A Secure Communication Protocol For Wireless Biosensor Networks Masters Thesis by Krishna Kumar Venkatasubramanian Committ...
Overview <ul><li>Introduction </li></ul><ul><li>Problem Statement </li></ul><ul><li>System Model </li></ul><ul><li>Propose...
Biomedical Smart Sensors <ul><li>Miniature wireless systems. </li></ul><ul><li>Worn or implanted in the body. </li></ul><u...
Motivation for biosensor security <ul><li>Collect sensitive medical data.  </li></ul><ul><li>Legal requirement (HIPAA). </...
Problem Statement <ul><li>Direct communication to the BS can be prohibitive. </li></ul><ul><li>To minimize communication c...
Cluster Topology Cluster head Cluster Cluster Member Base Station
Traditional Cluster Formation Protocol CH1 CH2 CH3 1 2 3 4 5 Environment Weaker signal
Security Flaws <ul><li>HELLO Flood and Sinkhole Attack   </li></ul>1 2 3 Malicious Entity   acting as a  SINKHOLE Weaker s...
Security Flaws contd.. Node with  dead battery Network Partitioning. <ul><li>Malicious  entity sending bogus messages to s...
System Model <ul><li>ADVERSARIES: </li></ul><ul><li>Passive:  Eavesdrop on communication and tamper with it. </li></ul><ul...
Trust Assumptions <ul><li>The wireless communication is broadcast in nature and not trusted. </li></ul><ul><li>The biosens...
Key Pre-Deployment <ul><li>Each biosensor shares a unique pair-wise key ( master key ) with the BS. This key is called  NS...
Biometrics <ul><li>Physiological parameters like  heart rate and body glucose. </li></ul><ul><li>Used for securing/authent...
Issues with Biometrics <ul><li>Biometric value data-space is not large enough. </li></ul><ul><ul><li>Possible Solutions : ...
Biometric Authentication Measure biometric:  BioKey Generate  data  Compute Certificate: Cert [data] = MAC ( KRand, data),...
Centralized Protocol Execution Node j     All:   ID j , NonceN j , MAC(K’N j  – BS, ID j  | NonceN j ), Cert[ID j , Nonce...
Distributed Protocol Execution CH j     All:  CH j,  NonceCH j , E<KRand, Cntr>(Ktemp),  Cert[ID j , Cntr, NonceCH j ],  ...
Extensions  <ul><li>Distribute keys based on attributes. </li></ul><ul><li>Allows efficient data communication. </li></ul>...
Security Analysis (Passive Adversary) <ul><li>Hello Flood and Sinkhole Attack  Centralized:  </li></ul><ul><ul><ul><li>Mal...
Security Analysis (Passive Adversary) <ul><li>Sybil Attack  </li></ul><ul><ul><li>No entity can become part of network wit...
Security Analysis (Active Adversary) <ul><li>CH compromise </li></ul><ul><ul><li>Centralized: Security policy at BS to lim...
Implementation <ul><li>We have implemented the two cluster formation protocols and their extensions. </li></ul><ul><li>The...
Implementation contd.. <ul><li>Encryption  – SkipJack </li></ul><ul><li>Message Authentication Code  – CBC-MAC </li></ul><...
Comparison <ul><li>Security adds a overhead to the protocol. </li></ul><ul><li>We compared overhead in terms of energy con...
Security Overhead Comparison of Secure (without extension) and Non-secure Cluster Formation Protocols (CH = 5%)
Extension Overhead Comparison for Secure Cluster Formation Protocols with  their extensions (CH = 5%)
Conclusions & Future Work <ul><li>Protocols developed successfully prevent many of the potent attacks on the traditional c...
Reference <ul><li>[JW99] Ari Juels and Martin Wattenberg . “A fuzzy commitment scheme” . 1999. </li></ul><ul><li>[Dau92] J...
Upcoming SlideShare
Loading in …5
×

Krishna thesis presentation

941 views

Published on

test

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
941
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
16
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Krishna thesis presentation

  1. 1. A Secure Communication Protocol For Wireless Biosensor Networks Masters Thesis by Krishna Kumar Venkatasubramanian Committee: Dr. Sandeep Gupta Dr. Rida Bazzi Dr. Hessam Sarjoughian
  2. 2. Overview <ul><li>Introduction </li></ul><ul><li>Problem Statement </li></ul><ul><li>System Model </li></ul><ul><li>Proposed Protocols </li></ul><ul><li>Security Analysis </li></ul><ul><li>Implementation </li></ul><ul><li>Conclusions & Future Work </li></ul>
  3. 3. Biomedical Smart Sensors <ul><li>Miniature wireless systems. </li></ul><ul><li>Worn or implanted in the body. </li></ul><ul><li>Prominent uses: </li></ul><ul><ul><li>Health monitoring. </li></ul></ul><ul><ul><li>Prosthetics. </li></ul></ul><ul><ul><li>Drug delivery. </li></ul></ul><ul><li>Each sensor node has: </li></ul><ul><ul><li>Small size. </li></ul></ul><ul><ul><li>Limited </li></ul></ul><ul><ul><ul><li>memory </li></ul></ul></ul><ul><ul><ul><li>processing </li></ul></ul></ul><ul><ul><ul><li>communication capabilities </li></ul></ul></ul>Environment (Human Body) sensors Base Station Communication links
  4. 4. Motivation for biosensor security <ul><li>Collect sensitive medical data. </li></ul><ul><li>Legal requirement (HIPAA). </li></ul><ul><li>Attacks by malicious entity: </li></ul><ul><ul><li>Generate fake emergency warnings. </li></ul></ul><ul><ul><li>Prevent legitimate warnings from being reported. </li></ul></ul><ul><ul><li>Battery power depletion. </li></ul></ul><ul><ul><li>Excessive heating in the tissue. </li></ul></ul>
  5. 5. Problem Statement <ul><li>Direct communication to the BS can be prohibitive. </li></ul><ul><li>To minimize communication costs, biosensors can be organized into specific topologies. </li></ul><ul><li>Cluster topology is one of the energy-efficient communication topologies for sensor networks [HCB00]. </li></ul><ul><li>Traditional cluster formation protocol is not secure. </li></ul><ul><li>We want to develop protocols which allow for secure cluster formation in biosensor networks. </li></ul>
  6. 6. Cluster Topology Cluster head Cluster Cluster Member Base Station
  7. 7. Traditional Cluster Formation Protocol CH1 CH2 CH3 1 2 3 4 5 Environment Weaker signal
  8. 8. Security Flaws <ul><li>HELLO Flood and Sinkhole Attack </li></ul>1 2 3 Malicious Entity acting as a SINKHOLE Weaker signal CH2 CH1 <ul><ul><li>The sinkhole can now mount selective forwarding attacks on the biosensors in its “cluster”. </li></ul></ul><ul><ul><li>Malicious entity can mount a Sybil attack where it presents different identities to remain CH in multiple rounds. </li></ul></ul>
  9. 9. Security Flaws contd.. Node with dead battery Network Partitioning. <ul><li>Malicious entity sending bogus messages to sensor and depleting its energy. </li></ul><ul><li>Malicious entity having unnecessary communication with a sensor causing heating in the nearby tissue. </li></ul>Node with surrounding tissue at above normal temperature. Node with surrounding tissue at normal temperature. tissue
  10. 10. System Model <ul><li>ADVERSARIES: </li></ul><ul><li>Passive: Eavesdrop on communication and tamper with it. </li></ul><ul><ul><li>Active: Physically compromise the external biosensors. </li></ul></ul>Temperature sensor Glucose sensor
  11. 11. Trust Assumptions <ul><li>The wireless communication is broadcast in nature and not trusted. </li></ul><ul><li>The biosensors do not trust each other. </li></ul><ul><li>Base Station is assumed not to be compromised. </li></ul>
  12. 12. Key Pre-Deployment <ul><li>Each biosensor shares a unique pair-wise key ( master key ) with the BS. This key is called NSK </li></ul><ul><li>We do not use NSK directly for communication, we derive 4 keys from it ( derived keys ): </li></ul>K’ N-BS = H(NSK,2) K N-BS = H(NSK,1) K’ BS-N = H(NSK,4) K BS-N = H(NSK,3) MAC Keys Encryption Keys
  13. 13. Biometrics <ul><li>Physiological parameters like heart rate and body glucose. </li></ul><ul><li>Used for securing/authenticating communication between two biosensors which do not share any secret. </li></ul><ul><li>Usage Assumptions: </li></ul><ul><ul><li>Only biosensors in and on the body can measure biometrics. </li></ul></ul><ul><ul><li>There is a specific pre-defined biometric that all biosensors can measure. </li></ul></ul>
  14. 14. Issues with Biometrics <ul><li>Biometric value data-space is not large enough. </li></ul><ul><ul><li>Possible Solutions : </li></ul></ul><ul><ul><ul><li>Combine multiple biometric values. </li></ul></ul></ul><ul><ul><ul><li>Take multiple biometric measurements at each time. </li></ul></ul></ul><ul><ul><ul><li>Limit the validity time of a biometric value. </li></ul></ul></ul><ul><li>Biometric values at different sites produce different values. </li></ul><ul><ul><li>Solution Proposed in Literature : </li></ul></ul><ul><ul><ul><li>These differences are independent. [Dau92] </li></ul></ul></ul><ul><ul><ul><li>Can be modeled as channel errors. [Dau92] </li></ul></ul></ul><ul><ul><ul><li>Fuzzy commitment scheme based on [JW99] used to correct differences. </li></ul></ul></ul><ul><ul><ul><li>Can correct up to two bit errors in the biometric value measured at the sender and receiver. </li></ul></ul></ul>
  15. 15. Biometric Authentication Measure biometric: BioKey Generate data Compute Certificate: Cert [data] = MAC ( KRand, data), γ γ = KRand  BioKey Send Msg: data, Cert [data] Measure biometric: BioKey’ Receive Msg: data, Cert [data] Compute MAC Key: KRand’ = γ  BioKey’ f (KRand’) = KRand Compute Certificate MAC And compare with received: MAC (KRand, data) SENDER RECEIVER Biometric Measurement Schedule BMT 1 2 3 4 5 ST 6 Time-Period
  16. 16. Centralized Protocol Execution Node j  All: ID j , NonceN j , MAC(K’N j – BS, ID j | NonceN j ), Cert[ID j , NonceN j ] CH p  BS: ID j , NonceNi , MAC (K’N j – BS, ID j | NonceN i ), CH p , SS, E<K CH p -BS, Cntr>(KCH-N), MAC (K’CH p – BS, CH p | SS | E<K CH p -BS, Cntr>(KCH-N) | Cntr) BS  Node j : CH p , E<K BS-N j , Cntr’> (KCH-N), Cntr’, MAC(K’BS-N j , CH p | NonceN j | Cntr’ | E<K BS-N j , Cntr’> (KCH-N)) CH 1 Sensor Node Base Station CH 2 CH 3 CH1 CH 2 CH 3 CH 3
  17. 17. Distributed Protocol Execution CH j  All: CH j, NonceCH j , E<KRand, Cntr>(Ktemp), Cert[ID j , Cntr, NonceCH j ], λ λ = BioKey  KRand Node k  CH z : ID k , MAC (Ktemp, ID k | NonceCH z | Cntr | CH z ) CH 1 CH 2 CH 3 Sensor Node
  18. 18. Extensions <ul><li>Distribute keys based on attributes. </li></ul><ul><li>Allows efficient data communication. </li></ul><ul><li>The BS distributes the keys. </li></ul><ul><li>For centralized ABK, sent during cluster formation. </li></ul><ul><li>For distributed separate step needed. </li></ul>
  19. 19. Security Analysis (Passive Adversary) <ul><li>Hello Flood and Sinkhole Attack Centralized: </li></ul><ul><ul><ul><li>Malicious entity does not have appropriate keys to pose as legitimate CH. </li></ul></ul></ul><ul><ul><li>Distributed: </li></ul></ul><ul><ul><ul><li>Malicious entity cannot compute biometric certificate. </li></ul></ul></ul>
  20. 20. Security Analysis (Passive Adversary) <ul><li>Sybil Attack </li></ul><ul><ul><li>No entity can become part of network without having appropriate keys. </li></ul></ul><ul><li>Identity Spoofing </li></ul><ul><ul><li>Cannot pose as BS, no pair-wise (derived) keys. </li></ul></ul><ul><ul><li>Cannot pose as CH, no keys to authenticate data to BS. </li></ul></ul><ul><ul><li>Cannot pose as sensor node, cannot measure biometric to fool CH. </li></ul></ul>
  21. 21. Security Analysis (Active Adversary) <ul><li>CH compromise </li></ul><ul><ul><li>Centralized: Security policy at BS to limit number of sensor nodes in a cluster. </li></ul></ul><ul><ul><li>Distributed: Need intruder monitoring scheme. </li></ul></ul><ul><li>Sensor Node compromise </li></ul><ul><ul><li>Intruder monitoring scheme needed for both protocols. </li></ul></ul>
  22. 22. Implementation <ul><li>We have implemented the two cluster formation protocols and their extensions. </li></ul><ul><li>The implementation was done on the Mica2 sensor motes. </li></ul><ul><li>We used TinyOS sensor operating system for writing our programs. </li></ul><ul><li>For security primitives TinySec used. </li></ul>
  23. 23. Implementation contd.. <ul><li>Encryption – SkipJack </li></ul><ul><li>Message Authentication Code – CBC-MAC </li></ul><ul><li>We had 4 sensor nodes 3 CH and 1 BS in our implementation. </li></ul><ul><li>We simulated two main attacks on our implementation, both of which failed: </li></ul><ul><ul><li>HELLO Flood attack. </li></ul></ul><ul><ul><li>Identity spoofing of sensor node to infiltrate the network. </li></ul></ul>
  24. 24. Comparison <ul><li>Security adds a overhead to the protocol. </li></ul><ul><li>We compared overhead in terms of energy consumption. </li></ul><ul><li>To compare the protocols, we analyzed them using the communication model given in [HCB00]. </li></ul><ul><ul><li>E trans = E tx * k + E cx * k * d 2 </li></ul></ul><ul><ul><li>E recp = E rx * k </li></ul></ul>MAC size = 64 bits Sensor-BS distance = 0.75 m Inter-sensor distance = 0.1 m Number of Nodes = 100-1500 E cx = 100pJ/bit/m 2 E trans = E recp = 50 nJ/bit Signal Strength = 16 bits Key = 128 bits Nonce = Counter = 128 bits Node ID = 8 bits
  25. 25. Security Overhead Comparison of Secure (without extension) and Non-secure Cluster Formation Protocols (CH = 5%)
  26. 26. Extension Overhead Comparison for Secure Cluster Formation Protocols with their extensions (CH = 5%)
  27. 27. Conclusions & Future Work <ul><li>Protocols developed successfully prevent many of the potent attacks on the traditional cluster formation protocol. </li></ul><ul><li>Biometric based authentication used for ensuring authentication without previous key exchange. </li></ul><ul><li>Biometrics not traditionally random and schemes are needed to randomize them. </li></ul><ul><li>Better error correction schemes are needed which can correct larger differences in measured biometrics. </li></ul>
  28. 28. Reference <ul><li>[JW99] Ari Juels and Martin Wattenberg . “A fuzzy commitment scheme” . 1999. </li></ul><ul><li>[Dau92] J. Daugman, “High Confidence personal identification by rapid video analysis of iris texture” , IEEE International Carnahan Conference on Security Technology, pp 50-60, 1992. </li></ul><ul><li>[LGW01] L. Schwiebert, S. K. S. Gupta, J. Weinmann et al., “Research Challenges in Wireless Networks of Biomedical Sensors” , The Seventh Annual International Conference on Mobile Computing and Networking, pp 151-165, Rome Italy, July 2001 . </li></ul><ul><li>[HCB00] W. Rabiner Heinzelman, A. Chandrakasan, and H. Balakrishnan, “Energy-Efficient Communication Protocol for Wireless Microsensor Networks”, Proceedings of the 33rd International Conference on System Sciences (HICSS '00), January 2000. </li></ul>

×