SlideShare a Scribd company logo
1 of 15
Security in Infrastructure Wireless
Sensor Networks
Emil	
  Lupu	
  
Imperial	
  College	
  London	
  
Security	
  in	
  WSN	
  is	
  difficult	
  because…	
  
•  Nodes	
  are	
  physically	
  
accessible	
  
•  Scale	
  is	
  unprecedended	
  
•  Resources	
  are	
  limited	
  
•  Opera?on	
  is	
  una@ended	
  
There	
  is	
  a	
  large	
  disconnect	
  between	
  
research	
  and	
  applica?on	
  
•  A	
  large	
  body	
  of	
  work	
  on	
  security	
  in	
  sensor	
  
networks.	
  	
  
–  …	
  a	
  cursory	
  search	
  on	
  Google	
  scholar	
  gives	
  34,400	
  
hits	
  since	
  2009	
  

•  Yet	
  security	
  remains	
  largely	
  ignored	
  in	
  
reported	
  deployments	
  	
  
Research	
  is	
  oPen	
  based	
  on	
  	
  
assump?ons	
  such	
  as	
  …	
  	
  
•  Random	
  choice	
  of	
  a@ack	
  targets	
  	
  
•  Nodes	
  are	
  placed…:	
  in	
  a	
  grid,	
  uniformly	
  and	
  
densely,	
  in	
  a	
  tree	
  with	
  a	
  single	
  sink,	
  in	
  pre-­‐
decided	
  groups.	
  	
  
•  Sensors	
  can	
  do…:	
  RSA	
  crypto,	
  puzzles,	
  Java,	
  
homomorphic	
  crypto,	
  game	
  theory….	
  as	
  well	
  
as	
  their	
  tasks.	
  	
  
•  All	
  nodes	
  are	
  coopera?ve	
  and	
  trustworthy,	
  
faults	
  always	
  occur	
  randomly.	
  	
  
Three	
  Guiding	
  Principles	
  
•  Link	
  studies	
  to	
  context	
  of	
  use	
  
•  Leverage	
  rela?onship	
  with	
  physical	
  
phenomena.	
  	
  
•  Security	
  as	
  part	
  of	
  resilient	
  design	
  
Link	
  studies	
  to	
  context	
  of	
  use	
  
• 
• 
• 
• 
• 
• 

Threat	
  Model	
  
Physical	
  Security	
  
Sensed	
  informa?on	
  
Topology	
  
Node	
  capabili?es	
  
Security	
  objec?ves	
  
Leverage	
  rela?onship	
  to	
  physical	
  
phenomena	
  
•  Key	
  genera?on	
  and	
  
distribu?on.	
  
•  Distance	
  bounding.	
  
•  Observability	
  of	
  
associa?on.	
  
•  A@esta?on.	
  
•  Verifica?on	
  of	
  correct	
  
behaviour	
  
Security	
  as	
  part	
  of	
  resilient	
  design	
  
•  Is	
  it	
  a	
  fault	
  or	
  a	
  
compromise?	
  
•  Redundancy	
  drives	
  
anomaly	
  detec?on,	
  
trust,	
  recovery	
  
•  Adapta?on	
  vs	
  security	
  
•  Resource	
  limita?ons	
  
Research	
  Themes	
  
•  Designing	
  solu?ons	
  in	
  concrete	
  se^ngs.	
  	
  
•  Establishing	
  confidence	
  in	
  the	
  correct	
  and	
  
secure	
  opera?on	
  of	
  devices.	
  	
  
•  Measuring	
  the	
  “health”	
  of	
  the	
  network	
  from	
  
within	
  itself.	
  	
  
•  Data	
  quality	
  and	
  trustworthiness	
  assurance.	
  
	
  
Designing	
  solu?ons	
  in	
  concrete	
  
se^ngs	
  
•  Key	
  management	
  for	
  the	
  
context	
  of	
  use	
  
•  Evaluate	
  and	
  improve	
  
exis?ng	
  algorithms	
  e.g.,	
  
applicability,	
  scaleability	
  
•  Mi?ga?on	
  and	
  recovery	
  
through	
  reconfigura?on	
  
Establishing	
  confidence	
  in	
  the	
  correct	
  
and	
  secure	
  opera?on	
  of	
  devices	
  	
  
	
  
•  Measuring	
  device	
  integrity.	
  
•  A@esta?on	
  techniques	
  
–  SoPware,	
  hardware,	
  physical	
  

•  Behavioural	
  fingerprin?ng	
  and	
  
valida?on.	
  
•  Reputa?on.	
  
Measuring	
  the	
  health	
  of	
  the	
  network	
  
from	
  within	
  itself	
  
•  For	
  a	
  sensor,	
  a	
  network,	
  a	
  city.	
  	
  
•  Assurances	
  and	
  Mechanisms	
  
•  Capability	
  of	
  restart/recovery/
response/degraded	
  opera?on	
  
•  Coordina?on/Topology/
Redundancy	
  
•  Effect	
  of	
  adapta?on	
  on	
  
security	
  and	
  resilience	
  
•  Learning	
  to	
  dis?nguish	
  
between	
  normal	
  behaviour,	
  
failures	
  and	
  security.	
  
•  Recognising	
  security	
  events	
  
in	
  constantly	
  evolving	
  
networks.	
  
•  A@ack	
  characterisa?on	
  
•  Compromise	
  epidemiology	
  
Data	
  Quality	
  and	
  Trustworthiness	
  
Assurance	
  

•  Data	
  protec?on	
  and	
  provenance	
  
•  In-­‐network	
  Data	
  Aggrega?on	
  
•  How	
  to	
  accept	
  data	
  degrada?on	
  to	
  maintain	
  
overall	
  system	
  goals.	
  	
  
•  Understand	
  and	
  mi?gate	
  against	
  data	
  
deteriora?on	
  effects	
  e.g.	
  node	
  compromise	
  
failures,	
  fouling	
  
•  Data	
  usage	
  control	
  
Polygonia	
  Interroga?onis	
  

More Related Content

What's hot

The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...DETER-Project
 
The Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectThe Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectDETER-Project
 
The DETER Project: Advancing the Science of Cyber Security Experimentation an...
The DETER Project: Advancing the Science of Cyber Security Experimentation an...The DETER Project: Advancing the Science of Cyber Security Experimentation an...
The DETER Project: Advancing the Science of Cyber Security Experimentation an...DETER-Project
 
Interface interoperability
Interface interoperabilityInterface interoperability
Interface interoperabilitymsdanij
 
Big Data Analytics and Advanced Computer Networking Scenarios
Big Data Analytics and Advanced Computer Networking ScenariosBig Data Analytics and Advanced Computer Networking Scenarios
Big Data Analytics and Advanced Computer Networking ScenariosStenio Fernandes
 
06 styles and_greenfield_design
06 styles and_greenfield_design06 styles and_greenfield_design
06 styles and_greenfield_designMajong DevJfu
 
Security optimization of dynamic networks with probabilistic graph modeling a...
Security optimization of dynamic networks with probabilistic graph modeling a...Security optimization of dynamic networks with probabilistic graph modeling a...
Security optimization of dynamic networks with probabilistic graph modeling a...Pvrtechnologies Nellore
 
Inspiration to Application: A Tutorial on Artificial Immune Systems
Inspiration to Application: A Tutorial on Artificial Immune SystemsInspiration to Application: A Tutorial on Artificial Immune Systems
Inspiration to Application: A Tutorial on Artificial Immune SystemsJulie Greensmith
 
Predicting Defects Using Change Genealogies (ISSE 2013)
Predicting Defects Using Change Genealogies (ISSE 2013)Predicting Defects Using Change Genealogies (ISSE 2013)
Predicting Defects Using Change Genealogies (ISSE 2013)Kim Herzig
 
A PROPOSED MODEL FOR DIMENSIONALITY REDUCTION TO IMPROVE THE CLASSIFICATION C...
A PROPOSED MODEL FOR DIMENSIONALITY REDUCTION TO IMPROVE THE CLASSIFICATION C...A PROPOSED MODEL FOR DIMENSIONALITY REDUCTION TO IMPROVE THE CLASSIFICATION C...
A PROPOSED MODEL FOR DIMENSIONALITY REDUCTION TO IMPROVE THE CLASSIFICATION C...IJNSA Journal
 
EdgarDB -- the simple, powerful database for scientific research
EdgarDB -- the simple, powerful database for scientific researchEdgarDB -- the simple, powerful database for scientific research
EdgarDB -- the simple, powerful database for scientific researchMark Khoury
 

What's hot (14)

The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
 
The Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER ProjectThe Science of Cyber Security Experimentation: The DETER Project
The Science of Cyber Security Experimentation: The DETER Project
 
The DETER Project: Advancing the Science of Cyber Security Experimentation an...
The DETER Project: Advancing the Science of Cyber Security Experimentation an...The DETER Project: Advancing the Science of Cyber Security Experimentation an...
The DETER Project: Advancing the Science of Cyber Security Experimentation an...
 
Interface interoperability
Interface interoperabilityInterface interoperability
Interface interoperability
 
Big Data Analytics and Advanced Computer Networking Scenarios
Big Data Analytics and Advanced Computer Networking ScenariosBig Data Analytics and Advanced Computer Networking Scenarios
Big Data Analytics and Advanced Computer Networking Scenarios
 
06 styles and_greenfield_design
06 styles and_greenfield_design06 styles and_greenfield_design
06 styles and_greenfield_design
 
Security optimization of dynamic networks with probabilistic graph modeling a...
Security optimization of dynamic networks with probabilistic graph modeling a...Security optimization of dynamic networks with probabilistic graph modeling a...
Security optimization of dynamic networks with probabilistic graph modeling a...
 
Inspiration to Application: A Tutorial on Artificial Immune Systems
Inspiration to Application: A Tutorial on Artificial Immune SystemsInspiration to Application: A Tutorial on Artificial Immune Systems
Inspiration to Application: A Tutorial on Artificial Immune Systems
 
Predicting Defects Using Change Genealogies (ISSE 2013)
Predicting Defects Using Change Genealogies (ISSE 2013)Predicting Defects Using Change Genealogies (ISSE 2013)
Predicting Defects Using Change Genealogies (ISSE 2013)
 
A PROPOSED MODEL FOR DIMENSIONALITY REDUCTION TO IMPROVE THE CLASSIFICATION C...
A PROPOSED MODEL FOR DIMENSIONALITY REDUCTION TO IMPROVE THE CLASSIFICATION C...A PROPOSED MODEL FOR DIMENSIONALITY REDUCTION TO IMPROVE THE CLASSIFICATION C...
A PROPOSED MODEL FOR DIMENSIONALITY REDUCTION TO IMPROVE THE CLASSIFICATION C...
 
EdgarDB -- the simple, powerful database for scientific research
EdgarDB -- the simple, powerful database for scientific researchEdgarDB -- the simple, powerful database for scientific research
EdgarDB -- the simple, powerful database for scientific research
 
How Does Cybersecurity Relate to Safety?
How Does Cybersecurity Relate to Safety?How Does Cybersecurity Relate to Safety?
How Does Cybersecurity Relate to Safety?
 
Cybersecurity Safety
Cybersecurity SafetyCybersecurity Safety
Cybersecurity Safety
 
Only Abstract
Only AbstractOnly Abstract
Only Abstract
 

Similar to WSN Security Research Directions

IEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel TalkIEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel TalkNathan Wallace, PhD, PE
 
Cybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.comCybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.comAravind R
 
Plnog13 2014 security intelligence_pkedra_v1
Plnog13 2014 security intelligence_pkedra_v1Plnog13 2014 security intelligence_pkedra_v1
Plnog13 2014 security intelligence_pkedra_v1PROIDEA
 
Finding the needle in the haystack: how Nestle is leveraging big data to defe...
Finding the needle in the haystack: how Nestle is leveraging big data to defe...Finding the needle in the haystack: how Nestle is leveraging big data to defe...
Finding the needle in the haystack: how Nestle is leveraging big data to defe...Big Data Spain
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourleyGovCloud Network
 
Greenbone vulnerability assessment - Networkshop44
Greenbone vulnerability assessment  - Networkshop44Greenbone vulnerability assessment  - Networkshop44
Greenbone vulnerability assessment - Networkshop44Jisc
 
Science DMZ security
Science DMZ securityScience DMZ security
Science DMZ securityJisc
 
CISM_WK_3.pptx
CISM_WK_3.pptxCISM_WK_3.pptx
CISM_WK_3.pptxdotco
 
Incident response in Cloud
Incident response in CloudIncident response in Cloud
Incident response in CloudVandana Verma
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectATMOSPHERE .
 
Submit Your Articles- International Journal of Advanced Smart Sensor Network ...
Submit Your Articles- International Journal of Advanced Smart Sensor Network ...Submit Your Articles- International Journal of Advanced Smart Sensor Network ...
Submit Your Articles- International Journal of Advanced Smart Sensor Network ...ijassn
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
 
Cervone uof t - nist framework (1)
Cervone   uof t - nist framework (1)Cervone   uof t - nist framework (1)
Cervone uof t - nist framework (1)Stephen Abram
 
International Journal of Advanced Smart Sensor Network Systems (IJASSN)
International Journal of Advanced Smart Sensor Network Systems (IJASSN)International Journal of Advanced Smart Sensor Network Systems (IJASSN)
International Journal of Advanced Smart Sensor Network Systems (IJASSN)ijassn
 
Auditing Distributed Preservation Networks
Auditing Distributed Preservation Networks Auditing Distributed Preservation Networks
Auditing Distributed Preservation Networks Micah Altman
 
Overview on security and privacy issues in wireless sensor networks-2014
Overview on security and privacy issues in  wireless sensor networks-2014Overview on security and privacy issues in  wireless sensor networks-2014
Overview on security and privacy issues in wireless sensor networks-2014Tarek Gaber
 
International Journal of Advanced Smart Sensor Network Systems (IJASSN)
International Journal of Advanced Smart Sensor Network Systems (IJASSN)International Journal of Advanced Smart Sensor Network Systems (IJASSN)
International Journal of Advanced Smart Sensor Network Systems (IJASSN)ijassn
 
Protecting Your IP with Perforce Helix and Interset
Protecting Your IP with Perforce Helix and IntersetProtecting Your IP with Perforce Helix and Interset
Protecting Your IP with Perforce Helix and IntersetPerforce
 

Similar to WSN Security Research Directions (20)

IEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel TalkIEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel Talk
 
Cybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.comCybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.com
 
Plnog13 2014 security intelligence_pkedra_v1
Plnog13 2014 security intelligence_pkedra_v1Plnog13 2014 security intelligence_pkedra_v1
Plnog13 2014 security intelligence_pkedra_v1
 
Finding the needle in the haystack: how Nestle is leveraging big data to defe...
Finding the needle in the haystack: how Nestle is leveraging big data to defe...Finding the needle in the haystack: how Nestle is leveraging big data to defe...
Finding the needle in the haystack: how Nestle is leveraging big data to defe...
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourley
 
Greenbone vulnerability assessment - Networkshop44
Greenbone vulnerability assessment  - Networkshop44Greenbone vulnerability assessment  - Networkshop44
Greenbone vulnerability assessment - Networkshop44
 
Science DMZ security
Science DMZ securityScience DMZ security
Science DMZ security
 
CISM_WK_3.pptx
CISM_WK_3.pptxCISM_WK_3.pptx
CISM_WK_3.pptx
 
Incident response in Cloud
Incident response in CloudIncident response in Cloud
Incident response in Cloud
 
Software Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE projectSoftware Defined Networking in the ATMOSPHERE project
Software Defined Networking in the ATMOSPHERE project
 
Submit Your Articles- International Journal of Advanced Smart Sensor Network ...
Submit Your Articles- International Journal of Advanced Smart Sensor Network ...Submit Your Articles- International Journal of Advanced Smart Sensor Network ...
Submit Your Articles- International Journal of Advanced Smart Sensor Network ...
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical Hacking
 
Herklotz - Information Operations and Security - Spring Review 2013
Herklotz - Information Operations and Security - Spring Review 2013Herklotz - Information Operations and Security - Spring Review 2013
Herklotz - Information Operations and Security - Spring Review 2013
 
Cervone uof t - nist framework (1)
Cervone   uof t - nist framework (1)Cervone   uof t - nist framework (1)
Cervone uof t - nist framework (1)
 
International Journal of Advanced Smart Sensor Network Systems (IJASSN)
International Journal of Advanced Smart Sensor Network Systems (IJASSN)International Journal of Advanced Smart Sensor Network Systems (IJASSN)
International Journal of Advanced Smart Sensor Network Systems (IJASSN)
 
Internet safety and security strategies for building an internet safety wall
Internet safety and security strategies for building an internet safety wallInternet safety and security strategies for building an internet safety wall
Internet safety and security strategies for building an internet safety wall
 
Auditing Distributed Preservation Networks
Auditing Distributed Preservation Networks Auditing Distributed Preservation Networks
Auditing Distributed Preservation Networks
 
Overview on security and privacy issues in wireless sensor networks-2014
Overview on security and privacy issues in  wireless sensor networks-2014Overview on security and privacy issues in  wireless sensor networks-2014
Overview on security and privacy issues in wireless sensor networks-2014
 
International Journal of Advanced Smart Sensor Network Systems (IJASSN)
International Journal of Advanced Smart Sensor Network Systems (IJASSN)International Journal of Advanced Smart Sensor Network Systems (IJASSN)
International Journal of Advanced Smart Sensor Network Systems (IJASSN)
 
Protecting Your IP with Perforce Helix and Interset
Protecting Your IP with Perforce Helix and IntersetProtecting Your IP with Perforce Helix and Interset
Protecting Your IP with Perforce Helix and Interset
 

Recently uploaded

"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 

Recently uploaded (20)

"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 

WSN Security Research Directions

  • 1. Security in Infrastructure Wireless Sensor Networks Emil  Lupu   Imperial  College  London  
  • 2. Security  in  WSN  is  difficult  because…   •  Nodes  are  physically   accessible   •  Scale  is  unprecedended   •  Resources  are  limited   •  Opera?on  is  una@ended  
  • 3. There  is  a  large  disconnect  between   research  and  applica?on   •  A  large  body  of  work  on  security  in  sensor   networks.     –  …  a  cursory  search  on  Google  scholar  gives  34,400   hits  since  2009   •  Yet  security  remains  largely  ignored  in   reported  deployments    
  • 4. Research  is  oPen  based  on     assump?ons  such  as  …     •  Random  choice  of  a@ack  targets     •  Nodes  are  placed…:  in  a  grid,  uniformly  and   densely,  in  a  tree  with  a  single  sink,  in  pre-­‐ decided  groups.     •  Sensors  can  do…:  RSA  crypto,  puzzles,  Java,   homomorphic  crypto,  game  theory….  as  well   as  their  tasks.     •  All  nodes  are  coopera?ve  and  trustworthy,   faults  always  occur  randomly.    
  • 5. Three  Guiding  Principles   •  Link  studies  to  context  of  use   •  Leverage  rela?onship  with  physical   phenomena.     •  Security  as  part  of  resilient  design  
  • 6. Link  studies  to  context  of  use   •  •  •  •  •  •  Threat  Model   Physical  Security   Sensed  informa?on   Topology   Node  capabili?es   Security  objec?ves  
  • 7. Leverage  rela?onship  to  physical   phenomena   •  Key  genera?on  and   distribu?on.   •  Distance  bounding.   •  Observability  of   associa?on.   •  A@esta?on.   •  Verifica?on  of  correct   behaviour  
  • 8. Security  as  part  of  resilient  design   •  Is  it  a  fault  or  a   compromise?   •  Redundancy  drives   anomaly  detec?on,   trust,  recovery   •  Adapta?on  vs  security   •  Resource  limita?ons  
  • 9. Research  Themes   •  Designing  solu?ons  in  concrete  se^ngs.     •  Establishing  confidence  in  the  correct  and   secure  opera?on  of  devices.     •  Measuring  the  “health”  of  the  network  from   within  itself.     •  Data  quality  and  trustworthiness  assurance.    
  • 10. Designing  solu?ons  in  concrete   se^ngs   •  Key  management  for  the   context  of  use   •  Evaluate  and  improve   exis?ng  algorithms  e.g.,   applicability,  scaleability   •  Mi?ga?on  and  recovery   through  reconfigura?on  
  • 11. Establishing  confidence  in  the  correct   and  secure  opera?on  of  devices       •  Measuring  device  integrity.   •  A@esta?on  techniques   –  SoPware,  hardware,  physical   •  Behavioural  fingerprin?ng  and   valida?on.   •  Reputa?on.  
  • 12. Measuring  the  health  of  the  network   from  within  itself   •  For  a  sensor,  a  network,  a  city.     •  Assurances  and  Mechanisms   •  Capability  of  restart/recovery/ response/degraded  opera?on   •  Coordina?on/Topology/ Redundancy   •  Effect  of  adapta?on  on   security  and  resilience  
  • 13. •  Learning  to  dis?nguish   between  normal  behaviour,   failures  and  security.   •  Recognising  security  events   in  constantly  evolving   networks.   •  A@ack  characterisa?on   •  Compromise  epidemiology  
  • 14. Data  Quality  and  Trustworthiness   Assurance   •  Data  protec?on  and  provenance   •  In-­‐network  Data  Aggrega?on   •  How  to  accept  data  degrada?on  to  maintain   overall  system  goals.     •  Understand  and  mi?gate  against  data   deteriora?on  effects  e.g.  node  compromise   failures,  fouling   •  Data  usage  control