1 / 19

CSC 774 Advanced Network Security

CSC 774 Advanced Network Security. Distributed detection of node replication attacks in sensor networks (By Bryan Parno, Adrian Perrig, Virgil Gligor) Presenter: Amit Singh 18 th Nov 2005. Outline. So, what’s the problem? Classical techniques of replication detection Centralized Scheme

sorena
Télécharger la présentation

CSC 774 Advanced Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CSC 774 Advanced Network Security Distributed detection of node replication attacks in sensor networks (By Bryan Parno, Adrian Perrig, Virgil Gligor) Presenter: Amit Singh 18th Nov 2005

  2. Outline • So, what’s the problem? • Classical techniques of replication detection • Centralized Scheme • Neighborhood voting scheme • Randomized multicast • Line Selected Multicast • Comparisons • Conclusion & future work

  3. The Problem • Tamper resistant hardware is expensive, so most wireless sensor networks are composed of unshielded sensor nodes • An adversary can easily attack, analyze and clone the unshielded sensor nodes and create replicas and insert them in the network • This gives the adversary to carry on a large class of insidious attacks like disrupting communication, subverting data aggregation, eavesdropping etc.

  4. Classical techniques of replication detection • Central Detection • Each node sends its list of neighbors to a central base station • Base station searches lists for replicas • Disadvantages: • Single point of failure • Exhausts nodes near base station (and makes them targets) • Some applications may not use base stations • Localized Detection • Neighborhoods use local voting protocols to detect replica • Disadvantage: • Replication is a global event that cannot be detected in a purely local fashion

  5. Distributed approach • Node-to-Network broadcast • Each node floods the network with its location information. • Each node stored the location information of it’s neighbors. If it detects a conflicting claim, the offending node is revoked. • Advantages • Achieves 100% detection of duplicate nodes (assuming the broadcast reaches throughout the network) • Disadvantages • Each node’s location broadcast requires O(n) messages • Total communication cost is O(n2) messages

  6. Notation

  7. Deterministic Multicast • Protocol • A node broadcasts its location claim, which is sent by its neighbors to a set of deterministically chosen witness nodes • Witnesses are chosen as a function of node ID • If a node is replicated, the witnesses will get more than one location claims for a single node ID which can then be revoked.

  8. Deterministic Multicast (contd.) • Example Node α sends location claim to node γ, which then computes a set of witness nodes from node id α, F(α)={ω1,ω2,…,ωn} and sends the location claim to each node in the set. If α claims to be at more than one location, then the witness nodes will detect it and revoke the node id α. • Disadvantage • Since, the set of witnesses is a function of node id, and is deterministic, the adversary can determine the witness node id’s which will become targets for subversion.

  9. Randomized multicast Conflict Detected!

  10. Randomized multicast (contd.) • Overview • Extends the multicast protocol to select witness nodes at random (not deterministically), so that adversary cannot detect their identities • In a network of n nodes, if each neighbor produces √n witnesses, then birthday paradox predicts one collision with high probability • So atleast one witness will receive a pair of conflicting location claims

  11. Randomized multicast (contd.) • Protocol Description • Each node α sends location claim to each of its neighbors γ1, γ2,…,γn • The location claim has the format • <IDα, Lα,{H(IDα, Lα)}Kα-1> • Each neighbor γi verifies the signature of Lα, and will then select g random nodes and will forward the location claim along the path to those nodes. • After receiving the location claim, the witness verifies the signature • It then checks the ID against all the location claims received thus far. • If a match is found, the node ID has been replicated and revocation protocol is invoked by flooding the network.

  12. Line Selected Multicast • Overview • Location claims from node α to γ, travel through several intermediate nodes as well. • If the intermediate nodes store the location claim, then a line is effectively drawn through the network • If a duplicate location claim crosses the line, it is detected and revocation scheme is invoked. • We only need a few lines to detect duplicate location claims.

  13. Line Selected Multicast (contd.) • Adversary has created a replica of α, namely α’ • Neighbors βi and βi’ report claims to randomly selected witnesses γi and γi’and they intersect at σ γ3’ β3’ γ3 Trapped! α’ σ β2’ γ2’ β1’ γ2 β3 γ1’ β2 γ1 α β1

  14. Line Selected Multicast (contd.) • Protocol • When α’s neighbors send out location claims to the r witnesses, each node along the route stores a copy of the location claims as well • E.g. βi stores a copy of the location claim before sending it along the path of nodes σ1, σ2, σ3,…, σm to the witness γi • Each σk verifies the signature of the claim, stores a copy in its buffer and forwards it along to σk+1 • However before forwarding, it checks if it already has stored a location claim for this node-id before. • If it finds a conflict, it floods the network with both the signed location claims Lα and Lα’ (un-forgeable evidence) resulting in revocation of α

  15. Detection probability vs. topology

  16. Communication overhead comparison • Randomized multicast scales linearly as the no of nodes increases • Line selected multicast scales as √n, so it is more scalable

  17. Summary of protocol costs • Communication costs are for the entire network • Memory costs are per node

  18. Conclusion • Emergent algorithms (randomized and line-selected multicast) utilize the collective efforts of multiple sensor nodes to provide capabilities beyond those of any single node • They are robust to individual node failures and avoid the problem inherent in centralized solutions • Line selected multicast in particular offers less communication and memory overhead and is an attractive choice for selection

  19. Future Work • An assumption in the above two schemes is that the replicated nodes continue to follow the protocol. • Adversary can suppress or drop messages of location claims to avoid detection of replicated nodes. • The protocol needs to be extended to work even in case of such misbehaving nodes by detecting such nodes by secure implicit sampling technique. • A periodical sweep of the network for replicas helps in preventing the adversary to establish a significant foothold in the network.

More Related