Denial Of Service in Sensor Networks - CSE Buffalo
Download
Report
Transcript Denial Of Service in Sensor Networks - CSE Buffalo
ADVANCED TOPICS
Shambhu Upadhyaya
Computer Science & Eng.
University at Buffalo
Buffalo, New York 14260
Shambhu Upadhyaya
1
Mesh Networks
and Security
Shambhu Upadhyaya
2
What are Wireless Mesh Networks?
Similar to Wi-Fi Networks
Instead of multiple wireless hotspots (WHS),
WMNs use one WHS and several transit access
points (TAP), also called routers
Clients connect to TAPs, which connect
wirelessly to the WHS either directly or
multi-hopping over other TAPs
Shambhu Upadhyaya
3
WMNs
WMN provides reliability through redundancy
It is a special case of wireless ad hoc networks
Wireless mesh networks can be implemented
with various wireless technologies including
802.11 (802.11s), 802.15, 802.16
Examples
MIT RoofNet (2001)
Quail Ridge WMN (QuRiNet) at Napa Valley, CA
(2004)
Also useful in smart grid for automatic meter reading
Shambhu Upadhyaya
4
Advantages/Disadvantages
•
Advantages
The TAPs themselves are cheaper than WHS
Since TAPs communicate by wireless signals, they
do not require cabling to be run to add new TAPs
• Allows for rapid deployment of temporary
networks
Disadvantages
TAPs are often placed in unprotected locations
Lack of physical security guarantees
Communications are wireless and therefore
susceptible to all the vulnerabilities of wireless
transmissions
Shambhu Upadhyaya
5
Three Security Challenges
Posed by WMNs
Securing the routing mechanism
Detection of corrupt TAPs
WMNs rely on multi-hop transmissions over a
predominantly wireless network
Routing protocol is very important and a tempting target
The TAPs are likely to be stored in unprotected locations,
so they may be easily accessed by malicious entities and
can be corrupted or stolen
Providing fairness
The protocol needs to be designed to distribute
bandwidth between the TAPs in a manner fair to the
users to prevent bandwidth starvation of devices far from
the WHS
Shambhu Upadhyaya
6
Fairness
There are several ways in which bandwidth can
be distributed among TAPs
• What may be the best solution is to
distribute bandwidth proportional to the
number of clients using a TAP
Shambhu Upadhyaya
7
Attack Model
Four simple types of attacks possible
The first attack is removal and
replacement of the device
easily detected by change of topology
Access the internal state of the device
Modify internal state
Clone TAPs
Other sophisticated attacks possible
Blocking attacks, black hole, sybil, etc.
Shambhu Upadhyaya
8
Access Internal State
This is a passive attack and is difficult to
detect
In this attack the attacker need not
disconnect the device from WMN
Even the disconnection cannot be
detected
The effect of the attack can be reduced
by changing the TAP data at regular
intervals
Shambhu Upadhyaya
9
Modify Internal State
In this type of attack, the attacker
can modify the routing algorithm
This type attack also changes the
topology
It can also be detected by WHS
Shambhu Upadhyaya
10
Clone TAP
In this type of attack the attacker is
able to create a replica of the TAP
and place this in a strategic location
in WMN
It also allows the attacker to inject
some false data or to disconnect
some parts of network
It can damage the routing
mechanisms but can be detected
Shambhu Upadhyaya
11
Jamming and Countermeasure
The first diagram shows the attack by the
adversary
The second diagram shows the protection
measure for this attack after detection
Shambhu Upadhyaya
12
Attacks on Multihop Routing in
WMN
Rational attack vs. malicious attack
A rational attack
Does only if misbehaving is beneficial in terms of
price, QoS, or resource saving
For instance, force the traffic through a specific TAP
in order to monitor the traffic of a given mobile client
or region
A malicious attack
Involves partitioning the network or isolating the
TAPs
For instance, the routes between WHS and TAPs are
artificially increased leading to poor performance
Shambhu Upadhyaya
13
Securing Multihop Routing
Using secure routing protocols to
prevent attacks against routing
messages
If the state of one or more TAPs is
modified, the attack can be detected
and the network reconfigured
DoS attacks can be prevented by
identifying the source of disturbance
and disabling it
Shambhu Upadhyaya
14
Generalized WMNs
Vehicular Networks is special case of
WMNs where TAPs are represented by
cars and roadside WHS
Involves applications such as reporting
events (accidents), cooperative driving,
payment services and location based
services
Multi-Operator WMNs include several
operators and various devices: mobile
phones, laptops, base stations and APs
Shambhu Upadhyaya
15
Conclusion
WMNs extend the coverage of WHS in
an inexpensive manner
The three fundamental security issues
that have to be addressed in WMNs
• Detection of corrupt TAPs
• Defining and using a secure routing
protocol
• Defining and implementing a proper
fairness metric
Shambhu Upadhyaya
16
Reference
Ben Salem, N.; Hubaux, J-P, "Securing wireless
mesh networks ,“ Wireless Communications,
IEEE, vol.13, no.2, pp.50,55, April 2006
Shambhu Upadhyaya
17
Energy-Aware
Computing
Shambhu Upadhyaya
18
Issues in Sensor Networks
Localization
Synchronization
In-network processing
Data-centric querying
Energy-aware computing
Shambhu Upadhyaya
19
Energy Constraints
Battery-powered devices
Communication is much more energy
consuming than computation
Transmitting 1 bit costs as much energy as running
1,000 instructions
Gap is only going to be larger in the future
Load balancing
Coordinated sleeping schedules
Explore correlation in sensing data
Power saving techniques integral to most
sensor networks
Shambhu Upadhyaya
20
MAC Protocols for Sensor
Networks
Contention-Based:
CSMA protocols (IEEE 802.15.4)
Random access to avoid collisions
IEEE 802.11 type with power saving
methods
Scheduling-Based:
Assign transmission schedules
(sleep/awake patterns) to each node
Variants of TDMA
Hybrid schemes
Shambhu Upadhyaya
21
MAC Protocol Examples
PAMAS [SR98]:
Power-aware Medium-Access Protocol with Signaling
Contention-based access
Powers off nodes that are not receiving or forwarding packets
Uses a separate signaling channel
S-MAC [YHE02]:
Sensor Medium Access Control protocol
Contention-based access
TRAMA [ROGLA03]:
Traffic-adaptive medium access protocol
Schedule- and contention-based access
Wave scheduling [TYD+04]:
Schedule- and contention-based access
Shambhu Upadhyaya
22
S-MAC
Identifies sources of energy waste [YHE03]:
Collision
Overhearing
Overhead due to control traffic
Idle listening
Trade off latency and fairness for reducing
energy consumption
Components of S-MAC:
A periodic sleep and listen pattern for each node
Collision and overhearing avoidance
Shambhu Upadhyaya
23
S-MAC: Sleep and Listen
Schedules
Each node has a sleep and listen schedule and
maintains a table of schedules of neighboring
nodes
Before selecting a schedule, node listens for a
period of time:
If it hears a schedule broadcast, then it adopts that
schedule and rebroadcasts it after a random delay
Otherwise, it selects a schedule and broadcasts it
If a node receives a different schedule after
selecting its schedule, it adopts both schedules
Need significant degree of synchronization
Shambhu Upadhyaya
24
S-MAC: Collision and
Overhearing Avoidance
Collision avoidance:
Within a listen phase, senders contending to
send messages to same receiver use 802.11
Overhearing avoidance:
When a node hears an RTS or CTS packet,
then it goes to sleep
All neighbors of a sender and the receiver
sleep until the current transmission is over
Shambhu Upadhyaya
25
Routing Strategies
Geographic routing:
Attribute-based routing:
Greedy routing
Perimeter or face routing
Geographic localization
Directed diffusion
Rumor routing
Geographic hash tables
Energy-aware routing:
Minimum-energy broadcast
Energy-aware routing to a region
Shambhu Upadhyaya
26
Energy-Aware Routing
Need energy-efficient paths
Notions of energy-efficiency:
Select path with smallest energy consumption
Select paths so that network lifetime is maximized
When network gets disconnected
When one node dies
When area being sensed is not covered any more
Approaches:
Combine geographic routing with energy-awareness
Minimum-energy broadcast
Shambhu Upadhyaya
27
Minimum Energy Broadcast
Routing
Given a set of nodes in the plane
Goal: Broadcast from a source to all nodes
In a single step, a node may broadcast within a range by
appropriately adjusting transmit power
Energy consumed by a broadcast over range γ is
proportional to γα
Problem: Compute the sequence of broadcast steps that
consume minimum total energy
Centralized solutions
NP-complete [ZHE02]
Shambhu Upadhyaya
28
Three Greedy Heuristics
In each tree, power for each node proportional
to αth exponent of distance to farthest child in
tree
Shortest Paths Tree (SPT) [WNE02]
Minimum Spanning Tree (MST) [WNE02]
Maintains an arborescence rooted at source
Broadcasting Incremental Power (BIP) [WNE02]
“Node” version of Dijkstra’s SPT algorithm
In each step, add a node that can be reached with
minimum increment in total cost
SPT is Ω(n)-approximate, MST and BIP have
approximation ratio of at most 12 [WCLF01]
Shambhu Upadhyaya
29
References
Feng Zhao and Leonidas Guibas, Wireless Sensor
Networks: An Information Processing Approach, Morgan
Kaufman, 2004
Jeffrey E. Wieselthier, Gam D. Nguyen, and Anthony
Ephremides. 2002. Energy-efficient broadcast and
multicast trees in wireless networks. Mob. Netw. Appl. 7,
6 (December 2002)
Shambhu Upadhyaya
30
Advanced Metering
Infrastructure
(AMI)
Shambhu Upadhyaya
31
A Typical Smart Grid
Shambhu Upadhyaya
32
Advanced Meter Reading
Advanced Metering Infrastructure (AMI) or smart meters
(2-way)
Used for revenue accounting
Wireless based
Many proprietary
Moderate range, drive-by reading
Mesh (Zigbee) and WiFi sometimes
About 50Million AMR/AMI installed (USA)
Suggested standard: ANSI C12.18
Smart meters (at Microgrid level) provide information
needed to analyze energy usage and thus allow energy
minimization algorithms to be implemented
Shambhu Upadhyaya
33
Prospects for Smart Appliances
Examples: smart refrigerator, smart dryer
Two-way communication via Internet
Logical extension of smart grid/buildings
Technically possible for years but …
Hardware costs high; Installation may be complex; Standards lacking
Forms a SCADA or CPS system
Security and privacy concerns high
Benefits unclear
Futuristic discussion mostly
Shambhu Upadhyaya
34
Smart Metering Communication
Zigbee is ideal for AMI
Can network a no. of sensors and controllers in
a household
Possibly in a mesh network
Can operate in one of 3 frequency bands
Shambhu Upadhyaya
35
Potential Concerns
WiFi and Zigbee interference
Security concerns of ad hoc and mesh networks apply
Can be handled by separating the channels by 30MHz
Eavesdropping
Traffic analysis
Replay attacks
Additionally:
Employee mistakes, equipment malfunctions, virus,
coordinated attacks from a state or terrorist group
Privacy concerns
Smart meters collect personally identifiable info
Cyber criminals could use them for identity theft
Shambhu Upadhyaya
36
A Privacy Compromise Scenario
Electricity use patterns could lead to disclosure
Could leak info on customers
When they’re at home (sleeping versus watching
television)
When at work, or traveling
It might also be possible to discover what types of
appliances and devices are present
Increases in power draw could suggest changes in
business operations
Impacts
Criminal targeting of home
Business intelligence to competitors
Shambhu Upadhyaya
37
Hacking Attacks and Mitigation
Two-way communication between customers and utility companies
means more risk
Two-way meters accessible to both users and enemies (use buggy
s/w)
Smart meter is the pain point (may be hacked)
Simulation of a worm injected into a meter shows
how it would spread
how it can be used to cause power grids to surge or shut off
Common vulnerabilities exist, but no powerful devices to implement
Devices do not have cycles to implement strong crypto solutions
Mitigation techniques
Zigbee security (uses hierarchy of keys)
Machine-to-machine strong authentication
Encryption
Data hashing, digital signing, etc.
This is an active research area today
Shambhu Upadhyaya
38
References
Darold Wobschall, University at Buffalo, 2012
M. Nabeel, J. Zage, S. Kerr, E. Bertino,
Cryptographic Key Management for Smart
Power Grids, 2012,
http://www.cerias.purdue.edu/apps/reports_an
d_papers/view/4591
Shambhu Upadhyaya
39
Internet of Things
(IoT)
Shambhu Upadhyaya
40
What is IoT?
Loosely coupled decentralized system of smart objects
Ubiquitous computing, 100B to be connected to the
Internet by 2020
After the WWW, IoT represents the most potentially
disruptive technological revolution
What inspired IoT?
RFID, Short-range wireless communication
Real-time localization
Sensor networks
What does it entail?
Scientific theory
Engineering design
User experience
Shambhu Upadhyaya
41
IoT Curriculum
Universities have started building special curricula
Open University in UK has developed a learning
infrastructure for collaborative learning in IoT
Merging of the physical and digital realms (CPS)
Physical objects become true actors on the Internet
Huge increase in the number of internetconnected devices,
objects, sensors and actuators
Huge increase in the amount and value of data (Big Data)
Emergence of novel embedded device platforms below the level of
personal mobile devices
Novel applications in energy, transport, health, business and daily
life
Expectation is that MOOCs may take up the challenge
Companies such as Cisco, IBM, Intel are engaging
Shambhu Upadhyaya
42
Skills Set for IoT
Algorithms
Programming skills
Distribution and collaboration
Creative design
Collaborative design
Ethical issues
Ability to develop networked sensing apps
Privacy and security
Computing in society
Shambhu Upadhyaya
43
Typical Components of IoT
iPod
Nokia, Android cell phones
Nintendo DS, Game Boy Advance
Roomba 500 iRobot
Sirius Satellite Radio Receivers
Automobiles
Shambhu Upadhyaya
44
IoT Protocol Details
IEEE 802.15.4 is the standard for low
rate WPANs
802.15.4 handles the physical and
MAC layer but not upper layers
Can be used with 6LoWPAN and
standard IP protocols to build a
wireless embedded Internet
6LoWPAN is the low power IPv6 version
developed for small devices
Shambhu Upadhyaya
45
Internet of Nano Things
Shambhu Upadhyaya
46
Security Challenges in IoT
Cryptographic security
Traditional tools may not be suitable due to limited processor speed and
memory
Key management
Credentialing
Credentialing users and devices required
may not scale due to the sheer size of the nework
Identity management
Manual key management may not scale
Limited user interfaces will make security deployment difficult
A devise identity may need to be mapped to groups of users
Usability is also an issue
Limited user interface
Privacy
Sensitive information on health front
“network guards” may be needed
Shambhu Upadhyaya
47
References
http://prezi.com/aordc8uod3rj/intern
et-of-things-presentation/
IEEE Computer, February 2013
I. Akyildiz and J. Jornet, The Internet
of Nano-Things, IEEE Wireless
Communications, 2010
Shambhu Upadhyaya
48