A Holistic Approach to Secure Sensor Networks Sasikanth Avancha Application Scenario Biological Attack !! Wireless Sensor Network Aggregated sensor data Secure, Fixed Base Station Biological Attack !! Commands and Orders Aggregated sensor data Command & Control Secure, Mobile Base Station Wireless Sensor Network Command & Control Secure, Fixed Base Station Subversive Attack !!! Biological Attack !! Secure, Mobile Base Station Adaptive Wireless Sensor Network Aggregated sensor data Secure, Fixed Base Station Subversive Attack !!! Biological Attack !! Commands and Orders Aggregated sensor data Command & Control Secure, Mobile Base Station Outline • WSN State-of-the-Art • Thesis Statement • SWANS • SONETS • Conclusions WSN State-of-the-Art • Energy, Networking, Data Management, Security • Energy conservation is key • Solutions designed mostly for homogeneous WSNs • Security not a basic building block • Few solutions adaptive to environmental variations Thesis • Holistic Approach to WSN Design • Mechanisms to detect, classify & respond to environmental variations • Security as basic building block • Result • Adaptive WSNs tuned to environment • Improved performance • Security • Longevity • Connectivity Secure & Adaptive WSN Framework • SWANS: Two-tiered adaptability mechanism • Node-level Adaptability • Network-level Adaptability • SONETS: Secure self-organization • Varied threat models • End-to-end & pair-wise secure links • Misbehavior detection & network repair Wireless Sensor Network Adaptability • Ontological approach • Identify parameter set and build module ontology • Create node ontology to describe sensor node states • Create network ontology to describe network states • Establish rules to enable nodes and network to modify operational behavior Related Work • • • • • • SPIN, Heinzelman et al. (Mobicom, 1999) T-MAC, van Dam et al. (SenSys, 2003) AIDA, He et al. (ACM TECS, 2004) Adaptive Sampling, Jain et al. (DMSN, 2004) ARC, Kang et al. (Basenets, 2004) Adaptive routing • LEACH • Directed Diffusion WSN Model Sink RRN RRN RRN Application Routing Sensor MAC Sensor Nodes Sensor Nodes PHY Energy Node-level Adaptability RRN MRC Ontological Symbols Parameter Values Routing Sensor MAC PHY LC Sensor Node State Operational Behavior Energy Sensor Node AC Sensor Node Ontology Parameter Set • PHY • Received power per packet, noise power • Carrier loss, format violation and HEC failure rates • MAC • Failed transmission, multiple retry and collision ratios • FCS failure rate • Routing • • • • • • Node degree Compromised node/link count Failed node count Reachable RRN count Path and hop counts to RRNs Router count Parameter Set • Energy • Remaining energy capacity • Energy consumption rate • Sensor layer • Sensor accuracy • Sensor energy consumption Monitor & Report • Establish lower and upper bounds for each parameter • Monitor parameter values (per epoch/packet count/…) • Map parameter values to ontological symbols • Provide symbols to Logic Component Module Ontology • Logic Component • PHY, MAC, Routing, Energy and Sensor states • Tabular representation • Resource-constrained nodes • Boolean expressions • OWL-DL representation • Resource-enhanced nodes • Parameters as owl:ObjectProperty • Module states as owl:Class Module Ontology <owl:Class rdf:ID="PHYJammedByNoise"> <owl:intersectionOf rdf:parseType="Collection"> <owl:Class rdf:about="#PHY"/> <owl:Restriction> <owl:onProperty rdf:resource="#noisePower"/> <owl:hasValue rdf:resource="#Amount_Abnormal"/> </owl:Restriction> </owl:intersectionOf> </owl:Class> Module Ontology <owl:Class rdf:ID="PHYJammed"> <rdfs:subClassOf rdf:resource="#PHY"/> <owl:unionOf rdf:parseType="Collection"> <owl:Class rdf:about="#PHYJammedByNoise"/> <owl:Class rdf:about="#PHYJammedDueCarrierLoss"/> </owl:unionOf> </owl:Class> Node Ontology • Sensor node states • PHY, MAC, Routing, Energy and Sensor states • Classes representing sensor node states • Restrictions • Subsumption - subclassOf, intersectionOf, unionOf • Deployable on sensor nodes • Tabular representation • OWL-DL representation • Deploying on RRNs • memory vs. energy trade-off Node Ontology <owl:Class rdf:ID="SensorNodePHYJammed"> <owl:intersectionOf rdf:parseType="Collection"> <owl:Class rdf:about="#SensorNode"/> <owl:Restriction> <owl:onProperty rdf:resource="#hasPHY"/> <owl:someValuesFrom rdf:resource="#PHYJammed"/> </owl:Restriction> </owl:intersectionOf> </owl:Class> Node Ontology <owl:Class rdf:ID="SensorNodeJammed"> <rdfs:subClassOf rdf:resource="#SensorNode"/> <owl:unionOf rdf:parseType="Collection"> <owl:Class rdf:about="#SensorNodePHYJammed"/> <owl:Class rdf:about="#SensorNodeMACJammed"/> </owl:unionOf> </owl:Class> Action Component • Node state = NS, Operational state = ? • Sensor node rule set • NS(Jammed) V NS(SDTA) V (NS(Disconnected) Λ ES(Low Energy)) OS(Sleep) • NS(Disconnection Imminent) Λ ES(Normal) OS(Increase Tx Range) • NS(High Node Degree) V NS(Low Accuracy) V NS(Abnormal Routing Info.) OS(Extend Active Period) Network-level Adaptability RRN Ontological Symbols LC RRN Network State MRC AC Sensor node State Information Instruct Sensor Nodes Network Ontology RRN Monitoring & Reporting • Obtain individual node states • Periodic report • Query mechanism • Classify nodes according to reported state • Determine cardinality of each class • Map to ontological symbols RRN Logic Component • Classify cluster instance represented by ontological symbols – network ontology • Network ontology • OWL-DL implementation • Classes representing cluster states • Subsumption & Restriction • Output • Current logical state of cluster based on node states RRN Action Component • Cluster state = X, Instructions = ? • RRN rule set • CS(Under SDTA) Λ Detected(A) Λ Detects(S, A) Λ NS(S, Sleep) NS(S, Active) • CS(Normal) Λ Detected(A) Λ Detects(S, A) Stop Aggregation(S) Evaluation • Problem • Node addition attack (Zhu et al., CCS 2003) • Legitimate node addition • SWANS Solution • Monitor node degree • State == Node degree ↕ Operation = Security level ↕ • Result • Malicious nodes thwarted • Legitimate nodes accepted Adapt to Node Degree Increase Average energy consumed per node (J) • 800 node network • 400 nodes observe node degree ↑ Simulation Time (seconds) Average energy consumed per node (J) Determining ND Thresholds • Initial size: 200 to 390 • ND increase: 5% • Final size: 210 to 400 • µΔ, σΔ • Determine n1, n2 Simulation Time (seconds) Evaluation • Problem • Sleep deprivation torture attack (Stajano and Anderson, 1999) • SWANS solution • • • • Monitor HEC & FCS failures, format violations, collisions Node state == SDTA Operation = Sleep Report node & operational states to RRNs RRNs: Compute network state, modify node operation • Result • Network balances energy saving and utility Average energy consumed per node (J) Adapt to SDTA Affected nodes detect SDTA & enter sleep state RRNs compute global state & wake up some nodes Simulation Time (seconds) • 800-node WSN • 400 nodes attacked Evaluation • Problem • Node failures due to malfunction or attacks • SWANS solution • Nodes monitor count of failed neighbors (FN) • Node state == disconnected Op. state = Tx range increase • Result • Nodes increase Tx range, prevent network partitioning • Node degrees increase, hop counts decrease • Trade-off is between connectivity and energy consumption Average Node Degree Adapt to Node Failures (Node degree) Network Size Average Hop Count Adapt to Node Failure (Hop counts) Network Size SONETS • Neighbor discovery • P-SONETS: Centralized • C-SONETS & D-SONETS: Distributed • Topology discovery & network setup • P-SONETS: Centralized, no key management • C-SONETS: Centralized pair-wise key management • D-SONETS: Distributed pair-wise key management • Topology Maintenance • Multi-hop pair-wise key establishment • Node addition & deletion Threat Models • Adversary presence • Local, Global • Adversary attack mode • Passive, Active • Adversary attack capability • Before, during, after self-organization Related Work • Probabilistic Approaches • • • • Eschenauer & Gligor, CCS 2002 Chan et al., ISSP 2003 Du et al., CCS 2003 Liu & Ning, CCS 2003 • Deterministic Approaches • Perrig et al., WINET 2002 • Zhu et al., CCS 2003 • Anderson et al., ICNP 2004 P-SONETS 14 19 1 5 BS 23 9 3 11 BS: List of all keys Kj j: KBS, Kj BS to j: EKBS(*, EKj(j, Nonce, HELLO)) j to BS: EKBS(j, EKj(j, Nonce, HELLO_REPLY)) BS to k: EKBS(*, EKj(j, N1, RELAY)), EKk(k, N2, HELLO) j to k: EKBS(k, EKk(k, N2, HELLO)), Ψ k to j: EKBS(k, Ψ), EKk(k, N2, HELLO_REPLY) j to BS: EKBS(k, EKk(k, N2, HELLO_REPLY)), EKj(j, N1) P-SONETS • Network repair • BS tracks node aberrance • Lack of data • Corrupt data • Reasons for aberrance • Node is dead/compromised 2HN • Node is 2HN; relay point is dead/compromised • Node is dead/compromised 1HN • BS repairs network • Delete aberrant nodes • Reassign relay points, if required P-SONETS • Simulation using SensorSim (UCLA) • 100 node WSN • Simple radio & battery models • Varied sensor node distribution in each hop • Average energy consumption • Total initial energy in network = 3600 Asec • Node discovery, topology discovery, network setup: 36 mJ • Network repair when fixed number of nodes fail: 8 mJ C-SONETS C-SONETS 19 K119 K114 14 K1413 1 K15 5 13 K1 K5 R Kn, Ku, xu on each node u & R x15 = x5 R15 x51 = x1 R15 • 1 to R: EK1(<5, 19, 14>) • R to 1: EK1(<x15, x119, x114>) R to 5: EK5(x51) R to 14: EK14(x141, <R,2,1>) • Node 1: K15 = f (x15 x1) Node 5: K15 = f (x51 x5) • 14 to 1: EK114(FWD, <13>) 1 to R: EK1(DATA, <13>) • R to 14: EK14(x1413) R to 13: EK13(x1314, <R,3,14>) • Node 14: K1413 = f(x1413 x14) Node 13: K1314 = f(x1314 x13) Average energy consumed per node (J) Energy Consumption • Tx + Rx • Encrypt + Decrypt • Hashing • O(n3) • Existing Protocols • 100s of mJ Network Size (n) Node degree & Hop count Average node degree (d) • Analytical Expression • Bettstetter 2002 • E(d) = ρπr02 where, ρ = n/Area = n/(25x104 m2) r02 = Tx range = 75 m • E(d) ≈ 7 to 70 • E(h) ≈ 4 Hop count (h) Network size (n) D-SONETS • Node 1: Broadcast M1 D-SONETS 19 M5 K119 M1 K114 1 • Node 5: Broadcast M5 K1413 M114 M 1 K15 M1 14 • M1 = EKn(*, 1, EKf(5)(5,x51) || …) • x51 = x1 R51, … M5 K1 5 K5 R Kn, Ku, xu on each node u & R 13 • M5 = EKn(*, 5, EKf(1)(1,x15)||…) • x15 = x5 R15, … • Node 1 computes • K15 = f (x15 x51) • Node 5 computes • K15 = f (x51 x15) • Node 1 to Node 14: M114 • EKn(14, 1, EK114(<R,1>, <5,1>, …)) Average energy consumed per node (J) Energy Consumption (D-SONETS) • 50% of C-SONETS • Existing Protocols • 1/3 D-SONETS • n ≤ 500 • 1/10 D-SONETS • n > 500 Network size (n) Security Analysis • Node compromise • Effect limited to 1-hop neighborhood • Links between uncompromised nodes remain secure • Sybil (Douceur 2002) • Identity-based authentication • Wormhole & Sinkhole (Karlof and Wagner, 2003) • Routing not based on shortest path • Node replication • RRNs exchange topology information periodically • Restrict node degree Node Deletion • Neighbors detect misbehavior • Initiate voting process • Majority affirmative vote to delete • Inform RRN • Provide list of ‘yea’ voters • RRN may poll individual voters • RRN • Generate new common shared key Kn • Secure unicast Conclusions • WSNs crucial component of pervasive computing environments of the future • WSNs in tune with application & environment • Secure • Adaptive • Our framework is comprehensive solution • Security protocols for different levels of security • SONETS protocol suites scalable, efficient, resilient • SWANS provides multi-tiered WSN adaptability Future Work • Adaptive data fidelity • Support for sensor adaptability • Tune smart MEMS • Real-world sensor deployment & evaluation • Memory • Computational power • Comprehensive high-level policy • Govern WSN operational behavior • Resolve conflicts
© Copyright 2026 Paperzz