Computer Science 1 CSC 774 Advanced Network Security Distributed detection of node replication attacks in sensor networks (By Bryan Parno, Adrian Perrig, Virgil Gligor) Presenter: Amit Singh 18 th Nov 2005

Computer Science 2 Outline So, what’s the problem? Classical techniques of replication detection Centralized Scheme Neighborhood voting scheme Randomized multicast Line Selected Multicast Comparisons Conclusion & future work

Computer Science 3 The Problem Tamper resistant hardware is expensive, so most wireless sensor networks are composed of unshielded sensor nodes An adversary can easily attack, analyze and clone the unshielded sensor nodes and create replicas and insert them in the network This gives the adversary to carry on a large class of insidious attacks like disrupting communication, subverting data aggregation, eavesdropping etc.

Computer Science 4 Classical techniques of replication detection Central Detection  Each node sends its list of neighbors to a central base station  Base station searches lists for replicas  Disadvantages: oSingle point of failure oExhausts nodes near base station (and makes them targets) oSome applications may not use base stations Localized Detection  Neighborhoods use local voting protocols to detect replica  Disadvantage: oReplication is a global event that cannot be detected in a purely local fashion

Computer Science 5 Distributed approach Node-to-Network broadcast  Each node floods the network with its location information.  Each node stored the location information of it’s neighbors. If it detects a conflicting claim, the offending node is revoked. Advantages  Achieves 100% detection of duplicate nodes (assuming the broadcast reaches throughout the network) Disadvantages  Each node’s location broadcast requires O(n) messages  Total communication cost is O(n 2 ) messages

Computer Science 6 Notation

Computer Science 7 Deterministic Multicast Protocol  A node broadcasts its location claim, which is sent by its neighbors to a set of deterministically chosen witness nodes  Witnesses are chosen as a function of node ID  If a node is replicated, the witnesses will get more than one location claims for a single node ID which can then be revoked.

Computer Science 8 Deterministic Multicast (contd.) Example Node α sends location claim to node γ, which then computes a set of witness nodes from node id α, F(α)={ω 1, ω 2, …, ω n } and sends the location claim to each node in the set. If α claims to be at more than one location, then the witness nodes will detect it and revoke the node id α. Disadvantage  Since, the set of witnesses is a function of node id, and is deterministic, the adversary can determine the witness node id’s which will become targets for subversion.

Computer Science 9 Randomized multicast ConflictDetected!

Computer Science 10 Randomized multicast (contd.) Overview  Extends the multicast protocol to select witness nodes at random (not deterministically), so that adversary cannot detect their identities  In a network of n nodes, if each neighbor produces √n witnesses, then birthday paradox predicts one collision with high probability  So atleast one witness will receive a pair of conflicting location claims

Computer Science 11 Randomized multicast (contd.) Protocol Description  Each node α sends location claim to each of its neighbors γ 1, γ 2,…,γ n  The location claim has the format   Each neighbor γ i verifies the signature of L α, and will then select g random nodes and will forward the location claim along the path to those nodes.  After receiving the location claim, the witness verifies the signature  It then checks the ID against all the location claims received thus far.  If a match is found, the node ID has been replicated and revocation protocol is invoked by flooding the network.

Computer Science 12 Line Selected Multicast Overview  Location claims from node α to γ, travel through several intermediate nodes as well.  If the intermediate nodes store the location claim, then a line is effectively drawn through the network  If a duplicate location claim crosses the line, it is detected and revocation scheme is invoked.  We only need a few lines to detect duplicate location claims.

Computer Science 13 Line Selected Multicast (contd.) Adversary has created a replica of α, namely α ’ Neighbors β i and β i ’ report claims to randomly selected witnesses γ i and γ i ’ and they intersect at σ γ1γ1 β1β1 α α’α’ γ2γ2 β2β2 β3β3 β1’β1’ β2’β2’ β3’β3’ γ1’γ1’ γ3’γ3’ γ3γ3 γ2’γ2’ Trapped! σ

Computer Science 14 Line Selected Multicast (contd.) Protocol  When α’s neighbors send out location claims to the r witnesses, each node along the route stores a copy of the location claims as well  E.g. β i stores a copy of the location claim before sending it along the path of nodes σ 1, σ 2, σ 3,…, σ m to the witness γ i  Each σ k verifies the signature of the claim, stores a copy in its buffer and forwards it along to σ k+1  However before forwarding, it checks if it already has stored a location claim for this node-id before.  If it finds a conflict, it floods the network with both the signed location claims Lα and Lα’ (un-forgeable evidence) resulting in revocation of α

Computer Science 15 Detection probability vs. topology

Computer Science 16 Communication overhead comparison Randomized multicast scales linearly as the no of nodes increases Line selected multicast scales as √n, so it is more scalable

Computer Science 17 Summary of protocol costs Communication costs are for the entire network Memory costs are per node CommunicationMemory BroadcastO(n 2 )O(d) Deterministic multicastO(g. ln(g√n)/d)O(g) Randomized multicastO(n 2 )O(√n) Line-Selected multicastO(n√n)O(√n)

Computer Science 18 Conclusion Emergent algorithms (randomized and line- selected multicast) utilize the collective efforts of multiple sensor nodes to provide capabilities beyond those of any single node They are robust to individual node failures and avoid the problem inherent in centralized solutions Line selected multicast in particular offers less communication and memory overhead and is an attractive choice for selection

Computer Science 19 Future Work An assumption in the above two schemes is that the replicated nodes continue to follow the protocol. Adversary can suppress or drop messages of location claims to avoid detection of replicated nodes. The protocol needs to be extended to work even in case of such misbehaving nodes by detecting such nodes by secure implicit sampling technique. A periodical sweep of the network for replicas helps in preventing the adversary to establish a significant foothold in the network.