The Sybil Attack in Sensor Networks: Analysis

1
The Sybil Attack in Sensor Networks Analysis
Defenses

• J. Newsome, E. Shi, D. Song and A. Perrig
• IPSN04

2
Overview

• Sybil Attack Taxonomy
• Attacks
• Defenses
• Radio Resource Testing
• Random Key Predistribution
• Other Defenses

3
Sybil Attack

• A malicious node behaves as if it were a large
  number of nodes
• Impersonating
• False identities
• Terminologies
• Malicious node
• Sybil node
• Usable Sybil identity

4
Taxonomy

• Direct vs. Indirect Communication
• Fabricated vs. Stolen Identities
• Simultaneous vs. Non-Simultaneous

5
Attacks

• Distributed Storage
• Routing
• Multipath or dispersity routing
• Voting
• Fair Resource Allocation
• Misbehavior Detection

6
Defense

• Validate only one identity per physical node
• Direct Validation
• Indirect Validation
• Previous Defense Resource Testing
• Computation
• Storage
• Communication

7
Radio Resource Testing

• Assumption
• any physical device has only one radio
• a radio is incapable of simultaneously sending or
  receiving on more than one channel

8
Random Key Predistribution

• Key Ideas
• Associating the node identity with the keys
  assigned to the node.
• Key validation verify part or all of the keys
  that an identity claims to have.
• Key Pool
• Single-space Pairwise Key Distribution
• Multi-space Pairwise Key Distribution

9
Key Pool

• Set of keys assigned to ID
• Set of the keys that node ID possesses are
  determined by
• A usable Sybil identity must be able to pass the
  validation
• Full Validation
• Partial Validation

10
Key Pool (cont. 1)

• Full Validation
• Partial Validation its d neighbor nodes
• ID can survive the validation of ID0 iff.

11
Key Pool (cont. 2)
12
Key Pool (cont. 3)

• m 20000, k 200, l k 200. If Pr 2-64
• Full Validation c 150
• Partial Validation c 30 (d 30)

13
Single-space Pairwise Key Distribution

• Traditional approaches
• f(Vi, Uj) f(Vj, Ui)
• ?- secure property nothing or ALL!
• A new approach proposed by Chan et al.
• No such problem always nothing.
• The network size is limited by l and Pr(any 2
  nodes are connected)

14
Multi-space Pairwise Key Distribution

• Combination of key pool and single space approach
• Without validation
• With validation
• Given c, Pr(space i is compromised)

15
Multi-space Pairwise Key Distribution (cont.)

• Pr(at least k spaces compromised)lt

• m 50, k 4, ? 49, l 200
• Compromise 400(w/o V) 465(w/ V), Prlt0.05

16
Other Defenses

• Registration
• A trusted central authority
• Position Verification
• Upper bound for the sensor density
• Code Attestation
• Different code in malicious node
• Verify memory content

17
Comparison of Sybil Defenses
Defense Who Can Validate Remaining Sybil Vulnerabilities
Radio Neighbors Indirect Com., Non-Simult.
Position Verification Neighbors Indirect Com.
Registration Anyone Stolen IDs
Key Predistribution Anyone w/shared keys Stolen IDs
Code Attestation Anyone None
18
Summary

• Main Ideas
• Explore Sybil attack problem in sensor network
  environment
• Modify the existing key pool scheme to defend
  against the Sybil attack

19
Thank You!