Transcript Document
Overview of Sensor Network Security Yang Liu Graduate student, University of Tennessee 2003 spring group seminar Motivation • Hostile environments o Battlefield sensing/actuation • Safety-critical applications o Sensors in reactor complex • Privacy intrusions o Employee tracking/monitoring • Uncontrolled access 2 2003 spring group seminar Challenges • Wireless Communication o Bring eavesdropping, unauthorized access, spoofing, replay and denial-of-service attacks; • Resource-constrained sensor nodes o Limit the degree of encryption, decryption, and authorization on the individual sensor nodes; • Compromised sensor nodes o Denial-of-service attacks; 3 2003 spring group seminar Desired security properties • Confidentiality o only intended receivers can recover the meaning • Authenticity • Integrity • Freshness o a message is not a replay of a previous message • Scalability and Availability • Other Considerations o o Traffic analysis Sensor data accuracy 4 2003 spring group seminar Security Attacks Passive Attacks Release of Message contents Traffic analysis Attacks Masquerade Active Attacks Replay Denial of service Modification of messages 5 2003 spring group seminar Attack Threads • Spoofed, altered, or replayed routing information • Selective forwarding • Sinkhole attacks • Sybil attacks o A single nodes presents multiple identities • Wormholes • HELLO flood attacks see illustration 6 2003 spring group seminar Attacks against routing protocols Protocol Relevant attacks TinyOS beaconing Bogus routing information, select forwarding, sinkholes, Sybil, wormholes, HELLO floods Bogus routing information, select forwarding, sinkholes, Sybil, wormholes, HELLO floods Bogus routing information, select forwarding, Sybil Bogus routing information, select forwarding, sinkholes, wormholes, HELLO floods select forwarding, HELLO floods Directed diffusion and its multipath v ariant Geographic routing(GPSR, GEAR) Minimum cost forwarding Clustering based protocols(LEACH,TEEN,PEGASIS) Rumor routing Bogus routing information, select forwarding, sinkholes, Sybil, wormholes, HELLO floods Energy conserv ing topology Bogus routing information, Sybil,HELLO maintenace(SPAN,GAF,CEC,AF floods ECA) 7 2003 spring group seminar Cryptography Review • Symmetric ( secret key ) o Shared secret o Confusion and diffusion o E.g., RC5, DES, AES • Asymmetric( public key ) o One-way functions o E.g., RSA, ElGamal, Elliptic-Curve 8 2003 spring group seminar Cryptographic Mechanism • • • • Use of public key cryptography in a manner that takes advantage of its asymmetric nature to minimize power consumption Use of secret key (symmetric) cryptography within tamper-resistant sensors in a manner that efficiently emulates public key functionality (i.e., key notarization and symmetric-key certificates) Efficient key management techniques, including adaptive selection and use of group keying Use of special-purpose hardware to accelerate selected cryptographic operations 9 2003 spring group seminar Security Services • Provide for essential authentication, integrity, and confidentiality services • Provide security support services, including efficient sensor equivalent of a public key infrastructure (PKI) Security services Security support services Efficient cryptographic mechanisms 10 2003 spring group seminar Related work • • • • • Security Considerations Energy-Efficiency Key Algorithm Secure Routing Intrusion Detection and Tolerant 11 2003 spring group seminar Security Considerations • NAI Lab o “Constraints and Approaches for Distributed Sensor Network Security” • OSU o “Security Considerations in Wireless Sensor Networks” • Univ. of Virginia o “Denial of Service in Sensor Networks” 12 2003 spring group seminar Review • NAI Labs has developed novel key management protocols specifically designed for the distributed sensor network environment, including Identity-Based Symmetric Keying and Rich Uncle. They have analyzed both existing and NAI Labsdeveloped keying protocols for their suitability at satisfying identified requirements while overcoming battlefield energy constraints. They also implemented a sensor network simulator. o o o o Secret-key-based protocols are generally energy-efficient Public key algorithms consume a great deal of computational and communications energy group keying protocols can reduce key management and communications energy consumption a mix of public key-based protocols, including pairwise, group keying, and distribution keying, provide an energy-efficiency superior to using just a single protocol 13 2003 spring group seminar Review • Denial of Service Attacks and Defenses 14 2003 spring group seminar Energy-Efficiency • Univ. of Maryland o “Design Space Exploration for Energy-Efficient Secure Sensor Network” • Univ. of Twente o “Assessing Security-Critical Energy-Efficient Sensor Networks” • NAI LAB o “Energy-Efficient and Low-latency Key Management For Sensor Networks” 15 2003 spring group seminar Review • UMD o Two observations — — o Propose dynamic voltage scaling(DVS) for energy-efficient DSN. — • EYES o Unbalanced computation load for decryption and encryption Large variety of data processing requirement( The forwarding messages need not be processed) DVS varies the supply voltage and clock frequency based on the computation load to provide performance with minimal amount of energy consumption Propose a unified assessment framework based on system profiles, system parameters: — — — — Data Confidentiality Tamper Resistance Public Key Cryptographic Capability Rich Uncles 16 2003 spring group seminar Key Algorithm • NCSU o “Efficient Distribution of Key Chain Commitments for Broadcast Authentication in Distributed Sensor Networks” • UMD o “A key-management scheme for distributed sensor networks” 17 2003 spring group seminar Review • UMD o o o Pre-key distribution ( chose n keys randomly from a large k pools at for a node and save them ) Share-key discovery ( During DSN initialization, each node discover the neighbor nodes which can share keys ) Path-key establishment ( If the node pair cannot share keys, but they are connected with the links in which all nodes share key, they can be assigned a key. 18 2003 spring group seminar Secure Protocols • UC. Berkeley o o “SPINS: Security Protocols for Sensor Networks” “Secure Routing in Wireless Sensor Network: Attacks and Countermeasures” • UMBC o “Security For Sensor Network” • UCLA o “On communication Security in Wireless Ad-Hoc Sensor Network” 19 2003 spring group seminar Review • SPINS has two secure blocks: SNEP and µTESLA. o o • SNEP includes: data confidentiality, two-party data authentication and evidence of data freshness – Semantic security, coding with randomized counter – Data Authentication, MAC( message authentication code) using shared secret key – Replay authentication, MAC includes counter value – Low communication overhead, 8 bit per messages µTESLA provides authenticated broadcast – One way function UCLA communication Security Scheme o o Define three types of data in sensor network, which is mobile code, location information and application specific information For each of them apply for different security levels protection, master key for mobile code, group key for location information and low overhead key for application data. 20 2003 spring group seminar Intrusion Detection and Tolerant • Univ. of Colorado, Boulder o “INSENS: Intrusion-Tolerant Routing in Wireless Sensor networks” • Palo Alto Research Center o Jessica Staddon, Dirk Balfanz and Glenn Durfee. “Efficient tracing of failed nodes in sensor networks” 21 2003 spring group seminar Review • Intrusion tolerance o o o o Constrain the type of commutations. Individual nodes are not allowed to broadcast to the entire network Prevent advertisement of false routing data. Control routing information must be authenticated Symmetric key is chosen Redundant multipath routing is built into the system to achieve secure routing • Intrusion Detection ( tracing the false nodes) o o o Base station need know near neighbors of each node Establish network topology Subdivision-Based tracing 22 2003 spring group seminar Research Fields • Security under resource constraints, e.g., energy, bandwidth, memory, and computation constraints; • Key management; • Authentication and access control; • Intrusion detection and tolerance; • Secure location services; 23 2003 spring group seminar Research Fields (Cont.) • Trust establishment, negotiation, and management; • Privacy and anonymity; • Secure routing; • Secure MAC protocols; • Denial of service; • Prevention of traffic analysis; 24 2003 spring group seminar Future Topics • Introduction to Cryptography • Overview of Ad hoc Network Security • Introduction to Intrusion Detection System • Overview of routing protocols in Sensor Network • Key Exchange, Distribution and management • Security in Mobile Agent • Sensor Network Simulation 25 2003 spring group seminar Reference • [1] D. W. Carman, P. S. Kruus and B. J. Matt. “Constraints and Approaches for Distributed Sensor Network Security”. dated September 1, 2000. NAI Labs Technical Report #00-010 • [2] Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J. D. Tygar. “SPINS: Security Protocols for Sensor Networks”, in Wireless Networks Journal (WINE), September 2002 • [3] Prabal K. Dutta, “Security Considerations in Wireless Sensor Networks”, Sensors Expo, San Jose, CA • [4] Sasha Slijepcevic, Miodrag Potkonjak,Vlasios Tsiatsis, Scott Zimbeck, Mani B. Srivastava. “On communication Security in Wireless Ad-Hoc Sensor Network” Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE'02) June 10 - 12, 2002 Pittsburgh, Pennsylvania, USA • [5] Chris Karlof and David Wagner, “Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures”, to appear First IEEE International Workshop on Sensor Network Protocols and Applications, May 2003 • [6] Anthony D. Wood, John A. Stankovic. “Denial of Service in Sensor Networks”. IEEE Computer, 35(10):54-62, 2002 • [7] Lin Yuan, Gang Qu. “Design Space Exploration for Energy-Efficient Secure Sensor Network”. The IEEE International Conference on Application-Specific Systems, Architectures, and Processors (ASAP'02) July 17 - 19, 2002 San Jose, California 26 2003 spring group seminar Reference(Cont.) • [8] Jeffery Undercoffer, Sasikanth Avancha, Anupam Joshi, and John Pinkston, “Security for Sensor Networks”2002 CADIP Research Symposium. • [9] Donggang Liu and Peng Ning “Efficient Distribution of Key Chain Commitments for Broadcast Authentication in Distributed Sensor Networks”, The 10th Annual Network and Distributed System Security Symposium. San Diego, California. February 2003 • [10] Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J. D. Tygar. “SPINS: Security Protocols for Sensor Networks”. in Proceedings of Seventh Annual International Conference on Mobile Computing and Networks MOBICOM 2001, July 2001 • [11] Adrian Perrig, Robert Szewczyk, Victor Wen, Alec Woo. “Security for SmartDust Sensor Network” • [12] Stavan Parikh, Tracy Barger, David Friedman “ Security in Sensor Network”, lecture of CS 588 Cryptography, Dec. 2001 • [13] Jessica Staddon, Dirk Balfanz and Glenn Durfee. “ Efficient tracing of failed nodes in sensor networks”. In Proceedings of the first ACM international workshop on Wireless sensor networks and applications (WSNA), pages 122-130, ACM Press, 2002 27 2003 spring group seminar Illustration Warmhole and sinkhole HELLO flooding Spoofing Sybil 28 2003 spring group seminar