Mark W. Propst

foamyflumpΚινητά – Ασύρματες Τεχνολογίες

21 Νοε 2013 (πριν από 3 χρόνια και 11 μήνες)

96 εμφανίσεις

Mark W. Propst

Scientific Research Corporation


Attack Motivations


Vulnerability Classification


Traffic Pattern Analysis


Testing Barriers


Concluding Remarks



2


Wireless Sensor Network link
-
layer protocols
are derived from mobile ad hoc networks
which leaves them vulnerable to the same
type of attacks


They are typically deployed in un
-
secured
hostile environments leaving them vulnerable
to physical attack


The sensor nodes lack the processing power
and battery life to perform countermeasures
typically utilized in many fixed and mobile ad
hoc
n
etworks



3


Unauthorized data observation


Unauthorized data manipulation


Data unavailability

4

1)
Bertino
, E., &
Sandhu
, R. (2005). Database Security
-
Concepts, Approaches, and Challenges.
IEEE
Trans. Dependable
Secur
.
Comput
.
,
Vol

2, issue 1
, pp. 2

19.


There

is

currently

a

plethora

of

research

attempting

to

understand

and

counter

the

manipulation

of

individual

nodes

within

a

wireless

sensor

network



Threshold Cryptography and Authentication
2

is an
example of unique methods to protect and detect


Similarly, Adaptive Intrusion Detection
3

detects
malicious nodes in a sensor network

5

2)
Piya
, T., & Andrew, J. (2007). Adaptive Intrusion Detection in Wireless Sensor Networks.
Intelligent
Pervasive Computing, International Conference on
,
0
, 23
-
28.

3)
Marianne, A. A.,
Sherif
, M. E.
-
K., &
Magdy
, S. E.
-
S. (2007). Threshold Cryptography and
Authentication in Ad Hoc Networks Survey and Challenges.
Systems and Networks Communication,
International Conference on
,
0
, 5.



Cluster heads typically have greater processing
power, provide geo
-
location, encryption keys,
and act as a gateway of information from the
sensor network to the outside world


Attacking and defeating a cluster head will
render the entire sensor cluster non
-
operational


Unlike
mobile networks, sensor networks are
typically static, leading to predictable routing
paths


With predictable routing paths, the cluster head
of a sensor network can be detected


6


There are two methods to attack the same
static path vulnerability:


Route Correlation (Rate Monitoring)


Frequency Domain Analysis (Time Correlation)



Both rely on the correlation of time between
transmission events on successive nodes to
determine the path to the cluster head

7


Link
-
layer encryption, such as onion
encryption, can effectively prevent packet
sniffing.



To defeat frequency domain analysis, most
obfuscation techniques attempt to bring the
noise floor up to the transmission level by
generating excess packets

8

0
0.2
0.4
0.6
0.8
1
1.2
1
6
11
16
21
26
31
36
41
46
51
56
61
66
71
76
81
86
91
96
0
0.2
0.4
0.6
0.8
1
1.2
1
6
11
16
21
26
31
36
41
46
51
56
61
66
71
76
81
86
91
96
ΔT

ΔT

SHF Power

SHF Power

9

Easily identifiable transmission sequence

Theoretical obfuscation

Most current methodologies attempt to
obfuscate routing signatures by introducing
superfluous traffic.



Flooding


Generic Random Walk


Greedy Random Walk


Directed Random Walks


Store and Forward




10


Onion Routing requires every node to encrypt
the packet, consuming valuable battery power
encrypting every packet for every hop



Bringing up the noise floor through the
utilization of random walk strategies
effectively obfuscates the traffic, but at the
cost of sensor network life

11

Mark W. Propst DCIS 730

How do we test network routing obfuscation?



This is typically done in simulation by applying a
propositional satisfiability solver such as GSAT
4



Propositional satisfiability solvers are very efficient
at comparing obfuscation methodologies, however,
the results between different implementers are NOT
comparable



There is currently no repeatability in testing

12

4) Selman, B., Levesque, H., & Mitchell, D. (1992). A new method for solving hard satisfiability problems.
In
National conference on artificial intelligence
(pp. 440
-
446).



Development of new energy efficient routing
protocols with high obfuscation properties
which mask the RF signature of the routing
topology must happen to stay ahead of
current and developing threats



The development of standardized test tools
to compare and contrast new obfuscation
protocols is just as important as developing
the obfuscation protocols

13