Title: Security in Wireless Sensor Networks
1Security in Wireless Sensor Networks
Professor Jack Stankovic Department of Computer
Science University of Virginia October 25, 2004
2Security
- Complex, many aspects to consider
- General, complete solution is unlikely
- Opportunity to address this properly from the
start! - Targeted solutions for targeted attacks
- Reasonably secure WSN
3Ad Hoc Wireless Sensor Networks
- Sensors
- Actuators
- CPUs/Memory
- Radio
- Minimal capacity
- 1000s
Self-organize
4Mica2 and Mica2Dot
- ATMega 128L 8-bit, 8MHz, 4KB EEPROM, 4KB RAM,
128KB flash - Chipcon CC100 multichannel radio (Manchester
encoding, FSK). 50 ft and up.
5Sensor Board
6Sensor Board
7Applications
8Outline
- Motivating Application
- Overview of the Security Problems in WSN
- Routing
- SPEED
- RAP
- IGF
- Denial of Service
- Jamming
- Potential Future Approaches
- Secure Group Management
- Exploit Physical Properties
- Summary
9Energy Efficient Surveillance System
1. An unmanned plane (UAV) deploys motes
Zzz...
Sentry
2. Motes establish a sensor network with power
management
3. Sensor network detects vehicles and wakes up
the sensor nodes
10General Security Issues
- New (severe) constraints (memory, bandwidth, cpu
processing speeds, power, ) - Lightweight solutions required
- Symmetric cryptography (asymmetric crypto is too
expensive) - Physical Environment
- Faults versus attacks
- Cheap to attack
11Specific Security Problems
- Routing and/or Backbone Disruption
- Denial of service
- Jam
- Prevent wake-up
- Prevent sleep (dies soon)
- Modify group management information
12Specific Security Problems
- System Initialization (re-sync messages and
centralized base stations) - Clock Sync
- Neighbor Discovery
- Localization
- Etc.
13Communication Scenarios
- Confidentiality (eavesdrop)
Node2
Base Station
Msg
Node1
Adversary
14Communication Scenarios
Base Station
Msg1
Msg1
Node1
Adversary
15Communication Scenarios
I am the Base Station
Node 1
Base Station
Node 2
Adversary
Node 3
Reprogram system Reset system parameters
Node 4
16Attack HELLO floods
- Hello packets to announce presence of a node
- Assumption the sender of a received packet is
within normal radio range - False! A powerful transmitter could reach the
entire network - Disrupts routing paths
17Summary- Basic Problems
- Vulnerability of channels (eavesdrop and inject
fake messages) - Vulnerability of nodes (capture, modify messages,
re-route) - Absence of infrastructure (e.g., no centralized
certification authorities) - Dynamically changing topology (difficult to
distinguish between dynamics and attacks) - Minimum capacity devices
- Drain batteries
- Real-Time slow packets down
18Routing - Network Assumptions
- Attacker has similar capabilities (HW)
- Nodes can be turned
- Tamper resistant nodes are not realistic
Many routing protocols have been proposed for
WSN, but (almost) none with security as a goal !
Examples GF, AODV, DSR, DD, SPEED, RAP, IGF,
19Route Where
- Each node to base station
- Nodes to aggregation points and then from
aggregation point to base station - Between 2 (n) nodes (peer to peer)
- Between 2 (n) areas
- Among all members of a (dynamic) group
20SPEED
USE VELOCITY
21SPEED
- SPEED A Protocol for Real-Time Communication in
Sensor Networks. Uses local neighbor tables
Strong Back-Pressure (Congestion)
Uniform Back-Pressure
22SPEED
7
11
Packet
Destination
5
9
Packet
2
Delay
3
10
Source
Boo
23Attacks
- Change neighbor information
- Change delay
- Change velocity set point
- Change last mile processing
- Slow down packets
- Inject false packets
24Solutions for SPEED
- Authenticate neighbors as true neighbors and on
routing table data updates (e.g., delays) - Timestamp to prevent replay attack
- Confidentiality - Encrypt last mile information
- Encrypt data
- Global set point setup and any changes must be
authenticated (or not permitted) - Overhear to determine if attacker is acting like
a sinkhole (black hole)
25RAP Prioritized Packets
D
dis 90 m D 2 s V 45 m/s HIGH Priority
E
A
C
B
dis 60 m D 2 s V 30 m/s LOW Priority
26RAP
- RAP A Real-Time Communication Architecture for
Large-Scale Wireless Sensor Networks.
Respecting Deadlines and Priorities
Packets with Different Velocities
27Attack
- Modify priorities
- Short deadline
- Long distance
- Inject packets with high priorities (denial of
service) - Etc.
28Solutions for RAP
- Encrypt velocity field
- Authenticate packets and drop those from an
attacker
29Solutions
- SPINS
- uTESLA
- Provides authenticated streaming broadcast
- SNEP
- Provides data confidentiality, two-party data
authentication and data freshness - Routing protocol using the above building blocks
30Solutions
- Mobile Ad hoc Wireless
- SEAD
- Ariadne
- SRP
- Etc.
- WSN
- TinySec link level encryption
- LiSP
- Etc.
31Geographic Forwarding (GF)
- GF always chooses a node that is closest to the
destination. - Every node knows its location.
s
d
32Implicit Geographic Forwarding
- Tackle the rapid dynamics found in WSNs
- To deal with
- Power Down Nodes (Sleep mode)
- Node Mobility
- Node Failure
- Scale
- Lazy Binding (to the nth degree)
- State Free no routing tables
33IGF
Asleep
Moving Away
- IGF is a combined Routing/MAC protocol
- Eligible nodes - 60 degree cone (shift cone if
necessary) - RTS - set timer based on distance and energy
remaining
34IGF Implicit Security Properties
- No routing tables maintained
- Routes cannot be corrupted in this manner
- Impact of intruder limited to neighborhood
- No dissemination of route information
35IGF Security Problems
- Intruder is unchecked in neighborhood
- Pretend it is in various places (Sybil attack)
- Answer multiple times
- Always answer first (will die more quickly)
- Jam cant do much (will die quickly)
- Eavesdrop (assume encryption)
36Solution Approaches
- Prevent sender from choosing the adversary for
the next hop - Reduce probability of selecting the intruder
37Solutions
- Soln 1 Authenticate after the CTS
- Soln 2 Overhear if attacker does not transmit
or changes the packet choose another node - Soln 3 Choose nth or random responder, not the
first
38Solutions
- Soln 4 Use Power level to detect Sybil attack
- Attacker could adjust power levels but could not
be sure that they would reach the sender - Soln 5 Select n nodes to forward message to
(assume at most 1 attacker)
39Solutions
- Soln 6 Verify location
- Angle of arrival
- Directional antenna (to send RTS and receive CTS)
- Use overhearing all nodes in cone should
overhear each other and if intruder is outside
cone some nodes will not hear
40Solutions
- Soln 7 Omit destination altogether
- Intruder has to guess the right direction or send
6 messages - Intruder could infer proper forwarding sector
based on history of message streams
41Summary - Secure IGF
- Attack Model
- Insert or subvert a normal mote
- Inherently Good Properties
- No routing tables at all
- Contains attacks to limited area
- Attacks Possible
- Greedy attacker sends CTS immediately
- If it gets packet drop alter
- Sybil attack
42Denial of Service
Ref Denial of Service in Sensor Networks Wood
Stankovic
43The Jamming Problem
- Jamming disrupts communication around the source
44Solution Overview - Mapping
45Value - A Mapping Service
- Map jammed-area and export to other modules
- Value
- Report jammed area to base station
- Send in vehicle to find/destroy jammer
- Route around jammed area
- Lower duty-cycle to save energy
- Redirect any queries to services in the jammed
area - Expose area as programmer-accessible entity
46Jam Detection
- Highly decentralized algorithm
- Loose group semantics, eager eavesdropping, uses
local information, robustness to packet loss and
failure, works with partial mappings - Performance (example)
- When neighbor density is moderate, converges to a
single mapping group in 1.5 5 seconds - Function of size of jammed area
- Robust to failure rates of 20 25
47Mapping Algorithm Overview
- Jamming Detection
- Group Formation
- Receive JAMMED message
- Receive BUILD message
- Coalescing groups
- Bridging groups
48Algorithm Jamming Detection
Attempting to send a message
- if (wireless channel is busy for longer than
250ms) - if (near epicenter of jamming)
- sleep for awhile
- else
- send blind JAMMED msg to neighbors ltID
locationgt
// Based on signal strength
49Example Jamming Detection
- J1-3 and others are jammed by adversary
- Jamming is detected using heuristics
- Jammed nodes blindly report their IDs and
locations
J3
M3
J2
JAMMED
M2
J1
M1
50Algorithm Group Formation
Received JAMMED message from Ji
- for all local groups Gk
- if (Ji is compatible with Gk)
- add Ji to group Gk
- join Gk if not already a member
- if (no compatible groups found)
- create and join new group
- send BUILD msg after announce timer
- ltGk jammed nodes subsumed group IDsgt
// Find compatible group // or create new one
51Example Group Formation
- Neighbors M1-3 receive JAMMED messages
- Neighbors create groups G1-3 and store direction
vectors - Mappers set announce timers
- M2 sends a BUILD message first, containing ltG2
J2gt
J3
M3
ltG3 J3gt
J2
BUILD
M2
J1
ltG2 J2gt
M1
ltG1 J1gt
52Algorithm Group Formation
Received BUILD for Gj (1/2)
- if (no local group Gj)
- create group Gj from msg
- else
- save group information in message
- wait
// Create Gj or save contents of message
53Example Group Formation
- Neighbors store G2 information
- M1 also announces G1 to neighbors
J3
M3
ltG3 J3gt
J2
BUILD
ltG2 J2gt
M2
J1
ltG2 J2gt
BUILD
ltG2 J2gt
ltG1 J1gt
M1
ltG1 J1gt
54Algorithm Group Formation
Received BUILD for Gj (2/2)
- if (Gj is compatible with another local group
Gk) - if (this node is a member of Gj or Gk)
- wait short delay and coalesce(Gj, Gk)
- else if (have heard a PROBE msg)
- wait long delay and coalesce(Gj, Gk)
- if (this node is on the edge of Gj)
- schedule PROBE msg to be sent
-
- if (this node is member of Gj AND msg not seen
before) - relay msg using current local state of Gj
// Compare neighbors // with direction vector
// Relay the message
55Algorithm Coalescing
coalesce ( Gj, Gk)
- if (Gj, Gk still compatible and active)
- choose dominant group Gd group with highest
ID - merge jammed nodes into Gd
- merge subsumed group IDs into Gd
- if (not a member of Gi or Gk)
- join Gd as bridge member
- send BUILD msg ltGd merged jammed list
merged group listgt
56Example Coalescing
J3
ltG3 J3,J2 G2gt
- M3 compares direction vectors of G2 and G3
- M3 starts coalesce timer since they are
compatible - M3 sends a BUILD message containing the dominant
group - ltG3 J3,J2 G2gt
- M2 receives the BUILD and merges G2 into G3
- M2 is a member of G2, and so relays the message
- Neighbors also merge G2 into G3
M3
ltG3 J3gt
J2
BUILD
ltG2 J2gt
M2
J1
ltG2 J2gt
ltG3 J3,J2 G2gt
ltG2 J2gt
ltG3 J3,J2 G2gt
ltG1 J1gt
M1
ltG1 J1gt
57Example Probing and Bridging
J3
ltG3 J3,J2 G2gt
- M1 eventually sends a PROBE, since it is on the
edge of its group G1 - Neighbor receives the PROBE and sets a long
coalesce timer for G1, G3 - B1 coalesces G1 and G3 when the timer expires,
joining as a bridge node - B1 sends a BUILD message containing the dominant
group - ltG3 J3,J2,J1 G2,G1gt
M3
J2
M2
J1
BUILD
ltG3 J3,J2 G2gt
B1
PROBE
ltG3 J3,J2 G2gt
ltG3 J3,J2,J1 G2,G1gt
ltG1 J1gt
M1
ltG1 J1gt
58DoS Regions Mapped
59Future Solutions/Directions
- Relaxed Group Semantics
- Exploit Physical properties
60Group Management
IR Camera
Leader
Follower
Member
Node
61Group Management
IR Camera
Leader
Follower
Member
Node
62Examples Tracking andMap Regions
Base Station
63Group Semantics - Operations
64Group Management
- History
- Many group management and group communication
protocols - Internet community
- Infrequent membership changes
- Strong atomicity
- Ordering semantics
- Careful membership control
- Protocols operate under various fault models
65Example Consensus
- Classical consensus all correct processes agree
on one value - No power constraints
- No real-time constraints
- Does not scale well to dense networks
- Approximate agreement (some work here) - on sets
of values (physical quantities) - New Solutions ?
66New Concept of Consensus
Classical
New Definitions
- Termination every correct processor eventually
decides some value - Uniform Agreement no two processors decide
differently - Group Membership join/leave - everyone knows who
is in the group
- Termination at least n correct processors
decide some value by time t - Group Agreement at least n processors decide the
same value within epsilon - Area/Function Membership join/leave an area or
by function
67Solutions - CLIQUES
- Assume knowledge of membership
- Uses a group controller to manage member
additions/removals - Each node does expensive computation and sends to
others (multi-round) - Each member provides a share of secret
- Final group key
68New Solutions Required
- Without knowledge of membership
- Inexpensive computation
- One (or few) round(s)
- Can proceed with partial collection of shared
keys - Groups tied to geography ?
69Exploit Physical Properties
- Physics
- Momentum, velocity, temperature readings, energy,
continuity, - Location
- You cant be where you say you are
- Time (and time validity of data)
- Protect for short periods of time
- Differentiated security
- Redundancy / High Density
- Cross check
70Exploit Physical Properties
- Strength of Signal
- Too powerful looks like jammer or hello attack
- Overhearing
- Detect black holes, sink holes, changed messages
- Directional Antenna
- For localization
- Neighbor discovery (in correct direction)
71Summary - Security
- New security models needed
- Efficient key distribution schemes required
(static and dynamic) - Solve data integrity, routing, secure groups,
denial of service - Can new solutions exploit physical properties?
- Provide multiple layers of defense
- Securing every message, data item etc is probably
not possible however, the aggregate performance
of the system needs to be secure
72Two Perspectives
- WSN used for security
- WSN subject of attacks
73Wireless Sensor Networks Unlimited
potential The next Internet (in terms of
impact)
If we can solve the Security and Privacy Problems