Download presentation
Presentation is loading. Please wait.
Published byCarol Wade Modified over 8 years ago
1
Secure routing in wireless sensor network: attacks and countermeasures Presenter: Haiou Xiang Author: Chris Karlof, David Wagner Appeared at the First IEEE International Workshop on Sensor Network Protocols and Applications, May 11, 2003
2
Contribution Propose threat models and security goals for secure routing in wireless sensor networks Introduce seven attack techniques, including two novel attacks, sinkhole and HELLO floods. Present the detailed security analysis of all major routing protocols. Discuss countermeasures and design considerations for security routing protocols
3
Background What is sensor network? Outside Network Base station Sensor node Event Aggregation node
4
Background The properties of sensor network –Sensor Node: Lower-power, Lower-bandwidth, shorter-range Multihop wireless network –Aggregation node: Eliminate the redundancy, saving energy –Base station (Sink) More powerful than sensor nodes
5
Background Security limitation: UC berkeley lab: Mica mote –Limit Power Power: Two AA batteries Only two weeks at full power –Limit memory and computational power 4MHz 8-bit CPU, 4KB RAM, 512KB flash memory
6
Attacks on sensor network routing
7
Spoofed, altered, or replayed routing information Behavior: –Create routing loops, attract or repel network traffic, extend or shorten source routes Goal: –Generate false error messages, partition the network, increase end-to-end latency
8
Example
9
Selective forwarding Behavior: –Malicious nodes may refuse to forward certain messages and simply drop them, ensuring that they are not propagated any further. Goal: –Attempt to include herself on the actual path of the data flow
10
Example Outside Network Base station Sensor node Event Aggregation node Malicious node Drop
11
Acknoledgement spoofing Behavior –Spoof link layer acknowledgments for “overheard” packet addressed to neighboring nodes Goal –Convincing the sender that a weak link is strong or that a dead or disabled node is alive –Enable selecting forward attack
12
Example Outside Network Base station Sensor node Event Aggregation node Malicious node Lost bad node
13
Sinkhole attacks Behavior –Making a compromised node look especially attractive to surrounding nodes Goal –Lure nearly all the traffic from a particular area through a compromised node, create a metaphorical sinkhole with the adversary at the center –Enable selecting forward attack
14
Example Sinkhole attack
15
Wormholes Behavior –Tunnel messages received in one part of network over a low-latency link and replays them in a different part Goal: –May be able to completely disrupt routing if an adversary situated close to a base station –Enable sinkhole attack –Exploit routing race condition
16
Example
17
Sybil attack Behavior –A single node presents multiple identities to other nodes in the network Goal: –Significantly reduce the effectiveness of fault- tolerant schemes
18
Example
19
HELLO flood attack Behavior –A laptop-class attacker broadcasting routing or other information with large enough transmission power could convince every node in the network that the adversary is its neighbor Goal –Enable wormhole attack by broadcasting wormholes
20
Example
21
Summary of attack
22
Countermeasures
23
Outsider attacks and link layer security Solution: –Global share key: link layer encryption and authentication Limitation: ineffective –Wormhole and HELLO flood attack –Insider attack or compromised node
24
Sybil attack Solution –Every node share a unique symmetric key with base station –Two node establish a shared key and verify each other’s identity –Base station limit the number of neighbors around a node –When a node is compromised, it is restricted to communicating only with its verified neighbors Limitation –Adversary can still use a wormhole to create an artificial link between two nodes to convince them
25
HELLO flood attacks Solution: –Verify the bidirectionality of a link before taking meaningful action –Every node authenticate each of its neighbors with an identity verification protocol using a trusted base station
26
Wormhole and sinkhole attacks Solution –Design routing protocols which avoid routing race conditions and make these attacks less meaningful Geographic routing protocols: construct a topology on demand using only localized interactions and information
27
Selective forwarding Solution: –Multipath routing: message routed over n paths whose nodes are completely disjoint –Nodes dynamically choose a packet’s next hop probabilistically from a set of possible candidates Limitation: –Completely disjoint paths is difficult to create
28
Countermeasure summary AttacksCountermeasure Outersiders, Sybil, HELLO floods, ACKs spoofing Link-layer encryption and authentication, multipath routing, identity verification, bidirectional link verification, authenticated broadcast Sinkhole attack wormhole attack Geographic routing protocols
29
Strength Demonstrate current routing protocols for wireless sensor networks are insecure Provide several countermeasures to against attacks: link layer encryption and authentication and so on
30
Questions?
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.