Denial of Service in Sensor Networks - PowerPoint PPT Presentation

1 / 16
About This Presentation
Title:

Denial of Service in Sensor Networks

Description:

Use error-correcting codes. Exhaustion. Rate limitation. Unfairness. Small frames ... Black Holes. Distance-vector-based protocol weakness ... inadvertent black hole ... – PowerPoint PPT presentation

Number of Views:20
Avg rating:3.0/5.0
Slides: 17
Provided by: wat88
Category:

less

Transcript and Presenter's Notes

Title: Denial of Service in Sensor Networks


1
Denial of Service inSensor Networks
  • Anthony D. Wood
  • and John A. Stankovic

2
Why Security?
  • Battlefield
  • Disasters
  • Protect the location and status of casualties
    from unauthorized disclosure, particularly if the
    disaster relates to ongoing terrorist activities
  • Public safety
  • False alarms about chemical, biological, or
    environmental threats could cause panic or
    disregard for warning systems. An attack on the
    systems availability could precede a real attack
    on the protected resource.
  • Home healthcare
  • Because protecting privacy is paramount, only
    authorized users can query or monitor the
    network. These networks can also form critical
    pieces of an accident-notification chain, thus
    they must be protected from failure.

3
THE DENIAL OF SERVICE THREAT
  • A DoS attack is any event that diminishes or
    eliminates a networks capacity to perform its
    expected function.
  • Hardware failures, software bugs, resource
    exhaustion, environmental conditions, or their
    combination
  • Intentional Attack

4
Adversary Capability
  • Physically damaged or manipulated node
  • May be less powerful than a normally functioning
    node.
  • Subverted nodes (or added ones)
  • Interact with the network only through software
  • As powerful as other nodes
  • Immensely more powerful adversaries
  • Existing wired network with virtually unlimited
    computational and energy resources possible.

5
Attacks on Physical Layer
  • Jamming
  • Defenses
  • Spread-spectrum
  • Region mapping
  • Lower duty cycle
  • Tampering
  • Defenses Tamper-proofing, hiding

6
Link Layer Attacks
  • Collision
  • Use error-correcting codes
  • Exhaustion
  • Rate limitation
  • Unfairness
  • Small frames

7
Network and Routing Attacks
  • Neglect and greed
  • Redundancy, probing
  • Homing/traffic analysis
  • Encryption enough?
  • Misdirection
  • Egress filtering, authorization, monitoring
  • Black holes
  • Authorization, monitoring, probing, redundancy

8
Neglect and Greed
  • Neglect
  • Drops packets arbitrarily
  • Greed
  • Gives undue priority to its own messages
  • Use multiple paths and/or redundant messages to
    mitigate these effects.

9
Homing
  • Geographic forwarding allows attacker to figure
    out where important nodes are.
  • Encrypting headers as well as content might
    alleviate this issue.

10
Misdirection
  • Diverting traffic away from intended destination
  • targets the sender
  • Misdirecting many flows in one direction
  • targets an arbitrary victim (receiver)
  • Defense
  • Egress Filtering
  • Verification of source addresses
  • Legitimately generated from below?

11
Black Holes
  • Distance-vector-based protocol weakness
  • Nodes advertise zero-cost routes to every other
    node.
  • Fixes
  • Authorization
  • Monitoring
  • watchdog the next hop transmission of your
    packets by neighbors
  • Probing
  • Send periodic messages across topology to test
    for blackout regions
  • Redundancy

12
Transport Layer DoS
  • Flooding
  • Client puzzles
  • Make the adversary commit resources
  • Only useful if the adversary has limited
    resources
  • Desynchronization
  • Authentication

13
PROTOCOL VULNERABILITIES
  • Analyzing these vulnerabilities helps show why
    developers should consider DoS susceptibility at
    design time.

14
Adaptive Rate Control MAC Protocol by Woo Cull
  • Give preference to route-through traffic
  • This preserves the networks investment in
    packets that may have already traversed many
    hops.
  • Makes flooding attacks more effective.
  • High bandwidth packet streams that an adversary
    generates will receive preference during
    collisions that can occur at every hop along
    their route.
  • Thus, the network gives preference to malicious
    traffic.

15
RAP
  • Real-time communication architecture
  • query-event service API
  • geographic forwarding
  • Velocity monotonic scheduling (VMS) policy.
  • Originator of message sets deadline, and
    destination
  • VMS layer computes velocity based on time to
    deadline and distance remaining

16
RAP Vulnerability
  • Flood with high velocity packets
  • Set destination at long distance
  • Possibly outside the network
  • Intermediate node adversary could lower the
    velocity of route through traffic
  • Causes missed deadline several hops away
  • If relying on a synchronized clock, attacking
    that mechanism could cause another node to always
    drop
  • inadvertent black hole
Write a Comment
User Comments (0)
About PowerShow.com