Distributed Detection Of Node Replication Attacks In Sensor Networks Presenter: Kirtesh Patil Acknowledgement: Slides on Paper originally provided by Bryan.

Slides:

Advertisements

Similar presentations

Chris Karlof and David Wagner

Advertisements

KEY MANAGEMENT TECHNIQUES IN WIRELESS SENSOR NETWORKS JOHNSON C.LEE, VICTOR C.M.LUENG, KIRK H.WONG, JIANNANO CAO, HENRY C.B. CHAN Presented By Viplavi.

Multicasting in Mobile Ad hoc Networks By XIE Jiawei.

Message Integrity in Wireless Senor Networks CSCI 5235 Instructor: Dr. T. Andrew Yang Presented by: Steven Turner Abstract.

Introduction to Ad-hoc & Sensor Networks Security In The Name of God ISC Student Branch in KNTU 4 th Workshop Ad-hoc & Sensor Networks.

TDMA Scheduling in Wireless Sensor Networks

Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

Distributed Detection of Node Replication Attacks in Sensor Networks Bryan Parno, Adrian Perrig Virgil Gligor Carnegie Mellon UniversityUniversity of Maryland.

Authors : Chris Karlof, David Wagner Presenter : Shan Bai Secure Routing in Wireless Sensor Networks : Attacks and Countermeasures.

Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks Mingyan Li, Iordanis Koutsopoulos, Radha Poovendran (InfoComm ’07) Presented.

1 Secure Sensor Routing A Clean-Slate Approach Bryan Parno, Mark Luk, Evan Gaustad, Adrian Perrig Carnegie Mellon University.

Presented by Guillaume Marceau Using slides from Ivor Rodrigues Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures by Chris Karlof,

© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 4: Naming and addressing.

LOGO Multi-user Broadcast Authentication in Wireless Sensor Networks ICU Myunghan Yoo.

Defending Against Traffic Analysis Attacks in Wireless Sensor Networks Security Team

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.

Using Auxiliary Sensors for Pair-Wise Key Establishment in WSN Source: Lecture Notes in Computer Science (2010) Authors: Qi Dong and Donggang Liu Presenter:

SIA: Secure Information Aggregation in Sensor Networks Bartosz Przydatek, Dawn Song, Adrian Perrig Carnegie Mellon University Carl Hartung CSCI 7143: Secure.

1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.

ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.

Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.

Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.

Security In Wireless Sensor Networks by Adrian Perrig, John Stankovic, and David Wagner.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Wireless Sensor Network Security Anuj Nagar CS 590.

Establishing Pairwise Keys in Distributed Sensor Networks Donggang Liu, Peng Ning Jason Buckingham CSCI 7143: Secure Sensor Networks October 12, 2004.

The Sybil Attack in Sensor Networks: Analysis & Defenses James Newsome, Elaine Shi, Dawn Song, Adrian Perrig Presenter: Yi Xian.

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures ProtocolRelevant Attacks TinyOS beaconingBogus routing information, selective forwarding,

 Structured peer to peer overlay networks are resilient – but not secure.  Even a small fraction of malicious nodes may result in failure of correct.

Computer Science Detecting Malicious Beacon Nodes for Secure Location Discovery in Wireless Sensor Networks Presented by Akshay Lal.

Securing Wireless Mesh Networks By Ben Salem & Jean-Pierre Hubaux Presented by Akilesh Sadassivam (Group Leader) Harish Varadarajan Selvaganesh Dharmeswaran.

On the Node Clone Detection inWireless Sensor Networks.

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

Securing Every Bit: Authenticated Broadcast in Wireless Networks Dan Alistarh, Seth Gilbert, Rachid Guerraoui, Zarko Milosevic, and Calvin Newport.

Secure Cell Relay Routing Protocol for Sensor Networks Xiaojiang Du, Fengiing Lin Department of Computer Science North Dakota State University 24th IEEE.

Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,

Using Directional Antennas to Prevent Wormhole Attacks Lingxuan HuDavid Evans Department of Computer Science University of Virginia.

A Routing-Driven Elliptic Curve Cryptography Based Key Management Scheme for Heterogeneous Sensor Networks Author: Xiaojiang Du, Guizani M., Yang Xiao.

Hao Yang, Fan Ye, Yuan Yuan, Songwu Lu, William Arbaugh (UCLA, IBM, U. Maryland) MobiHoc 2005 Toward Resilient Security in Wireless Sensor Networks.

Computer Science 1 CSC 774 Advanced Network Security Distributed detection of node replication attacks in sensor networks (By Bryan Parno, Adrian Perrig,

Distributed Detection of Node Replication Attacks in Sensor Networks Bryan Parno, Adrian perrig, Virgil Gligor IEEE Symposium on Security and Privacy 2005.

Authors: Yih-Chun Hu, Adrian Perrig, David B. Johnson

The Sybil Attack in Sensor Networks: Analysis & Defenses

Salah A. Aly,Moustafa Youssef, Hager S. Darwish,Mahmoud Zidan Distributed Flooding-based Storage Algorithms for Large-Scale Wireless Sensor Networks Communications,

Securing Distributed Sensor Networks Udayan Kumar Subhajit Sengupta Sharad Sonapeer.

Byzantine fault-tolerance COMP 413 Fall Overview Models –Synchronous vs. asynchronous systems –Byzantine failure model Secure storage with self-certifying.

Detection of Denial-of-Message Attacks on Sensor Network Broadcasts Jonathan M.McCune Elaine Shi Adrian Perrig and Michael K.Reiter.

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner (modified by Sarjana Singh)

Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.

Attacks in Sensor Networks Team Members: Subramanian Madhanagopal Sivasankaran Rahul Poondy Mukundan.

© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 4: Naming and addressing.

Mangai Vetrivelan Snigdha Joshi Avani Atre. Sensor Network Vulnerabilities o Unshielded Sensor Network Nodes vulnerable to be compromised. o Attacks on.

Efficient Distribution of Key Chain Commitments for Broadcast Authentication in Distributed Sensor Networks Random Key Predistribution Schemes for Sensor.

KAIS T SIGF : A Family of Configurable, Secure Routing Protocols for WSNs Sep. 20, 2007 Presented by Kim, Chano Brian Blum, Tian He, Sang Son, Jack Stankovic.

Copyright © 2005 May 5, On the Evolution of Adversary Models for Security Protocols* Virgil D. Gligor Electrical and Computer Engineering University.

Energy Efficient Data Management for Wireless Sensor Networks with Data Sink Failure Hyunyoung Lee, Kyoungsook Lee, Lan Lin and Andreas Klappenecker †

1 An Interleaved Hop-by-Hop Authentication Scheme for Filtering of Injected False Data in Sensor Networks Sencun Zhu, Sanjeev Setia, Sushil Jajodia, Peng.

1 Routing security against Threat models CSCI 5931 Wireless & Sensor Networks CSCI 5931 Wireless & Sensor Networks Darshan Chipade.

A Key Management Scheme for Distributed Sensor Networks Laurent Eschaenauer and Virgil D. Gligor.

A Key Management Scheme for Wireless Sensor Networks Using Deployment Knowledge Wenliang Du et al.

Efficient Pairwise Key Establishment Scheme Based on Random Pre-Distribution Keys in Wireless Sensor Networks Source: Lecture Notes in Computer Science,

Aggregation and Secure Aggregation. [Aggre_1] Section 12 Why do we need Aggregation? Sensor networks – Event-based Systems Example Query: –What is the.

A Secure Routing Protocol with Intrusion Detection for Clustering Wireless Sensor Networks International Forum on Information Technology and Applications.

Ing-Ray Chen, Member, IEEE, Hamid Al-Hamadi Haili Dong Secure and Reliable Multisource Multipath Routing in Clustered Wireless Sensor Networks 1.

Computer Science Least Privilege and Privilege Deprivation: Towards Tolerating Mobile Sink Compromises in Wireless Sensor Network Presented by Jennifer.

Ming Zhang, Vishal Khanapure, Shigang Chen, Xuelian Xiao

Key Management Techniques in Wireless Sensor Networks

Path key establishment using multiple secured paths in wireless sensor networks CoNEXT’05 Guanfeng Li University of Pittsburgh, Pittsburgh, PA Hui Ling.

Presentation transcript:

Distributed Detection Of Node Replication Attacks In Sensor Networks Presenter: Kirtesh Patil Acknowledgement: Slides on Paper originally provided by Bryan Parno, Adrian Perrig and Virgil Gligor By Bryan Parno, Adrian Perrig and Virgil Gligor

Sensor Networks Wireless sensor networks contain thousands of nodes Each node has limited processing, storage capacity and power Low Cost Easy to deploy – No Tamper proof

Replication Attack Capture one node – pressure, voltage and temperature sensing not built-in to detect intrusion – Read memory Replicate nodes – same IDs – Affects data aggregation protocols – Replicated nodes can be used to kick legitimate nodes out (node-revocation protocol)

Outline Introduction Problem Statement and Previous Work Solution Evaluation Discussion IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion

Assumptions Adversary can’t deploy nodes with arbitrary ID – paper assumes n/w implements required safeguards Adversary has limited node capturing capability Cloned node has at least one legitimate node in neighborhood (Can be eliminated) All node know their geographical location and node are primarily stationary IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion

Objectives Detect node replication with high probability Secure against adaptive adversary – Unpredictable to adversary – No central point of failure Minimize communication overhead IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion

Previous Approaches Centralized scheme – Each node sends location to central base station – Central base station examines list for conflicts – Revocation: flood network with authenticated revocation message – Disadvantages: Vulnerable to single point failure – Compromise base station – Interfere with its communication Node surrounding base station – undue routing of traffic Revocation can be delayed – Advantages: 100% detection IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion

Previous Approaches (Contd.) Local Detection Scheme – Neighbor try to detect replicated nodes – Fails to detect distributed node replicated in disjoint neighborhood IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion

Emergent Properties They are properties that only emerge through collective action of multiple nodes Advantages: – No Central Point of Failure – Attractive approach to thwart unpredictable and adaptive adversary IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion

Simple Approach Node-To-Network Broadcast – Each node broadcast location information – 100% detection – Assumption: Broadcast reaches all nodes Attacker can easily jam or interfere with communication IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion

Simple Approach (Contd.) Deterministic Multicast – Node sends location to neighbors – Neighbors choose witness and forward location to them – Problem: Predictable – attacker can jam all messages to witnesses Witnesses become target to subversion IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion

Approach Overview STEP1: Announce location – Sign and broadcast location to neighbors STEP 2: Detect Replicas – Use Emergent properties – Ensure at least one witness receives two conflicting locations STEP 3: Revoke replicas – Flood network with conflicting location claims (signed) IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion

Randomized Multicast Protocol STEP 2 Witness chosen randomly Each neighbor chooses witnesses So n neighbor send location to witnesses By Birthday Paradox – if there are clones then location conflict will occur. Probability of detection IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion

Line Selected Multicast Use routing topology of network to select witnesses All the intermediate nodes between neighbor and witness check for conflict Geometric probability says replicated nodes will be detected IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion

Line Selected Multicast Detection IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion

Line Selected Multicast Detection IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion Y

Line Selected Multicast Detection IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion Y With five line segments per point : 95%

Theoretical Communication Overhead Detection SchemeAverage # of Messages / Nodes Centralized Detection Randomized Multicast Line Selected Multicast IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion

Communication Overhead IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion

Topologies IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion

Probability of Detection in Irregular Topologies IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion

Timing Issue And Masked-Replication How often to perform detection 1.Every T unit of time – node forgets previous claims 2.Time slots Time slots based on ID Witness remember claims during time slot Adversary captures neighbors – Solution: pseudo-neighbors – neighbors ask for location claim IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion

Conclusion And Future Work Use of emergent properties to tackle node replication – High probability of detection – Resilient to adaptive adversary – Minimum communication overhead Scheme assumes captured nodes follow protocol – Implicit sampling to detect nodes that suppress or drop messages IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion

Comments and Questions? IntroductionProblem StatementSolution 1Solution 2EvaluationDiscussion