Wireless Sensor Network Security by yurtgc548

VIEWS: 14 PAGES: 12

									Securing Sensor
Networks from
compromised nodes


Anant Utgikar, Dr. Efe, Dr. Rao
Center for Advanced Computer
Studies, Univ. LA – Lafayette.
Introduction
• Sensor Node
  –   Sensing unit (Application specific)
  –   Processing unit (e.g. ATMEL chip)
  –   Limited, tiny Power Supply (Battery)
  –   Communication Transceiver
• Sensor Network features
  –   Sensors prone to failure (power out etc.)
  –   Highly dense Sensor deployment (thousands to millions)
  –   Sensors Broadcast information
  –   Dynamic Topology
Motivation
• Applications
  – Environmental
    • Forest fire, dams, flood, agriculture…
  – Domestic Appliances
    • Physiological, Home Automation…
  – Military
    • Homeland Security, Unconventional weapons…
  – Commercial
    • Shipment Tracking, Car theft, Inventory control…
Mobile Wireless Ad Hoc
Networks
• SEAD: DSDV
    • Guards against Denial of Service
    • Robust against multiple attackers
• ARIADNE: DSR
    • Prevents most DoS attacks
    • Safeguards uncompromised routes
• SPINS: Sensor Networks
    • SNEP: Confidentiality, Authentication, freshness
    • TESLA: Authenticated Broadcast using efficient one-way
      hash chain disclosed in reverse order
    • Freshness: Loose, bounded synchronization
 Tiny OS
• Design Issues:                            • Configuration:
  –   Small size and low power                    – Data-centric operation
  –   Concurrency                                 – Sleeping modes: Idle, Power
                                                    down, Power save
  –   Parallelism and hierarchy
                                                  – Efficient multithreading engine
  –   Design and application
                                                  – Static compilation of program
  –   Robustness
                                                  – Components execute commands
                                                    upon occurrence of events
            Application layer coordinating individual functional components


            Transport +                                                       Sensor unit 2
                                             Sensor unit 1,
            network layer                                                     (sensing)
                                             (software level)


            Transceiver                        Sensor unit 1,
                                               (Sensing)
Ongoing Work I:
Tracking Misbehavior
• Watchdog:
  – Monitor erroneous neighborhood activity
  – Encrypt information (e.g. SPINS)
  – Propagate to Sink (Base Station)
• Pathrater:
  – Node rating for activity
  – Average Path reliability metric
• Limitations[3]:
  – Mobility and link breaks
  – Colluding attackers (as in vertex cut)
Secret key communication to reconfigure,
resharing keys and guard misbehavior




                  Base Station

                        Secret keys


     Sensor-1
                                          Sensor-n
                Sensor-2

                                           Sensor-j
   Sensor-i
                Hashed authentication +
                misbehavior guarding
Ongoing Work II:
Dynamic Grouping
• Suitable for make-shift military
  applications
• Threshold Cryptography
    •   Sink robust to k dysfunctional / faulty sensor nodes
    •   Distribution of refreshed key share using RC6
    •   Reliable Event Detection
    •   Hashed Authentication
Key share refreshing by redistributing each
of n existing keys into new number of
sharing nodes m.

                       S1m………………..….. Sim…………………Snm




      Sm’
      .


      Si’               S11….……………Si1...…………….Sn1
      .
      .
      S1’




                        S1…………………. Si………………..…Sn
Ongoing Work III:
Encryption
• Constraints:
  – 8 MHz processor, 8 kB memory
  – 8-bit Bus, 10 kbps Bandwidth
  – Negligible asymmetric encryption
    • Key sizes, computation, distribution
• Research Challenges:
    • Stream and Block ciphers
    • < 256 byte RC6 ‘component’ in TinyOS
    • Porting Rijndael Encryption Standard
Implementation
• Devices
  – Development Kits
  – Motes
     •   Laser capable and MALT [6]
     •   RF and Mini mote
     •   IrDA device compliant
     •   Corner Cube Reflector
• Simulation
  – SensorSIM
  – NS2
  – PARSEC
    Summary and
    Bibliography
•   Introduction to Sensor Networks and Applications
•   Motivation for Security
•   Ad Hoc Networks
•   Tiny Operating System
•   Ongoing Research Directions
•   [1] J. Hill, R. Szewczyk, A. Woo, S. Hollar, D. E. Culler and K. S. J. Pister, System Architecture Directions for Networked Sensors,
    “Architectural Support for Programming Languages and Operating Systems”, ’00.
•   [2] A. Perrig, R. Szewczyk, V. Wen, D. Cullar and J. D. Tygar, SPINS: Security protocols for sensor networks, In Proceedings of MOBICOM,
    2001.
•   [3] Marti, T. Giuli, K. Lai and M. Baker, Mitigating routing misbehavior in mobile ad hoc networks, In Proceedings of the Sixth annual
    ACM/IEEE International Conference on Mobile Computing and Networking, pages 255--265, 2000
•   [4] L. Zhou and Z. J. Haas, Securing Ad Hoc Networks, IEEE Network Magazine, vol. 13, no.6, Nov. /Dec. 1999
•   [5] Akyildiz, I. F., Su, W., Sankarasubramaniam, Y., and Cayirci, E., "Wireless Sensor Networks: A Survey," Computer Networks (Elsevier)
    Journal, pp. 393-422, March 2002
•   [6] http://www-bsac.eecs.berkeley.edu/archive/users/hollar-seth/macro_motes/macromotes.html
•   [7] L. Zhou and Z. J. Haas, Securing Ad Hoc Networks, IEEE Network Magazine, vol. 13, no.6, Nov. /Dec. 1999

								
To top