1 / 35

A Survey of Secure Location Schemes in Wireless Networks

A Survey of Secure Location Schemes in Wireless Networks. - 2010/5/21. Outline. Introduction Secure Location Schemes Location Verification Range-independent Scheme (SeRLoc) Base Station Assisted Secure Localization Detect Compromised Beacon Nodes Defeat Non-cryptographic Attacks Summary.

vin
Télécharger la présentation

A Survey of Secure Location Schemes in Wireless Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. A Survey of Secure Location Schemes in Wireless Networks - 2010/5/21

  2. Outline • Introduction • Secure Location Schemes • Location Verification • Range-independent Scheme (SeRLoc) • Base Station Assisted Secure Localization • Detect Compromised Beacon Nodes • Defeat Non-cryptographic Attacks • Summary

  3. Location & Identity in Wireless Networks • Application • Location Based Service (LBS)  privacy issues • Solution: legal framework, k-anonymity, etc. • Network • Geographical routing, location based access control • Physical Layer • Location could be used to detect source spoofing attacks (in wireless networks)

  4. WSN Have mission-critical tasks Sensor nodes: low cost, limited resource, multifunctional Usually has one BS Prone to failure, easy to be compromised Location matters The location of sensors is a critical input to many higher-level networking tasks [5] Wireless Sensor Network (WSN)

  5. Localization in WSN • Techniques: • GPS • Ultrasound • Radio (RF) • RSSI, ToA, TDoA, AoA, etc. • Usually has Beacon nodes • With known locations and sending beacon signals • Security issues: • Location discovery in hostile environments • Attacker could masquerade or compromise beacon nodes, or perform replay attacks

  6. Threat Model • (Internal) dishonest or compromised nodes • Can authenticate itself (to other sensor nodes) • Report false position • (External) malicious nodes • Can not authenticate itself (as an honest nodes) • Can perform timing attack (delaying or speeding-up) • Other attacks • PHY-layer attack

  7. Examples Masquerade beacon node Compromised beacon node Replay attack (locally replay or through wormhole)

  8. Taxonomy Secure Location w/ beacon nodes w/o beacon nodes • Localization: • Location Verification • Range-independent • localization • Base Station Assisted • Attack Detection: • Detect Compromised • Beacon Nodes • Defeat Non- • cryptographic Attacks

  9. V C Location Verification(Location-based Access Control) • In-region verification • Roles: • Claimants & Verifiers • Method: • Distance bounding techniques • Upper bound the distance of one device to another (dishonest) device C: I’m at some location l R Region of interest [1] N. Sastry, U. Shankar, and D. Wanger, “Secure Verification of Location Claims,” in Proc. ACM Workshop Wireless Security, 2003, pp. 1-10.

  10. . p (prover) Location Verification(Location-based Access Control) • More complex cases: • Consider processing/transmission delay, • Consider non-uniform regions, • Consider multiple verifiers • A simplified case Echo Protocol: (secure, lightweight) (why sound?) c: light speed s: sound speed

  11. Distance Enlargement Attacks (MMSE: Min. Mean Square Estimate) • Distance bounding – vulnerable to distance enlargement attacks but not to distance reduction attacks • Propose VM (Verifiable Multi-lateration) • Also relies on distance bounding (at least 3 verifiers) T: set of verifiers that form triangles around u (claimant) [2] S. Capkun and J.-P. Hubaux, “Secure Positioning of Wireless Devices with Application to Sensor Networks,” in Proc. INFOCOM, 2005, vol. 3, pp. 1917-1928.

  12. Detection of Distance Enlargement Attack u’ Enlarging db1 is impossible

  13. SPINE (Secure Positioning In sensor NEtwork) • SPINE: a system for secure positioning of a network of sensors, that is based on VM • Possible Attacks: (Attacker-x-y) x: # of compromised nodes (c) y: # of malicious nodes (m)

  14. SPINE (Secure Positioning In sensor NEtwork) (cont’d) • Operate in 2 phases: • Sensors measure distance bounds to their neighbors • Central authority compute sensors’ positions (according to the distance bounds) (Verify db(s), then compute positions based on verified db(s)) (Positioning is also based on MMSE) BDV (Basic Distance Verification)

  15. SPINE (Secure Positioning In sensor NEtwork) (cont’d) • Effectiveness: • The effectiveness of this system depends on the number of node neighbors (node density) and on the number and the distribution of the reference nodes (verifiers)

  16. Taxonomy Secure Location w/ beacon nodes w/o beacon nodes • Localization: • Location Verification • Range-independent • localization • Base Station Assisted • Attack Detection: • Detect Compromised • Beacon Nodes • Defeat Non- • cryptographic Attacks

  17. Range-Independent Localization • Motivation: • Distance measure is vulnerable • Do not count on distance measure to infer the sensor location • Secure localization ≠ location verification • Goal: • Decentralized, resource efficiency, robust • Contributions: • Propose SeRLoc, a range-independent localization scheme • Propose security mechanism for SeRLoc • Evaluate the performance of SeRLoc [3] L. Lazos and R. Poovendran, “SeRLoc: Secure Range-Independent Localization for Wireless Sensor Networks,” in Proc. ACM Workshop Wireless Security, 2004, pp. 21-30.

  18. SeRLoc • Concept: • Locators use sectored antennas (with range R) • A sensor can identify the region it resides by computing the overlap between all the sectors it resides • Then estimates its location at the center of gravity of the overlapping region

  19. Secure SeRLoc • Encryption: • To protect the localization information, encrypt all beacons transmitted from locators • Sensors and locators share a global symmetric key K0 • Locator ID authentication: • Use one-way hash chains to provide locator ID auth. • Each sensor has a table containing {IDi ,Hn(PWi)} of each locator • Storage issues

  20. Threat Analysis • Authors analyze (1) wormhole attacks and (2) Sybil attack and compromised sensors • Analyze the vulnerabilities of other 3 range-independent localization schemes • Dv-hop, Amorphous localization, APIT

  21. Taxonomy Secure Location w/ beacon nodes w/o beacon nodes • Localization: • Location Verification • Range-independent • localization • Base Station Assisted • Attack Detection: • Detect Compromised • Beacon Nodes • Defeat Non- • cryptographic Attacks

  22. PBS PBS CBS Base Station Assisted Approaches • Contribution: • New approach, relies on a set of covert base stations • Enables secure localization with a broad spectrum of localization techniques (ultrasound, RF, etc) • Covert Base Station (CBS): • Known position • Passively listen to the on-going communication • Could be hidden or mobile base station broadcast nonce PBS nonce sensor measure TDoA and compute sensor’s position (PBS: Public Base Station) [4] S. Capkun, M. Cagalj, and M. Srivastava, “Secure Localization with Hidden and Mobile Base Stations,” in Proc. INFOCOM, 2006.

  23. 1. Infrastructure-centric Positioning with Hidden Base Stations • TDoA: • Position a source by finding the intersection of multiple hyperboloids. • Pros: does not require communication from BSs and mobile nodes • Security analysis: • TDoA drawback: using directional antennas, attackers could cheat BSs • Δ: tolerant size (also means the size of attacker’s guessing space) • T: signal propagation time + node processing time

  24. 2. Node-centric Positioning with Hidden Base Stations • Node compute its position, then verified by CBS • Node-centric: • Attacker might spoofs node’s position and then cheats on the position verification mechanism • CBS again verify the reported position by distance measure

  25. 3. Secure Positioning with Mobile Base Stations

  26. Taxonomy Secure Location w/ beacon nodes w/o beacon nodes • Localization: • Location Verification • Range-independent • localization • Base Station Assisted • Attack Detection: • Detect Compromised • Beacon Nodes • Defeat Non- • cryptographic Attacks

  27. Detecting Malicious Beacon Nodes • Motivation: • None of previous techniques can work properly when some of the beacon nodes are compromised • Goal: • Try to detect and remove compromised beacon nodes • Ensure correct location discovery • Approach: • Detect malicious beacon signals • Detect replayed beacon signals to avoid false positive • Revoke malicious beacon nodes [6] D. Liu, P. Ning, and W. Du, “Detecing Malicious Beacon Nodes for Secure Location Discovery in Wireless Sensor Networks,” in Proc. ICDCS, 2005, pp. 609-619.

  28. Detecting Malicious Beacon Signals • Idea: • Use beacon node (known location) to detect other beacon nodes • Locations of beacon nodes must satisfy the measurements (of their locations) derived from their beacon signals • Method: Note: to mislead the location estimation, the attacker has to make the estimated distance inconsistent with the calculated one. (By request & reply)

  29. Filtering Replayed Beacon Signals(Goal: avoid False Positive) • Malicious signal ≠ this node is malicious ! • Due to replay attack •  Replay through a wormhole attack • Detect this attack by checking the measured distance and the radio communication range • If within the communication range, go to next step (locally replay) •  Locally replayed beacon signals • Detect extra delay by measuring RTT between two neighbors • RTT measure in a real setup (does NOT consider the impacts of MAC protocol or any processing delay) • Extra delay  larger than RTTmax • (Assumption required) authenticated and unicasted beacon signal !!

  30. Revoke Malicious Beacon Nodes • Use the base station to further remove malicious beacon nodes from the network • Each beacon node shares a unique random key with BS • Beacon nodes can report the detecting results to BS securely • BS evaluates the suspiciousness of each beacon nodes • BS Maintains alert counters and report counters • This mechanism requires more beacon nodes and incurs more communication overhead

  31. Taxonomy Secure Location w/ beacon nodes w/o beacon nodes • Localization: • Location Verification • Range-independent • localization • Base Station Assisted • Attack Detection: • Detect Compromised • Beacon Nodes • Defeat Non- • cryptographic Attacks

  32. Focus on Non-cryptographic Attacks • Non-cryptographic attacks (physical attacks) • Such as signal attenuation and amplification • Degrade the performance of localization Algo. • Propose a general attack detection model • Based on this model, analyze two broad localization approaches (Multi-lateration based & signal strength based) • The attack detection mainly depends on statistical significance testing • Other test statistics are also discussed • Conduct trace driven evaluations • Using an 802.11 network and an 802.15.4 (ZigBee) network [5] Y. Chen, W. Trappe, and R. P. Martin, “Attack Detection in Wireless Localization,” in Proc. INFOCOM, 2007.

  33. Linear attack model on RSS Conduct Exp. in two real office buildings Detection model: Statistical significance testing Define test statistic T, null hypothesis H0, and its acceptance region Ω Metrics: Detection Rate ROC curve Models

  34. Reference [1] N. Sastry, U. Shankar, and D. Wanger, “Secure Verification of Location Claims,” in Proc. ACM Workshop Wireless Security, 2003, pp. 1-10. • UC Berkeley [2] S. Capkun and J.-P. Hubaux, “Secure Positioning of Wireless Devices with Application to Sensor Networks,” in Proc. INFOCOM, 2005, vol. 3, pp. 1917-1928. • EPFL Switzerland [3] L. Lazos and R. Poovendran, “SeRLoc: Secure Range-Independent Localization for Wireless Sensor Networks,” in Proc. ACM Workshop Wireless Security, 2004, pp. 21-30. • Univ. of Washington [4] S. Capkun, M. Cagalj, and M. Srivastava, “Secure Localization with Hidden and Mobile Base Stations,” in Proc. INFOCOM, 2006.

  35. Reference [5] Y. Chen, W. Trappe, and R. P. Martin, “Attack Detection in Wireless Localization,” in Proc. INFOCOM, 2007. • Rutgers Univ. [6] D. Liu, P. Ning, and W. Du, “Detecing Malicious Beacon Nodes for Secure Location Discovery in Wireless Sensor Networks,” in Proc. International Conf. Distributed Computing Systems (ICDCS), 2005, pp. 609-619. • NCSU, Syracuse Univ. [7] D. Liu, P. Ning, and W. Du, “Attack-Resistant Location Estimation in Sensor Networks,” in Proc. International Symposium Information Processing Sensor Networks (IPSN), 2005, pp. 99-106. [8] L. Fang, W. Du, and P. Ning, “A Beacon-less Location Discovery Scheme for Wireless Sensor Networks,” in Proc. INFOCOM, 2005. [9] W. Du, L. Fang, and P. Ning, “LAD: Localization Anomaly Detection for Wireless Sensor Networks,” in Proc. IEEE International Parallel Distributed Processing Symposium (IPDPS), 2005, pp. 41a-41a.

More Related