© Lourdes López Santidrián1 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security Ubiquitous and Secure Networks and Services Redes.

Slides:



Advertisements
Similar presentations
Network Security Chapter 1 - Introduction.
Advertisements

Computer Security CIS326 Dr Rachel Shipsey.
Chris Karlof and David Wagner
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
By Md Emran Mazumder Ottawa University Student no:
Public Key Cryptography INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Off-the-Record Communication, or, Why Not To Use PGP
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
Raphael Frank 20 October 2007 Authentication & Intrusion Prevention for Multi-Link Wireless Networks.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
8.1 Learning Objectives To become familiar with the range of security threats faced by networked and distributed systems (DSs); To examine various cryptographic.
Cryptographic Technologies
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J.D. Tygar Research Topics in Security in the context.
Applied Cryptography for Network Security
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.
Security Considerations for Wireless Sensor Networks Prabal Dutta (614) Security Considerations for Wireless Sensor Networks.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
1 Cryptography and Network Security Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed by: Somesh Jha [Lecture 1]
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
Cryptography and Network Security
Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.
IT 221: Introduction to Information Security Principles Lecture 6:Digital Signatures and Authentication Protocols For Educational Purposes Only Revised:
Cryptography, Authentication and Digital Signatures
© Oxford University Press 2011 DISTRIBUTED COMPUTING Sunita Mahajan Sunita Mahajan, Principal, Institute of Computer Science, MET League of Colleges, Mumbai.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Network Security Lecture 23 Presented by: Dr. Munam Ali Shah.
Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner (modified by Sarjana Singh)
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.
Csci5233 computer security & integrity 1 Cryptography: an overview.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
Information Security in Distributed Systems Distributed Systems1.
Security in Wireless Sensor Networks by Toni Farley.
To ensure secure and dependable monitoring of rail cars transporting hazardous materials, providing resiliency against both random and malicious threats.
Ch 13 Trustworthiness Myungchul Kim
Network Security Introduction
7.6 Secure Network Security / G.Steffen1. In This Section Threats to Protection List Overview of Encrypted Processing Example.
1 Routing security against Threat models CSCI 5931 Wireless & Sensor Networks CSCI 5931 Wireless & Sensor Networks Darshan Chipade.
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
Network Security Celia Li Computer Science and Engineering York University.
Security Review Q&A Session May 1. Outline  Class 1 Security Overview  Class 2 Security Introduction  Class 3 Advanced Security Constructions  Class.
IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4.
Dr. Nermin Hamza.  Attacks:  Traffic Analysis : traffic analysis occurs when an eavesdroppers observes message traffic on network. Not understand the.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
Fourth Edition by William Stallings Lecture slides by Lawrie Brown
Cryptography: an overview
Cryptography: an overview
NET 311 Information Security
Cryptography: an overview
Presentation transcript:

© Lourdes López Santidrián1 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security Ubiquitous and Secure Networks and Services Redes y Servicios Ubicuos y Seguros Unit 5: Ubiquitous Systems Security Lourdes López Santidrián

© Lourdes López Santidrián2 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security VULNERABILITIES OF UBIQUITOUS NETWORKS AND SERVICES UNIT 5: Ubiquitous Systems Security

© Lourdes López Santidrián3 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security Why WSN are vulnerable against attacks? The sensor nodes are constrained by: mBattery life. mComputational capabilities. mMemory. mCommunication band. Is easy to physically access to nodes: mHuman or machine can reprogram them. mHuman or machine can destroy them. The communication channel is public. It is difficult to monitor and control the distributed elements.

© Lourdes López Santidrián4 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security Security Threats Common Attacks: mEavesdropping (passive). mData injection (active). mMessage modification (active). mMessage replay (active). Denial of Service Attacks (DoS): mJamming: target the communication channel. mPower exhaustion: target the nodes. Node Compromise: mAn attacker can read or modify the internal memory of a node.

© Lourdes López Santidrián5 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security Security Threats Side-channel Attacks: mMonitoring of the nodes physical properties. mAcquisition of security credentials (secret keys). Impersonation Attacks: mSybil attack (creation of fake identities). mReplication attack (creation of duplicate identities). Protocol-specific Attacks: mRouting protocols. Spoofed Routing Information. HELLO Flood Attack. mAggregation protocols: falsifying information. mTime synchronization protocols.

© Lourdes López Santidrián6 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security Security Services Confidentiality mOnly the desired recipients can understand the message. mMay be not mandatory. Integrity mIf the data produced and sent over the network are altered, the receiver will have a proof. mIn most cases it is a mandatory feature.

© Lourdes López Santidrián7 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security Security Services Authentication mA receiver can verify that the data is really sent by the claimed sender. mIt is mandatory if the network needs a barrier between external and internal members. Authorization mIt states that only authorized entities can be able to perform certain operations. Availability mThe users of a WSN must be capable of accessing its services whenever they need them.

© Lourdes López Santidrián8 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security Security Services Freshness mThe data produced by the WSN must be recent Forward and Backward Secrecy mForward secrecy: where a node should not be able to read any future messages after it leaves the network mBackward secrecy: where a node is not able to read a previously transmitted message. Self-organization mNodes must be independent and flexible in order to react against problems.

© Lourdes López Santidrián9 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security Security Services Auditing mThe elements of a WSN must be able to store any events that occur inside the network. Non-repudiation mA node cannot deny sending a message, or a recipient cannot deny the reception of a message. mEvidence that the message was sent is necessary. Privacy and Anonymity mThe identity of the nodes should be hidden or protected.

© Lourdes López Santidrián10 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security CRYPTOGRAPHIC MECHANISMS AS THE BASIS OF THE SECURITY UNIT 5: Ubiquitous Systems Security

© Lourdes López Santidrián11 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security Secret/Symmetric Key Cryptography K A B K m c = E K (m) m c D K (c) = D K (E K (m)) Confidentiality Integrity

© Lourdes López Santidrián12 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security Secret/Symmetric Key Algorithms Algorithm Time (ms) CPU Cycles Power (μJ) ROM Memory (Kb) SkipJack 2,16 (3)15.925,2 (3)51,4 (3)19 (4) RC5 1,50 (2)11.059,2 (1)36,00 (1)16 (3) RC6 10,78 (5)79.478,7 (5)258,72 (5)16 (3) TEA 2,56 (4)18.874,4 (4)61,44 (4)15,5 (1) XTEA 1,45 (1)12.450,2 (2)40,7 (2)15,5 (1) DES 608,00 (6) ,4 (6)14.592,00 (6)31 (6)

© Lourdes López Santidrián13 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security Public/Asymmetric Key Cryptography KS B A B KS A m KP A KP B …. c = KP B (m) m c KS B (c) = KS B (KP B (m)) Confidentiality Authentication Key agreement

© Lourdes López Santidrián14 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security Public/Asymmetric Key Algorithm Elliptic Curve Cryptography (ECC) TinyECC mECC-based signature generation and verification (ECDSA). mEncryption and decryption (ECIES). mKey Agreement (ECDH).

© Lourdes López Santidrián15 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security Hash Functions One-way functions: mIf we have m (any size) and H hash function (digital fingerprint): h = H(m) with fix size. mIt is almost impossible calculate m from H -1 (h) Can be used to build: m Message Integrity Code (MIC). m Message Authentication Code (MAC). Authentication. Integrity.

© Lourdes López Santidrián16 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security INTRUSION DETECTION UNIT 5: Ubiquitous Systems Security

© Lourdes López Santidrián17 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security Definition of Intrusion Detection Anomaly detection: mAnalyze the network or system and infer what is normal from the analysis. mApplication of statistical or heuristic measures. mIf an event isnt normal generate an alert Misuse detection: mKnow what an attack is. mDetection of attacks.

© Lourdes López Santidrián18 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security ID Components for WSN Neighbor monitoring mWatchdog. Data fusion mLocal: neighboring nodes. mGlobal: overlapping areas. Topology discovery. Route tracing. History.

© Lourdes López Santidrián19 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security SECURITY MANAGEMENT UNIT 5: Ubiquitous Systems Security

© Lourdes López Santidrián20 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security Key Management Key Management Systems (KMS): mCreation. mDistribution. mMaintenance of secret keys. IEEE does not specify how secret keys should be exchanged. A key-exchange protocol is needed: mKey pool Framework. mMathematical Framework. mNegotiation Framework. mPublic Key Framework.

© Lourdes López Santidrián21 Ubiquitous and Secure Networks and Services: Ubiquitous Systems Security Security at WSN Standards Security at WSN Standards IEEE security: mConfidentiality: HW support for AES-128. mIntegrity: MIC or MAC. mReceived Message Authentication: Access Control List (ACL). ZigBee 2006 and 2007 security: mStandard Security. mConfidentiality and Authentication at NWK and APS levels. mAll nodes on the network trust each other. ZigBee PRO security: mHigh Security. mMaster key for Symmetric-Key-Key-Exchange.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.