Security Issues in Wireless Sensor

homuskratΔίκτυα και Επικοινωνίες

20 Νοε 2013 (πριν από 3 χρόνια και 9 μήνες)

67 εμφανίσεις

LOGO

Security Issues in Wireless Sensor
Networks (WSNs)

Shayan

Zamani

&
Mojtaba

Jafari

Mazanadaran

University of Science and Technology,

Distributed Systems Class Seminar,

Supervisor: Hadi Salimi

{
Sh.zamani

and
jafari
}@
ustmb.ac.ir


Outline

Security Challenges

1

Security Principles

2

WSN Attacks

3

3

Conclusion

4

4

2

Security in WSN

Security Challenges


The broadcast nature of the wireless communication.



The network deployment in hostile environments (e.g. battlefield, forest) with
relatively poor physical protection.



The limitations in energy, computational power and memory.



The extremely large number of interacting devices in a sensor network.



The dynamic nature of WSN (frequent changes in both its topology and its
membership)

3

Security in WSN

Security Principles


Data Confidentiality
:
Ensuring that only authorized sensor nodes can access
the content of the messages.



Data Authentication
: Ensuring that the data is originated from the correct
source.



Data Integrity
:
Ensuring that any received data has not been altered in transmit
by unauthorized parties.



Data Freshness
:
Ensuring that no old messages have been replayed.



Availability
:
Ensuring that services offered by whole WSN or by a single sensor
node must be available whenever required.

4

Security in WSN

Type of Attacks


From the point of view of how to Attack:


Passive
: Only monitors the communication channel. Threatens the confidentiality of data.


Active
:
Attempts to delete, add or alter the transmission on the channel. Threatens data integrity,
authentication and confidentiality.


From the point of view of Attacker’s Device
:


Mote
-
Class Attacker
:
Has access to a few nodes with similar capabilities to those deployed in the
network.


Laptop
-
Class Attacker
:
Has access to more powerful devices like a laptop. Has advantages over
legitimate nodes like greater battery power, more capable
cpu

and high
-
power antenna.


From the point of
view of penetration to Network:


Insider
:
Has compromised some authorized nodes of the network (stolen key material, run
malicious code).


Outsider
:
Has no special access to the network.




Security in WSN

5

Network Layer

Attacks

Physical

Jamming
, Tampering

Link

Collision
, Exhaustion, Unfairness

Network and

Routing

Spoofed
, Selective forwarding,
Sinkhole
,
Sybil
,
Wormholes
, Hello
flood

Transport

Flooding,

Desynchronization

Attacks in WSN(1/6)

Security in WSN

6

Network Layer

Attacks

Physical

Jamming, Tampering

Link

Collision, Exhaustion, Unfairness

Network and

Routing

Spoofed,

Selective forwarding,
Sinkhole, Sybil, Wormholes, Hello
flood

Transport

Flooding,
Desynchronization

Attacks in WSN(2/6)


Physical Layer


Jamming: Interference with the radio frequencies a network's nodes are
using.


7

Security in WSN

Attacks in WSN(3/6)


Data Link Layer


Collision: Altering of transmission octets to disrupt the packets.
(checksum mismatch
)

8

Security in WSN

Attacks in WSN(4/6)


Network Layer


Sinkhole: The adversary attracts the surrounding nodes with unfaithful
routing information.

9

Security in WSN

Attacks in WSN(5/6)


Network Layer


Wormhole: The adversary tunnels the traffic received in a part of the
network to another.

10

Security in WSN

Attacks in WSN(6/6)


Network Layer


Sybil attack: A single node presents multiple identities to other nodes.

E

C

M

Identity Table:

Current = X


F

B

D

A

Identity Table:

Current = X,A


Identity Table:

Current = X,A,C


Identity Table:

Current = X,A,C,B


Identity Table:

Current =
X,A,C,B,D


N

11

Security in WSN

Conclusion


Need for physical network protection (not always possible).



Cryptography can provide link layer encryption and authentication
mechanisms (MAC) but this is not enough.



End to end security mechanisms are impractical.



Careful protocol design (routing, localization, data aggregation) with
respect to security principles and attacker models.



Consideration of energy issues when adapting countermeasures.

Security in WSN

12

References(1/4)

1)
S.
Ganeriwal
, S.
Capkun
, C.
-
C. Han, and M. B.
Srivastava
. Secure time
synchronization service for sensor networks. In
WiSe

’05: Proceedings of the 4
th

ACM
workshop on Wireless security, pages 97

106, New York, NY, USA, 2005. ACM
Press.

2)
L.
Lazos

and R.
Poovendran
.
Serloc
: Robust localization for wireless sensor
networks. ACM Trans. Sen.
Netw
., 1(1):73

100, 2005.

3)
A.
Perrig
, R.
Szewczyk
, J. D.
Tygar
, V.
Wen
, and D. E. Culler. Spins: security
protocols for sensor networks. Wireless Networking, 8(5):521

534, 2002.

4)
Y.Zhou,Y.Fang,Y.Zhang
, "Security Wireless Sensor Networks: A Survey", IEEE
Communication Surveys, Vol.10, No.3, 3
rd

Quarter 2008.

5)
J. M. McCune, “Detection of Denial
-
of
-
Message Attacks on Sensor Network
Broadcasts,” Proc. 2005 IEEE
Symp
. Security and Privacy (SP’05), Oakland, CA,
May 2005.

6)
J. R. Douceur, “The Sybil Attack,” Proc. 1st ACM Int’l.
Wksp
. Peer
-
to
-
Peer Systems
(IPTPS’02), Mar. 2002.

7)
http://en.wikipedia.org/wiki/Zigbee, Last access 4/5/2010.

8)
W.
Xu
, K. Ma, W. Trappe, and Y. Zhang, “Jamming sensor networks: Attack and
defense strategies,” IEEE Network, vol. 20, no. 3, 2006.

Security in WSN

13

References(2/4)

9.
J. Deng, R. Han, and S.
Mishra
, “Defending against path
-
based
DoS

attacks in
wireless sensor networks,” in SASN ’
05
: Proceedings of the
3
rd ACM Workshop on
Security of Ad Hoc and Sensor Networks,
2005
.

10.
C.
Kraub
, M. Schneider, and C. Eckert, “Defending against
falseendorsement
-
based
DoS

attacks in wireless sensor networks,” in
WiSec
: Proc. of the First ACM
Conference on Wireless Network Security,
2008
.

11.
C
.

Kraub
, M. Schneider, and C. Eckert, “An Enhanced Scheme to Defend against
False
-
Endorsement
-
Based
DoS

Attacks in WSNs”, in IEEE International Conference
on Wireless & Mobile Computing, Networking & Communication,
2008

12.
K.Kredo

and
P.Mohapatra
, "Medium Access Control in Wireless Sensor Network",
Computer Networks, June
2006
.

13.
Y. WANG, G. ATTEBURY,B. RAMAMURTHY, “ A SURVEY OF SECURITY ISSUES
IN WIRELESS SENSOR NETWORKS”,
2
ND QUARTER
2006
, VOLUME
8
, NO.
2

14.
T.
Kavitha
, D.
Sridharan
, “Security Vulnerabilities In Wireless Sensor Networks: A
Survey”, Journal of Information Assurance and Security
5
(
2010
)
031
-
044
,
2009

15.
J
.

Walters, Z
.

Liang, W
.

Shi, V
.

Chaudhary

,“ Wireless Sensor Network Security: A
Survey ”,
Auerbach

Publications, CRC Press,
2006

16.
A.
Becher
, Z.
Benenson
, M.
Dornseif
, “Tampering with Motes: Real
-
World Attacks on
Wireless Sensor Networks”,
2006

Security in WSN

14

References(3/4)

17.
A. D. Wood and J. A.
Stankovic
, “Denial of service in sensor networks,” IEEE
Computer, vol. 35, no. 10, pp. 54

62, 2002.

18.

E. Shi and A.
Perrig
, “Designing secure sensor networks,” Wireless Communication
Magazine, vol. 11, no. 6, pp. 38

43, December 2004.

19.
C.
Karlof

and D. Wagner. Secure routing in wireless sensor networks: Attacks and
countermeasures. In First IEEE International Workshop on Sensor Network Protocols
and Applications, pages 113

127, May 2003.

20.
J. Newsome, E. Shi, D. Song,
A.Perrig
, “The Sybil Attack in Sensor Networks:
Analysis & Defenses”, Center for Computer and Communications Security, 2004

21.
http://en.wikipedia.org/wiki/Key_distribution_in_wireless_sensor_networks
, Last
access 25/5/2010

22.
R.
Maheshwari
, J.
Gao
, S. R. Das, "Detecting Wormhole Attacks in Wireless
Networks using Connectivity Information" , To appear in IEEE INFOCOM 2007,
Alaska

23.
L.
Hu

and D. Evans. Using directional antennas to prevent wormhole attacks. In
Network and Distributed System Security Symposium (NDSS), 2004.

24.
Y.
Hu
, A.
Perrig

and D. Johnson, Packet leashes: A defense against wormhole
attacks in wireless networks, Proceedings of the Twenty
-
Second Annual Joint
Conference of the IEEE Computer and Communications Societies, vol. 3, pp. 1976,
1986, 2003.

Security in WSN

15

References(4/4)

25.
I.Krontiris,Th.Giannetsos,T.Dimitriou
, "Launching a Sinkhole Attack in Wireless
Sensor Networks; the Intruder Side", Athens Information Technology,
Peania
,
Athens,Greece
.

26.
Ch.Tumrongwittayapak
,
R.Varakulsiripunth
, "Detecting Sinkhole Attacks In Wireless
Sensor Networks" ,ICROS
-
SICE International Conference, Aug
2009
, Japan.

27.
Some Slides Taken from Presentation of
Pyrgelis

Apostolos
, “Cryptography and
Security in Wireless Sensor Networks”, Department of Computer Engineering and
Informatics University of
Patras
,
2009
, Greece.

Security in WSN

16