Your SlideShare is downloading. ×
Wireless sensor network security
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Wireless sensor network security

225
views

Published on

A brief introduction to WSN security and its challenges

A brief introduction to WSN security and its challenges

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
225
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Wireless Sensor Network Security WSN Course Seminar Dr.Saadat by Ahmadreza Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 2. 2 Outline  WSN Specification Review  WSN Security Concerns  WSN Constraints  WSN Security Requirements  WSN Security Threats  WSN Security Countermeasure WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 3. 3 WSN Specification Review  High number of nodes  High-density deployment of nodes  Vast and various applications  Energy, memory and processing limit  No communication Infrastructure  Remote area deployment  Being Unattended after deployment WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 4. 4 WSN Security Concerns  How to secure against physical attacks in unattended deployments?  How to secure in accordance with WSN constraints?  How to adapt security mechanisms in other networks to WSN?  How to design secure routing, clustering, MAC, data aggregation and locationing protocols? WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 5. 5 WSN Constraints Review  Energy constraint  Memory constraint  Unreliable communication  High latency  Remote intermittent support WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 6. 6 Energy Constraint  Energy    Transducer unit Communication unit Processing unit  To  need : communicate 1 bit 800 to 1000 instructions  Communication consumes the most.  Security mechanisms impose communication overhead and more cost. WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 7. 7 Memory Constraint  Memory   Type : Flash : Program code RAM: Running application, Processing and aggregated data  Not enough space to support security mechanisms  SMART DUST: 4KB for Tiny OS, Just 4.5KB to… WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 8. 8 Unreliable Communication  Channel  destroying nature Noise, Interference, fading  Congestion  in nodes Collision  More overhead to assure communication  Less space remained to security WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 9. 9 High Latency  Multi hop connection-less routing  Congestion and need to retransmission  But in Security synchronization is important    Security log Review Security log correlation and analysis Key management WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 10. 10 Remote Intermittent Support  Remote deployment  Not management and maintenance for long periods   They are exposed to physical attacks They need to be secured against that WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 11. 11 WSN Security Entities  What   Data Resources  From   what to protect ? Attacks Anomalies  How  to Protect ? to protect ? Mechanisms and protocols WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 12. 12 WSN Security requirements          Confidentiality Integrity Availability Freshness Self-organization Self-healing Secure Localization Synchronization Authentication WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 13. 13 Security Requirements(Cont..)      Confidentiality: Data understood just at authorized node. Integrity : No change or modification at intermediate nodes. Availability : WSN service Availability in spite of security breaches like DoS attack. Freshness : Data is not replayed or replicated. Self organization and healing: Protocols dynamicity not only in … but also in security WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 14. 14 Security Requirements(Cont..)  Secure Localization : where that is critical the protocols must be robust enough like Verifiable Multilateration.  Authentication : Ensures integrity WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 15. 15 WSN Security Threats  Against Availability: They are generally DoS Attacks.  Against Secrecy and Authentication: Attacks like eavesdropping, IP spoofing and Packet Replay.  Against Service Integrity : Make the network accept false data values. WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 16. 16 Threats Against Availability  DoS   An event to reduce a network’s capacity to perform an expected function. Common defense mechanisms need large overhead and not suitable for WSN.  DoS   attacks in general: attack in WSN: They are considered in different layers Defense mechanisms are developed specially WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 17. 17 DoS Attack in WSN  Physical   Jamming : continuous, intermittent, distributed Tampering : the node or its function change  Data    Layer: Link Layer: Intentional Collision: Back-off time increase Resource Exhaustion: impose retransmission Unfairness: degradation of real-time applications/ weak form of DoS attack WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 18. 18 DoS Attack in WSN  Network Layer:         Spoofing Routing Info Selective Packet Forwarding Sinkhole Sybil Wormhole Hello Flooding Acknowledge Spoofing Transport Layer:   Flooding: De-synchronization: WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 19. 19 Network Layer DoS  Spoofing Routing Information:   An attacker may spoof, alter, or replay routing information to disrupt traffic in the network. These disruptions include : creation of routing loops  attracting or repelling network traffic from selected nodes  extending or shortening source routes  generating fake error messages  causing network partitioning  increasing end-to-end latency  WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 20. 20 Network Layer DoS  Selective Packet Forwarding:  Multihop Nets like WSN require accurate forwarding  An attacker may compromise a node in such a way that it selectively forwards some messages and drops others.  Sinkhole:  an attacker makes a compromised node look more attractive to its neighbors by forging the routing information  Facilitates the selective forwarding WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 21. 21 Network Layer DoS  Sybil:    One node presents more that one identity in a network To defeat objective of redundancy mechanisms in distributed data storage systems in peer to peer Nets. effective against routing algorithms, data aggregation, voting, fair resource allocation, and foiling misbehavior detection.  Wormhole:  Creating low latency link between two portions of a network over which an attacker replays network messages via :   Single node connecting two adjacent non-neighboring nodes. Pairs of nodes in two portion of the network (Facilitates Sinkhole). WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 22. 22 Network Layer DoS  Hello    Flooding: the attacker node falsely broadcasts a shorter route to the base station through high power hello packet transmission. All nodes in spite that of being out of the radio range of the attacker, attempt to send packets to it. It facilitates Sinkhole attack.  Acknowledge   Spoofing: attacking node may overhear packet transmissions from its neighboring nodes and spoof the acknowledgments The attacker is able to disseminate wrong information about the status of the nodes WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 23. 23 Transport Layer DoS  Flooding:      Any protocol with status keeping at connection end is vulnerable to this. An attacker may repeatedly make new connection request. The resources required by each connection are exhausted or reach a maximum limit. Further legitimate requests will be ignored De-synchronization:   Disruption of an existing connection . Accurately timed, repeatedly spoof messages to an end host causing the host to request the retransmission of missed frames. WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 24. 24 DoS Attack Countermeasures WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 25. 25 Threats Against Secrecy  Node    Replication : An attacker attempts to add a node to an existing WSN by replication (i. e. copying) the node identifier of an already existing node in the network. Leads to network partitioning, communication of false sensor readings. Accessing Crypto keys, attacker can easily manipulate a specific segment of the network WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 26. 26 Threats Against Secrecy  Unauthorized Data aggregation:  Eavesdropping and Passive Monitoring:    Traffic Analysis:     Possible if communication is not protected by cryptographic mechanisms Example: Location information gathering identify some sensor nodes with special roles and activities in a WSN. It usually precedes the eavesdropping. 2 Mechanism : Rate Monitoring and Time Correlation Camouflage:  An adversary may compromise a sensor node in a WSN and later on use it to masquerade a normal node WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 27. 27 Defense Against Attacks on Sensor Privacy  Defense against Node Replication:  Randomized multicast:     Location Info is multicast to random witnesses. Birthday Paradox is used to detect replicated In a network of n nodes, if each location produces √n witnesses, then, the birthday paradox predicts at least one collision with high probability. Line-selected multicast:     It uses network topology to detect replicated It is based on the rumor routing protocol If a conflicting location claim ever crosses the line segment of location claim route to random witness, replication is detected. Communication overhead reduces from O(n2) to O(n√n) WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 28. 28 Defense Against Attacks on Unauthorized Data Aggregation  Defense against Traffic Analysis:   It prevents both rate monitoring and time correlation. It includes four mechanisms: Forwarding to multiple parents  Controlled Random Walk in multi hop path selection to distribute packet traffic  Random fake paths are introduced  Random areas of high communication activities are created to deceive the attacker  WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 29. 29 Defense Against Attacks on Sensor Privacy  Anonymity mechanisms:    An anonymity mechanism depersonalizes the data before it is released from the source. privacy and disclosure trade-off in location-based services. Four proposed approaches:       decentralization of storage of sensitive data establishment of secure channel for communication changing the pattern of data traffic exploiting mobility of the nodes Policy-Based approaches Information Flooding:  Four mechanisms are proposed as follows. WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 30. 30 Information Flooding mechanisms to protect privacy  Baseline flooding:   Probabilistic flooding:    only a subset of nodes in the entire network participates in data forwarding There is packet loss possibility. Flooding with fake messages:   every node in the network forwards a message only once (Broadcast to all neighbors) More sources can be introduced that inject fake messages into the network to prevent back tracing. Phantom flooding:  Probabilistic flooding same concept but changing the shortest path in each packet transmission.   First phase takes hops through random walk (unicast) Second phase floods the message through baseline flooding WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 31. 31 Other security Mechanisms…  Intrusion Detection  Secure Data Aggregation and Clustering  Secure Routing  Cryptography and key management  Trust Management WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 32. 32 Important WSN Security Protocols  SPIN  : SNEP(secure network encryption protocol)  Provides data confidentiality, two-party data authentication, and data freshness for peer to peer communication.  uTELSA (timed efficient streaming loss-tolerant authentication protocol)  provides authenticated broadcast WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir
  • 33. Thanks for your attention Questions? The End WSN Security - Ar.Ghaznavi ar.ghaznavi@stu.yazd.ac.ir