intrusion detection system wsn n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Intrusion Detection System WSN PowerPoint Presentation
Download Presentation
Intrusion Detection System WSN

Loading in 2 Seconds...

play fullscreen
1 / 26

Intrusion Detection System WSN - PowerPoint PPT Presentation


  • 175 Views
  • Uploaded on

Intrusion Detection System WSN. Tamer AbuHmed. Topics. IDS Challenges in WSN SPINS : Security Protocol for Sensor Network Efficient anonymity schemes for clustered wireless sensor networks. Placement Problem. Signature Update. IDS Challenges in WSN. Authentication.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Intrusion Detection System WSN' - gunda


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
intrusion detection system wsn

Intrusion Detection SystemWSN

Tamer AbuHmed

Information Security Research Laboratory

http://seclab.inha.ac.kr/

topics
Topics
  • IDS Challenges in WSN
  • SPINS: Security Protocol for Sensor Network
  • Efficient anonymity schemes for clustered wireless sensor networks.
  • Placement Problem.
  • Signature Update.
ids challenges in wsn
IDS Challenges in WSN
  • Authentication.
  • Anonymity(prevent compromising).
  • Node placement.
  • Signature Update.
  • SPINS: Security Protocol for Sensor Network
  • Adrian Perrig, Robert Szewczyk, JD,Vector Wen, and Davide Culler
  • Springer 2002
introduction
Introduction
  • Symmetric techniques
    • The secret keys are pre-distributed among sensors before their deployment.
    • Due to the limitation on memory, symmetric key techniques are not able to achieve both a perfect connectivity and a perfect resilience for large-scale sensor networks.
  • Public key cryptography
    • eliminate the connectivity and resilience problems.
    • Common criticism: computational complexity and communication overhead.
      • ECC signature verification: 1.62s (160-bit Atmega 128)
system assumptions
System Assumptions
  • Communication Architecture:
  • The broadcast is the fundamental communication way.
  • The network topology is tree which the BS is the root.
  • The sensors cooperate to pass the packets from the leaves to the root.
  • The communication patterns categorized into :
  • Node Bs
  • BS node
  • Bs All Nodes.
  • Node  node
slide6

They assumed sensors are not trusted.

  • The nodes in initialization phase trust the BS but not after this phase.
  • The protocol achieve security requirements like data authentication, data integrity, and data freshness.
slide8
SNEP
  • The two parties A, B shared XAB and derived the comm. Keys KAB=FX(1), KBA=FX(3), K’AB=FX(2), K’BA=FX(4).
  • The encrypted data E(D){K,C}, and MAC(K’,C||E)
  • The complete message from AB is:

AB: (D){KAB,C}, MAC(K’AB,C|| (D){KAB,CA})

counter exchange protocol
Counter Exchange Protocol
  • AB: CA

BA: CB , MAC(K’BA,CA||CB)

AB: MAC(K’ AB,CA||CB)

  • How does the synchronization of the counter be?
  • AB: CA, MAC(K’AB,CA)

BA: CB , MAC(K’BA,CA||CB)

tesla
µTESLA
  • Requirements:
  • The BS and Nodes be loosely synchronized.
  • Each node know the upper bound of max. sync. error.
  • Each node loaded with commitment key K0.
tesla cont
µTESLA cont.
  • The BS compute the MAC (K,P) where K unknown for receiver at sending time.
  • Ki=F(Ki+1)
  • K0=F(F(K2))

F

F

F

F

F

F

K2

K0

K3

K1

K4

K5

P1

P2

P3

P4

P5

P1

P2

tesla detailed description
µTESLA detailed description
  • Sender phase.(keys generation e.g. MD5)
  • Sending Auth. Packet.
  • Bootstrapping new receiver.(parameters of sync.)
  • MS: NM
  • MS: TS|Ki|Ti|Tint|δ,MAC(KMS,NM| TS|Ki|Ti|Tint|δ)
  • Auth. received packet.
node to node key agreement
Node to Node key agreement
  • If node A(IDS) want to communicate with node B.
  • They use trusted party BS because the share master secret key with it (XAS,XAB).
  • AB: NA,A

BS: NA,NB ,A,B, MAC(K’BS,NA|NB|A|B)

SA: {SKAB}KSA,MAC(K’ SA,NA|B|{SKAB}KSA)

SB: {SKAB}KSB,MAC(K’ SB,NA|B|{SKAB}KSB)

ids challenges in wsn1
IDS Challenges in WSN
  • Authentication.
  • Anonymity(prevent compromising).
  • Node placement.
  • Signature Update.
  • “Efficient anonymity schemes for clustered wireless sensor networks”

Satyajayant Misra and Guoliang Xue

Inderscience,Wireless Network 2006

Arizona State University

requirements for anonymity in a cwsn
Requirements for anonymity in a CWSN
  • SN can communicate with any other SN in its

neighborhood and the BS in an anonymous .

  • Routing of messages is anonymous
  • The nodes in a cluster are indistinguishable.
  • SNs outside the neighborhood of a cluster cannot figure out the CH of the cluster.
framework for the anonymity schemes
Framework for the anonymity schemes
  • 2k pseudonyms
  • Continuous chunk of size 2L
  • The total chunk N2

K bit

2L

….

….

N2

slide17

Each node produce table and for scheme management.

  • SN assign chunk for comm. With node v from (N)
  • In secure way:
  • UV: chunk
  • VU:chunk
  • The sender & receiver IDs became:

i

+ index v

i’

+ index u

Table of node u

Sender: index u|| IDvu

Receiver: index v ||IDuv

ids challenges in wsn2
IDS Challenges in WSN
  • Authentication.
  • Anonymity(prevent compromising).
  • Node placement.
  • Signature Update.
cluster construction
Cluster Construction

Grow the cluster iteratively

Wait for a random amount of time

Timeout and elect itself as a clusterhead

Legitimate Cluster

Valid cluster

Network partition constructed

R

mR

R

mR

mR

R

R

mR

LOCI: Local Clustering Service for Large Scale Wireless Sensor Networks (Springer 06, Vineet Mittal)

placement problem
Placement Problem

R

Tree Based

A

Tree Based

ids challenges in wsn3
IDS Challenges in WSN
  • Authentication.
  • Anonymity(prevent compromising).
  • Node placement.
  • Signature Update.
signature update
Signature Update
  • The problem of multi pattern matching technique is preprocessing phase.
  • We have two choices(rebuild in node, send to preprocessed signature )

  • Send new signature from BS
  • Less comm. Overhead
  • Processing overhead
  • Send whole table to IDS node
  • Intensive comm. Overhead
  • Less node processing overhead
slide24

Thank You

Any Question ?