WSN Security Threats and Countermeasures

Wireless Sensor
Network
Security
WSN Course Seminar
Dr.Saadat
by
Ahmadreza Ghaznavi
ar.ghaznavi@stu.yazd.ac.ir

2

Outline
 WSN

Specification Review
 WSN Security Concerns
 WSN Constraints
 WSN Security Requirements
 WSN Security Threats
 WSN Security Countermeasure

WSN Security - Ar.Ghaznavi

3

WSN Specification Review
 High

number of nodes
 High-density deployment of nodes
 Vast and various applications
 Energy, memory and processing limit
 No communication Infrastructure
 Remote area deployment
 Being Unattended after deployment

4

WSN Security Concerns
 How

to secure against physical attacks in
unattended deployments?
 How to secure in accordance with WSN
constraints?
 How to adapt security mechanisms in
other networks to WSN?
 How to design secure routing, clustering,
MAC, data aggregation and locationing
protocols?

5

WSN Constraints Review
 Energy

constraint
 Memory constraint
 Unreliable communication
 High latency
 Remote intermittent support


6

Energy Constraint
 Energy




Transducer unit
Communication unit
Processing unit

 To


need :

communicate 1 bit

800 to 1000 instructions

 Communication

consumes the most.
 Security mechanisms impose
communication overhead and more cost.

7

Memory Constraint
 Memory



Type :

Flash : Program code
RAM: Running application, Processing and
aggregated data

 Not

enough space to support security
mechanisms


SMART DUST: 4KB for Tiny OS, Just 4.5KB to…


8

Unreliable Communication
 Channel


destroying nature

Noise, Interference, fading

 Congestion


in nodes

Collision

 More

overhead to assure communication
 Less space remained to security


9

High Latency
 Multi

hop connection-less routing
 Congestion and need to retransmission
 But in Security synchronization is important





Security log Review
Security log correlation and analysis
Key management


10

Remote Intermittent Support
 Remote

deployment
 Not management and maintenance for
long periods



They are exposed to physical attacks
They need to be secured against that


11

WSN Security Entities
 What



Data
Resources

 From




what to protect ?

Attacks
Anomalies

 How


to Protect ?

to protect ?

Mechanisms and protocols

12

WSN Security requirements











Confidentiality
Integrity
Availability
Freshness
Self-organization
Self-healing
Secure Localization
Synchronization
Authentication

13

Security Requirements(Cont..)







Confidentiality: Data understood just at
authorized node.
Integrity : No change or modification at
intermediate nodes.
Availability : WSN service Availability in spite
of security breaches like DoS attack.
Freshness : Data is not replayed or replicated.
Self organization and healing: Protocols
dynamicity not only in … but also in security

14

Security Requirements(Cont..)
 Secure

Localization : where that is critical
the protocols must be robust enough like
Verifiable Multilateration.
 Authentication : Ensures integrity


15

WSN Security Threats
 Against

Availability: They are generally
DoS Attacks.
 Against Secrecy and Authentication:
Attacks like eavesdropping, IP spoofing
and Packet Replay.
 Against Service Integrity : Make the
network accept false data values.


16

Threats Against Availability
 DoS



An event to reduce a network’s capacity
to perform an expected function.
Common defense mechanisms need large
overhead and not suitable for WSN.

 DoS



attacks in general:

attack in WSN:

They are considered in different layers
Defense mechanisms are developed
specially

17

DoS Attack in WSN
 Physical



Jamming : continuous, intermittent, distributed
Tampering : the node or its function change

 Data





Layer:

Link Layer:

Intentional Collision: Back-off time increase
Resource Exhaustion: impose retransmission
Unfairness: degradation of real-time
applications/ weak form of DoS attack


18

DoS Attack in WSN


Network Layer:











Spoofing Routing Info
Selective Packet Forwarding
Sinkhole
Sybil
Wormhole
Hello Flooding
Acknowledge Spoofing

Transport Layer:



Flooding:
De-synchronization:

19

Network Layer DoS


Spoofing Routing Information:




An attacker may spoof, alter, or replay
routing information to disrupt traffic in the
network.
These disruptions include :
creation of routing loops
 attracting or repelling network traffic from
selected nodes
 extending or shortening source routes
 generating fake error messages
 causing network partitioning
 increasing end-to-end latency



20

Network Layer DoS
 Selective Packet Forwarding:
 Multihop Nets like WSN require accurate forwarding
 An attacker may compromise a node in such a way
that it selectively forwards some messages and drops
others.
 Sinkhole:
 an attacker makes a compromised node look more
attractive to its neighbors by forging the routing
information
 Facilitates the selective forwarding

21

Network Layer DoS
 Sybil:





One node presents more that one identity in a network
To defeat objective of redundancy mechanisms in
distributed data storage systems in peer to peer Nets.
effective against routing algorithms, data aggregation,
voting, fair resource allocation, and foiling misbehavior
detection.

 Wormhole:


Creating low latency link between two portions of a network
over which an attacker replays network messages via :



Single node connecting two adjacent non-neighboring nodes.
Pairs of nodes in two portion of the network (Facilitates Sinkhole).

22

Network Layer DoS
 Hello




Flooding:

the attacker node falsely broadcasts a shorter route to the
base station through high power hello packet transmission.
All nodes in spite that of being out of the radio range of the
attacker, attempt to send packets to it.
It facilitates Sinkhole attack.

 Acknowledge



Spoofing:

attacking node may overhear packet transmissions from its
neighboring nodes and spoof the acknowledgments
The attacker is able to disseminate wrong information about
the status of the nodes

23

Transport Layer DoS


Flooding:







Any protocol with status keeping at connection end is
vulnerable to this.
An attacker may repeatedly make new connection
request.
The resources required by each connection are
exhausted or reach a maximum limit.
Further legitimate requests will be ignored

De-synchronization:



Disruption of an existing connection .
Accurately timed, repeatedly spoof messages to an end
host causing the host to request the retransmission of
missed frames.

24

DoS Attack Countermeasures


25

Threats Against Secrecy
 Node





Replication :

An attacker attempts to add a node to an
existing WSN by replication (i. e. copying) the
node identifier of an already existing node in
the network.
Leads to network partitioning, communication
of false sensor readings.
Accessing Crypto keys, attacker can easily
manipulate a specific segment of the network

26

Threats Against Secrecy


Unauthorized Data aggregation:


Eavesdropping and Passive Monitoring:





Traffic Analysis:







Possible if communication is not protected by
cryptographic mechanisms
Example: Location information gathering
identify some sensor nodes with special roles and
activities in a WSN.
It usually precedes the eavesdropping.
2 Mechanism : Rate Monitoring and Time Correlation

Camouflage:


An adversary may compromise a sensor node in a WSN
and later on use it to masquerade a normal node

27

Defense Against Attacks on
Sensor Privacy


Defense against Node Replication:


Randomized multicast:






Location Info is multicast to random witnesses.
Birthday Paradox is used to detect replicated
In a network of n nodes, if each location produces √n
witnesses, then, the birthday paradox predicts at least
one collision with high probability.

Line-selected multicast:







It uses network topology to detect replicated
It is based on the rumor routing protocol
If a conflicting location claim ever crosses the line
segment of location claim route to random witness,
replication is detected.
Communication overhead reduces from O(n2) to O(n√n)

28

Defense Against Attacks on
Unauthorized Data Aggregation


Defense against Traffic Analysis:



It prevents both rate monitoring and time
correlation.
It includes four mechanisms:
Forwarding to multiple parents
 Controlled Random Walk in multi hop path
selection to distribute packet traffic
 Random fake paths are introduced
 Random areas of high communication
activities are created to deceive the attacker



29

Defense Against Attacks on Sensor
Privacy


Anonymity mechanisms:




An anonymity mechanism depersonalizes the data
before it is released from the source.
privacy and disclosure trade-off in location-based
services.
Four proposed approaches:









decentralization of storage of sensitive data
establishment of secure channel for communication
changing the pattern of data traffic
exploiting mobility of the nodes

Policy-Based approaches
Information Flooding:


Four mechanisms are proposed as follows.

30

Information Flooding mechanisms
to protect privacy


Baseline flooding:




Probabilistic flooding:





only a subset of nodes in the entire network participates in data
forwarding
There is packet loss possibility.

Flooding with fake messages:




every node in the network forwards a message only once
(Broadcast to all neighbors)

More sources can be introduced that inject fake messages into
the network to prevent back tracing.

Phantom flooding:


Probabilistic flooding same concept but changing the shortest
path in each packet transmission.



First phase takes hops through random walk (unicast)
Second phase floods the message through baseline flooding


31

Other security Mechanisms…
 Intrusion

Detection
 Secure Data Aggregation and Clustering
 Secure Routing
 Cryptography and key management
 Trust Management


32

Important WSN Security
Protocols
 SPIN


:

SNEP(secure network encryption protocol)
 Provides

data confidentiality, two-party data
authentication, and data freshness for peer
to peer communication.



uTELSA (timed efficient streaming loss-tolerant
authentication protocol)


provides authenticated broadcast


Thanks for
your attention
Questions?
The End

WSN Security Threats and Countermeasures

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (19)

En vedette

En vedette (18)

Similaire à WSN Security Threats and Countermeasures

Similaire à WSN Security Threats and Countermeasures (20)

Dernier

Dernier (20)

WSN Security Threats and Countermeasures