Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Sybil Attack in Sensor Networks: Analysis & Defenses James Newsome, Elaine Shi, Dawn Song, Adrian Perrig Presenter: Yi Xian.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "The Sybil Attack in Sensor Networks: Analysis & Defenses James Newsome, Elaine Shi, Dawn Song, Adrian Perrig Presenter: Yi Xian."— Presentation transcript:

1 The Sybil Attack in Sensor Networks: Analysis & Defenses James Newsome, Elaine Shi, Dawn Song, Adrian Perrig Presenter: Yi Xian

2 Outlines Introduction Three Dimensions of Sybil Attack Taxonomy Attacks –Known & New attacks Defenses –Radio Resource Testing –Random Key Predistribution –Other Defenses DiscussionConclusion

3 Outlines Introduction Three Dimensions of Sybil Attack Taxonomy Attacks –Known & New attacks Defenses –Radio Resource Testing –Random Key Predistribution –Other Defenses DiscussionConclusion

4 Introduction Security in Sensor Network –Wireless network natures –Sensor nodes constraints Sybil Attacks –First described in peer-to-peer networks. –An attack against identity. –A particularly harmful attack in sensor networks.

5 Definition of Sybil Attack In this paper –A malicious device illegitimately takes on multiple identities. –The additional identities are called Sybil nodes. Question: –How does an attacker create Sybil nodes and use them?

6 Outlines Introduction Three Dimensions of Sybil Attack Taxonomy Attacks –Known & New attacks Defenses –Radio Resource Testing –Random Key Predistribution –Other Defenses DiscussionConclusion

7 Sybil Attack Taxonomy Dimension I – Direct vs. Indirect Communication –Direct Communication Legitimate nodes can communicate with Sybil nodes directly. –Indirect Communication One or more of the malicious devices claims to be able to reach the Sybil nodes. Messages sent to a Sybil node are routed through one of these malicious nodes.

8 Sybil Attack Taxonomy Dimension II – Fabricated vs. Stolen Identities –Fabricated Simply create arbitrary new Sybil identities. –Stolen Assign other legitimate identities to Sybil nodes. May go undetected if attacker destroys or disable them. Identity Replication Attack T he same identity is used many times and exists in multiple places in the network. in the network. Is it a Sybil Attack???

9 Sybil Attack Taxonomy Dimension III – Simultaneity –Simultaneous All Sybil identities participate in the network at once. –Non-Simultaneous Only act as a smaller number of identities at any given time by: –Letting different identities join and leave –Or only using each identity once. –Having several physical devices swap identities. Each device may present different identities at different times!

10 Outlines Introduction Three Dimensions of Sybil Attack Taxonomy Attacks –Known & New attacks Defenses –Radio Resource Testing –Random Key Predistribution –Other Defenses DiscussionConclusion

11 Attacks How the Sybil Attack can be used in wireless sensor networks?

12 Known Attacks Distributed Storage –Defeat replication and fragmentation mechanisms Routing –Attack routing algorithm –Geographic routing –Evade misbehavior detection mechanisms

13 New Attacks Data Aggregation –With enough Sybil nodes, an attacker may be able to completely alter the aggregate reading. Voting –Depending on the number of identities the attacker owns, he may be able to determine the outcome of any vote. Either claim a legitimate node is misbehaving or Sybil nodes can vouch for each other…

14 New Attacks Fair Resource Allocation –Using Sybil attack, a malicious node can obtain an unfair share of any resource shard in per-node manner. –Consequently, cause DoS to legitimate node, and also give the attacker more resources to perform attacks. Misbehavior Detection –Sybil nodes could “spread the blame”. –Even action is taken to revoke the offending nodes, the attacker can continue using new Sybil identities to misbehave.

15 Outlines Introduction Three Dimensions of Sybil Attack Taxonomy Attacks –Known & New attacks Defenses –Radio Resource Testing –Random Key Predistribution –Other Defenses DiscussionConclusion

16 Defenses How can we defend against the Sybil Attack??

17 Defenses Two types of ways to validate an identity –Direct validate –Indirect validate

18 Defenses Previous Defense –Resource testing By verifying that each identity has as much of the tested resource as a physical device. Computation, storage and communication Unsuitable for wireless sensor networks –WHY ? The attacker may use a physical device with much higher computation and storage ability! The replies converging at the verifier will result in that part of network becoming congested!!!

19 New Defenses in this paper Radio Resource Testing Random Key Predistribution Registration Position Verification Code Attestation

20 New Defenses in this paper Radio Resource Testing Random Key Predistribution Registration Position Verification Code Attestation

21 Radio Resource Testing Direct validation Assumptions –Any physical device has only one radio –A radio is incapable of simultaneously sending or receiving on more than one channel. The basic idea: –A node assigns each of its n neighbors a different channel. –By challenging a neighbor node on the exclusively assigned channel, a sensor node can detect Sybil nodes with a certain probability.

22 Radio Resource Testing with enough channels Suppose: –s Sybil nodes out of n neighbors. –One channel for each neighbor. Pr (choose a channel is not being transmitted on) = Pr (not detecting a Sybil node) = Repeat test for r round Pr (no Sybil nodes being detected) =

23 Radio Resource Testing with limited channels In case of limited channels, only subset of its neighbors can be tested at one time. Suppose : –n neighbors, s Sybil nodes, m malicious nodes, and g good nodes. –only c neighbors are tested at once, of which there are S Sybil nodes, M malicious nodes, and G good nodes. The probability of a Sybil node being detected is : A malicious node not in the subset being tested can cover for a Sybil node that is being tested by transmitting on the channel that the Sybil node is supposed to be transmitting on…

24 Radio Resource Testing with limited channels Repeating this test for r rounds The probability of a Sybil node being detected is Effective defense against simultaneous direct-communication Variant of the Sybil attack.

25 New Defenses in this paper Radio Resource Testing Random Key Predistribution Registration Position Verification Code Attestation

26 Random Key Predistribution –Each node is assigned a random set of keys or key-related information. –In key set-up phase, each node can discover or compute the common key it shares with its neighbors… –Node-to-node secrecy.

27 Random Key Predistribution Key ideas: –Associating the node identity with the keys assigned to the node. –Key validation, i.e., the network being able to verify part or all of the keys that an identity claims to have. Direct or Indirect Validation? Different variants –Key pool –Single-space pairwise key distribution –Multi-space pairwise key distribution

28 Key Pool Key Pool Scheme –Randomly assigns k keys to each node from a pool of m keys. –During the initialization phase, any two neighbors sharing q common keys can establish a secret link. –Suppose Each node’s identity is the indices in sorted order of keys that it holds. What’s the problem? with multiple compromised keys, the attacker can use any combination of the compromised keys to generate new identity!!!!

29 Key Pool An Extension –Let be the set of keys assigned to ID, ID is the identity of the node, and is the index of its i th key in the key pool, –The set of keys that node ID possesses are determined by: where H is a hash function, and PRF is a pseudo random function. –The index of a node’s i th key, is determined by a pseudo random function with H(ID) as the function’s key, and i as its input.

30 Key Pool An example –Node ID = 30 –Key set = { K 1, K 8, K 12, K 78, …} –Rule: pick the 3 rd indices –How to validate this node ID (= 30) ?? Test whether PRF H(30) (3) = 12 ?? –What properties does this scheme have? Given 12, it is hard to find the key, H(30), for PRF to yield exactly 12. Even known the value of H(30), it s still hard to find that ID = 30.

31 Key Pool What can the attacker do? –Capture legitimate nodes and read off the keys, –Build up a compromised key pool S, –Fabricate usable Sybil identities ID’ to use in Sybil attack, which means ID’ must be able to pass the validation by other nodes. Question: –Given a set of compromised keys S –How difficult for an attacker to generate a usable Sybil identity? –How to evaluate the difficulty?

32 Key Pool How to evaluate the difficulty? –The time complexity to generate a usable Sybil node ID given a set of compromised nodes could be expressed in terms of the probability p that a random identity is a usable Sybil identity. –So, the expected number of times an attacker has to try to find a usable Sybil identity is 1/p. Notation:

33 Key Pool In Full validation case… –Verify every key the identity claims to have. –How does the randomly generated identity ID’ survive the full validation? –ID’ has to satisfy : –Therefore…

34 Key Pool In case each identity is challenged by d nodes. Condition over t, where

35 Key Pool Each identity is challenged by d nodes.

36 Key Pool If tolerate threshold is 2 -64, Full validation: 150 nodes; Full validation: 150 nodes; Partial validation with d = 30, only 30 nodes. Partial validation with d = 30, only 30 nodes.However… –No node-to-node authentication –An attacker may compromise a sufficient fraction of keys

37 Random Key Predistribution In contrast, Pairwise key distribution –Assigns a unique key to each pair of nodes… –Single-space Pairwise Key Distribution –Multi-space Pairwise Key Distribution

38 Single-space Pairwise Key Distribution A sensor node i stores - unique public information U i and private information V i, In bootstrapping phase – nodes exchange public information, – node i compute its key with node j with f(V i, U j ), where f(V i, U j ) = f(V j, U i ) -secure property (Given c compromised nodes) -secure property (Given c compromised nodes) if c <=, a simple direct validation is sufficient; if c >, prone to the Sybil attack. With Perfect resilience Sensor node’s memory constraintSensor node’s memory constraint

39 Multi-space Pairwise Key Distribution To further enhance the security of single- space… In this scheme, each sensor node will be assigned k out of the m key spaces. Key computation –Use single-space scheme, if they have one or more key spaces in common. Properties –Without validation Prone to the indirect-communication Sybil attack. –With validation Indirect validation is necessary to ensure a globally consistency..

40 Random Key Predistribution – Multiple-space Pairwise Key Distribution Probability of fabricating Sybil identities with the multispace scheme. S i – the event that space i be compromised Then, given c compromised nodes, So, we have:

41 Summary of Random Key Predistribution Key Pool –One-way function –Indirect validation Single-space pairwise key distribution – -secure property –Direct validation ensures globally consistent outcome. Multi-space pairwise key distribution –Has to compromise far more than nodes to compromise one space –And compromise k spaces with a probability of around 0.05. –The best among these three approaches.

42 New Defenses in this paper Radio Resource Testing Random Key Predistribution Registration Position Verification Code Attestation

43 Other Defenses Identity Registration –Based on a trusted central authority –However, Attacker may be able to control the good list. Need maintain the deployment information Position Verification –Assume network is immobile. –Verify the physical position of each node. –How to securely verify a node’s exact position is still an open question. –Mobile attacker’s identity needs to be verified simultaneously.

44 Other Defenses Code Attestation –Code running on a malicious node must be different form that on a legitimate node. –The technique is not readily applicable to wireless network. High cost Energy consumption

45 Outlines Introduction Three Dimensions of Sybil Attack Taxonomy Attacks –Known & New attacks Defenses –Radio Resource Testing –Random Key Predistribution –Other Defenses DiscussionConclusion

46 Comparison and Discussion All these Sybil Defenses… * Assume that nodes can only verify the position that they directly communicate with; ** Key predistribution can not stop an attacker from using stolen identities… but it does make it more difficult for the attacker to steal identities in the first place.

47 Outlines Introduction Three Dimensions of Sybil Attack Taxonomy Attacks –Known & New attacks Defenses –Radio Resource Testing –Random Key Predistribution –Other Defenses DiscussionConclusion

48 Conclusions The first paper that systematically analyzes the Sybil attack and its defenses in sensor networks. It introduces a taxonomy of the different forms of the Sybil attack. Several new defenses are proposed.

49 Conclusions In radio resource testing –Based on the assumption that each node has only one channel and can’t send and receive simultaneously on more than one channel. –How a sensor node assigns the radio channels to its neighbors? –The testing process may consumes a lot of battery power In random key predistribution –If some keys are compromised, the attacker may be able to falsely claim the identities of many non-compromised sensor nodes. –It’s not practical in a mobile wireless network environment. Other defenses –Have their own drawbacks and not very applicable in wireless sensor networks…

Download ppt "The Sybil Attack in Sensor Networks: Analysis & Defenses James Newsome, Elaine Shi, Dawn Song, Adrian Perrig Presenter: Yi Xian."

Similar presentations

Chris Karlof and David Wagner

Chris Karlof and David Wagner
Message Integrity in Wireless Senor Networks CSCI 5235 Instructor: Dr. T. Andrew Yang Presented by: Steven Turner Abstract.

Message Integrity in Wireless Senor Networks CSCI 5235 Instructor: Dr. T. Andrew Yang Presented by: Steven Turner Abstract.
Trust relationships in sensor networks Ruben Torres October 2004.

Trust relationships in sensor networks Ruben Torres October 2004.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7.3 Secure and Resilient Location Discovery in Wireless.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7.3 Secure and Resilient Location Discovery in Wireless.
Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.

Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.
Presented By: Hathal ALwageed 1.  R. Anderson, H. Chan and A. Perrig. Key Infection: Smart Trust for Smart Dust. In IEEE International Conference on.

Presented By: Hathal ALwageed 1.  R. Anderson, H. Chan and A. Perrig. Key Infection: Smart Trust for Smart Dust. In IEEE International Conference on.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
A Distributed Security Framework for Heterogeneous Wireless Sensor Networks Presented by Drew Wichmann Paper by Himali Saxena, Chunyu Ai, Marco Valero,

A Distributed Security Framework for Heterogeneous Wireless Sensor Networks Presented by Drew Wichmann Paper by Himali Saxena, Chunyu Ai, Marco Valero,
Sec-TEEN: Secure Threshold sensitive Energy Efficient sensor Network protocol Ibrahim Alkhori, Tamer Abukhalil & Abdel-shakour A. Abuznied Department of.

Sec-TEEN: Secure Threshold sensitive Energy Efficient sensor Network protocol Ibrahim Alkhori, Tamer Abukhalil & Abdel-shakour A. Abuznied Department of.
KAIS T Message-In-a-Bottle: User-Friendly and Secure Key Deployment for Sensor Nodes Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig(CMU), Sensys07 2007.

KAIS T Message-In-a-Bottle: User-Friendly and Secure Key Deployment for Sensor Nodes Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig(CMU), Sensys
The Sybil Attack in Sensor Networks: Analysis & Defenses J. Newsome, E. Shi, D. Song and A. Perrig IPSN’04.

The Sybil Attack in Sensor Networks: Analysis & Defenses J. Newsome, E. Shi, D. Song and A. Perrig IPSN’04.
© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 4: Naming and addressing.

© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 4: Naming and addressing.
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
Detecting Phantom Nodes in Wireless Sensor Networks Joengmin Hwang Tian He Yongdae Kim Department of Computer Science, University of Minnesota, Minneapolis.

Detecting Phantom Nodes in Wireless Sensor Networks Joengmin Hwang Tian He Yongdae Kim Department of Computer Science, University of Minnesota, Minneapolis.
Distributed Detection Of Node Replication Attacks In Sensor Networks Presenter: Kirtesh Patil Acknowledgement: Slides on Paper originally provided by Bryan.

Distributed Detection Of Node Replication Attacks In Sensor Networks Presenter: Kirtesh Patil Acknowledgement: Slides on Paper originally provided by Bryan.
Using Auxiliary Sensors for Pair-Wise Key Establishment in WSN Source: Lecture Notes in Computer Science (2010) Authors: Qi Dong and Donggang Liu Presenter:

Using Auxiliary Sensors for Pair-Wise Key Establishment in WSN Source: Lecture Notes in Computer Science (2010) Authors: Qi Dong and Donggang Liu Presenter:
1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.

1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.
Roberto Di Pietro, Luigi V. Mancini and Alessandro Mei.

Roberto Di Pietro, Luigi V. Mancini and Alessandro Mei.
A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks Wenliang (Kevin) Du, Jing Deng, Yunghsiang S. Han and Pramod K. Varshney Department.

A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks Wenliang (Kevin) Du, Jing Deng, Yunghsiang S. Han and Pramod K. Varshney Department.
Murat Demirbas Youngwhan Song University at Buffalo, SUNY

Murat Demirbas Youngwhan Song University at Buffalo, SUNY

Similar presentations

Ads by Google