1 / 23

Denial of Service in Sensor Networks

Denial of Service in Sensor Networks. Anthony D. Wood John A. Stanovich Presenter: Todd Fielder. Denial of Service. Any event that diminishes or eliminates a network’s capacity to perform it’s expected function. Hardware failure Software bugs Resource exhaustion

zaina
Télécharger la présentation

Denial of Service in Sensor Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Denial of Service in Sensor Networks Anthony D. Wood John A. Stanovich Presenter: Todd Fielder

  2. Denial of Service • Any event that diminishes or eliminates a network’s capacity to perform it’s expected function. • Hardware failure • Software bugs • Resource exhaustion • This article is primarily concerned with protocol or design level vulnerabilities.

  3. Complications in Sensor Networks • Harsh environments • Fault tolerant • Must be resilient in the presence of failures • Subverted nodes which are as powerful as network nodes • Potentially more powerful computing capabilities at adversary • i.e. could be wired

  4. Network Architecture • A layered network architecture • Clean Division Increases robustness by defining layer interactions and interfaces • Sensor Networks sacrifice robustness, cross layers, to increase performance • Each layer vulnerable to different DOS attacks

  5. Physical Layer • Wireless communication due to large scale ad-hoc network • Wired base station rare

  6. Jamming • Interference with the radio frequency the network is using. • Easily detectable due to constant energy • Defenses: • Spread Spectrum: frequency hopping based on a predetermined algorithm. • Resource intensive • Jamming rarely affects entire network, route around affected area

  7. Tampering • Attacker can gain access to physical sensor and either analyze device to obtain sensitive information and/or replace sensor. • Obtain cryptographic keys • Reprogram Nodes • Defenses: • Tamper proof physical packaging • Node should react in fail-complete manner • Camouflage or hide nodes

  8. Link Layer • Provides channel arbitration for neighbor to neighbor communication • Cooperative Schemes, such as carrier sense, are particularly vulnerable to DOS attacks.

  9. Collision (corruption) • Can disrupt an entire packet by introducing a collision in only small portion of packet • Requires only fractional portion of energy • Causes heavy expenditure in energy by target (exponential backoff ) • Defenses: • Error correcting codes • Usually used for small errors (environmental or probabilistic) • Collision detection • Still requires communication among nodes…not completely effective

  10. Exhaustion • Communicate in such a way so as to drain battery resources • If retransmission is repeated and collision induced near end of frame, nearby nodes would become exhausted of energy. • Self-Sacrificing node • Interrogation – node continually sends RTS to attacker to solicit a CTS, thereby exhausting both nodes battery resources • Defenses: • Rate-limiting • Network ignores excessive requests without transmitting additional packets

  11. Unfairness • Intermittent application of previous attacks could degrade service of the network • Cause loss of real-time services • Defenses: • Small Frame: • Allows individual nodes to capture the channel for a small period of time

  12. Network and Routing Layer • Most nodes will serve as routers • Due to ad-hoc nature of network • Causes additional complexities for protocol • Simple enough to scale to large networks • Robust enough to deal with failures several hops from source

  13. Neglect and Greed • Node-as-Router • Neglect: Does not forward other packets • Greed: Gives undue priority to own packets • Difficult to detect • Defenses: • Multiple routing paths • Redundant message transmission

  14. Homing • Passive adversary observes traffic to determine which nodes are critical to network function, then concentrates attack on that node • Defenses: • Encrypt headers at each hop, to prevent source and/or destination from becoming discovered

  15. Misdirection • Forward Packets along wrong paths • Smurf: forge the victim’s address as the source of message, causing all responses to be sent to that address. • Defenses: • Egress Filtering • Verify source address and only route legitimate packets.

  16. Black Holes • Nodes advertise zero-cost routes to every other node, causing every other node to route in their direction. • Defenses: • Easy to detect

  17. Defenses • Authorization • Only authorized nodes may exchange routing information • Monitoring • Observe neighbors to ensure proper routing behavior • Probing • Periodically send probes that cross the network’s diameter • Redundancy • Duplicate messages across multiple paths protects against routing failures

  18. Transport Layer • Provides services for end-to-end communication • Tend to be simple to reduce overhead

  19. Flooding • Feasible in state protocols, an adversary sends many connection establishments to an adversary, who must keep these SYN request in a Queue, which eventually fills up • Defenses: • Limit number of connections • Prevents resource exhaustion • Can still Deny Service to legitimate connections • Client Puzzles • Requires clients to demonstrate resources they are willing to commit to the connectionby solving a puzzle distributed by the server

  20. De-synchronization • An existing connection is disrupted by an adversary repeatedly forging messages with incorrect timing data (seq. num, control flags) • Defenses: • Authenticate each packet

  21. Adaptive Rate Control • Improvements to standard MAC protocols for Wireless Sensor Nets. • Random transmission delay • Back off that shifts an application’s periodicity phase • Minimization of overhead in contention control mechanisms • Passive adaptation of originating and route through admission control rates • Anticipatory delay for avoiding multi-hop hidden-node problems. • Preference given to route through traffic in admission control protocol (back-off less at distant nodes). • Preserves networks investment in packets that have been forwarded many hops. • Problem: High bandwidth packet streams generated by an adversary will receive preference during collisions. • The network must not only bear the malicious traffic, it also gives preference to it.

  22. Real-Time Location-Based Protocols (RAP) • Real-time communication architecture • Geographic forwarding with a velocity monotonic scheduling (VMS) policy. • Based on packet deadline and distance to travel. • Problem: Adversary can inject messages with geographic destinations far away. • Static Velocity: Intermediate nodes only need to make local forwarding decisions. • Dynamic Velocity: Intentionally lowering its velocity so that the packet misses its deadline. • Solutions: • Static Velocity: Use cryptographic keys to authenticate velocity • Dynamic Velocity: Clock Synchronization to prioritize packets

  23. Questions???

More Related