Docstoc

Wireless Sensor Network Security

Document Sample
Wireless Sensor Network Security Powered By Docstoc
					Securing Sensor
Networks from
compromised nodes


Anant Utgikar, Dr. Efe, Dr. Rao
Center for Advanced Computer
Studies, Univ. LA – Lafayette.
Introduction
• Sensor Node
  –   Sensing unit (Application specific)
  –   Processing unit (e.g. ATMEL chip)
  –   Limited, tiny Power Supply (Battery)
  –   Communication Transceiver
• Sensor Network features
  –   Sensors prone to failure (power out etc.)
  –   Highly dense Sensor deployment (thousands to millions)
  –   Sensors Broadcast information
  –   Dynamic Topology
Motivation
• Applications
  – Environmental
    • Forest fire, dams, flood, agriculture…
  – Domestic Appliances
    • Physiological, Home Automation…
  – Military
    • Homeland Security, Unconventional weapons…
  – Commercial
    • Shipment Tracking, Car theft, Inventory control…
Mobile Wireless Ad Hoc
Networks
• SEAD: DSDV
    • Guards against Denial of Service
    • Robust against multiple attackers
• ARIADNE: DSR
    • Prevents most DoS attacks
    • Safeguards uncompromised routes
• SPINS: Sensor Networks
    • SNEP: Confidentiality, Authentication, freshness
    • TESLA: Authenticated Broadcast using efficient one-way
      hash chain disclosed in reverse order
    • Freshness: Loose, bounded synchronization
 Tiny OS
• Design Issues:                            • Configuration:
  –   Small size and low power                    – Data-centric operation
  –   Concurrency                                 – Sleeping modes: Idle, Power
                                                    down, Power save
  –   Parallelism and hierarchy
                                                  – Efficient multithreading engine
  –   Design and application
                                                  – Static compilation of program
  –   Robustness
                                                  – Components execute commands
                                                    upon occurrence of events
            Application layer coordinating individual functional components


            Transport +                                                       Sensor unit 2
                                             Sensor unit 1,
            network layer                                                     (sensing)
                                             (software level)


            Transceiver                        Sensor unit 1,
                                               (Sensing)
Ongoing Work I:
Tracking Misbehavior
• Watchdog:
  – Monitor erroneous neighborhood activity
  – Encrypt information (e.g. SPINS)
  – Propagate to Sink (Base Station)
• Pathrater:
  – Node rating for activity
  – Average Path reliability metric
• Limitations[3]:
  – Mobility and link breaks
  – Colluding attackers (as in vertex cut)
Secret key communication to reconfigure,
resharing keys and guard misbehavior




                  Base Station

                        Secret keys


     Sensor-1
                                          Sensor-n
                Sensor-2

                                           Sensor-j
   Sensor-i
                Hashed authentication +
                misbehavior guarding
Ongoing Work II:
Dynamic Grouping
• Suitable for make-shift military
  applications
• Threshold Cryptography
    •   Sink robust to k dysfunctional / faulty sensor nodes
    •   Distribution of refreshed key share using RC6
    •   Reliable Event Detection
    •   Hashed Authentication
Key share refreshing by redistributing each
of n existing keys into new number of
sharing nodes m.

                       S1m………………..….. Sim…………………Snm




      Sm’
      .


      Si’               S11….……………Si1...…………….Sn1
      .
      .
      S1’




                        S1…………………. Si………………..…Sn
Ongoing Work III:
Encryption
• Constraints:
  – 8 MHz processor, 8 kB memory
  – 8-bit Bus, 10 kbps Bandwidth
  – Negligible asymmetric encryption
    • Key sizes, computation, distribution
• Research Challenges:
    • Stream and Block ciphers
    • < 256 byte RC6 ‘component’ in TinyOS
    • Porting Rijndael Encryption Standard
Implementation
• Devices
  – Development Kits
  – Motes
     •   Laser capable and MALT [6]
     •   RF and Mini mote
     •   IrDA device compliant
     •   Corner Cube Reflector
• Simulation
  – SensorSIM
  – NS2
  – PARSEC
    Summary and
    Bibliography
•   Introduction to Sensor Networks and Applications
•   Motivation for Security
•   Ad Hoc Networks
•   Tiny Operating System
•   Ongoing Research Directions
•   [1] J. Hill, R. Szewczyk, A. Woo, S. Hollar, D. E. Culler and K. S. J. Pister, System Architecture Directions for Networked Sensors,
    “Architectural Support for Programming Languages and Operating Systems”, ’00.
•   [2] A. Perrig, R. Szewczyk, V. Wen, D. Cullar and J. D. Tygar, SPINS: Security protocols for sensor networks, In Proceedings of MOBICOM,
    2001.
•   [3] Marti, T. Giuli, K. Lai and M. Baker, Mitigating routing misbehavior in mobile ad hoc networks, In Proceedings of the Sixth annual
    ACM/IEEE International Conference on Mobile Computing and Networking, pages 255--265, 2000
•   [4] L. Zhou and Z. J. Haas, Securing Ad Hoc Networks, IEEE Network Magazine, vol. 13, no.6, Nov. /Dec. 1999
•   [5] Akyildiz, I. F., Su, W., Sankarasubramaniam, Y., and Cayirci, E., "Wireless Sensor Networks: A Survey," Computer Networks (Elsevier)
    Journal, pp. 393-422, March 2002
•   [6] http://www-bsac.eecs.berkeley.edu/archive/users/hollar-seth/macro_motes/macromotes.html
•   [7] L. Zhou and Z. J. Haas, Securing Ad Hoc Networks, IEEE Network Magazine, vol. 13, no.6, Nov. /Dec. 1999

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:14
posted:5/18/2012
language:English
pages:12