Embed Size (px)
Citation preview
Attacks in Sensor Networks
Team Members:
Subramanian Madhanagopal Sivasankaran
Rahul Poondy Mukundan
Sensor Networks
Wireless sensor networks enable wide range of applications in both military and civilian domains
Consists small, low-cost, resource limited nodes. Forward data in a multi-hop fashion This lack of infrastructure makes them susceptible
to numerous attacks
Typical Attacks ATTACKS ON CONTROL TRAFFIC
Wormhole
Sybil Attack
Used to attack data traffic attacks
ATTACKS ON DATA TRAFFIC
Blackhole
Selective forwarding
Artificial delaying of packets
Existing Countermeasures HMAC and digital signatures
Intermediate node authentication
Hash trees
U(Mu) Tesla
The drawbacks of these measures are,
Highly complex
High communication overhead
Require infrastructure
Not feasible for Sensor networks
DICAS - Framework DICAS is a lightweight framework, which mitigates the earlier
mentioned attacks.
Achieved by detection and isolation of malicious nodes.
DICAS provides the following,
Primitives:
Neighbor Discovery
One-Hop Authentication
Modules:
Local Monitoring
Local Response
System Model and Assumptions Model
Attacker can control both external and/or internal nodes
A malicious node can perform any of the attack individually or by colluding with other nodes
Assumptions
Attacker can’t compromise more than an application defined threshold of guards in a certain transmission range in a given amount of time
Key management protocol is used to pre distribute pair wise keys for secure communication
Static Topology
Primitives Neighbor discovery
Every node joining the network find its immediate two hops by secure communication between its neighbors.
The communication is carried out using the shared secret keys (Authentication)
One Hop Source Authentication
Commitment key for neighbor verification along with message authentication
Undisclosed Commitment key piggybacked with response for source authentication
Local Monitoring - Detection Guard Node
Can monitor a node
Neighbor to both communicating nodes
Functions
Maintains a watch buffer
Contains immediate and original Source/Destination pairs
Packet ID
Packet Information
Drop, Delay Detection – Packet header
Modification Detection – Entire Payload
Malicious Counter (incremented with malicious activity)
Local Response – Isolation of Nodes Node deemed malicious if Malicious counter
exceeds threshold value Guard Node (say M) revokes malicious node (say A)
from neighbor list M alerts A’s neighbor (say D) D stores A in Alert Buffer Number of messages per isolation = number of
neighbors for guard Light weight property
Lightweight Source Routing (LSR) Routing protocol similar to AODV More resilient and secure Appropriate for Sensor Networks
Working Route Request Route Reply
Route Request Source (S) broadcasts Route Request
| SN(sequence)
Random Node B buffers announcements of same request for time TR and forwards random saved announcement from Node W when TR is timed out
Till the request reaches Destination D
Route Response Destination node responds with Route Reply
D A: REP | MAC(KSD) | KSD | IDD | IDA
A – immediate previous hop
MAC – Message Authentication Code
IDD – Destination ID
IDA – Previous Hop ID
A removes KSD and inserts set {D,D},{S,C} A C = REP || MAC || IDD || IDA || IDC
C = Immediate Neighbor for A This is repeated till Route Reply Reaches D
Analysis Collision Probability increases with increase in nodes
Detection rate equals zero for number nodes > 24
ADVANTAGE
Lightweight
Secure
Negligible False Alarm Rate
DISADVANTAGE
Not Feasible for large number of nodes
Works only for static topology
Requires pairwise keys to be distributed among the nodes (N*N-1 Keys)
Conclusion Can be extended to mobile networks in future Might require Neighbor Discovery throughout the
communication
Reference DICAS: Detection, Diagnosis and Isolation of Control Attacks in Sensor
Networks, Issa Khalil, Saurabh Bagchi, Cristina Nina-Rotaru, IEEE Conference on Security and Privacy for Emerging Areas in Communication Networks (SecureComm), Athens, Greece from 5 - 9 September, 2005
