1 / 50

A Holistic Approach to Secure Sensor Networks

A Holistic Approach to Secure Sensor Networks. Sasikanth Avancha. Application Scenario. Biological Attack !!. Aggregated sensor data. Commands and Orders. Aggregated sensor data. Wireless Sensor Network. Command & Control. Secure, Fixed Base Station. Biological Attack !!.

balin
Télécharger la présentation

A Holistic Approach to Secure Sensor Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. A Holistic Approach to Secure Sensor Networks Sasikanth Avancha

  2. Application Scenario Biological Attack !!

  3. Aggregated sensor data Commands and Orders Aggregated sensor data Wireless Sensor Network Command & Control Secure, Fixed Base Station Biological Attack !! Secure, Mobile Base Station

  4. Wireless Sensor Network Command & Control Secure, Fixed Base Station Subversive Attack !!! Secure, Mobile Base Station Biological Attack !!

  5. Aggregated sensor data Commands and Orders Aggregated sensor data Adaptive Wireless Sensor Network Command & Control Secure, Fixed Base Station Subversive Attack !!! Secure, Mobile Base Station Biological Attack !!

  6. Outline • WSN State-of-the-Art • Thesis Statement • SWANS • SONETS • Conclusions

  7. WSN State-of-the-Art • Energy, Networking, Data Management, Security • Energy conservation is key • Solutions designed mostly for homogeneous WSNs • Security not a basic building block • Few solutions adaptive to environmental variations

  8. Thesis • Holistic Approach to WSN Design • Mechanisms to detect, classify & respond to environmental variations • Security as basic building block • Result • Adaptive WSNs tuned to environment • Improved performance • Security • Longevity • Connectivity

  9. Secure & Adaptive WSN Framework • SWANS: Two-tiered adaptability mechanism • Node-level Adaptability • Network-level Adaptability • SONETS: Secure self-organization • Varied threat models • End-to-end & pair-wise secure links • Misbehavior detection & network repair

  10. Wireless Sensor Network Adaptability • Ontological approach • Identify parameter set and build module ontology • Create node ontology to describe sensor node states • Create network ontology to describe network states • Establish rules to enable nodes and network to modify operational behavior

  11. Related Work • SPIN, Heinzelman et al. (Mobicom, 1999) • T-MAC, van Dam et al. (SenSys, 2003) • AIDA, He et al. (ACM TECS, 2004) • Adaptive Sampling, Jain et al. (DMSN, 2004) • ARC, Kang et al. (Basenets, 2004) • Adaptive routing • LEACH • Directed Diffusion

  12. WSN Model

  13. Node-level Adaptability

  14. Parameter Set • PHY • Received power per packet, noise power • Carrier loss, format violation and HEC failure rates • MAC • Failed transmission, multiple retry and collision ratios • FCS failure rate • Routing • Node degree • Compromised node/link count • Failed node count • Reachable RRN count • Path and hop counts to RRNs • Router count

  15. Parameter Set • Energy • Remaining energy capacity • Energy consumption rate • Sensor layer • Sensor accuracy • Sensor energy consumption

  16. Monitor & Report • Establish lower and upper bounds for each parameter • Monitor parameter values (per epoch/packet count/…) • Map parameter values to ontological symbols • Provide symbols to Logic Component

  17. Module Ontology • Logic Component • PHY, MAC, Routing, Energy and Sensor states • Tabular representation • Resource-constrained nodes • Boolean expressions • OWL-DL representation • Resource-enhanced nodes • Parameters as owl:ObjectProperty • Module states as owl:Class

  18. Module Ontology <owl:Class rdf:ID="PHYJammedByNoise"> <owl:intersectionOf rdf:parseType="Collection"> <owl:Class rdf:about="#PHY"/> <owl:Restriction> <owl:onProperty rdf:resource="#noisePower"/> <owl:hasValue rdf:resource="#Amount_Abnormal"/> </owl:Restriction> </owl:intersectionOf> </owl:Class>

  19. Module Ontology <owl:Class rdf:ID="PHYJammed"> <rdfs:subClassOf rdf:resource="#PHY"/> <owl:unionOf rdf:parseType="Collection"> <owl:Class rdf:about="#PHYJammedByNoise"/> <owl:Class rdf:about="#PHYJammedDueCarrierLoss"/> </owl:unionOf> </owl:Class>

  20. Node Ontology • Sensor node states • PHY, MAC, Routing, Energy and Sensor states • Classes representing sensor node states • Restrictions • Subsumption - subclassOf, intersectionOf, unionOf • Deployable on sensor nodes • Tabular representation • OWL-DL representation • Deploying on RRNs • memory vs. energy trade-off

  21. Node Ontology <owl:Class rdf:ID="SensorNodePHYJammed"> <owl:intersectionOf rdf:parseType="Collection"> <owl:Class rdf:about="#SensorNode"/> <owl:Restriction> <owl:onProperty rdf:resource="#hasPHY"/> <owl:someValuesFrom rdf:resource="#PHYJammed"/> </owl:Restriction> </owl:intersectionOf> </owl:Class>

  22. Node Ontology <owl:Class rdf:ID="SensorNodeJammed"> <rdfs:subClassOf rdf:resource="#SensorNode"/> <owl:unionOf rdf:parseType="Collection"> <owl:Class rdf:about="#SensorNodePHYJammed"/> <owl:Class rdf:about="#SensorNodeMACJammed"/> </owl:unionOf> </owl:Class>

  23. Action Component • Node state = NS, Operational state = ? • Sensor node rule set • NS(Jammed) V NS(SDTA) V (NS(Disconnected) ΛES(Low Energy))  OS(Sleep) • NS(Disconnection Imminent) ΛES(Normal)  OS(Increase Tx Range) • NS(High Node Degree) V NS(Low Accuracy) V NS(Abnormal Routing Info.) OS(Extend Active Period)

  24. Network-level Adaptability

  25. RRN Monitoring & Reporting • Obtain individual node states • Periodic report • Query mechanism • Classify nodes according to reported state • Determine cardinality of each class • Map to ontological symbols

  26. RRN Logic Component • Classify cluster instance represented by ontological symbols – network ontology • Network ontology • OWL-DL implementation • Classes representing cluster states • Subsumption & Restriction • Output • Current logical state of cluster based on node states

  27. RRN Action Component • Cluster state = X, Instructions = ? • RRN rule set • CS(Under SDTA) ΛDetected(A) ΛDetects(S, A) ΛNS(S, Sleep)  NS(S, Active) • CS(Normal) ΛDetected(A) ΛDetects(S, A) Stop Aggregation(S)

  28. Evaluation • Problem • Node addition attack (Zhu et al., CCS 2003) • Legitimate node addition • SWANS Solution • Monitor node degree • State == Node degree ↕ Operation = Security level ↕ • Result • Malicious nodes thwarted • Legitimate nodes accepted

  29. Adapt to Node Degree Increase • 800 node network • 400 nodes observe node degree ↑ Average energy consumed per node (J) Simulation Time (seconds)

  30. Determining ND Thresholds • Initial size: 200 to 390 • ND increase: 5% • Final size: 210 to 400 • µΔ, σΔ • Determine n1, n2 Average energy consumed per node (J) Simulation Time (seconds)

  31. Evaluation • Problem • Sleep deprivation torture attack (Stajano and Anderson, 1999) • SWANS solution • Monitor HEC & FCS failures, format violations, collisions • Node state == SDTA  Operation = Sleep • Report node & operational states to RRNs • RRNs: Compute network state, modify node operation • Result • Network balances energy saving and utility

  32. Adapt to SDTA 800-node WSN 400 nodes attacked Affected nodes detect SDTA & enter sleep state Average energy consumed per node (J) RRNs compute global state & wake up some nodes Simulation Time (seconds)

  33. Evaluation • Problem • Node failures due to malfunction or attacks • SWANS solution • Nodes monitor count of failed neighbors (FN) • Node state == disconnected  Op. state = Tx range increase • Result • Nodes increase Tx range, prevent network partitioning • Node degrees increase, hop counts decrease • Trade-off is between connectivity and energy consumption

  34. Adapt to Node Failures (Node degree) Average Node Degree Network Size

  35. Adapt to Node Failure (Hop counts) Average Hop Count Network Size

  36. SONETS • Neighbor discovery • P-SONETS: Centralized • C-SONETS & D-SONETS: Distributed • Topology discovery & network setup • P-SONETS: Centralized, no key management • C-SONETS: Centralized pair-wise key management • D-SONETS: Distributed pair-wise key management • Topology Maintenance • Multi-hop pair-wise key establishment • Node addition & deletion

  37. Threat Models • Adversary presence • Local, Global • Adversary attack mode • Passive, Active • Adversary attack capability • Before, during, after self-organization

  38. Related Work • Probabilistic Approaches • Eschenauer & Gligor, CCS 2002 • Chan et al., ISSP 2003 • Du et al., CCS 2003 • Liu & Ning, CCS 2003 • Deterministic Approaches • Perrig et al., WINET 2002 • Zhu et al., CCS 2003 • Anderson et al., ICNP 2004

  39. P-SONETS BS to j: EKBS(*, EKj(j, Nonce, HELLO)) j to BS: EKBS(j, EKj(j, Nonce, HELLO_REPLY)) 14 19 1 BS BS to k: EKBS(*, EKj(j, N1, RELAY)), EKk(k, N2, HELLO) j to k: EKBS(k, EKk(k, N2, HELLO)), Ψ k to j: EKBS(k, Ψ), EKk(k, N2, HELLO_REPLY) j to BS: EKBS(k, EKk(k, N2, HELLO_REPLY)), EKj(j, N1) 5 23 9 3 11 BS: List of all keys Kj j: KBS, Kj

  40. P-SONETS • Network repair • BS tracks node aberrance • Lack of data • Corrupt data • Reasons for aberrance • Node is dead/compromised 2HN • Node is 2HN; relay point is dead/compromised • Node is dead/compromised 1HN • BS repairs network • Delete aberrant nodes • Reassign relay points, if required

  41. P-SONETS • Simulation using SensorSim (UCLA) • 100 node WSN • Simple radio & battery models • Varied sensor node distribution in each hop • Average energy consumption • Total initial energy in network = 3600 Asec • Node discovery, topology discovery, network setup: 36 mJ • Network repair when fixed number of nodes fail: 8 mJ

  42. C-SONETS • 1 to R: EK1(<5, 19, 14>) • R to 1: EK1(<x15, x119, x114>) R to 5: EK5(x51) R to 14: EK14(x141, <R,2,1>) • Node 1: K15 = f (x15  x1) Node 5: K15 = f (x51  x5) • 14 to 1: EK114(FWD, <13>) 1 to R: EK1(DATA, <13>) • R to 14: EK14(x1413) R to 13: EK13(x1314, <R,3,14>) • Node 14: K1413 = f(x1413  x14) Node 13: K1314 = f(x1314  x13) C-SONETS 19 14 K119 K114 K1413 1 13 K15 K1 K5 5 R Kn, Ku, xu on each node u & R x15 = x5 R15 x51 = x1  R15

  43. Energy Consumption • Tx + Rx • Encrypt + Decrypt • Hashing • O(n3) • Existing Protocols • 100s of mJ Average energy consumed per node (J) Network Size (n)

  44. Node degree & Hop count • Analytical Expression • Bettstetter 2002 • E(d) = ρπr02 where, ρ = n/Area = n/(25x104 m2) r02 = Tx range = 75 m • E(d) ≈ 7 to 70 • E(h) ≈ 4 Average node degree (d) Hop count (h) Network size (n)

  45. D-SONETS • Node 1: Broadcast M1 • M1 = EKn(*, 1, EKf(5)(5,x51) || …) • x51 = x1 R51, … • Node 5: Broadcast M5 • M5 = EKn(*, 5, EKf(1)(1,x15)||…) • x15 = x5 R15, … • Node 1 computes • K15 = f (x15  x51) • Node 5 computes • K15 = f (x51  x15) • Node 1 to Node 14: M114 • EKn(14, 1, EK114(<R,1>, <5,1>, …)) D-SONETS 19 14 K119 K114 K1413 M1 M5 M1 1 M114 13 K15 K1 M1 M5 5 R K5 Kn, Ku, xu on each node u & R

  46. Energy Consumption (D-SONETS) • 50% of C-SONETS • Existing Protocols • 1/3 D-SONETS • n ≤ 500 • 1/10 D-SONETS • n > 500 Average energy consumed per node (J) Network size (n)

  47. Security Analysis • Node compromise • Effect limited to 1-hop neighborhood • Links between uncompromised nodes remain secure • Sybil (Douceur 2002) • Identity-based authentication • Wormhole & Sinkhole (Karlof and Wagner, 2003) • Routing not based on shortest path • Node replication • RRNs exchange topology information periodically • Restrict node degree

  48. Node Deletion • Neighbors detect misbehavior • Initiate voting process • Majority affirmative vote to delete • Inform RRN • Provide list of ‘yea’ voters • RRN may poll individual voters • RRN • Generate new common shared key Kn • Secure unicast

  49. Conclusions • WSNs crucial component of pervasive computing environments of the future • WSNs in tune with application & environment • Secure • Adaptive • Our framework is comprehensive solution • Security protocols for different levels of security • SONETS protocol suites scalable, efficient, resilient • SWANS provides multi-tiered WSN adaptability

  50. Future Work • Adaptive data fidelity • Support for sensor adaptability • Tune smart MEMS • Real-world sensor deployment & evaluation • Memory • Computational power • Comprehensive high-level policy • Govern WSN operational behavior • Resolve conflicts

More Related