Robust Range-Independent Localization for Wireless Sensor Networks Radha Poovendran Joint work with Loukas Lazos Network Security Lab University of Washington.

Robust Range-Independent Localization for Wireless Sensor Networks Radha Poovendran Joint work with Loukas Lazos Network Security Lab University of Washington.
Computer Science 1 CSC 774 Advanced Network Security Enhancing Source-Location Privacy in Sensor Network Routing (ICDCS ’05) Brian Rogers Nov. 21, 2005.

Computer Science 1 CSC 774 Advanced Network Security Enhancing Source-Location Privacy in Sensor Network Routing (ICDCS ’05) Brian Rogers Nov. 21, 2005.
Defending Against Traffic Analysis Attacks in Wireless Sensor Networks Security Team 2009.07.20.

Defending Against Traffic Analysis Attacks in Wireless Sensor Networks Security Team
Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL 6788 11.

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL
Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.

Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.
Monday, June 01, 2015 ARRIVE: Algorithm for Robust Routing in Volatile Environments 1 NEST Retreat, Lake Tahoe, June 17-19 2002.

Monday, June 01, 2015 ARRIVE: Algorithm for Robust Routing in Volatile Environments 1 NEST Retreat, Lake Tahoe, June
Using Directional Antennas to Prevent Wormhole Attacks Lingxuan Hu, David Evans Jason Buckingham CSCI 7143: Secure Sensor Networks November 2, 2004.

Using Directional Antennas to Prevent Wormhole Attacks Lingxuan Hu, David Evans Jason Buckingham CSCI 7143: Secure Sensor Networks November 2, 2004.
1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.

1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.
Secure Routing in WSNs: Attacks & Countermeasures Chris Karlof & David Wagner, UC Berkeley 1 st IEEE International Workshop on Sensor Network Protocols.

Secure Routing in WSNs: Attacks & Countermeasures Chris Karlof & David Wagner, UC Berkeley 1 st IEEE International Workshop on Sensor Network Protocols.

Similar presentations

Ads by Google