• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
A Holistic Approach to Secure Sensor Networks
 

A Holistic Approach to Secure Sensor Networks

on

  • 835 views

 

Statistics

Views

Total Views
835
Views on SlideShare
833
Embed Views
2

Actions

Likes
1
Downloads
34
Comments
1

1 Embed 2

http://www.slideshare.net 2

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel

11 of 1 previous next

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    A Holistic Approach to Secure Sensor Networks A Holistic Approach to Secure Sensor Networks Presentation Transcript

    • A Holistic Approach to Secure Sensor Networks Sasikanth Avancha
    • Application Scenario Biological Attack !!
    • Wireless Sensor Network Command & Control Secure, Fixed Base Station Secure, Mobile Base Station Biological Attack !! Aggregated sensor data Commands and Orders Aggregated sensor data
    • Wireless Sensor Network Command & Control Secure, Fixed Base Station Secure, Mobile Base Station Biological Attack !! Subversive Attack !!!
    • Adaptive Wireless Sensor Network Command & Control Secure, Fixed Base Station Secure, Mobile Base Station Biological Attack !! Subversive Attack !!! Aggregated sensor data Commands and Orders Aggregated sensor data
    • Outline
      • WSN State-of-the-Art
      • Thesis Statement
      • SWANS
      • SONETS
      • Conclusions
    • WSN State-of-the-Art
      • Energy, Networking, Data Management, Security
      • Energy conservation is key
      • Solutions designed mostly for homogeneous WSNs
      • Security not a basic building block
      • Few solutions adaptive to environmental variations
    • Thesis
      • Holistic Approach to WSN Design
        • Mechanisms to detect, classify & respond to environmental variations
        • Security as basic building block
      • Result
        • Adaptive WSNs tuned to environment
        • Improved performance
          • Security
          • Longevity
          • Connectivity
    • Secure & Adaptive WSN Framework
      • SWANS: Two-tiered adaptability mechanism
        • Node-level Adaptability
        • Network-level Adaptability
      • SONETS: Secure self-organization
        • Varied threat models
        • End-to-end & pair-wise secure links
        • Misbehavior detection & network repair
    • Wireless Sensor Network Adaptability
      • Ontological approach
        • Identify parameter set and build module ontology
        • Create node ontology to describe sensor node states
        • Create network ontology to describe network states
        • Establish rules to enable nodes and network to modify operational behavior
    • Related Work
      • SPIN, Heinzelman et al. (Mobicom, 1999)
      • T-MAC, van Dam et al. (SenSys, 2003)
      • AIDA, He et al. (ACM TECS, 2004)
      • Adaptive Sampling, Jain et al. (DMSN, 2004)
      • ARC, Kang et al. (Basenets, 2004)
      • Adaptive routing
        • LEACH
        • Directed Diffusion
    • WSN Model
    • Node-level Adaptability
    • Parameter Set
      • PHY
        • Received power per packet, noise power
        • Carrier loss, format violation and HEC failure rates
      • MAC
        • Failed transmission, multiple retry and collision ratios
        • FCS failure rate
      • Routing
        • Node degree
        • Compromised node/link count
        • Failed node count
        • Reachable RRN count
        • Path and hop counts to RRNs
        • Router count
    • Parameter Set
      • Energy
        • Remaining energy capacity
        • Energy consumption rate
      • Sensor layer
        • Sensor accuracy
        • Sensor energy consumption
    • Monitor & Report
      • Establish lower and upper bounds for each parameter
      • Monitor parameter values (per epoch/packet count/…)
      • Map parameter values to ontological symbols
      • Provide symbols to Logic Component
    • Module Ontology
      • Logic Component
      • PHY, MAC, Routing, Energy and Sensor states
      • Tabular representation
        • Resource-constrained nodes
        • Boolean expressions
      • OWL-DL representation
        • Resource-enhanced nodes
        • Parameters as owl:ObjectProperty
        • Module states as owl:Class
    • Module Ontology <owl:Restriction> <owl:onProperty rdf:resource=&quot;#noisePower&quot;/> <owl:hasValue rdf:resource=&quot;#Amount_Abnormal&quot;/> </owl:Restriction> <owl:Class rdf:ID=&quot; PHYJammedByNoise &quot;> <owl:intersectionOf rdf:parseType=&quot;Collection&quot;> <owl:Class rdf:about=&quot;# PHY &quot;/> </owl:intersectionOf> </owl:Class>
    • Module Ontology
      • <owl:Class rdf:ID=&quot; PHYJammed &quot;>
      • <rdfs:subClassOf rdf:resource=&quot;#PHY&quot;/>
      • <owl:unionOf rdf:parseType=&quot;Collection&quot;>
      • <owl:Class rdf:about=&quot;#PHYJammedByNoise&quot;/>
      • <owl:Class rdf:about=&quot;#PHYJammedDueCarrierLoss&quot;/>
      • </owl:unionOf>
      • </owl:Class>
    • Node Ontology
      • Sensor node states
        • PHY, MAC, Routing, Energy and Sensor states
      • Classes representing sensor node states
        • Restrictions
        • Subsumption - subclassOf, intersectionOf, unionOf
      • Deployable on sensor nodes
        • Tabular representation
        • OWL-DL representation
      • Deploying on RRNs
        • memory vs. energy trade-off
      • <owl:Class rdf:ID=&quot; SensorNodePHYJammed &quot;>
      • <owl:intersectionOf rdf:parseType=&quot;Collection&quot;>
      • <owl:Class rdf:about=&quot;#SensorNode&quot;/>
      • <owl:Restriction>
      • <owl:onProperty rdf:resource=&quot;#hasPHY&quot;/>
      • <owl:someValuesFrom rdf:resource=&quot;#PHYJammed&quot;/>
      • </owl:Restriction>
      • </owl:intersectionOf>
      • </owl:Class>
      Node Ontology
    • Node Ontology
      • <owl:Class rdf:ID=&quot; SensorNodeJammed &quot;>
      • <rdfs:subClassOf rdf:resource=&quot;#SensorNode&quot;/>
      • <owl:unionOf rdf:parseType=&quot;Collection&quot;>
      • <owl:Class rdf:about=&quot;#SensorNodePHYJammed&quot;/>
      • <owl:Class rdf:about=&quot;#SensorNodeMACJammed&quot;/>
      • </owl:unionOf>
      • </owl:Class>
    • Logic Component Implementation
      • Java Theorem Prover
        • KB, reasoning engine
        • Server mode of operation
          • Receive instance of sensor node state from monitor
          • tell instance to KB
          • ask query “( rdf:type snode.owl:SNi ?x)”
          • Return answer(s)
          • undo last operation (i.e., retract sensor node state instance)
      • Result is node’s current state
    • Action Component
      • Node state = NS, Operational state = ?
      • Sensor node rule set
        • NS (Jammed) V NS (SDTA) V ( NS (Disconnected) Λ ES (Low Energy))  OS (Sleep)
        • NS (Disconnection Imminent) Λ ES (Normal)  OS (Increase Tx Range)
        • NS (High Node Degree) V NS (Low Accuracy) V NS (Abnormal Routing Info.)  OS (Extend Active Period)
    • Network-level Adaptability
    • RRN Monitoring & Reporting
      • Obtain individual node states
        • Periodic report
        • Query mechanism
      • Classify nodes according to reported state
      • Determine cardinality of each class
      • Map to ontological symbols
    • RRN Logic Component
      • Classify cluster instance represented by ontological symbols – network ontology
      • Network ontology
        • OWL-DL implementation
        • Classes representing cluster states
        • Subsumption & Restriction
      • Output
        • Current logical state of cluster based on node states
    • RRN Action Component
      • Cluster state = X, Instructions = ?
      • RRN rule set
        • CS (Under SDTA) Λ Detected (A) Λ Detects (S, A) Λ NS (S, Sleep)  NS (S, Active)
        • CS (Normal) Λ Detected (A) Λ Detects (S, A)  Stop Aggregation (S)
    • Evaluation
      • Problem
        • Node addition attack (Zhu et al., CCS 2003)
        • Legitimate node addition
      • SWANS Solution
        • Monitor node degree
        • State == Node degree ↕  Operation = Security level ↕
      • Result
        • Malicious nodes thwarted
        • Legitimate nodes accepted
    • Adapt to Node Degree Increase Simulation Time (seconds) Average energy consumed per node (J)
      • 800 node network
      • 400 nodes observe
      • node degree ↑
    • Determining ND Thresholds Simulation Time (seconds) Average energy consumed per node (J)
      • Initial size: 200 to 390
      • ND increase: 5%
      • Final size: 210 to 400
      • µ Δ , σ Δ
      • Determine n1, n2
    • Evaluation
      • Problem
        • Sleep deprivation torture attack (Stajano and Anderson, 1999)
      • SWANS solution
        • Monitor HEC & FCS failures, format violations, collisions
        • Node state == SDTA  Operation = Sleep
        • Report node & operational states to RRNs
        • RRNs: Compute network state, modify node operation
      • Result
        • Network balances energy saving and utility
    • Adapt to SDTA Simulation Time (seconds) Average energy consumed per node (J) Affected nodes detect SDTA & enter sleep state
      • 800-node WSN
      • 400 nodes attacked
      RRNs compute global state & wake up some nodes
    • Evaluation
      • Problem
        • Node failures due to malfunction or attacks
      • SWANS solution
        • Nodes monitor count of failed neighbors (FN)
        • Node state == disconnected  Op. state = Tx range increase
      • Result
        • Nodes increase Tx range, prevent network partitioning
        • Node degrees increase , hop counts decrease
      • Trade-off is between connectivity and energy consumption
    • Adapt to Node Failures (Node degree) Network Size Average Node Degree
    • Adapt to Node Failure (Hop counts) Network Size Average Hop Count
    • SONETS
      • Neighbor discovery
        • P-SONETS: Centralized
        • C-SONETS & D-SONETS: Distributed
      • Topology discovery & network setup
        • P-SONETS: Centralized, no key management
        • C-SONETS: Centralized pair-wise key management
        • D-SONETS: Distributed pair-wise key management
      • Topology Maintenance
        • Multi-hop pair-wise key establishment
        • Node addition & deletion
    • Threat Models
      • Adversary presence
        • Local, Global
      • Adversary attack mode
        • Passive, Active
      • Adversary attack capability
        • Before, during, after self-organization
    • Related Work
      • Probabilistic Approaches
        • Eschenauer & Gligor, CCS 2002
        • Chan et al., ISSP 2003
        • Du et al., CCS 2003
        • Liu & Ning, CCS 2003
      • Deterministic Approaches
        • Perrig et al., WINET 2002
        • Zhu et al., CCS 2003
        • Anderson et al., ICNP 2004
    • P-SONETS BS 1 14 5 19 23 9 11 3 BS to j: EK BS (*, EK j (j, Nonce, HELLO)) j to BS: EK BS (j, EK j (j, Nonce, HELLO_REPLY)) BS to k: EK BS (*, EK j (j, N 1 , RELAY)), EK k (k, N 2 , HELLO) j to k: EK BS (k, EK k (k, N 2 , HELLO)), Ψ k to j: EK BS (k, Ψ ), EK k (k, N 2 , HELLO_REPLY) j to BS: EK BS (k, EK k (k, N 2 , HELLO_REPLY)), EK j (j, N 1 ) BS: List of all keys K j j: K BS , K j
    • P-SONETS
      • Network repair
        • BS tracks node aberrance
          • Lack of data
          • Corrupt data
        • Reasons for aberrance
          • Node is dead/compromised 2HN
          • Node is 2HN; relay point is dead/compromised
          • Node is dead/compromised 1HN
        • BS repairs network
          • Delete aberrant nodes
          • Reassign relay points, if required
    • P-SONETS
      • Simulation using SensorSim (UCLA)
        • 100 node WSN
        • Simple radio & battery models
        • Varied sensor node distribution in each hop
      • Average energy consumption
        • Total initial energy in network = 3600 Asec
        • Node discovery, topology discovery, network setup: 36 mJ
        • Network repair when fixed number of nodes fail: 8 mJ
    • C-SONETS
      • 1 to R: EK 1 (<5, 19, 14>)
      • R to 1: EK 1 (<x 15 , x 119 , x 114 >)
      • R to 5: EK 5 (x 51 )
      • R to 14: EK 14 (x 141 , <R,2,1>)
      • Node 1: K 15 = f (x 15  x 1 )
      • Node 5: K 15 = f (x 51  x 5 )
      • 14 to 1: EK 114 (FWD, <13>)
      • 1 to R: EK 1 (DATA, <13>)
      • R to 14: EK 14 (x 1413 )
      • R to 13: EK 13 (x 1314 , <R,3,14>)
      • Node 14: K 1413 = f(x 1413  x 14 )
      • Node 13: K 1314 = f(x 1314  x 13 )
      13 R 1 14 5 19 K 119 K 114 K 15 K 1413 K n , K u , x u on each node u & R C-SONETS K 5 K 1 x 15 = x 5  R 15 x 51 = x 1  R 15
    • Energy Consumption Network Size (n) Average energy consumed per node (J)
      • Tx + Rx
      • Encrypt + Decrypt
      • Hashing
      • O(n 3 )
      • Existing Protocols
        • 100s of mJ
    • Node degree & Hop count Average node degree (d)
      • Analytical Expression
        • Bettstetter 2002
        • E(d) = ρπ r 0 2
      • where,
      • ρ = n/Area
      • = n/(25x10 4 m 2 )
        • r 0 2 = Tx range
        • = 75 m
        • E(d) ≈ 7 to 70
        • E(h) ≈ 4
      Hop count (h) Network size (n)
    • D-SONETS
      • Node 1: Broadcast M 1
        • M 1 = EK n (*, 1, EK f(5) (5,x 51 ) || …)
        • x 51 = x 1  R 51 , …
      • Node 5: Broadcast M 5
        • M 5 = EK n (*, 5, EK f(1) (1,x 15 )||…)
        • x 15 = x 5  R 15 , …
      • Node 1 computes
        • K 15 = f (x 15  x 51 )
      • Node 5 computes
        • K 15 = f (x 51  x 15 )
      • Node 1 to Node 14: M 114
        • EK n (14, 1, EK 114 (<R,1>, <5,1>, …))
      13 R 1 14 5 19 K 119 K 114 K 15 K 1413 K n , K u , x u on each node u & R D-SONETS M 1 M 1 M 1 M 5 M 5 K 1 K 5 M 114
    • Energy Consumption (D-SONETS) Network size (n) Average energy consumed per node (J)
      • 50% of C-SONETS
      • Existing Protocols
        • 1/3 D-SONETS
          • n ≤ 500
        • 1/10 D-SONETS
          • n > 500
    • Security Analysis
      • Node compromise
        • Effect limited to 1-hop neighborhood
        • Links between uncompromised nodes remain secure
      • Sybil (Douceur 2002)
        • Identity-based authentication
      • Wormhole & Sinkhole (Karlof and Wagner, 2003)
        • Routing not based on shortest path
      • Node replication
        • RRNs exchange topology information periodically
        • Restrict node degree
    • Node Deletion
      • Neighbors detect misbehavior
      • Initiate voting process
        • Majority affirmative vote to delete
      • Inform RRN
        • Provide list of ‘yea’ voters
        • RRN may poll individual voters
      • RRN
        • Generate new common shared key K n
        • Secure unicast
    • Conclusions
      • WSNs crucial component of pervasive computing environments of the future
      • WSNs in tune with application & environment
        • Secure
        • Adaptive
      • Our framework is comprehensive solution
        • Security protocols for different levels of security
        • SONETS protocol suites scalable, efficient, resilient
        • SWANS provides multi-tiered WSN adaptability
    • Future Work
      • Adaptive data fidelity
      • Support for sensor adaptability
        • Tune smart MEMS
      • Real-world sensor deployment & evaluation
        • Memory
        • Computational power
      • Comprehensive high-level policy
        • Govern WSN operational behavior
        • Resolve conflicts