Secure Routing in Wireless Sensor Network by hrv27156

VIEWS: 28 PAGES: 28

									    Secure Routing in Wireless Sensor
                             Network
                                          Soumyajit Manna
                                       Kent State University



1              Kent State University                       4/2/2010
Outline

       Overview and background

       Statement of routing security problem

       Attacks on sensor network routing

       Attack on specific sensor network protocol

       Countermeasure

    2                         Kent State University   4/2/2010
Overview and Background
       Current Routing Protocol           So for Wireless Sensor
        Goal:                               Network:

       Low Energy                         Current routing protocol not
                                            designed for security & be
                                            insecure
       Robust

                                           Unlike traditional network, they
       Scalable
                                            can’t depend on many available
                                            resources for security
       Low Latency
                                           Goal: to design sensor routing
       Small Footprint                     protocol with security in mind


    3                        Kent State University                       4/2/2010
Problem Statement
       Assumption about underlying network
           Radio link, sensor node and MAC layer are not secured and easily
            tampered
           Base stations and aggregation points can be trusted to some extend
       Different threat models
           Mote class Vs Laptop class
           Inside Vs Outside
       Security goals in this settings
           Reliable delivery of messenger in conventional network
           Sensor network need in-network processing
           Graceful degradation
           Confidentiality Protection against Reply of data packet should be handle
            by higher level
    4                                  Kent State University                   4/2/2010
Attack model

       Spoofed, altered or replay routing information
           May be used for loop construction, attracting or repelling traffic, extend
            or shorten source route
       Selective forwarding
           Refuse to forward certain messengers, selective forwarding packets or
            simply drop them by trying to follow the path of least resistance and
            attempt to include itself on the actual data path flow
       Sinkhole attacks
           Attracting nearly all traffic from a particular area through a specific
            compromised node



    5                                    Kent State University                        4/2/2010
Attack model
       Sybil attacks
           Forging of multiple identities – having a set of faulty entities representing
            through a large set of identities. It undermines assumed mapping
            between identity to entity
       Wormhole attacks
           Tunneling of messages over alternative low – latency links like confuse
            the routing protocol, creates sinkhole
       Hello flood attacks
           An attacker sends or replays a routing protocol’s hello packets with
            more energy
       Acknowledgement spoofing
           Spoof link layer acknowledgement to trick other nodes to believe that
            link or node is either dead or alive

    6                                   Kent State University                      4/2/2010
General sensor routing protocol type

       Flooding

       Gradient

       Clustering

       Geographic

       Energy Aware

    7                  Kent State University   4/2/2010
Protocols used in sensor network

       TinyOS beaconing
       Directed diffusion
       Geographic routing
       Minimal cost forwarding
       Cluster – head – LEACH
       Rumor routing
       Energy conserving topology maintenance




    8                        Kent State University   4/2/2010
Attacks on specific protocols
       TinyOS beaconing:           It constructs a breath first spanning tree rooted
        at base station. Periodically the base station broadcasts a route updates and
        mark the base station as parents and broadcast it .


       Relevant Attack mode:
           Bogus routing information
           Selective forwarding
           Sinkhole
           Wormholes
           Hello floods




    9                                   Kent State University                  4/2/2010
TinyOS beacon

    Spoof information


         Bogus and replayed routing
         information (such as “I am
         base station”) send by an
         adversary can easily pollute
         the entire network.




    10                                  Kent State University   4/2/2010
TinyOS beacon
    Wormhole & Sinkhole Combination

        Tunnel packets received in one
         place of the network and replay
         them in another place

        The attacker can have no key
         material. All it requires is two
         transceivers and one high quality
         out-of-bound channel




    11                              Kent State University   4/2/2010
TinyOS beacon
    Wormhole & Sinkhole Combination

        Most packet will be
         routed to the wormhole

        The wormhole can drop
         packet directly (sinkhole)

        Or more subtly selectively
         forward packets to avoid
         detection



    12                                Kent State University   4/2/2010
TinyOS beacon
    Hello flood attack



        A Laptop class adversary
         that can retransmit a routing
         updates with enough power
         to be received by the entire
          network




    13                              Kent State University   4/2/2010
Direct Diffusion
    Relevant attack

        Suppression – by spoof negative reinforcement
        Cloning – by replay information with malicious listed as base
         station (send both)
        Path influence – by spoof positive or negative reinforcements
         and bogus data events
        Selective forwarding and data tampering – by above attack
         method to put the malicious node in the data flow
        Wormholes attack
        Sybil attack


    14                          Kent State University              4/2/2010
Geographic routing

    GEAR & GPSR
    Cost function depends on destination location and the
     neighbor nodes used to determine next hop
    It uses greedy geographic query routing technique
    Better than Directed Diffusion (e.g. flooding technique)
    It restrict broadcast within sampling region




    15                      Kent State University          4/2/2010
Geographic routing

    Possible attack

        Sybil attack
        Bogus routing information
        Selective forwarding
        No wormhole and
         sinkhole attack




     An adversary may present multiple identities
     to other nodes. The Sybil attack can disrupt geographic and multi-path
     routing protocols by being in more than one place at once and reducing
     diversity. From B-> C, now will go through B-> A3 ->C
    16                               Kent State University              4/2/2010
Geographic routing example 2




 From B -> D, A forge a wrong information to claim B is in (2, 1), so C will
   send packets back to B which cause loop at last.



17                             Kent State University                   4/2/2010
Minimum cost forwarding
    It is an backoff – based cost field
     algorithm for efficiently
     forwarding packets from sensor
     nodes to base station

    Once the field is established
     the message, carrying dynamic
     cost information, flows along
     the minimum cost path in the
     cost field. Each intermediate
     node forwards the message only
     if it finds itself on the optimal path                A = 110, will select B
     for this message.

18                                 Kent State University                       4/2/2010
Minimum cost forwarding
    Possible attacks

        Sinkhole attack
          Mote – class adversary advertising cost zero anywhere in network


        Hello flood attack

        Bogus routing information

        Selective forwarding

        Wormholes


    19                               Kent State University              4/2/2010
LEACH
    It is termed as Low – Energy Adaptive Clustering
     Hierarchy.
        Randomized and self – configuration
        Low energy media access control
        Cluster-head collect data and perform processing then transmit to base
         station.


    Possible attack
        Hello floods: Cluster – head selection based on signal strength what means a
         powerful advertisement can make the malicious attack be cluster – head.
        Selective forwarding
        Sybil attack: Combined with hello floods if nodes try to randomly select cluster
         – head instead of strongest signal strength.

    20                                  Kent State University                      4/2/2010
Rumor Routing
    Designed for query/event ratios between query and event flooding
    Lower the energy cost of flooding




    21                           Kent State University                  4/2/2010
Rumor routing
    Possible attack

        Bogus routing information
            Create tendrils by FWD copies of agent
            Send them as long as possible (TTL)
        Selective forwarding
        Sinkholes
        Sybil
        Wormholes




    22                                Kent State University   4/2/2010
Energy conserving topology
maintenance
GAF                                            SPAN
    Physical space is divided into equal         An energy – efficient coordination
     virtual size squares, where nodes             algorism for topology maintenance
     know its location and nodes with             Backbone for routing fidelity is
     a square are equivalent                       build by coordinators
    Identifies nodes for routing based           A node become eligible to be
     on location information                       coordinate if two of its neighbors
    Dense node deployment hence                   can’t reach other directly or via
     turn off unnecessary nodes ( like             one or two coordinators
     sleep, discovery or active state)            Traffic only routed by coordinator
    Each grid square has one active              Random back off for delay
     node                                          coordinator announcement
    Nodes are ranked with respect to             Hello messenger being
     current state & expected lifetime             broadcasted periodically
    23                              Kent State University                      4/2/2010
Energy conserving topology
maintenance
GAF                                             SPAN

    Possible attack                               Possible attack
        Bogus routing: Broadcasting                   Hello floods: Broadcast n Hello
         high ranking discovery messages                messages with fake coordinator
         , then they can use some                       and neighbors which will
         selective forwarding attack                    prevent nodes from becoming
        Sybil & Hello flood: Target                    coordinators when they should,
         individual grids by a high ranking             then they can use some
         discovery messages with a non                  selective forwarding attack
         – existent node, frequently
         advertisements can disable the
         whole network by making most
         node sleep


    24                               Kent State University                       4/2/2010
Summary of attacks




25            Kent State University   4/2/2010
Countermeasures
    Selective Forwarding can be limited by implementing
     multipath and probabilistic routing.
    Outsider attack like Bogus routing information, Sybil,
     Sinkholes can be prevented by implementing key
     management at the link layer.
    Insider attack like HELLO floods can be prevented by
     establishing link keys with the trusted base station which
     will verifies bidirectional.
    Authenticated broadcast and flooding are important
     primitives.
    Cluster-based protocols and overlays can reduce attack
     for the nodes closer to base station
    26                      Kent State University          4/2/2010
Attacks difficult to defend

    Wormhole are difficult to defend. This type of attack is
     done by mainly laptop-class both from inside and outside.
     To some extend geographic and clustering based protocol
     defend against this attack.




    27                     Kent State University         4/2/2010
Conclusion

    Link layer encryption and authentication, multipath
     routing, identity verification, bidirectional link verifies and
     authenticated broadcast is important.

    Cryptography is not enough for insider and laptop-class
     adversaries, careful protocol design is needed as well




    28                        Kent State University             4/2/2010

								
To top