1 / 35

Denial of service in sensor networks

Denial of service in sensor networks. Pratik Zirpe Instructor – Dr. T. Andrew Yang. Agenda. Introduction Concepts Denial of Service Threat Physical layer Link layer Network layer Transport layer Conclusion. Introduction. Real-time data processing Applications Availability

flavia-pittman
Download Presentation

Denial of service in sensor networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Denial of service in sensor networks PratikZirpe Instructor – Dr. T. Andrew Yang

  2. Agenda • Introduction • Concepts • Denial of Service Threat • Physical layer • Link layer • Network layer • Transport layer • Conclusion

  3. Introduction • Real-time data processing • Applications • Availability • Denial of service

  4. Concepts • Application dependent networks • Limited individual capability of nodes • Must continue operating after significant node failure

  5. Security demands of a network • Network has to face harsh environments and intelligent opposition • Disasters • Public safety • Home healthcare • Design time consideration

  6. Denial of Service Threat • Any event that diminishes or eliminates a network’s capacity to perform it’s expected function • Reasons may be hardware failures, software bugs, resource exhaustion, environmental conditions or other complicated interactions.

  7. Layered Network Architecture • Improves robustness of the system • Each layer is vulnerable to different DoS attacks • Some attacks may crosscut multiple layers

  8. Layered model

  9. Physical layer • Nodes use wireless communication • Base stations use wired or satellite communication • Attacks- • Jamming • Tampering

  10. Jamming • Interferes with radio frequencies of nodes • Randomly distributed k nodes can put N nodes out of service (k<<N) • Effective in single frequency networks

  11. Detection • Determined by constant energy that impedes communication • Constant jamming prevents nodes from exchanging data or even reporting attack to remote monitoring stations • Sporadic jamming is also effective

  12. Prevention or mitigation • Spread-spectrum communication – not feasible solution • Attacked nodes can be put in long-term sleep and have them wake up periodically to test the channel • High priority messages to defend against intermittent jamming

  13. Defense against jamming

  14. Tampering • Attacker can physically tamper nodes • Attacker can damage and replace computation hardware • Sensitive material is exposed

  15. Prevention or mitigation • Camouflaging or hiding nodes • Erase cryptographic or program memory

  16. Link layer • Protocols requires cooperation between nodes to arbitrate channel use making them more vulnerable to DoS attack • Attacks- • Collision • Exhaustion • Unfairness

  17. Collision – detection and prevention • Adversary may need to induce collision in one octet of transmission • Attacker requires less energy to listen for transmission • No complete solution is known • Errors are detected using checksum mismatch • Error correction codes can be used

  18. Exhaustion • Repeated retransmissions are triggered by unusually late collision leading to exhaustion • Affect availability • A node could reportedly request channel access with RTS • Causes power losses

  19. Detection and mitigation • Random back-offs • Time division multiplexing • MAC admission control rate limiting • Limiting the extraneous responses required

  20. Unfairness • Degrades service rather than denying it • It exploits MAC-Layer priority schemes • It can be prevented using small frames • Adversary can cheat while vying for access

  21. Network and Routing Layer • Messages may traverse many hops before reaching the destination • The cost of relaying a packet and the probability of its loss increases in an aggregate network • Every node can act as a router • Routing protocols should be simple and robust

  22. Neglect and Greed • A neglectful node arbitrarily neglects to route some messages • Its undue priority to messages originating from it makes it greedy • Multiple routes or sending redundant messages can reduce its effect • It is difficult to detect

  23. Homing • Important nodes and their identities are exposed to mount further attacks • A passive adversary observes traffic to learn the presence and location of critical resources • Shared cryptographic keys are an effective mechanism to conceal the identity of such nodes • This makes the assumption that none of the nodes have been subverted

  24. Misdirection • Messages are forwarded in wrong paths • This attack targets the sender • Adversary can forge replies to route discovery requests and include the spoofed route • Sensor networks can use an approach similar to egress filtering

  25. Black Holes • Nodes advertise zero cost routes to every other node • Network traffic is routed towards these nodes • This disrupts message delivery and causes intense resource contention • These are easily detected but more disruptive

  26. Authorization • Only authorized node can share information • Public-key encryption can be used for routing updates • The problems are with computational and communication overheads and key management

  27. Monitoring • Nodes can keep monitoring their neighbors • Nodes become watchdogs for transmitted packets • Each of them has a quality-rating mechanism

  28. Probing • A network probe tests network connectivity • This mechanism can be used to easily detect Black holes • A distributed probing scheme can detect malicious nodes

  29. Transport layer • Manages end-to-end connections • Sensor Networks utilize protocols with minimum overhead • Threats- • Flooding • Desynchronizations

  30. Flooding • Adversary send many connection establishment request to victim • Each request causes allocation of resources • It can be prevented by limiting the number of connections • Connectionless protocols are not susceptible to this attack • Another solution is client puzzles

  31. Desynchronization • The attacker forges messages to one or both ends with sequence numbers • This causes the end points to request retransmissions of missed frames • This may lead to lack of availability and resource exhaustion • Authentication can prevent such an attack

  32. Adaptive rate control • Describe a series of improvements to standard MAC protocols • Key mechanisms include • Random delay for transmissions • Back-off that shifts an applications periodicity phase • Minimization of overhead in contention control mechanisms • Passive adaptation of originating and route-through admission control rates • Anticipatory delay for avoiding multihop hidden node problems

  33. RAP • Real-time location based protocol • Velocity monotonic scheduling • RAP can use clock synchronization

  34. Conclusion • Attempts at adding security focus on cryptographic-authentication mechanisms • Use of higher security mechanisms poses serious complications in Sensor Networks • It is essential to incorporate security considerations during design-time • Without adequate protection against DoS and other attacks sensor networks may not be deployable at all

  35. References • A.D. Wood and J.A. Stankovic, “Denial of Service in Sensor Networks,” Computer, vol. 35, no. 10, 2002, pp. 54–62. • A.D. Wood and J.A. Stankovic, “A Taxonomy for Denial-of-Service Attacks in Wireless Sensor Networks”,Handbook of Sensor Networks: Compact Wireless and Wired Sensing Systems, 2004. • David R. Raymond and Scott F. Midkiff, "Denial-of-Service in Wireless Sensor Networks: Attacks and Defenses," IEEE Pervasive Computing, vol. 7, no. 1, 2008, pp. 74-81.

More Related