Security in Wireless Networks Mike Swift CSE 802.11b Summer 2003.

Slides:

Advertisements

Similar presentations

Chris Karlof and David Wagner

Advertisements

Jason Li Jeremy Fowers. Background Information Wireless sensor network characteristics General sensor network security mechanisms DoS attacks and defenses.

Denial of Service in Sensor Networks Szymon Olesiak.

Authors : Chris Karlof, David Wagner Presenter : Shan Bai Secure Routing in Wireless Sensor Networks : Attacks and Countermeasures.

A Survey of Secure Wireless Ad Hoc Routing

CCNPv5 Minimizing Service Loss and Data Theft in a Campus Network 1 Minimizing Service Loss and Data Theft in a Switched BCMSN Module 8 – Sec 2.

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.

Raphael Frank 20 October 2007 Authentication & Intrusion Prevention for Multi-Link Wireless Networks.

Securing OLSR Using Node Locations Daniele Raffo Cédric Adjih Thomas Clausen Paul Mühlethaler 11 th European Wireless Conference 2005 (EW 2005) April

Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.

CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

CS 239: Advanced Security Spring 04 Security in Pervasive and Ubiquitous Environments Sam Irvine

1 Somya Kapoor Jorge Chang Amarnath Kolla. 2 Agenda Introduction and Architecture of WSN –Somya Kapoor Security threats on WSN – Jorge Chang & Amarnath.

Open System Interconnection (OSI) Model

Security & Efficiency in Ad- Hoc Routing Protocol with emphasis on Distance Vector and Link State. Ayo Fakolujo Wichita State University.

© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 6: Securing neighbor discovery.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

© Rabat Anam Mahmood ITTC 1 Resilience To Jamming Attacks Rabat Anam Mahmood Department of Electrical Engineering & Computer Science

ITIS 6010/8010: Wireless Network Security Weichao Wang.

LEAP: Efficient Security Mechanisms for Large-Scale Distributed Sensor Networks By: Sencun Zhu, Sanjeev Setia, and Sushil Jajodia Presented By: Daryl Lonnon.

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures ProtocolRelevant Attacks TinyOS beaconingBogus routing information, selective forwarding,

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Mitigating DoS Attacks against Broadcast Authentication in Wireless Sensor Networks Peng Ning, An Liu North Carolina State University and Wenliang Du Syracuse.

Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.

1 Computer Communication & Networks Lecture 22 Network Layer: Delivery, Forwarding, Routing (contd.)

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

Common Devices Used In Computer Networks

Secure Cell Relay Routing Protocol for Sensor Networks Xiaojiang Du, Fengiing Lin Department of Computer Science North Dakota State University 24th IEEE.

BY MOHAMMED ALQAHTANI (802.11) Security. What is ? IEEE is a set of standards carrying out WLAN computer communication in frequency bands.

Address Resolution Protocol(ARP) By:Protogenius. Overview Introduction When ARP is used? Types of ARP message ARP Message Format Example use of ARP ARP.

SECURITY-AWARE AD-HOC ROUTING FOR WIRELESS NETWORKS Seung Yi, Prasad Naldurg, Robin Kravets Department of Computer Science University of Illinois at Urbana-Champaign.

GZ06 : Mobile and Adaptive Systems A Secure On-Demand Routing Protocol for Ad Hoc Networks Allan HUNT Wandao PUNYAPORN Yong CHENG Tingting OUYANG.

Using Directional Antennas to Prevent Wormhole Attacks Lingxuan HuDavid Evans Department of Computer Science University of Virginia.

A survey of Routing Attacks in Mobile Ad Hoc Networks Bounpadith Kannhavong, Hidehisa Nakayama, Yoshiaki Nemoto, Nei Kato, and Abbas Jamalipour Presented.

MAANAS GODUGUNUR SHASHANK PARAB SAMPADA KARANDIKAR.

1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.

NETWORK COMPONENTS Assignment #3. Hub A hub is used in a wired network to connect Ethernet cables from a number of devices together. The hub allows each.

Authors: Yih-Chun Hu, Adrian Perrig, David B. Johnson

Secure routing in wireless sensor network: attacks and countermeasures Presenter: Haiou Xiang Author: Chris Karlof, David Wagner Appeared at the First.

1 Detecting and Evading Wormholes in Mobile Ad-hoc Wireless Networks Asad Amir Pirzada and Chris McDonald.

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner (modified by Sarjana Singh)

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof David Wagner University of California at Berkeley 1st IEEE International.

Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 28 Omar Meqdadi Department of Computer Science and Software Engineering.

Security in Mobile Ad Hoc Networks: Challenges and Solutions (IEEE Wireless Communications 2004) Hao Yang, et al. October 10 th, 2006 Jinkyu Lee.

Lecture 24 Wireless Network Security

Ad Hoc Network.

Shambhu Upadhyaya 1 Ad Hoc Networks – Network Access Control Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 20)

Denial-of-Service Attacks: Real Vulnerabilities & Practical Solutions Luat Vu Alexander Alexandrov.

Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.

Muhammad Mahmudul Islam Ronald Pose Carlo Kopp School of Computer Science & Software Engineering Monash University Australia.

Computer Science Using Directional Antennas to Prevent Wormhole Attacks Stephen Thomas Acknowledgement: Portions of this presentation have been donated.

NDSS 2004Hu and Evans, UVa1 Using Directional Antennas to Prevent Wormhole Attacks Lingxuan Hu and David Evans [lingxuan, Department.

1 Routing security against Threat models CSCI 5931 Wireless & Sensor Networks CSCI 5931 Wireless & Sensor Networks Darshan Chipade.

Networking Components William Isakson LTEC 4550 October 7, 2012 Module 3.

Role of Router. The Router as a Perimeter Device  Usually the main function of a router is considered as the forwarding of packets between two network.

 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.

Mobile Ad Hoc Networking By Shaena Price. What is it? Autonomous system of routers and hosts connected by wireless links Can work flawlessly in a standalone.

Packet Leashes: Defense Against Wormhole Attacks

Outline Basics of network security Definitions Sample attacks

CSE 4905 Network Security Overview

Computer Networks 9/17/2018 Computer Networks.

* Essential Network Security Book Slides.

Prasad Narayana, Yao Zhao, Yan Chen, Judy Fu (Motorola Labs)

Enhancement to Mesh Discovery

Outline Basics of network security Definitions Sample attacks

Presentation transcript:

Security in Wireless Networks Mike Swift CSE b Summer 2003

Standard Preamble What is different about wireless? –No authentication of access port –Battery-operated devices –Frequent use of broadcast –Easy sniffing / packet injection –Jamming

What are the problems? Denial of service –Battery usage –Physical layer: jamming (not our problem) –MAC layer and up: injected messages Confidentiality / integrity - More or less solved Secure association Routing -Preventing rogues from obtaining routes

Power DOS attacks Turn off antenna to save power –Spoof “no messages” message when awakes –Spoof “message poll” so discarded before awakes –Spoof timer so desynchronizes Receiving / sending packets require power consumption –Attacker can forcer receiver to use use power Send many packets Force it to resend packets Solution: –Power consumption management –Prioritize tasks when limited by power –Authenticate timer messages

MAC Layer DOS Attacks Problem –MAC layer message direct nodes when not to send messages RTS/CTS and NAV in reserve channel –MAC layer state machine directs nodes to ignore future messages Unauthenticated / unassociated state causes packets to be dropped silently States entered as result of unauthenticated messages –Power requirements for DOS very low –Commercial MAC implementations allow sending of arbitrary packets via. aux debug port

Solution to MAC layer DOS attacks Authenticate every messages –Prevents outsider from disassociating / unauthenticating Verify messages –Verify channel in use after RTS/CTS –Verify no more messages after disassociation

General approaches Sign every packet –Prevent attackers from spoofing management packets Authenticate then associate –Allows authentication of association management packets –Prevents any communication before authentication

Secure association How does my TV trust my remote? How does my laptop trust the printer in the airport? How do I get onto a wireless network?

Solutions for ad-hoc networks Location limited channels for key exchange –Physical contact –Direction-specific limited range (IR) –Demonstrative identification – easily visible –Pre-authentication: exchange keys before going wireless Resurrected duckling –First association is binding –Removing binding reincarnates device (loses all state)

Solutions for Access Points Two-layer protocols –Application layer: key negotiation and authentication –Link layer: message integrity and confidentiality Access points allow only limited connectivity before association –Communication only for authentication / address acquisition (DHCP)

Routing Routing works over unknown physical layout –Must infer topology / neighbors from messages sent Attacks: –Corrupting routing updates –Forwarding messages inappropriately (wormhole) Result of attacks –Can force all traffic through a node –Can break reachability

Routing security solutions Solutions: –Cryptography to prevent forging route messages (ask Ratul for details) Ensure that route metrics can only be increased, not decreased Ensure that metrics received along two paths are consistent –Ensure that packets received are physically sent (or possibly physically sent) by in-range sender

Wormhole Attack

Geographic Leashes E computes distance = 408 Distance too far! Requires GPS A(400,150),t1 A B C D(50,10),t2 B C D (400,150) (10,30),t3 (50,10) A(400,150),t1 E

Temporal Leashes E computes t3-t1 > c * max distance : denied E computes t3-t2 < c* max distance: accepted Requires clocks synchronized to 183 ns Requires RT OS/MAC to give deterministic packet delivery/receipt times A,t1 A B C D,t2 B C D E:t3 A,t1 E

General Principals Sign everything Authenticate first Use limited channels for initial authentication Trust, but verify –sender confirms intent to disconnect e.g. no more packets associates to another AP –sender in range