1 / 30

Secure routing in wireless sensor network: attacks and countermeasures

Secure routing in wireless sensor network: attacks and countermeasures. Author: Chris Karlof, David Wagner. Appeared at the First IEEE International Workshop on Sensor Network Protocols and Applications, May 11, 2003. Presenter: Haiou Xiang. Contribution.

leslie-trevino
Télécharger la présentation

Secure routing in wireless sensor network: attacks and countermeasures

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure routing in wireless sensor network: attacks and countermeasures Author: Chris Karlof, David Wagner Appeared at the First IEEE International Workshop on Sensor Network Protocols and Applications, May 11, 2003 Presenter: Haiou Xiang

  2. Contribution • Propose threat models and security goals for secure routing in wireless sensor networks • Introduce seven attack techniques, including two novel attacks, sinkhole and HELLO floods. • Present the detailed security analysis of all major routing protocols. • Discuss countermeasures and design considerations for security routing protocols

  3. Background • What is sensor network? Aggregation node Sensor node Event Outside Network Base station

  4. Background • The properties of sensor network • Sensor Node: • Lower-power, Lower-bandwidth, shorter-range • Multihop wireless network • Aggregation node: • Eliminate the redundancy, saving energy • Base station (Sink) • More powerful than sensor nodes

  5. Background • Security limitation: UC berkeley lab: Mica mote • Limit Power • Power: Two AA batteries • Only two weeks at full power • Limit memory and computational power • 4MHz 8-bit CPU, 4KB RAM, 512KB flash memory

  6. Attacks on sensor network routing

  7. Spoofed, altered, or replayed routing information • Behavior: • Create routing loops, attract or repel network traffic, extend or shorten source routes • Goal: • Generate false error messages, partition the network, increase end-to-end latency

  8. Example

  9. Selective forwarding • Behavior: • Malicious nodes may refuse to forward certain messages and simply drop them, ensuring that they are not propagated any further. • Goal: • Attempt to include herself on the actual path of the data flow

  10. Example Aggregation node Sensor node Event Outside Network Drop Malicious node Base station

  11. Acknoledgement spoofing • Behavior • Spoof link layer acknowledgments for “overheard” packet addressed to neighboring nodes • Goal • Convincing the sender that a weak link is strong or that a dead or disabled node is alive • Enable selecting forward attack

  12. Example Aggregation node Sensor node Event Outside Network Malicious node bad node Lost Base station

  13. Sinkhole attacks • Behavior • Making a compromised node look especially attractive to surrounding nodes • Goal • Lure nearly all the traffic from a particular area through a compromised node, create a metaphorical sinkhole with the adversary at the center • Enable selecting forward attack

  14. Example Sinkhole attack

  15. Wormholes • Behavior • Tunnel messages received in one part of network over a low-latency link and replays them in a different part • Goal: • May be able to completely disrupt routing if an adversary situated close to a base station • Enable sinkhole attack • Exploit routing race condition

  16. Example

  17. Sybil attack • Behavior • A single node presents multiple identities to other nodes in the network • Goal: • Significantly reduce the effectiveness of fault-tolerant schemes

  18. Example

  19. HELLO flood attack • Behavior • A laptop-class attacker broadcasting routing or other information with large enough transmission power could convince every node in the network that the adversary is its neighbor • Goal • Enable wormhole attack by broadcasting wormholes

  20. Example

  21. Summary of attack

  22. Countermeasures

  23. Outsider attacks and link layer security • Solution: • Global share key: link layer encryption and authentication • Limitation: ineffective • Wormhole and HELLO flood attack • Insider attack or compromised node

  24. Sybil attack • Solution • Every node share a unique symmetric key with base station • Two node establish a shared key and verify each other’s identity • Base station limit the number of neighbors around a node • When a node is compromised, it is restricted to communicating only with its verified neighbors • Limitation • Adversary can still use a wormhole to create an artificial link between two nodes to convince them

  25. HELLO flood attacks • Solution: • Verify the bidirectionality of a link before taking meaningful action • Every node authenticate each of its neighbors with an identity verification protocol using a trusted base station

  26. Wormhole and sinkhole attacks • Solution • Design routing protocols which avoid routing race conditions and make these attacks less meaningful • Geographic routing protocols: construct a topology on demand using only localized interactions and information

  27. Selective forwarding • Solution: • Multipath routing: message routed over n paths whose nodes are completely disjoint • Nodes dynamically choose a packet’s next hop probabilistically from a set of possible candidates • Limitation: • Completely disjoint paths is difficult to create

  28. Countermeasure summary

  29. Strength • Demonstrate current routing protocols for wireless sensor networks are insecure • Provide several countermeasures to against attacks: link layer encryption and authentication and so on

  30. Questions?

More Related