LOGO Security Issues in Wireless Sensor Networks (WSNs) Shayan Zamani & Mojtaba Jafari Mazanadaran...
-
Upload
toby-georgeson -
Category
Documents
-
view
216 -
download
2
Transcript of LOGO Security Issues in Wireless Sensor Networks (WSNs) Shayan Zamani & Mojtaba Jafari Mazanadaran...
LOGO
Security Issues in Wireless Sensor
Networks (WSNs)
Security Issues in Wireless Sensor
Networks (WSNs)
Shayan Zamani & Mojtaba JafariMazanadaran University of Science and Technology,
Distributed Systems Class Seminar,Supervisor: Hadi Salimi
{Sh.zamani and jafari}@ustmb.ac.ir
Outline
Security Challenges1
Security Principles2
WSN Attacks33
Conclusion44
2 Security in WSN
Security Challenges
The broadcast nature of the wireless communication.
The network deployment in hostile environments (e.g. battlefield, forest) with relatively poor physical protection.
The limitations in energy, computational power and memory.
The extremely large number of interacting devices in a sensor network.
The dynamic nature of WSN (frequent changes in both its topology and its membership)
3 Security in WSN
Security Principles Data Confidentiality: Ensuring that only authorized sensor
nodes can access the content of the messages.
Data Authentication: Ensuring that the data is originated from the correct source.
Data Integrity: Ensuring that any received data has not been altered in transmit by unauthorized parties.
Data Freshness: Ensuring that no old messages have been replayed.
Availability: Ensuring that services offered by whole WSN or by a single sensor node must be available whenever required.
4 Security in WSN
Type of Attacks From the point of view of how to Attack:
Passive: Only monitors the communication channel. Threatens the confidentiality of data. Active: Attempts to delete, add or alter the transmission on the channel. Threatens data integrity,
authentication and confidentiality.
From the point of view of Attacker’s Device: Mote-Class Attacker: Has access to a few nodes with similar capabilities to those deployed in the
network. Laptop-Class Attacker: Has access to more powerful devices like a laptop. Has advantages over
legitimate nodes like greater battery power, more capable cpu and high-power antenna.
From the point of view of penetration to Network: Insider: Has compromised some authorized nodes of the network (stolen key material, run
malicious code). Outsider: Has no special access to the network.
Security in WSN5
Network Layer Attacks
Physical Jamming, Tampering
Link Collision, Exhaustion, Unfairness
Network and RoutingSpoofed, Selective forwarding, Sinkhole, Sybil, Wormholes, Hello flood
Transport Flooding, Desynchronization
Attacks in WSN(1/6)
Security in WSN6
Network Layer Attacks
Physical Jamming, Tampering
Link Collision, Exhaustion, Unfairness
Network and RoutingSpoofed, Selective forwarding, Sinkhole, Sybil, Wormholes, Hello flood
Transport Flooding, Desynchronization
Attacks in WSN(2/6) Physical Layer• Jamming: Interference with the radio frequencies a
network's nodes are using.
7 Security in WSN
Attacks in WSN(3/6) Data Link Layer• Collision: Altering of transmission octets to disrupt the
packets. (checksum mismatch)
8 Security in WSN
Attacks in WSN(4/6) Network Layer• Sinkhole: The adversary attracts the surrounding nodes with unfaithful
routing information.
9 Security in WSN
Attacks in WSN(5/6) Network Layer• Wormhole: The adversary tunnels the traffic received in a part of the
network to another.
10 Security in WSN
Attacks in WSN(6/6) Network Layer• Sybil attack: A single node presents multiple identities to other nodes.
E
C
M
Identity Table:Current = X
F
B
D
A Identity Table:Current = X,AIdentity Table:
Current = X,A,CIdentity Table:
Current = X,A,C,B
Identity Table:Current = X,A,C,B,D
N
11 Security in WSN
Conclusion Need for physical network protection (not always possible).
Cryptography can provide link layer encryption and authentication mechanisms (MAC) but this is not enough.
End to end security mechanisms are impractical.
Careful protocol design (routing, localization, data aggregation) with respect to security principles and attacker models.
Consideration of energy issues when adapting countermeasures.
Security in WSN12
References(1/4)1) S. Ganeriwal, S. Capkun, C.-C. Han, and M. B. Srivastava. Secure time
synchronization service for sensor networks. In WiSe ’05: Proceedings of the 4 th ACM workshop on Wireless security, pages 97–106, New York, NY, USA, 2005. ACM Press.
2) L. Lazos and R. Poovendran. Serloc: Robust localization for wireless sensor networks. ACM Trans. Sen. Netw., 1(1):73–100, 2005.
3) A. Perrig, R. Szewczyk, J. D. Tygar, V. Wen, and D. E. Culler. Spins: security protocols for sensor networks. Wireless Networking, 8(5):521–534, 2002.
4) Y.Zhou,Y.Fang,Y.Zhang, "Security Wireless Sensor Networks: A Survey", IEEE Communication Surveys, Vol.10, No.3, 3rd Quarter 2008.
5) J. M. McCune, “Detection of Denial-of-Message Attacks on Sensor Network Broadcasts,” Proc. 2005 IEEE Symp. Security and Privacy (SP’05), Oakland, CA, May 2005.
6) J. R. Douceur, “The Sybil Attack,” Proc. 1st ACM Int’l. Wksp. Peer-to-Peer Systems (IPTPS’02), Mar. 2002.
7) http://en.wikipedia.org/wiki/Zigbee, Last access 4/5/2010.
8) W. Xu, K. Ma, W. Trappe, and Y. Zhang, “Jamming sensor networks: Attack and defense strategies,” IEEE Network, vol. 20, no. 3, 2006.
Security in WSN13
References(2/4)9. J. Deng, R. Han, and S. Mishra, “Defending against path-based DoS attacks in
wireless sensor networks,” in SASN ’05: Proceedings of the 3rd ACM Workshop on Security of Ad Hoc and Sensor Networks, 2005.
10. C. Kraub, M. Schneider, and C. Eckert, “Defending against falseendorsement-based DoS attacks in wireless sensor networks,” in WiSec: Proc. of the First ACM Conference on Wireless Network Security, 2008.
11. C. Kraub, M. Schneider, and C. Eckert, “An Enhanced Scheme to Defend against False-Endorsement-Based DoS Attacks in WSNs”, in IEEE International Conference on Wireless & Mobile Computing, Networking & Communication, 2008
12. K.Kredo and P.Mohapatra, "Medium Access Control in Wireless Sensor Network", Computer Networks, June 2006.
13. Y. WANG, G. ATTEBURY,B. RAMAMURTHY, “ A SURVEY OF SECURITY ISSUES IN WIRELESS SENSOR NETWORKS”, 2ND QUARTER 2006, VOLUME 8, NO. 2
14. T. Kavitha, D. Sridharan, “Security Vulnerabilities In Wireless Sensor Networks: A Survey”, Journal of Information Assurance and Security 5 (2010) 031-044, 2009
15. J. Walters, Z. Liang, W. Shi, V. Chaudhary ,“ Wireless Sensor Network Security: A Survey ”, Auerbach Publications, CRC Press, 2006
16. A. Becher, Z. Benenson, M. Dornseif, “Tampering with Motes: Real-World Attacks on Wireless Sensor Networks”, 2006
Security in WSN14
References(3/4)17. A. D. Wood and J. A. Stankovic, “Denial of service in sensor networks,” IEEE
Computer, vol. 35, no. 10, pp. 54–62, 2002.
18. E. Shi and A. Perrig, “Designing secure sensor networks,” Wireless Communication Magazine, vol. 11, no. 6, pp. 38–43, December 2004.
19. C. Karlof and D. Wagner. Secure routing in wireless sensor networks: Attacks and countermeasures. In First IEEE International Workshop on Sensor Network Protocols and Applications, pages 113–127, May 2003.
20. J. Newsome, E. Shi, D. Song, A.Perrig, “The Sybil Attack in Sensor Networks: Analysis & Defenses”, Center for Computer and Communications Security, 2004
21. http://en.wikipedia.org/wiki/Key_distribution_in_wireless_sensor_networks, Last access 25/5/2010
22. R. Maheshwari, J. Gao, S. R. Das, "Detecting Wormhole Attacks in Wireless Networks using Connectivity Information" , To appear in IEEE INFOCOM 2007, Alaska
23. L. Hu and D. Evans. Using directional antennas to prevent wormhole attacks. In Network and Distributed System Security Symposium (NDSS), 2004.
24. Y. Hu, A. Perrig and D. Johnson, Packet leashes: A defense against wormhole attacks in wireless networks, Proceedings of the Twenty-Second Annual Joint Conference of the IEEE Computer and Communications Societies, vol. 3, pp. 1976, 1986, 2003.
Security in WSN15
References(4/4)25. I.Krontiris,Th.Giannetsos,T.Dimitriou, "Launching a Sinkhole Attack in Wireless
Sensor Networks; the Intruder Side", Athens Information Technology, Peania, Athens,Greece.
26. Ch.Tumrongwittayapak, R.Varakulsiripunth, "Detecting Sinkhole Attacks In Wireless Sensor Networks" ,ICROS-SICE International Conference, Aug 2009, Japan.
27. Some Slides Taken from Presentation of Pyrgelis Apostolos, “Cryptography and Security in Wireless Sensor Networks”, Department of Computer Engineering and Informatics University of Patras, 2009, Greece.
Security in WSN16