Presentation is loading. Please wait.

Presentation is loading. Please wait.

Using Directional Antennas to Prevent Wormhole Attacks Lingxuan Hu, David Evans Jason Buckingham CSCI 7143: Secure Sensor Networks November 2, 2004.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Using Directional Antennas to Prevent Wormhole Attacks Lingxuan Hu, David Evans Jason Buckingham CSCI 7143: Secure Sensor Networks November 2, 2004."— Presentation transcript:

1 Using Directional Antennas to Prevent Wormhole Attacks Lingxuan Hu, David Evans Jason Buckingham CSCI 7143: Secure Sensor Networks November 2, 2004

2 Wormhole Attacks Wireless links are inherently vulnerable to eavesdropping and message injection… So, the attacker controls two powerful nodes that are located several hops away from each other Because they are powerful, the two nodes can actually communicate directly The attacker forwards packets through a high quality out-of-band link and replays them on the other end

3 Wormhole Attacks (cont.) Causes routing problems, and enables DOS attacks to be set up Has impact on nodes beyond just X and Y’s neighbors ROUTE REQUEST messages to set up best route from A to B

4 Wormhole Attacks in Sensor Networks In sensor networks, most communication is directed from nodes to a base station An intelligent attacker can use this information to create a devastating wormhole attack.

5 Directional Antennas - Benefits Allow transmissions in a particular direction; thus a higher degree of the spatial medium can be used at once (theoretically fewer collisions when transmitting) Transmission range is usually longer and thus more energy efficient (fewer hops needed) Steered versus Switched Antennas:  Steered antennas provide a high degree of accuracy but are too expensive  Switched antennas allow one of several fixed directional antennas to be selected using a switch. They are less precise but much cheaper. Directional information can be used to limit wormhole attacks!

6 Antenna Model Each node has an antenna with N zones Each zone has a conical radiation pattern, spanning an angle of 2π/N radians When idle, a node listens in omni mode When a message is received, it determines which zone it received the message in, and uses that zone to communicate with the sender Zone 1 always faces east (achieved by magnetic needle)

7 Assumptions & Notation All non-wormhole links are bidirectional Secure links are available between each pair of nodes A, B, CLegitimate Nodes X, YWormhole Endpoints zone & ^zone (if zone=1, then ^zone=4) Zone(A, B) indicates the zone in which node A hears node B neighbors(A, zone) indicates all nodes within one hop of node A in direction zone

8 Directional Neighbor Discovery Protocol A node that initiates the protocol is called the announcer Observation:  relies on all nodes having the same zone orientation

9 Directional Neighbor Discovery Protocol (cont) A->Region HELLO | ID A  The announcer A broadcasts a HELLO message by sequentially sweeping through each antenna in the antenna array N->AID N | E KNA (ID A | R | zone (N, A))  All nodes that hear A’s HELLO reply with information including what zone they heard A’s message in A->NR  A decrypts the message and verifies the ID field, and verifies that it heard the reply from the opposite zone that N heard A. If correct, A adds N to its neighbor set and sends the decrypted challenge nonce back to N. Upon receiving the correct nonce, N adds A to its neighbor list as well.

10 Consequences A node only listens to messages from established neighbors Problems: Attacker can mislead A & C to believing they are neighbors On average, 1/6 of links between the two regions will be accepted through the wormhole Establishing a single wormhole link may be enough!

11 Verified Neighbor Discovery Protocol A valid verifier V for the link A B must satisfy two properties  zone(B,A) ≠ zone (B,V) This ensure that A & V are in different locations (they cannot be coming through a single wormhole)  zone(B,A) ≠ zone (V,A) Node B and V hear node A from different directions. A wormhole can only deceive nodes in one direction.  These properties basically mean that A, B, and V cannot be in a line

12 Verified Neighbor Discovery Protocol (cont) Same first three steps as before N -> RegionINQUIRY | ID N | ID A | zone(N,A)  All neighbor nodes that heard the initial HELLO message broadcast an inquiry in all directions except the received direction and its opposite. V->NID V | E KNV (ID A | zone (V,N))  Nodes that receive the inquiry and satisfy verifier properties respond with an encrypted message N must receive at least one verifier response to continue. If it does, it accepts A as a neighbor and then sends N->AID N | E KAN (ID A | ACCEPT)  After receiving acceptance message, announcer A adds N to its neighbor set

13 Example – verifiers for A B C cannot act as a verifier since zone(B,A) = zone(C,A) Node D can act as a verifier: (zone(B,A) = 4) ≠ (zone(B,D) = 5) (zone(D,A) = 3) ≠ (zone(B,A) = 4) Wormhole cannot convince D and A to accept each other as neighbors because: (zone(D,A) = 3) ≠ (^zone(A,D) = 1)

14 Problems! What’s wrong with the previous protocol??  Susceptible to the Worawonnatai attack!

15 Worawannotai Attack Only succeeds if the victim nodes are unable to communicate directly, but are close enough to have a verifier that can hear both nodes This means A and B must be more than r distance apart, but less than 2r cos(π / 6) = r sqrt(3)

16 New Verifier Requirements zone(B,A) ≠ zone (B,V) zone(B,A) ≠ zone (V,A) zone(B,V) cannot be both adjacent to zone(B,A) and adjacent to zone(V,A) The shaded areas cannot contain any verifiers if A and B are further than r distance apart

17 Discussion These protocols are only effective if an adversary has only two endpoints. If he has as many endpoints as there are zones, he can surround one node with N endpoints and establish a wormhole attack. Protocol overhead is minimal. Normal link discover requires node announcement, challenge, and response. This protocol only adds messages for inquiry, verification, and acceptance. Magnet attacks? They discuss magnets as a possible, but impractical, way of getting around the protocol.

18 Analysis What if legitimate nodes cannot find a verifier?  Loss of a valid link  Nodes near the edge of the network are especially vulnerable to this problem  The probability of this happening is inversely proportional to the density of the network

19 Analysis (cont) Using the Verified Neighbor Discovery Protocol, with an average of 3 omni directional neighbors and 9.72 neighbors within unidirectional transmission range, 14% of links are lost and 1.3% of nodes become completely isolated. Under the Strict Neighbor Discovery Protocol, 58% of links are lost and 5.3% of nodes are completely disconnected.

20

21 Figure 10 above shows the impact of distance between two nodes on their likelihood of establishing a link. Figure 11 below shows the impact of the protocols on network routing (average path length)

22 Directional Errors Caused by small differences in node orientation, antenna alignment and gain, and transmission irregularities. A node lying near the boundary of two adjacent zones may wind up in the wrong zone and thus this link would be lost. Potential Attack: Magnets?

23 Conclusion Directional antennas are less expensive than many localization mechanisms that also offer resistance to wormhole attacks Communication overhead is minimal Minimal loss of network connectivity

Download ppt "Using Directional Antennas to Prevent Wormhole Attacks Lingxuan Hu, David Evans Jason Buckingham CSCI 7143: Secure Sensor Networks November 2, 2004."

Similar presentations

Problems in Ad Hoc Channel Access

Problems in Ad Hoc Channel Access
Chris Karlof and David Wagner

Chris Karlof and David Wagner
Distributed Assignment of Encoded MAC Addresses in Sensor Networks By Curt Schcurgers Gautam Kulkarni Mani Srivastava Presented By Charuka Silva.

Distributed Assignment of Encoded MAC Addresses in Sensor Networks By Curt Schcurgers Gautam Kulkarni Mani Srivastava Presented By Charuka Silva.
Secure Location Verification with Hidden and Mobile Base Stations -TMC Apr, 2008 Srdjan Capkun, Kasper Bonne Rasmussen, Mario Cagalj, Mani Srivastava.

Secure Location Verification with Hidden and Mobile Base Stations -TMC Apr, 2008 Srdjan Capkun, Kasper Bonne Rasmussen, Mario Cagalj, Mani Srivastava.
Denial of Service in Sensor Networks Anthony D. Wood and John A. Stankovic.

Denial of Service in Sensor Networks Anthony D. Wood and John A. Stankovic.
A Survey of Secure Wireless Ad Hoc Routing

A Survey of Secure Wireless Ad Hoc Routing
Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks Mingyan Li, Iordanis Koutsopoulos, Radha Poovendran (InfoComm ’07) Presented.

Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks Mingyan Li, Iordanis Koutsopoulos, Radha Poovendran (InfoComm ’07) Presented.
Containing DoS Attacks in Broadcast Authentication in Sensor Networks (Ronghua Wang, Wenliang Du, Peng Ning) Containing DoS Attacks in Broadcast Authentication.

Containing DoS Attacks in Broadcast Authentication in Sensor Networks (Ronghua Wang, Wenliang Du, Peng Ning) Containing DoS Attacks in Broadcast Authentication.
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
Source-Location Privacy Protection in Wireless Sensor Network Presented by: Yufei Xu Xin Wu Da Teng.

Source-Location Privacy Protection in Wireless Sensor Network Presented by: Yufei Xu Xin Wu Da Teng.
Defending Against Traffic Analysis Attacks in Wireless Sensor Networks Security Team 2009.07.20.

Defending Against Traffic Analysis Attacks in Wireless Sensor Networks Security Team
Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.

Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.
Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1

Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1
Security Issues In Sensor Networks By Priya Palanivelu.

Security Issues In Sensor Networks By Priya Palanivelu.
Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.

Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.
SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.

SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.
NCKU CSIE CIAL1 Principles and Protocols for Power Control in Wireless Ad Hoc Networks Authors: Vikas Kawadia and P. R. Kumar Publisher: IEEE JOURNAL ON.

NCKU CSIE CIAL1 Principles and Protocols for Power Control in Wireless Ad Hoc Networks Authors: Vikas Kawadia and P. R. Kumar Publisher: IEEE JOURNAL ON.
1 Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols Yih-Chun Hu, Adrian Perrig, and David B. Johnson Presenter: Sandeep Mapakshi.

1 Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols Yih-Chun Hu, Adrian Perrig, and David B. Johnson Presenter: Sandeep Mapakshi.
1 Somya Kapoor Jorge Chang Amarnath Kolla. 2 Agenda Introduction and Architecture of WSN –Somya Kapoor Security threats on WSN – Jorge Chang & Amarnath.

1 Somya Kapoor Jorge Chang Amarnath Kolla. 2 Agenda Introduction and Architecture of WSN –Somya Kapoor Security threats on WSN – Jorge Chang & Amarnath.
INSENS: Intrusion-Tolerant Routing For Wireless Sensor Networks By: Jing Deng, Richard Han, Shivakant Mishra Presented by: Daryl Lonnon.

INSENS: Intrusion-Tolerant Routing For Wireless Sensor Networks By: Jing Deng, Richard Han, Shivakant Mishra Presented by: Daryl Lonnon.

Similar presentations

Ads by Google