Security in Sensor Networks

By :Rohin SethiAranika MahajanTwisha Patel

Outline

Introduction Time Syncronization Attacks Denial of Service (DoS) Attacks Conclusion

Need for Security in Sensor Networks

Broadcast nature of Wireless Communication Lack of tamper-resistant hardware Limited storage & computational resources

rendering public key cryptography impractical

Time Synchronization Attacks

Time Synchronization Protocols

Time synchronization protocols :– provide a mechanism for synchronizing the local

clocks of the nodes in a sensor network– used by many applications of sensor networks, such

as tracking and localization.

Attacks on time-synchronization protocols: – have one main goal, to somehow convince some

nodes that their neighbors’ clocks are at a different time than they actually are.

Time-sync Protocol for Sensor Networks (TPSN)

TPSN initially creates a spanning tree of the sensor network.

While the tree is being built, the nodes perform pair-wise synchronization along the edges of the tree.

Each node exchanges synchronization messages with its parent in the spanning tree.

Time-sync Protocol for Sensor Networks

Flooding Time Synchronization Protocol (FTSP)

Root node broadcasts its local time and any nodes that receive that time synchronize their clocks to that time.

Synchronization messages:1. rootID2. seqNum3. sendingTime

Whenever a node receives a message from the root node, it updates its global time. In addition, it broadcasts its own global time to its neighbors.

Flooding Time Synchronization Protocol

Each node retains the highest sequence number it has received and the rootID of the last received message used.

If a node does not hear a time synchronization message for a ROOT_TIMEOUT period, it declares itself to be the new root.

If a root hears a time synchronization message from another root with lower ID than itself, it gives up its root status.

Attacks on Time Synchronization Protocol for Sensor Networks

Send Incorrect Information to its children Lie about its level in the tree It can avoid participating in the tree building

phase.

Attacks on FTSP

The compromised node can claim to be the root node with ID 0 and begin at a higher sequence number than the original root

All updates originating at the actual root node will be ignored.

Counter Measure For Time Synchronization Attacks

Corrupted Root:– A subset of the nodes act as the root on a rotating basis. – All nodes share a private key with that subset of the nodes

that may become a root.– Any corrupted nodes might continue to send erroneous

updates under this scheme, but the effects on the nodes' calculations of the skew and offset would be reduced.

Counter Measure For Time Synchronization Attacks (contd…)

Increasing Reliability :– The nodes record a subset S of the updates from

their neighbors.

Preventing False Updates:– Skeptic Node may cease sending updates to its

neighbors – Policy of containment

Denial of Service Attacks

Denial of Service (DoS) Attacks

Attempt to make a computer resource unavailable to intended users

Force victims to reset/consume resources– Service no longer available

Obstructs communication media between intended users and victim

DoS in WSNs

Sleep Deprivation Attacks Path Based DoS Attacks Jamming Attacks

Sleep deprivation Attacks

Also known as Battery Exhaustion Attacks Attacker drains the battery of pervasive

computing device– Device rendered inoperable

Successful Attack Currently not widespread but the potential

exists

Forms of Sleep deprivation Attacks

Service Request Power Attacks Benign Power Attacks Malignant Power Attacks

Remedy for Sleep Deprivation Attacks

Existing security techniques Power Secure Architecture

– Goal: Provide some guaranteed fraction of the system’s expected battery life.

– Fundamental Security Features: -1. Multilayer Authentication

2. Energy Signature Monitoring

Power Secure Architecture

Multilayer Authentication– Service Request Attacks– Energy profile of service

Crippling energy level– Initial authentication must be

lightweight process Energy Signature Monitor

– Benign and Malignant Attacks– Energy Monitoring Unit (EMU) :

Self-contained unit for dynamically measuring the systems power consumption

– Concerns Allows Attacker to more easily tune

a sleep deprivation attack Checking signature must be

lightweight process

Power Secure Architecture (contd..)

Energy Signature Monitor– Benign and Malignant Attacks– Energy Monitoring Unit (EMU) : Self-contained

unit for dynamically measuring the systems power consumption

– Concerns Allows Attacker to more easily tune a sleep deprivation

attack Checking signature must be lightweight process

Path Based DoS Attacks

Damaging form of DoS Attacks

Hierarchical organization of sensor networks

– Member Nodes– Aggregator Nodes– Base Station

Easy to launch and disable large portions of WSNs

PDoS Attack in End-to-End Communication in WSNs

Remedy for PDoS Attacks

One-way Hash Chains (OHCs) Detect spurious packets using separate

shared key Detect spurious packets using single “path”

key Rate Control

Jamming Attacks

Well-known attack on wireless communication

Adversary can disrupt entire network with k randomly distributed jamming nodes, putting N nodes out of service, where k << N

Attacks is simple and effective for single frequency networks

Remedy for Jamming Attacks

Standard Defense: Various forms of spread-spectrum communication

Phase I Phase II

Conclusion

Attacks Severity Ease of implementation of solution

PDoS High Medium

Sleep Deprivation Medium Medium

TPSN Medium Medium

Jamming Medium High (Hardware cost involved)

FTSP Low Medium

THANK YOU