Embed Size (px)
Citation preview
SECURE ROUTING IN WIRELESS
SENSOR NETWORKS
ATTACKS AND COUNTERMEASURES
A.MUQEED
11011A0449
CONTENTS:
• Introduction
• Sensor Networks vs Ad-Hoc Networks
• Problem statement
• Attacks on sensor network routing
• Countermeasures
• Future Enhancements
• Conclusion
• References
Introduction
• Propose security goals for routing in wireless Sensor networks.
• Show how certain attacks against Ad-hoc networks and peer-to-peer
networks can be adapted into more powerful attacks against sensor
networks.
• Provide a list of attacks and their countermeasures.
• Sensor Network: Heterogeneous system consisting of tiny sensors and
actuators having some computing elements.
• When all the wireless sensor nodes are connected in a network, they form a
wireless sensor network.
• Hence, Wireless Sensor Networks are heterogeneous systems containing
many small devices called sensor nodes and actuators with general-purpose
computing elements.
• WSN’s facilitate monitoring and controlling of physical environments from
remote locations that could be difficult or dangerous to reach.
• Base Station:
– Point of centralized control
– Gateway to another network, powerful data processing unit, or point of
human interface
– More processing capability, memory & power
• Aggregation points: Node at which the messages are processed before
sending to base station.
Sensor N/w vs Ad-Hoc N/w
• Similarity: The dominant communication method in both is multi-hop
networking.
• Differences:
I. Ad-Hoc networks support routing between any pair of nodes, whereas
sensor networks support specialized communication pattern like Many-to-
one, One-to-many, Local communication.
II. Nodes in sensor networks are more resource constrained than Ad-Hoc
networks.
III. Higher level of trust relationship among sensor nodes. In-network
processing, aggregation, duplication elimination.
Problem Statement
• Before discussing about each attack on routing protocol and its
countermeasure a clear view about routing security problem is required.
• Network Assumptions:
-> Insecure radio links.
-> Malicious node collude to attack the system.
-> No tamper resistance on nodes.
-> Adversary can access all key material, data, and code stored on the
captured node.
• Trust Requirements:
-> Base stations are trustworthy.
-> Aggregation points not necessarily trustworthy.
• Threat Models : 2 types
-> Based on device capability
– Mote-class attacker Access to few sensor nodes.
– Laptop-class attacker Access to more powerful devices. Have more battery
power, better CPU, sensitive antenna, powerful radio Tx, etc.
-> Based on attacker type / attacker location
– Outside attacks attacker external to the network.
– Inside attacks Authorized node in the network is malicious/compromised.
• Security Goals
– Secure routing protocol should guarantee integrity, authenticity, availability
of messages in presence of adversaries.
– Secrecy of application data is must.
Attacks on sensor network routing
• By Spoofing, Altering, or Replaying
routing information:
-> Attacker can create loops, attract or
repel network traffic, generate false
message, partition network, induce delay,
etc.
• Selective forwarding:
-> Malicious node forwards only some
messages, drop others.
-> Attacker tries to be on the actual path
of data flow, if it’s a neighboring node,
then it causes collision on each forwarded
packet of interest in order to include itself
on data flow path.
• Sinkhole Attacks:
– Main Reason : Specialized communication
patterns supported by wsn; All packets
have same destination i.e. base station.
– Adversary tries to attract traffic from a
particular area to pass through a
compromised node, thereby creating
sinkhole with adversary at the center.
– A compromised node may be made to look
attractive to neighbors in some routing
algorithm
– Laptop class adversary provide a high
quality route to base station by
transmitting at high power which will cause
the neighboring nodes to forward packets
through the adversary.
• Sybil Attack:
-> Single node presents multiple identities to other
nodes.
-> Significantly affect fault-tolerance schemes like
distributed storage, multi-path routing, topology
maintenance.
-> Threat to geographical routing protocols.
• Wormholes:
-> Transfer of packets from sender to receiver occurs
through a low latency route formed by creation of
wormhole.
-> This poses a threat to routing protocols which rely
heavily on geographic locations and proximity.
-> Selective forwarding and sinkhole attacks can be
launched from wormhole.
• HELLO flood attack:
-> Some protocols require that nodes
broadcast ‘HELLO’ packets to advertise
themselves.
-> Laptop-class attacker can convince every
node that it is their neighbor by
transmitting at high power.
-> Target nodes attempts to reply, but the
adversary is out of range.
->This creates a state of confusion in the
network
Attack on LEACH protocol• Low Energy Adaptive Clustering Hierarchy ("LEACH") is a TDMA-
based MAC protocol which is integrated with clustering in wireless sensornetworks (WSNs).
• The goal of LEACH is to lower the energy consumption required to create andmaintain clusters in order to improve the life time of a wireless sensor network.
• In LEACH nodes transmit to cluster heads, and the cluster heads aggregate andcompress the data and forward it to the base station(sink).
Attack:
• Since nodes choose a cluster-head based on received signal strength, anadversary can disable the entire network by using HELLO flood attack.
• Every node will choose the adversary as its cluster head and the adversary nowcan use selective forwarding attack to modify the node data.
• Simple countermeasure like changing the cluster-head for each round will easilybe compromised by Sybil attack.
Countermeasures
• Outsider attack and link layer security
-> Outside attackers can be reduced by link layer security and authentication using
a global shared key.
-> Sybil, Sinkhole, Selective forwarding attacks can be restricted as node doesn’t
accept identity of adversary and the adversary is prevented from joining
topology.
-> Ineffective against Insider attacks like wormhole, Hello flood attacks.
• Sybil attack
-> Every node shares a unique symmetric key with the base station.
-> Then two nodes generate pair-wise shared secret key between them (Needham
– Schroeder symmetric key exchange) for ‘Identity verification’
-> Limit the number of neighbors for a node prevent adversary from
establishing shared keys with everyone.
• HELLO flood attack
-> Verification of bidirectionality of a link before taking meaningful action using Identity
verification protocol.
-> Nodes are connected to limited verified neighbors, so even with a high sensitive
adversary the compromise of nodes is not on a large segment of network.
• Wormhole and Sinkhole attacks
-> Very difficult to defend when two are used in combination as wormholes use out-of-
bound channels invisible to networks.
-> Whereas sinkholes are difficult to defend against protocols using advertising
information.
-> Good protocol design is required to avoid these attacks.
Eg: Geographic routing protocol can be used to avoid wormhole and sinkhole attacks as
it is a location based protocol.
>> Initiation is not from base station and the traffic is naturally routed towards physical
location of base station hence difficult to create a wormhole and sinkhole.
• Selective forwarding
-> Use Multipath Routing; messages routed over disjoint paths.
-> Messages routed on n disjoint paths protected against selective forwarding offer
probabilistic protection when over n nodes are compromised.
Future Enhancements
• This survey on attacks and countermeasures in wireless sensor network
routing protocols will help in better design of routing protocols at
development stage.
• If design of routing protocols satisfies the proposed security goals then
effective defending against adversaries will be achieved.
Conclusion
• Different security problems in sensor networks.
• Different types of attacks on the sensor networks from inside attackers
and outside attackers.
• Countermeasures to avoid the occurrence of these attacks.
• Hence, Protocols developed for routing in wireless sensor networks must
be designed with security features in view.
References:
1. Chris Karlof and David Wagner, Secure routing in wireless sensor networks:
Attacks and countermeasures, University of california, Berkeley, IEEE 2003.
2. K.Venkatraman, J.Vijay Daniel, G.Murugaboopathi, Various attacks in Wireless
Sensor network: Survey, VelTech group of institution, IJSCE, March 2013.
3. Aashima Singla, Ratika Sachdeva, Review on Security Issues and Attacks in
Wireless Sensor Networks, Department of CSE Sri Guru Granth Sahib World
University, IJARCSSE, April 2013.
4. J.Steffi Agino, Priyanka, S.Tephillah, A.M.Balamurugan, Attacks and
countermeasures in WSN, St. Joseph’s College of Engineering, Chennai, Tamil
Nadu, IPASJ, January 2014.
5. I. R. Uouceur, "The Sybil Attack:' in 1st lnternational Workshop on Peer-to-
Peer Systems (IPTPS '0202). March 2002.
THANK YOU
