Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Analysis of Energy Depletion
Attacks:
Wireless Device Cases
Vasily Desnitsky
Laboratory of Computer Security Problems, SPI...
Wireless network devices
Objectives
o State-of-the-art
o Analysis of energy depletion attacks
o Modeling energy depletion attacks on two use cases
...
Existing papers
Article title Country/University Year
Defending Against Resource Depletion Attacks in Wireless Sensor
Netw...
Attacks types
o Denial-of-sleep
o Traffic increase
o Electromagnetic interference (jamming attack)
o Software misuse
Attacks evaluation
Denial-of-sleep
Traffic increase
Electromagnetic
interference
(jamming attack)
Software misuse
Barrier ...
Effectiveness of Denial-of-sleep attacks
GPS
5 µA vs. 10 mA
WiFi
1 µA vs. 1 mA
Bluetooth
5 µA vs. 5 mA
GSM
5 µA vs. 50 mA
...
Use case 1: Smartphone
Device OS
Measurements of
energy consumption Wireless network
Nexus 5 Android 6
(Marshmallow)
Reading battery
charge
by Ba...
Simulating Denial-of-Sleep attack
Kali Linux based simulation of
an attack on Bluetooth
module by means of
o Bluetoothctl ...
Experimental results
Battery charge
Spent during 4hours,
Bluetooth working
in sleep mode
4%
Nexus 5 was used as a test dev...
Use case 2: ZigBee-based network
Device OS
Measurements of
energy consumption
XBee S2 Digi XBee s2
platform
Measurement of
current consumption
by MAX471 me...
Scheme of the experiments
MAX471
(current sensor)
Arduino MEGA
XBee S2XBee S2
Arduino UNO
Attacker Mesuaring circuit
Targe...
Simulating Denial-of-Sleep attack
Simulating Denial-of-Sleep
attack on ZigBee module by
using XCTU to
o detect the device ...
Experimental results
1. In normal mode 2. Undo attack2.3 (mW) 140.5 (mW)
W1/W2 = 61
Conclusions
o Energy depletion attack
• effective
• easy to implement
o Protection tools
Thank you for your attention!
Vasily Desnitsky, desnitsky@comsec.spb.ru
Contact
Upcoming SlideShare
Loading in …5
×

Анализ атак на исчерпание энергоресурсов на примере устройств беспроводных сетей

197 views

Published on

В работе исследуются атаки, направленные на исчерпание энергоресурсов устройств, работающих от автономных источников питания. Анализируются следующие виды атак: принудительный вывод устройств из режима работы с низким энергопотреблением (Denial-of-Sleep attacks), увеличение трафика, создание электромагнитных шумов, нештатное использование ПО. Работа иллюстрируется моделированием некоторых видов атак на мобильное устройство на базе платформы Android и на узлы ZigBee-сети.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Анализ атак на исчерпание энергоресурсов на примере устройств беспроводных сетей

  1. 1. Analysis of Energy Depletion Attacks: Wireless Device Cases Vasily Desnitsky Laboratory of Computer Security Problems, SPIIRAS, The Bonch-Bruevich Saint-Petersburg State University of Telecommunications Vladislav Aleksandrov University ITMO, Positive Technologies
  2. 2. Wireless network devices
  3. 3. Objectives o State-of-the-art o Analysis of energy depletion attacks o Modeling energy depletion attacks on two use cases • Smartphone • ZigBee-based network o Experiments o Conclusions
  4. 4. Existing papers Article title Country/University Year Defending Against Resource Depletion Attacks in Wireless Sensor Networks. India 2014 Counteracting Denial-of-Sleep Attacks in Wake-up-radio-based Sensing Systems. University of Rome “La Sapienza” 2016 Mechanisms for Detecting and Preventing Denial of Sleep Attacks and Strengthening Signals in Wireless Sensor Networks. India 2015 Effects of Wi-Fi and Bluetooth Battery Exhaustion Attacks on Mobile Devices. Virginia Polytechnic Institute and State University 2010 An Intrusion Detection System for Battery Exhaustion Attacks on Mobile Computers. Virginia Polytechnic Institute and State University 2005 etc.
  5. 5. Attacks types o Denial-of-sleep o Traffic increase o Electromagnetic interference (jamming attack) o Software misuse
  6. 6. Attacks evaluation Denial-of-sleep Traffic increase Electromagnetic interference (jamming attack) Software misuse Barrier to entry Cost of the operations Effectiveness Protection costs
  7. 7. Effectiveness of Denial-of-sleep attacks GPS 5 µA vs. 10 mA WiFi 1 µA vs. 1 mA Bluetooth 5 µA vs. 5 mA GSM 5 µA vs. 50 mA NFC 10 µA vs. 5 mA Current consumption: in sleep mode vs. idle mode
  8. 8. Use case 1: Smartphone
  9. 9. Device OS Measurements of energy consumption Wireless network Nexus 5 Android 6 (Marshmallow) Reading battery charge by Battery HD measuring application Bluetooth
  10. 10. Simulating Denial-of-Sleep attack Kali Linux based simulation of an attack on Bluetooth module by means of o Bluetoothctl - to detect the device and obtain information on it o L2ping - to accomplish the attack by pinging the device permanently
  11. 11. Experimental results Battery charge Spent during 4hours, Bluetooth working in sleep mode 4% Nexus 5 was used as a test device. Cellular module and Bluetooth were active during the test. Screen and other energy consuming modules were off. Battery charge Spent during 4 hours of Denial-of-Sleep attack, Bluetooth working 16% 0 10 20 30 40 50 60 70 80 90 100 0:00 0:20 0:40 1:00 1:20 1:40 2:00 2:20 2:40 3:00 3:20 3:40 Chargepercentage Time
  12. 12. Use case 2: ZigBee-based network
  13. 13. Device OS Measurements of energy consumption XBee S2 Digi XBee s2 platform Measurement of current consumption by MAX471 measuring module ZigBee 2.4 ГГц Wireless network
  14. 14. Scheme of the experiments MAX471 (current sensor) Arduino MEGA XBee S2XBee S2 Arduino UNO Attacker Mesuaring circuit Target XBee
  15. 15. Simulating Denial-of-Sleep attack Simulating Denial-of-Sleep attack on ZigBee module by using XCTU to o detect the device and obtain information on it o accomplish the attack by sending remote API commands permanently
  16. 16. Experimental results 1. In normal mode 2. Undo attack2.3 (mW) 140.5 (mW) W1/W2 = 61
  17. 17. Conclusions o Energy depletion attack • effective • easy to implement o Protection tools
  18. 18. Thank you for your attention! Vasily Desnitsky, desnitsky@comsec.spb.ru Contact

×