A Holistic Approach to Secure Sensor Networks

798 views

Published on

1 Comment
1 Like
Statistics
Notes
No Downloads
Views
Total views
798
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
40
Comments
1
Likes
1
Embeds 0
No embeds

No notes for slide

A Holistic Approach to Secure Sensor Networks

  1. 1. A Holistic Approach to Secure Sensor Networks Sasikanth Avancha
  2. 2. Application Scenario Biological Attack !!
  3. 3. Wireless Sensor Network Command & Control Secure, Fixed Base Station Secure, Mobile Base Station Biological Attack !! Aggregated sensor data Commands and Orders Aggregated sensor data
  4. 4. Wireless Sensor Network Command & Control Secure, Fixed Base Station Secure, Mobile Base Station Biological Attack !! Subversive Attack !!!
  5. 5. Adaptive Wireless Sensor Network Command & Control Secure, Fixed Base Station Secure, Mobile Base Station Biological Attack !! Subversive Attack !!! Aggregated sensor data Commands and Orders Aggregated sensor data
  6. 6. Outline <ul><li>WSN State-of-the-Art </li></ul><ul><li>Thesis Statement </li></ul><ul><li>SWANS </li></ul><ul><li>SONETS </li></ul><ul><li>Conclusions </li></ul>
  7. 7. WSN State-of-the-Art <ul><li>Energy, Networking, Data Management, Security </li></ul><ul><li>Energy conservation is key </li></ul><ul><li>Solutions designed mostly for homogeneous WSNs </li></ul><ul><li>Security not a basic building block </li></ul><ul><li>Few solutions adaptive to environmental variations </li></ul>
  8. 8. Thesis <ul><li>Holistic Approach to WSN Design </li></ul><ul><ul><li>Mechanisms to detect, classify & respond to environmental variations </li></ul></ul><ul><ul><li>Security as basic building block </li></ul></ul><ul><li>Result </li></ul><ul><ul><li>Adaptive WSNs tuned to environment </li></ul></ul><ul><ul><li>Improved performance </li></ul></ul><ul><ul><ul><li>Security </li></ul></ul></ul><ul><ul><ul><li>Longevity </li></ul></ul></ul><ul><ul><ul><li>Connectivity </li></ul></ul></ul>
  9. 9. Secure & Adaptive WSN Framework <ul><li>SWANS: Two-tiered adaptability mechanism </li></ul><ul><ul><li>Node-level Adaptability </li></ul></ul><ul><ul><li>Network-level Adaptability </li></ul></ul><ul><li>SONETS: Secure self-organization </li></ul><ul><ul><li>Varied threat models </li></ul></ul><ul><ul><li>End-to-end & pair-wise secure links </li></ul></ul><ul><ul><li>Misbehavior detection & network repair </li></ul></ul>
  10. 10. Wireless Sensor Network Adaptability <ul><li>Ontological approach </li></ul><ul><ul><li>Identify parameter set and build module ontology </li></ul></ul><ul><ul><li>Create node ontology to describe sensor node states </li></ul></ul><ul><ul><li>Create network ontology to describe network states </li></ul></ul><ul><ul><li>Establish rules to enable nodes and network to modify operational behavior </li></ul></ul>
  11. 11. Related Work <ul><li>SPIN, Heinzelman et al. (Mobicom, 1999) </li></ul><ul><li>T-MAC, van Dam et al. (SenSys, 2003) </li></ul><ul><li>AIDA, He et al. (ACM TECS, 2004) </li></ul><ul><li>Adaptive Sampling, Jain et al. (DMSN, 2004) </li></ul><ul><li>ARC, Kang et al. (Basenets, 2004) </li></ul><ul><li>Adaptive routing </li></ul><ul><ul><li>LEACH </li></ul></ul><ul><ul><li>Directed Diffusion </li></ul></ul>
  12. 12. WSN Model
  13. 13. Node-level Adaptability
  14. 14. Parameter Set <ul><li>PHY </li></ul><ul><ul><li>Received power per packet, noise power </li></ul></ul><ul><ul><li>Carrier loss, format violation and HEC failure rates </li></ul></ul><ul><li>MAC </li></ul><ul><ul><li>Failed transmission, multiple retry and collision ratios </li></ul></ul><ul><ul><li>FCS failure rate </li></ul></ul><ul><li>Routing </li></ul><ul><ul><li>Node degree </li></ul></ul><ul><ul><li>Compromised node/link count </li></ul></ul><ul><ul><li>Failed node count </li></ul></ul><ul><ul><li>Reachable RRN count </li></ul></ul><ul><ul><li>Path and hop counts to RRNs </li></ul></ul><ul><ul><li>Router count </li></ul></ul>
  15. 15. Parameter Set <ul><li>Energy </li></ul><ul><ul><li>Remaining energy capacity </li></ul></ul><ul><ul><li>Energy consumption rate </li></ul></ul><ul><li>Sensor layer </li></ul><ul><ul><li>Sensor accuracy </li></ul></ul><ul><ul><li>Sensor energy consumption </li></ul></ul>
  16. 16. Monitor & Report <ul><li>Establish lower and upper bounds for each parameter </li></ul><ul><li>Monitor parameter values (per epoch/packet count/…) </li></ul><ul><li>Map parameter values to ontological symbols </li></ul><ul><li>Provide symbols to Logic Component </li></ul>
  17. 17. Module Ontology <ul><li>Logic Component </li></ul><ul><li>PHY, MAC, Routing, Energy and Sensor states </li></ul><ul><li>Tabular representation </li></ul><ul><ul><li>Resource-constrained nodes </li></ul></ul><ul><ul><li>Boolean expressions </li></ul></ul><ul><li>OWL-DL representation </li></ul><ul><ul><li>Resource-enhanced nodes </li></ul></ul><ul><ul><li>Parameters as owl:ObjectProperty </li></ul></ul><ul><ul><li>Module states as owl:Class </li></ul></ul>
  18. 18. Module Ontology <owl:Restriction> <owl:onProperty rdf:resource=&quot;#noisePower&quot;/> <owl:hasValue rdf:resource=&quot;#Amount_Abnormal&quot;/> </owl:Restriction> <owl:Class rdf:ID=&quot; PHYJammedByNoise &quot;> <owl:intersectionOf rdf:parseType=&quot;Collection&quot;> <owl:Class rdf:about=&quot;# PHY &quot;/> </owl:intersectionOf> </owl:Class>
  19. 19. Module Ontology <ul><li><owl:Class rdf:ID=&quot; PHYJammed &quot;> </li></ul><ul><li><rdfs:subClassOf rdf:resource=&quot;#PHY&quot;/> </li></ul><ul><li><owl:unionOf rdf:parseType=&quot;Collection&quot;> </li></ul><ul><li><owl:Class rdf:about=&quot;#PHYJammedByNoise&quot;/> </li></ul><ul><li><owl:Class rdf:about=&quot;#PHYJammedDueCarrierLoss&quot;/> </li></ul><ul><li></owl:unionOf> </li></ul><ul><li></owl:Class> </li></ul>
  20. 20. Node Ontology <ul><li>Sensor node states </li></ul><ul><ul><li>PHY, MAC, Routing, Energy and Sensor states </li></ul></ul><ul><li>Classes representing sensor node states </li></ul><ul><ul><li>Restrictions </li></ul></ul><ul><ul><li>Subsumption - subclassOf, intersectionOf, unionOf </li></ul></ul><ul><li>Deployable on sensor nodes </li></ul><ul><ul><li>Tabular representation </li></ul></ul><ul><ul><li>OWL-DL representation </li></ul></ul><ul><li>Deploying on RRNs </li></ul><ul><ul><li>memory vs. energy trade-off </li></ul></ul>
  21. 21. <ul><li><owl:Class rdf:ID=&quot; SensorNodePHYJammed &quot;> </li></ul><ul><li><owl:intersectionOf rdf:parseType=&quot;Collection&quot;> </li></ul><ul><li><owl:Class rdf:about=&quot;#SensorNode&quot;/> </li></ul><ul><li><owl:Restriction> </li></ul><ul><li><owl:onProperty rdf:resource=&quot;#hasPHY&quot;/> </li></ul><ul><li><owl:someValuesFrom rdf:resource=&quot;#PHYJammed&quot;/> </li></ul><ul><li></owl:Restriction> </li></ul><ul><li></owl:intersectionOf> </li></ul><ul><li></owl:Class> </li></ul>Node Ontology
  22. 22. Node Ontology <ul><li><owl:Class rdf:ID=&quot; SensorNodeJammed &quot;> </li></ul><ul><li><rdfs:subClassOf rdf:resource=&quot;#SensorNode&quot;/> </li></ul><ul><li><owl:unionOf rdf:parseType=&quot;Collection&quot;> </li></ul><ul><li><owl:Class rdf:about=&quot;#SensorNodePHYJammed&quot;/> </li></ul><ul><li><owl:Class rdf:about=&quot;#SensorNodeMACJammed&quot;/> </li></ul><ul><li></owl:unionOf> </li></ul><ul><li></owl:Class> </li></ul>
  23. 23. Logic Component Implementation <ul><li>Java Theorem Prover </li></ul><ul><ul><li>KB, reasoning engine </li></ul></ul><ul><ul><li>Server mode of operation </li></ul></ul><ul><ul><ul><li>Receive instance of sensor node state from monitor </li></ul></ul></ul><ul><ul><ul><li>tell instance to KB </li></ul></ul></ul><ul><ul><ul><li>ask query “( rdf:type snode.owl:SNi ?x)” </li></ul></ul></ul><ul><ul><ul><li>Return answer(s) </li></ul></ul></ul><ul><ul><ul><li>undo last operation (i.e., retract sensor node state instance) </li></ul></ul></ul><ul><li>Result is node’s current state </li></ul>
  24. 24. Action Component <ul><li>Node state = NS, Operational state = ? </li></ul><ul><li>Sensor node rule set </li></ul><ul><ul><li>NS (Jammed) V NS (SDTA) V ( NS (Disconnected) Λ ES (Low Energy))  OS (Sleep) </li></ul></ul><ul><ul><li>NS (Disconnection Imminent) Λ ES (Normal)  OS (Increase Tx Range) </li></ul></ul><ul><ul><li>NS (High Node Degree) V NS (Low Accuracy) V NS (Abnormal Routing Info.)  OS (Extend Active Period) </li></ul></ul>
  25. 25. Network-level Adaptability
  26. 26. RRN Monitoring & Reporting <ul><li>Obtain individual node states </li></ul><ul><ul><li>Periodic report </li></ul></ul><ul><ul><li>Query mechanism </li></ul></ul><ul><li>Classify nodes according to reported state </li></ul><ul><li>Determine cardinality of each class </li></ul><ul><li>Map to ontological symbols </li></ul>
  27. 27. RRN Logic Component <ul><li>Classify cluster instance represented by ontological symbols – network ontology </li></ul><ul><li>Network ontology </li></ul><ul><ul><li>OWL-DL implementation </li></ul></ul><ul><ul><li>Classes representing cluster states </li></ul></ul><ul><ul><li>Subsumption & Restriction </li></ul></ul><ul><li>Output </li></ul><ul><ul><li>Current logical state of cluster based on node states </li></ul></ul>
  28. 28. RRN Action Component <ul><li>Cluster state = X, Instructions = ? </li></ul><ul><li>RRN rule set </li></ul><ul><ul><li>CS (Under SDTA) Λ Detected (A) Λ Detects (S, A) Λ NS (S, Sleep)  NS (S, Active) </li></ul></ul><ul><ul><li>CS (Normal) Λ Detected (A) Λ Detects (S, A)  Stop Aggregation (S) </li></ul></ul>
  29. 29. Evaluation <ul><li>Problem </li></ul><ul><ul><li>Node addition attack (Zhu et al., CCS 2003) </li></ul></ul><ul><ul><li>Legitimate node addition </li></ul></ul><ul><li>SWANS Solution </li></ul><ul><ul><li>Monitor node degree </li></ul></ul><ul><ul><li>State == Node degree ↕  Operation = Security level ↕ </li></ul></ul><ul><li>Result </li></ul><ul><ul><li>Malicious nodes thwarted </li></ul></ul><ul><ul><li>Legitimate nodes accepted </li></ul></ul>
  30. 30. Adapt to Node Degree Increase Simulation Time (seconds) Average energy consumed per node (J) <ul><li>800 node network </li></ul><ul><li>400 nodes observe </li></ul><ul><li>node degree ↑ </li></ul>
  31. 31. Determining ND Thresholds Simulation Time (seconds) Average energy consumed per node (J) <ul><li>Initial size: 200 to 390 </li></ul><ul><li>ND increase: 5% </li></ul><ul><li>Final size: 210 to 400 </li></ul><ul><li>µ Δ , σ Δ </li></ul><ul><li>Determine n1, n2 </li></ul>
  32. 32. Evaluation <ul><li>Problem </li></ul><ul><ul><li>Sleep deprivation torture attack (Stajano and Anderson, 1999) </li></ul></ul><ul><li>SWANS solution </li></ul><ul><ul><li>Monitor HEC & FCS failures, format violations, collisions </li></ul></ul><ul><ul><li>Node state == SDTA  Operation = Sleep </li></ul></ul><ul><ul><li>Report node & operational states to RRNs </li></ul></ul><ul><ul><li>RRNs: Compute network state, modify node operation </li></ul></ul><ul><li>Result </li></ul><ul><ul><li>Network balances energy saving and utility </li></ul></ul>
  33. 33. Adapt to SDTA Simulation Time (seconds) Average energy consumed per node (J) Affected nodes detect SDTA & enter sleep state <ul><li>800-node WSN </li></ul><ul><li>400 nodes attacked </li></ul>RRNs compute global state & wake up some nodes
  34. 34. Evaluation <ul><li>Problem </li></ul><ul><ul><li>Node failures due to malfunction or attacks </li></ul></ul><ul><li>SWANS solution </li></ul><ul><ul><li>Nodes monitor count of failed neighbors (FN) </li></ul></ul><ul><ul><li>Node state == disconnected  Op. state = Tx range increase </li></ul></ul><ul><li>Result </li></ul><ul><ul><li>Nodes increase Tx range, prevent network partitioning </li></ul></ul><ul><ul><li>Node degrees increase , hop counts decrease </li></ul></ul><ul><li>Trade-off is between connectivity and energy consumption </li></ul>
  35. 35. Adapt to Node Failures (Node degree) Network Size Average Node Degree
  36. 36. Adapt to Node Failure (Hop counts) Network Size Average Hop Count
  37. 37. SONETS <ul><li>Neighbor discovery </li></ul><ul><ul><li>P-SONETS: Centralized </li></ul></ul><ul><ul><li>C-SONETS & D-SONETS: Distributed </li></ul></ul><ul><li>Topology discovery & network setup </li></ul><ul><ul><li>P-SONETS: Centralized, no key management </li></ul></ul><ul><ul><li>C-SONETS: Centralized pair-wise key management </li></ul></ul><ul><ul><li>D-SONETS: Distributed pair-wise key management </li></ul></ul><ul><li>Topology Maintenance </li></ul><ul><ul><li>Multi-hop pair-wise key establishment </li></ul></ul><ul><ul><li>Node addition & deletion </li></ul></ul>
  38. 38. Threat Models <ul><li>Adversary presence </li></ul><ul><ul><li>Local, Global </li></ul></ul><ul><li>Adversary attack mode </li></ul><ul><ul><li>Passive, Active </li></ul></ul><ul><li>Adversary attack capability </li></ul><ul><ul><li>Before, during, after self-organization </li></ul></ul>
  39. 39. Related Work <ul><li>Probabilistic Approaches </li></ul><ul><ul><li>Eschenauer & Gligor, CCS 2002 </li></ul></ul><ul><ul><li>Chan et al., ISSP 2003 </li></ul></ul><ul><ul><li>Du et al., CCS 2003 </li></ul></ul><ul><ul><li>Liu & Ning, CCS 2003 </li></ul></ul><ul><li>Deterministic Approaches </li></ul><ul><ul><li>Perrig et al., WINET 2002 </li></ul></ul><ul><ul><li>Zhu et al., CCS 2003 </li></ul></ul><ul><ul><li>Anderson et al., ICNP 2004 </li></ul></ul>
  40. 40. P-SONETS BS 1 14 5 19 23 9 11 3 BS to j: EK BS (*, EK j (j, Nonce, HELLO)) j to BS: EK BS (j, EK j (j, Nonce, HELLO_REPLY)) BS to k: EK BS (*, EK j (j, N 1 , RELAY)), EK k (k, N 2 , HELLO) j to k: EK BS (k, EK k (k, N 2 , HELLO)), Ψ k to j: EK BS (k, Ψ ), EK k (k, N 2 , HELLO_REPLY) j to BS: EK BS (k, EK k (k, N 2 , HELLO_REPLY)), EK j (j, N 1 ) BS: List of all keys K j j: K BS , K j
  41. 41. P-SONETS <ul><li>Network repair </li></ul><ul><ul><li>BS tracks node aberrance </li></ul></ul><ul><ul><ul><li>Lack of data </li></ul></ul></ul><ul><ul><ul><li>Corrupt data </li></ul></ul></ul><ul><ul><li>Reasons for aberrance </li></ul></ul><ul><ul><ul><li>Node is dead/compromised 2HN </li></ul></ul></ul><ul><ul><ul><li>Node is 2HN; relay point is dead/compromised </li></ul></ul></ul><ul><ul><ul><li>Node is dead/compromised 1HN </li></ul></ul></ul><ul><ul><li>BS repairs network </li></ul></ul><ul><ul><ul><li>Delete aberrant nodes </li></ul></ul></ul><ul><ul><ul><li>Reassign relay points, if required </li></ul></ul></ul>
  42. 42. P-SONETS <ul><li>Simulation using SensorSim (UCLA) </li></ul><ul><ul><li>100 node WSN </li></ul></ul><ul><ul><li>Simple radio & battery models </li></ul></ul><ul><ul><li>Varied sensor node distribution in each hop </li></ul></ul><ul><li>Average energy consumption </li></ul><ul><ul><li>Total initial energy in network = 3600 Asec </li></ul></ul><ul><ul><li>Node discovery, topology discovery, network setup: 36 mJ </li></ul></ul><ul><ul><li>Network repair when fixed number of nodes fail: 8 mJ </li></ul></ul>
  43. 43. C-SONETS <ul><li>1 to R: EK 1 (<5, 19, 14>) </li></ul><ul><li>R to 1: EK 1 (<x 15 , x 119 , x 114 >) </li></ul><ul><li>R to 5: EK 5 (x 51 ) </li></ul><ul><li>R to 14: EK 14 (x 141 , <R,2,1>) </li></ul><ul><li>Node 1: K 15 = f (x 15  x 1 ) </li></ul><ul><li>Node 5: K 15 = f (x 51  x 5 ) </li></ul><ul><li>14 to 1: EK 114 (FWD, <13>) </li></ul><ul><li>1 to R: EK 1 (DATA, <13>) </li></ul><ul><li>R to 14: EK 14 (x 1413 ) </li></ul><ul><li>R to 13: EK 13 (x 1314 , <R,3,14>) </li></ul><ul><li>Node 14: K 1413 = f(x 1413  x 14 ) </li></ul><ul><li>Node 13: K 1314 = f(x 1314  x 13 ) </li></ul>13 R 1 14 5 19 K 119 K 114 K 15 K 1413 K n , K u , x u on each node u & R C-SONETS K 5 K 1 x 15 = x 5  R 15 x 51 = x 1  R 15
  44. 44. Energy Consumption Network Size (n) Average energy consumed per node (J) <ul><li>Tx + Rx </li></ul><ul><li>Encrypt + Decrypt </li></ul><ul><li>Hashing </li></ul><ul><li>O(n 3 ) </li></ul><ul><li>Existing Protocols </li></ul><ul><ul><li>100s of mJ </li></ul></ul>
  45. 45. Node degree & Hop count Average node degree (d) <ul><li>Analytical Expression </li></ul><ul><ul><li>Bettstetter 2002 </li></ul></ul><ul><ul><li>E(d) = ρπ r 0 2 </li></ul></ul><ul><li>where, </li></ul><ul><li>ρ = n/Area </li></ul><ul><li>= n/(25x10 4 m 2 ) </li></ul><ul><ul><li>r 0 2 = Tx range </li></ul></ul><ul><ul><li>= 75 m </li></ul></ul><ul><ul><li>E(d) ≈ 7 to 70 </li></ul></ul><ul><ul><li>E(h) ≈ 4 </li></ul></ul>Hop count (h) Network size (n)
  46. 46. D-SONETS <ul><li>Node 1: Broadcast M 1 </li></ul><ul><ul><li>M 1 = EK n (*, 1, EK f(5) (5,x 51 ) || …) </li></ul></ul><ul><ul><li>x 51 = x 1  R 51 , … </li></ul></ul><ul><li>Node 5: Broadcast M 5 </li></ul><ul><ul><li>M 5 = EK n (*, 5, EK f(1) (1,x 15 )||…) </li></ul></ul><ul><ul><li>x 15 = x 5  R 15 , … </li></ul></ul><ul><li>Node 1 computes </li></ul><ul><ul><li>K 15 = f (x 15  x 51 ) </li></ul></ul><ul><li>Node 5 computes </li></ul><ul><ul><li>K 15 = f (x 51  x 15 ) </li></ul></ul><ul><li>Node 1 to Node 14: M 114 </li></ul><ul><ul><li>EK n (14, 1, EK 114 (<R,1>, <5,1>, …)) </li></ul></ul>13 R 1 14 5 19 K 119 K 114 K 15 K 1413 K n , K u , x u on each node u & R D-SONETS M 1 M 1 M 1 M 5 M 5 K 1 K 5 M 114
  47. 47. Energy Consumption (D-SONETS) Network size (n) Average energy consumed per node (J) <ul><li>50% of C-SONETS </li></ul><ul><li>Existing Protocols </li></ul><ul><ul><li>1/3 D-SONETS </li></ul></ul><ul><ul><ul><li>n ≤ 500 </li></ul></ul></ul><ul><ul><li>1/10 D-SONETS </li></ul></ul><ul><ul><ul><li>n > 500 </li></ul></ul></ul>
  48. 48. Security Analysis <ul><li>Node compromise </li></ul><ul><ul><li>Effect limited to 1-hop neighborhood </li></ul></ul><ul><ul><li>Links between uncompromised nodes remain secure </li></ul></ul><ul><li>Sybil (Douceur 2002) </li></ul><ul><ul><li>Identity-based authentication </li></ul></ul><ul><li>Wormhole & Sinkhole (Karlof and Wagner, 2003) </li></ul><ul><ul><li>Routing not based on shortest path </li></ul></ul><ul><li>Node replication </li></ul><ul><ul><li>RRNs exchange topology information periodically </li></ul></ul><ul><ul><li>Restrict node degree </li></ul></ul>
  49. 49. Node Deletion <ul><li>Neighbors detect misbehavior </li></ul><ul><li>Initiate voting process </li></ul><ul><ul><li>Majority affirmative vote to delete </li></ul></ul><ul><li>Inform RRN </li></ul><ul><ul><li>Provide list of ‘yea’ voters </li></ul></ul><ul><ul><li>RRN may poll individual voters </li></ul></ul><ul><li>RRN </li></ul><ul><ul><li>Generate new common shared key K n </li></ul></ul><ul><ul><li>Secure unicast </li></ul></ul>
  50. 50. Conclusions <ul><li>WSNs crucial component of pervasive computing environments of the future </li></ul><ul><li>WSNs in tune with application & environment </li></ul><ul><ul><li>Secure </li></ul></ul><ul><ul><li>Adaptive </li></ul></ul><ul><li>Our framework is comprehensive solution </li></ul><ul><ul><li>Security protocols for different levels of security </li></ul></ul><ul><ul><li>SONETS protocol suites scalable, efficient, resilient </li></ul></ul><ul><ul><li>SWANS provides multi-tiered WSN adaptability </li></ul></ul>
  51. 51. Future Work <ul><li>Adaptive data fidelity </li></ul><ul><li>Support for sensor adaptability </li></ul><ul><ul><li>Tune smart MEMS </li></ul></ul><ul><li>Real-world sensor deployment & evaluation </li></ul><ul><ul><li>Memory </li></ul></ul><ul><ul><li>Computational power </li></ul></ul><ul><li>Comprehensive high-level policy </li></ul><ul><ul><li>Govern WSN operational behavior </li></ul></ul><ul><ul><li>Resolve conflicts </li></ul></ul>

×