Secure Localization Algorithms for Wireless Sensor Networks proposed by A. Boukerche, H. Oliveira, E. Nakamura, and A. Loureiro (2008) Maria Berenice Carrasco
Outline Motivation (from two perspectives) Secure Localization – Overview – Known attacks – Solutions Location Verification Design considerations Conclusions
Motivation Applications : Data fusion –Locations and timestamps Other communication protocols –Routing, location-based authentication.etc. Why is Localization important? – Popularity of wireless sensor networks (WSN) Hostile environments Monitoring & control applications –Military fields, monitoring of structures, etc. – The knowledge of sensor’s locations is required by
Motivation Why is Security important? – Vulnerability of WSN Remote environments Broadcast nature of the channel – What an attacker can potentially do? Physical manipulation Jamming Injecting code – As a result… Wrong results: wrong decisions GOAL: Make the node think it is somewhere different from actual location
Secure Localization Goal: To guarantee correctness despite of the presence of intruders Network model: Beacons: GPS or manual configuration Common nodes: requesting Classification: Range-based localization: Distance Range-free localization: No connectivity information o Node-centric o Infrastructure-centric: BS, CA Relative Localization
Secure Localization General Process has two phases: 1.Information Collection: distance/angle measure –# of hops, RSSI, ToA, AoA Range-free ignores this phase 2.Location Computation: include reference points Triangulation Trilateration
Secure Localization Known Attacks – Consider an insider Vs. an outsider – Reply attack Jams the transmission Waits (extra delay) Replays the same packet pretending to be the sender Inaccurate location estimation
Secure Localization Known Attacks – Range-change attack Special case of the Replay attack Increase/decrease range measurements – Impersonation Victims: mostly beacon nodes – Sybil attack Claims multiple identities
Secure Localization Known Attacks – Wormhole attack Tunnel Jams packets Replays packets through this tunnel
Secure Localization Solutions – Cryptography Against impersonation and data corruption Use of : –Authentication »Verify the sender –Data integrity »Data is unchanged »Example: distance bounding (based on SEAD)
Secure Localization Solutions – Cryptography (continued) Symmetric cryptography –Common private key –WSN are resource-constrained Pre-deployed keys Functions to derive keys: Storage Complexity Compromised nodes defeat this mechanism
Secure Localization Solutions – Misbehavior Detection and Block Against compromised nodes Observe behavior of nodes Detect and revoke misbehaving nodes Some techniques –RTT observation between two neighbors »Assumption: extra delay of a replay attack –Reputation-based mechanism »Beacon monitors its neighborhood -> table
Secure Localization Solutions – Robust Position Computation Filter erroneous information during computation Assumption: Good nodes > Malicious nodes Statistical techniques –Least Squares Method
Location Verification BS also learn sensors’ locations – Data Aggregation Must verify the location claimed is correct – Did the event really happened there? An approach: The Echo Protocol – Check if the node is inside the claimed region – Two types of nodes: p (prover) and v (verifier) – Consider c (speed of light) and s (speed of sound)
Location Verification An approach: The Echo Protocol (continued) – Intuition (Simple Case) v only verifies provers inside R If p is able to return the packet in sufficient time, then v is sure that p is within d(v,l) meters of v Otherwise: p is further away or processing delay
Design Considerations No system is totally safe – Network model & adversary model Level of security Vs. Available resources – Particular application – Range-based : Distance bounding: HW with nanosecond precision – Asymmetric cryptography More robust but energy consuming
Design Considerations Who initiates the secure localization process? – On-demand – Periodic process Useful domain for an intruder – Use only beacon nodes – Use beacon nodes and also nodes with known positions as reference points
Conclusions It is not feasible to use tamper-resistant hardware – Low cost of sensor nodes – Massive deployment Trade-off required – Accuracy demanded by the application – Available resources – Environment Combination of techniques is desirable