Transcript slides
Secure Localization Algorithms for Wireless Sensor Networks
proposed by A. Boukerche, H. Oliveira, E. Nakamura, and A. Loureiro (2008) Maria Berenice Carrasco
Outline
• • • • • Motivation (from two perspectives) Secure Localization – – – Overview Known attacks Solutions Location Verification Design considerations Conclusions
Motivation
• Why is Localization important?
– – Popularity of wireless sensor networks (WSN) • •
Hostile environments Monitoring & control applications
– Military fields, monitoring of structures, etc. The knowledge of sensor’s locations is required by • •
Applications : Data fusion
– Locations and timestamps
Other communication protocols
– Routing, location-based authentication.etc.
Motivation
• Why is Security important?
– – – Vulnerability of WSN • •
Remote environments Broadcast nature of the channel
What an attacker can potentially do?
• • •
Physical manipulation Jamming Injecting code
GOAL: location Make the node think it is somewhere different from actual As a result… •
Wrong results: wrong decisions
Secure Localization
• • • Goal: To guarantee correctness despite of the presence of intruders Network model: • •
Beacons: GPS or manual configuration Common nodes: requesting
Relative Localization Classification: •
Range-based localization: Distance
• o o
Range-free localization: No connectivity information Node-centric Infrastructure-centric: BS, CA
Secure Localization
• General Process has two phases: 1. Information Collection: distance/angle measure –
# of hops, RSSI, ToA, AoA Range-free ignores this phase
2. Location Computation: include reference points Triangulation Trilateration
Secure Localization
• Known Attacks – Consider an insider Vs. an outsider – Reply attack •
Jams the transmission
• • •
Waits (extra delay) Replays the same packet pretending to be the sender Inaccurate location estimation
Secure Localization
• Known Attacks – – – Range-change attack • •
Special case of the Replay attack Increase/decrease range measurements
Impersonation •
Victims: mostly beacon nodes
Sybil attack •
Claims multiple identities
Secure Localization
• Known Attacks – Wormhole attack • • •
Tunnel Jams packets Replays packets through this tunnel
Secure Localization
• Solutions – Cryptography • •
Against impersonation and data corruption Use of :
– Authentication » Verify the sender – Data integrity » Data is unchanged » Example: distance bounding (based on SEAD)
Secure Localization
• Solutions – Cryptography (continued) • •
Symmetric cryptography
– Common private key – WSN are resource-constrained
Pre-deployed keys
• •
Functions to derive keys: Storage Complexity Compromised nodes defeat this mechanism
Secure Localization
• Solutions – Misbehavior Detection and Block • • • •
Against compromised nodes Observe behavior of nodes Detect and revoke misbehaving nodes Some techniques
– RTT observation between two neighbors » Assumption: extra delay of a replay attack – Reputation-based mechanism » Beacon monitors its neighborhood -> table
Secure Localization
• Solutions – Robust Position Computation • • •
Filter erroneous information during computation Assumption: Good nodes > Malicious nodes Statistical techniques
– Least Squares Method
Location Verification
• • • BS also learn sensors’ locations – Data Aggregation Must verify the location claimed is correct – Did the event really happened there?
An approach:
The Echo Protocol
– – – Check if the node is inside the claimed region Two types of nodes:
p
(prover) and
v
(verifier) Consider
c
(speed of light) and
s
(speed of sound)
Location Verification
• An approach:
The Echo Protocol (continued)
–
Intuition (Simple Case)
• v only verifies provers inside R • • If p is able to return the packet in sufficient time, then v is sure that p is within d(v,l) meters of v Otherwise: p is further away or processing delay
Design Considerations
• • No system is totally safe – Network model & adversary model Level of security Vs. Available resources – – – Particular application Range-based : •
Distance bounding: HW with nanosecond precision
Asymmetric cryptography •
More robust but energy consuming
Design Considerations
• • Who initiates the secure localization process?
– – On-demand Periodic process Useful domain for an intruder – – Use only beacon nodes Use beacon nodes and also nodes with known positions as reference points
Conclusions
• • • It is not feasible to use tamper-resistant hardware – – Low cost of sensor nodes Massive deployment Trade-off required – – – Accuracy demanded by the application Available resources Environment Combination of techniques is desirable