1 / 21

Routing security against Threat models

Routing security against Threat models. CSCI 5931 Wireless & Sensor Networks  Darshan Chipade. Introduction. Routing security a major issue Key contribution -Show how they are different from ad hoc networks -Introduce two new classes of attacks Sinkhole attack Hello flood attack

brinly
Télécharger la présentation

Routing security against Threat models

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Routing security against Threat models CSCI 5931 Wireless & Sensor Networks  Darshan Chipade

  2. Introduction • Routing security a major issue • Key contribution -Show how they are different from ad hoc networks -Introduce two new classes of attacks Sinkhole attack Hello flood attack -Security analysis of all major routing protocols

  3. WSN vs. Ad-Hoc Networks • Multi-hop wireless communication • WSN -Specialized communication patterns -Many-to-one -One-to-many -Local communication -More resource constrained i.e. limited energy -More trust needed for in-network processing, aggregation, duplicate elimination

  4. Assumptions • Radio links insecure • Malicious node can collude to attack WSN • Sensor nodes are not tamper resistant • Base station are trustworthy • Aggregation points may not be trusted

  5. Distinction of threat Models • Mote class attacker have access to few sensor nodes with similar capabilities • Laptop class attacker are powerful devices with greater battery power, more capable CPU, high power transmitter • Attacker types-outside attacker, inside attacker

  6. Attacks on WSN routing protocol Spoof altered or replayed routing attack • Target the routing information exchanged between nodes • Spoofing, routing altering the routing information, adversaries may create the routing loops, repel, extend or shorten the routing source routes • Generate false messages, partition network

  7. Selective forwarding attack • Malicious nodes may simply refuse to forward certain messages and simply drop them ensuring that they are not propagated further • Adversary can also modify these packets and forward these messages

  8. Sinkhole attack • All the packets are directed to base station • A malicious node advertises a high quality link to the base station to attract a lot of packets • Specialized communication pattern • Enable other attacks, e.g., selective forwarding

  9. Sybil attack • A single node represents multiple ID’s to other nodes • The attack affects the multiple path routing, topology maintenance • It is believed to affect a significant threat to the geographic routing protocols • More than one place at same time

  10. Wormholes attack • Tunneling of messages • A node at one end of the wormhole advertises high quality link to the base station • Another node at the other end receives the attracted packets

  11. Hello Flood attack • Many protocols require nodes to broadcast HELLO packets to announce themselves to neighbors • Laptop-class attacker can convince it’s a neighbor of distant nodes by sending high power hello messages Acknowledgement attack • Adversary spoofs ACKs to convince the sender a weak/dead link supports good link quality

  12. Attacks on specific sensor network protocol Tiny OS beaconing • Construct a Breadth First Spanning tree (BFS) rooted at the base station • Beacons are not authenticated • Adversary can take over the whole WSN by broadcasting beacons

  13. Directed Diffusion • Base station floods interest for named data and setting up gradients designed to draw events • Suppression- Flow suppression is done by spoofing negative reinforcement • Cloning- Cloning a flow enables eavesdropping • Path influence- Spoofing the data path as positive and negative path reinforcement

  14. Countermeasures Outsider attacks and link layer security • Majority of the attacks against WSN routing protocols can be prevented by link layer encryption using shared key • Selective forwarding and sinkhole attacks are not possible as adversary is prevented from joining the topology • Cannot handle insider attack like Wormhole, HELLO flood

  15. Sybil attack • Every nodes shares unique symmetric key with the base station • Creates a pair wise shared key for message authentication • Base station limits the number of neighbors for a node Hello Flood attack • Verify link bidirectional

  16. Wormhole and sink hole attack • They use private out of bound channel invisible to the underlying sensor network • Good routing protocol required Selective forwarding • Multi path routing • Route messages over disjoint • Dynamically pick up next hop from set of candidate

  17. Limitation of securing multi hop routing • Nodes which are one or two hops away from the to base station are more likely to be attacked or compromised • Using the cluster nodes which communicate directly to base station is one solution against node compromise • Using the virtual base station

  18. Countermeasures Summary • Link layer authentication, encryption, multi path routing, identity verification, bidirectional link verification and authenticated broadcast can protect the sensor network routing protocols • It is necessary to build such counter measures so that different attacks can be ineffective against them

  19. Conclusion • This paper covers the security issues at network level • Securing the routing protocols is most essential • Link layer encryption can be used against the mote class outsiders

  20. THANK YOU!!!!

  21. Question • It is said that using the good routing protocol we can minimize the wormhole and sinkhole attack i.e. by minimizing the number of hops to the base station. How it can be done?

More Related