A survey of secure location schemes in wireless networks
This presentation is the property of its rightful owner.
Sponsored Links
1 / 35

A Survey of Secure Location Schemes in Wireless Networks PowerPoint PPT Presentation


  • 92 Views
  • Uploaded on
  • Presentation posted in: General

A Survey of Secure Location Schemes in Wireless Networks. - 2010/5/21. Outline. Introduction Secure Location Schemes Location Verification Range-independent Scheme (SeRLoc) Base Station Assisted Secure Localization Detect Compromised Beacon Nodes Defeat Non-cryptographic Attacks Summary.

Download Presentation

A Survey of Secure Location Schemes in Wireless Networks

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


A survey of secure location schemes in wireless networks

A Survey of Secure Location Schemes in Wireless Networks

- 2010/5/21


Outline

Outline

  • Introduction

  • Secure Location Schemes

    • Location Verification

    • Range-independent Scheme (SeRLoc)

    • Base Station Assisted Secure Localization

    • Detect Compromised Beacon Nodes

    • Defeat Non-cryptographic Attacks

  • Summary


Location identity in wireless networks

Location & Identity in Wireless Networks

  • Application

    • Location Based Service (LBS)  privacy issues

    • Solution: legal framework, k-anonymity, etc.

  • Network

    • Geographical routing, location based access control

  • Physical Layer

    • Location could be used to detect source spoofing attacks (in wireless networks)


Wireless sensor network wsn

WSN

Have mission-critical tasks

Sensor nodes: low cost, limited resource, multifunctional

Usually has one BS

Prone to failure, easy to be compromised

Location matters

The location of sensors is a critical input to many higher-level networking tasks [5]

Wireless Sensor Network (WSN)


Localization in wsn

Localization in WSN

  • Techniques:

    • GPS

    • Ultrasound

    • Radio (RF)

      • RSSI, ToA, TDoA, AoA, etc.

  • Usually has Beacon nodes

    • With known locations and sending beacon signals

  • Security issues:

    • Location discovery in hostile environments

    • Attacker could masquerade or compromise beacon nodes, or perform replay attacks


Threat model

Threat Model

  • (Internal) dishonest or compromised nodes

    • Can authenticate itself (to other sensor nodes)

    • Report false position

  • (External) malicious nodes

    • Can not authenticate itself (as an honest nodes)

    • Can perform timing attack (delaying or speeding-up)

  • Other attacks

    • PHY-layer attack


Examples

Examples

Masquerade beacon node

Compromised

beacon node

Replay attack

(locally replay or through wormhole)


Taxonomy

Taxonomy

Secure Location

w/ beacon nodes

w/o beacon nodes

  • Localization:

  • Location Verification

  • Range-independent

  • localization

  • Base Station Assisted

  • Attack Detection:

  • Detect Compromised

  • Beacon Nodes

  • Defeat Non-

  • cryptographic Attacks


Location verification location based access control

V

C

Location Verification(Location-based Access Control)

  • In-region verification

  • Roles:

    • Claimants & Verifiers

  • Method:

    • Distance bounding techniques

      • Upper bound the distance of one device to another (dishonest) device

C: I’m at some location l

R

Region of interest

[1] N. Sastry, U. Shankar, and D. Wanger, “Secure Verification of Location Claims,” in Proc. ACM

Workshop Wireless Security, 2003, pp. 1-10.


Location verification location based access control1

.

p (prover)

Location Verification(Location-based Access Control)

  • More complex cases:

    • Consider processing/transmission delay,

    • Consider non-uniform regions,

    • Consider multiple verifiers

  • A simplified case

Echo Protocol: (secure, lightweight)

(why sound?)

c: light speed

s: sound speed


Distance enlargement attacks

Distance Enlargement Attacks

(MMSE: Min. Mean Square Estimate)

  • Distance bounding – vulnerable to distance enlargement attacks but not to distance reduction attacks

  • Propose VM (Verifiable Multi-lateration)

    • Also relies on distance bounding (at least 3 verifiers)

T: set of verifiers that

form triangles around

u (claimant)

[2] S. Capkun and J.-P. Hubaux, “Secure Positioning of Wireless Devices with Application to Sensor Networks,” in Proc. INFOCOM, 2005, vol. 3, pp. 1917-1928.


Detection of distance enlargement attack

Detection of Distance Enlargement Attack

u’

Enlarging db1 is impossible


Spine secure positioning in sensor network

SPINE (Secure Positioning In sensor NEtwork)

  • SPINE: a system for secure positioning of a network of sensors, that is based on VM

  • Possible Attacks: (Attacker-x-y)

x: # of compromised nodes (c)

y: # of malicious nodes (m)


Spine secure positioning in sensor network cont d

SPINE (Secure Positioning In sensor NEtwork) (cont’d)

  • Operate in 2 phases:

    • Sensors measure distance bounds to their neighbors

    • Central authority compute sensors’ positions (according to the distance bounds)

(Verify db(s), then compute positions based on verified db(s))

(Positioning is also based on MMSE)

BDV (Basic Distance Verification)


Spine secure positioning in sensor network cont d1

SPINE (Secure Positioning In sensor NEtwork) (cont’d)

  • Effectiveness:

    • The effectiveness of this system depends on the number of node neighbors (node density) and on the number and the distribution of the reference nodes (verifiers)


Taxonomy1

Taxonomy

Secure Location

w/ beacon nodes

w/o beacon nodes

  • Localization:

  • Location Verification

  • Range-independent

  • localization

  • Base Station Assisted

  • Attack Detection:

  • Detect Compromised

  • Beacon Nodes

  • Defeat Non-

  • cryptographic Attacks


Range independent localization

Range-Independent Localization

  • Motivation:

    • Distance measure is vulnerable

    • Do not count on distance measure to infer the sensor location

    • Secure localization ≠ location verification

  • Goal:

    • Decentralized, resource efficiency, robust

  • Contributions:

    • Propose SeRLoc, a range-independent localization scheme

    • Propose security mechanism for SeRLoc

    • Evaluate the performance of SeRLoc

[3] L. Lazos and R. Poovendran, “SeRLoc: Secure Range-Independent Localization for Wireless Sensor Networks,” in Proc. ACM Workshop Wireless Security, 2004, pp. 21-30.


Serloc

SeRLoc

  • Concept:

    • Locators use sectored antennas (with range R)

    • A sensor can identify the region it resides by computing the overlap between all the sectors it resides

    • Then estimates its location at the center of gravity of the overlapping region


Secure serloc

Secure SeRLoc

  • Encryption:

    • To protect the localization information, encrypt all beacons transmitted from locators

    • Sensors and locators share a global symmetric key K0

  • Locator ID authentication:

    • Use one-way hash chains to provide locator ID auth.

    • Each sensor has a table containing {IDi ,Hn(PWi)} of each locator

  • Storage issues


Threat analysis

Threat Analysis

  • Authors analyze (1) wormhole attacks and (2) Sybil attack and compromised sensors

  • Analyze the vulnerabilities of other 3 range-independent localization schemes

    • Dv-hop, Amorphous localization, APIT


Taxonomy2

Taxonomy

Secure Location

w/ beacon nodes

w/o beacon nodes

  • Localization:

  • Location Verification

  • Range-independent

  • localization

  • Base Station Assisted

  • Attack Detection:

  • Detect Compromised

  • Beacon Nodes

  • Defeat Non-

  • cryptographic Attacks


Base station assisted approaches

PBS

PBS

CBS

Base Station Assisted Approaches

  • Contribution:

    • New approach, relies on a set of covert base stations

    • Enables secure localization with a broad spectrum of localization techniques (ultrasound, RF, etc)

  • Covert Base Station (CBS):

    • Known position

    • Passively listen to the on-going communication

    • Could be hidden or mobile base station

broadcast

nonce

PBS

nonce

sensor

measure TDoA and compute

sensor’s position

(PBS: Public Base Station)

[4] S. Capkun, M. Cagalj, and M. Srivastava, “Secure Localization with Hidden and Mobile Base Stations,” in Proc. INFOCOM, 2006.


1 infrastructure centric positioning with hidden base stations

1. Infrastructure-centric Positioning with Hidden Base Stations

  • TDoA:

    • Position a source by finding

      the intersection of multiple hyperboloids.

    • Pros: does not require communication from BSs and mobile nodes

  • Security analysis:

    • TDoA drawback: using directional antennas, attackers could cheat BSs

    • Δ: tolerant size (also means the size of attacker’s guessing space)

    • T: signal propagation time + node processing time


2 node centric positioning with hidden base stations

2. Node-centric Positioning with Hidden Base Stations

  • Node compute its position,

    then verified by CBS

  • Node-centric:

    • Attacker might spoofs node’s position and then cheats on the position verification mechanism

    • CBS again verify the reported position by distance measure


3 secure positioning with mobile base stations

3. Secure Positioning with Mobile Base Stations


Taxonomy3

Taxonomy

Secure Location

w/ beacon nodes

w/o beacon nodes

  • Localization:

  • Location Verification

  • Range-independent

  • localization

  • Base Station Assisted

  • Attack Detection:

  • Detect Compromised

  • Beacon Nodes

  • Defeat Non-

  • cryptographic Attacks


Detecting malicious beacon nodes

Detecting Malicious Beacon Nodes

  • Motivation:

    • None of previous techniques can work properly when some of the beacon nodes are compromised

  • Goal:

    • Try to detect and remove compromised beacon nodes

    • Ensure correct location discovery

  • Approach:

    • Detect malicious beacon signals

    • Detect replayed beacon signals to avoid false positive

    • Revoke malicious beacon nodes

[6] D. Liu, P. Ning, and W. Du, “Detecing Malicious Beacon Nodes for Secure Location Discovery in Wireless Sensor Networks,” in Proc. ICDCS, 2005, pp. 609-619.


Detecting malicious beacon signals

Detecting Malicious Beacon Signals

  • Idea:

    • Use beacon node (known location) to detect other beacon nodes

    • Locations of beacon nodes must satisfy the measurements (of their locations) derived from their beacon signals

  • Method:

Note: to mislead the

location estimation, the

attacker has to make

the estimated distance

inconsistent with the

calculated one.

(By request & reply)


Filtering replayed beacon signals goal avoid false positive

Filtering Replayed Beacon Signals(Goal: avoid False Positive)

  • Malicious signal ≠ this node is malicious !

    • Due to replay attack

  •  Replay through a wormhole attack

    • Detect this attack by checking the measured distance and the radio communication range

    • If within the communication range, go to next step (locally replay)

  •  Locally replayed beacon signals

    • Detect extra delay by measuring RTT between two neighbors

    • RTT measure in a real setup (does NOT consider the impacts of MAC protocol or any processing delay)

      • Extra delay  larger than RTTmax

      • (Assumption required) authenticated and unicasted beacon signal !!


Revoke malicious beacon nodes

Revoke Malicious Beacon Nodes

  • Use the base station to further remove malicious beacon nodes from the network

    • Each beacon node shares a unique random key with BS

    • Beacon nodes can report the detecting results to BS securely

    • BS evaluates the suspiciousness of each beacon nodes

      • BS Maintains alert counters and report counters

  • This mechanism requires more beacon nodes and incurs more communication overhead


Taxonomy4

Taxonomy

Secure Location

w/ beacon nodes

w/o beacon nodes

  • Localization:

  • Location Verification

  • Range-independent

  • localization

  • Base Station Assisted

  • Attack Detection:

  • Detect Compromised

  • Beacon Nodes

  • Defeat Non-

  • cryptographic Attacks


Focus on non cryptographic attacks

Focus on Non-cryptographic Attacks

  • Non-cryptographic attacks (physical attacks)

    • Such as signal attenuation and amplification

    • Degrade the performance of localization Algo.

  • Propose a general attack detection model

    • Based on this model, analyze two broad localization approaches (Multi-lateration based & signal strength based)

    • The attack detection mainly depends on statistical significance testing

    • Other test statistics are also discussed

  • Conduct trace driven evaluations

    • Using an 802.11 network and an 802.15.4 (ZigBee) network

[5] Y. Chen, W. Trappe, and R. P. Martin, “Attack Detection in Wireless Localization,” in Proc. INFOCOM, 2007.


Models

Linear attack model on RSS

Conduct Exp. in two real office buildings

Detection model:

Statistical significance testing

Define test statistic T, null hypothesis H0, and its acceptance region Ω

Metrics:

Detection Rate

ROC curve

Models


Reference

Reference

[1] N. Sastry, U. Shankar, and D. Wanger, “Secure Verification of Location Claims,” in Proc. ACM Workshop Wireless Security, 2003, pp. 1-10.

  • UC Berkeley

    [2] S. Capkun and J.-P. Hubaux, “Secure Positioning of Wireless Devices with Application to Sensor Networks,” in Proc. INFOCOM, 2005, vol. 3, pp. 1917-1928.

  • EPFL Switzerland

    [3] L. Lazos and R. Poovendran, “SeRLoc: Secure Range-Independent Localization for Wireless Sensor Networks,” in Proc. ACM Workshop Wireless Security, 2004, pp. 21-30.

  • Univ. of Washington

    [4] S. Capkun, M. Cagalj, and M. Srivastava, “Secure Localization with Hidden and Mobile Base Stations,” in Proc. INFOCOM, 2006.


Reference1

Reference

[5] Y. Chen, W. Trappe, and R. P. Martin, “Attack Detection in Wireless Localization,” in Proc. INFOCOM, 2007.

  • Rutgers Univ.

    [6] D. Liu, P. Ning, and W. Du, “Detecing Malicious Beacon Nodes for Secure Location Discovery in Wireless Sensor Networks,” in Proc. International Conf. Distributed Computing Systems (ICDCS), 2005, pp. 609-619.

  • NCSU, Syracuse Univ.

    [7] D. Liu, P. Ning, and W. Du, “Attack-Resistant Location Estimation in Sensor Networks,” in Proc. International Symposium Information Processing Sensor Networks (IPSN), 2005, pp. 99-106.

    [8] L. Fang, W. Du, and P. Ning, “A Beacon-less Location Discovery Scheme for Wireless Sensor Networks,” in Proc. INFOCOM, 2005.

    [9] W. Du, L. Fang, and P. Ning, “LAD: Localization Anomaly Detection for Wireless Sensor Networks,” in Proc. IEEE International Parallel Distributed Processing Symposium (IPDPS), 2005, pp. 41a-41a.


  • Login