Security in Sensor Networks By : Rohin Sethi Aranika Mahajan Twisha Patel
Outline • Introduction • Time Syncronization Attacks • Denial of Service (DoS) Attacks • Conclusion
Need for Security in Sensor Networks • Broadcast nature of Wireless Communication • Lack of tamper-resistant hardware • Limited storage & computational resources rendering public key cryptography impractical
Time synchronization protocols : provide a mechanism for synchronizing the local clocks of the nodes in a sensor network used by many applications of sensor networks, such as tracking and localization. Attacks on time-synchronization protocols: have one main goal, to somehow convince some nodes that their neighbors’ clocks are at a different time than they actually are. Time Synchronization Protocols
Time-sync Protocol for Sensor Networks (TPSN) • TPSN initially creates a spanning tree of the sensor network. • While the tree is being built, the nodes perform pair-wise synchronization along the edges of the tree. • Each node exchanges synchronization messages with its parent in the spanning tree.
Flooding Time Synchronization Protocol (FTSP) • Root node broadcasts its local time and any nodes that receive that time synchronize their clocks to that time. • Synchronization messages: • rootID • seqNum • sendingTime • Whenever a node receives a message from the root node, it updates its global time. In addition, it broadcasts its own global time to its neighbors.
Flooding Time Synchronization Protocol • Each node retains the highest sequence number it has received and the rootID of the last received message used. • If a node does not hear a time synchronization message for a ROOT_TIMEOUT period, it declares itself to be the new root. • If a root hears a time synchronization message from another root with lower ID than itself, it gives up its root status.
Attacks on Time Synchronization Protocol for Sensor Networks • Send Incorrect Information to its children • Lie about its level in the tree • It can avoid participating in the tree building phase.
Attacks on FTSP • The compromised node can claim to be the root node with ID 0 and begin at a higher sequence number than the original root • All updates originating at the actual root node will be ignored.
Counter Measure For Time Synchronization Attacks • Corrupted Root: • A subset of the nodes act as the root on a rotating basis. • All nodes share a private key with that subset of the nodes that may become a root. • Any corrupted nodes might continue to send erroneous updates under this scheme, but the effects on the nodes' calculations of the skew and offset would be reduced.
Counter Measure For Time Synchronization Attacks (contd…) • Increasing Reliability : • The nodes record a subset S of the updates from their neighbors. • Preventing False Updates: • Skeptic Node may cease sending updates to its neighbors • Policy of containment
Denial of Service (DoS) Attacks • Attempt to make a computer resource unavailable to intended users • Force victims to reset/consume resources • Service no longer available • Obstructs communication media between intended users and victim
DoS in WSNs • Sleep Deprivation Attacks • Path Based DoS Attacks • Jamming Attacks
Sleep deprivation Attacks • Also known as Battery Exhaustion Attacks • Attacker drains the battery of pervasive computing device • Device rendered inoperable • Successful Attack • Currently not widespread but the potential exists
Forms of Sleep deprivation Attacks • Service Request Power Attacks • Benign Power Attacks • Malignant Power Attacks
Remedy for Sleep Deprivation Attacks • Existing security techniques • Power Secure Architecture • Goal: Provide some guaranteed fraction of the system’s expected battery life. • Fundamental Security Features: - • Multilayer Authentication • Energy Signature Monitoring
Power Secure Architecture • Multilayer Authentication • Service Request Attacks • Energy profile of service • Crippling energy level • Initial authentication must be lightweight process • Energy Signature Monitor • Benign and Malignant Attacks • Energy Monitoring Unit (EMU) : Self-contained unit for dynamically measuring the systems power consumption • Concerns • Allows Attacker to more easily tune a sleep deprivation attack • Checking signature must be lightweight process
Power Secure Architecture (contd..) • Energy Signature Monitor • Benign and Malignant Attacks • Energy Monitoring Unit (EMU) : Self-contained unit for dynamically measuring the systems power consumption • Concerns • Allows Attacker to more easily tune a sleep deprivation attack • Checking signature must be lightweight process
Path Based DoS Attacks • Damaging form of DoS Attacks • Hierarchical organization of sensor networks • Member Nodes • Aggregator Nodes • Base Station • Easy to launch and disable large portions of WSNs PDoS Attack in End-to-End Communication in WSNs
Remedy for PDoS Attacks • One-way Hash Chains (OHCs) • Detect spurious packets using separate shared key • Detect spurious packets using single “path” key • Rate Control
Jamming Attacks • Well-known attack on wireless communication • Adversary can disrupt entire network with k randomly distributed jamming nodes, putting N nodes out of service, where k << N • Attacks is simple and effective for single frequency networks
Remedy for Jamming Attacks • Standard Defense: Various forms of spread-spectrum communication • Phase I • Phase II