Upload
ginger-stokes
View
218
Download
0
Tags:
Embed Size (px)
Citation preview
KAIST
SIGF : A Family of Configurable, Secure
Routing Protocols for WSNs
Sep. 20, 2007
Presented by Kim, Chano
Brian Blum, Tian He, Sang Son, Jack Stankovic
Security of Ad Hoc and Sensor Networks (SASN’06)
22 / 19 / 19SIGF : A Family of Configurable, Secure Routing Protocols for WSNs
Contents
Introduction
IGF : Implicit Geographic Forwarding
Assumptions and Attacks
SIGF : Secure IGF
Evaluation
Conclusion
33 / 19 / 19
Introduction
Resource bound security solution
Efficiency of individual security mechanism
Efficiency of all security mechanisms installed together at a node
Access control, routing, localization, time synchronization, Power management
SIGF(Secure Implicit Geographic Forwarding )
B.blum at al, IGF : A state free robust communication protocol for wireless
sensor networks. CS-2003-1, Univ. of Virginia, 2003
A family of configurable secure routing protocols
Three protocols (SIGF-0, SIGF-1, SIGF-2)
State ↑ & Security ↑
SIGF : A Family of Configurable, Secure Routing Protocols for WSNs
44 / 19 / 19
IGF(Implicit Geographic Forwarding) – 1/2
Quick overview of IGF
Fig-1. Forwarding Area for Source S Fig-2. IGF handshake timeline
A
R
: Candidate nodes
SIGF : A Family of Configurable, Secure Routing Protocols for WSNs
55 / 19 / 19
Keeps no routing state information
Lazy binding → Fault tolerance, robust topology changes
Eliminate maintenance overhead and routing latency
Ten-fold increase in delivery ratio
Reduce end to end delay and control overhead
A point of view from security
Confines the attacker’s impact to the neighborhood
Prevents attackers that proof, alter, replace routing information
Vulnerable in black-hole attack
IGF(Implicit Geographic Forwarding) – 2/2
SIGF : A Family of Configurable, Secure Routing Protocols for WSNs
66 / 19 / 19
System assumption
Insecure radio links
Attacker’s possibilities
Nodes know their own location
Additionally know that of their neighbors (SIGF-1, SIGF-2)
Pairwise-shared keys in the neighbors(SIGF-2 )
Routing attacks (applicable to IGF)
Routing state corruption, Wormhole, Hello-flood => prevented
Black hole attack, Selective forwarding attack, Sybil attack
Denial of services : ORTS replay attack, CTS replay attack
Assumptions and Attacks – 1/3
SIGF : A Family of Configurable, Secure Routing Protocols for WSNs
Routing Attacks
Assumptions and Attacks – 2/3
Fig-3. CTS Rushing Attack by A Fig-4. Node A performs a Sybil attack
SIGF : A Family of Configurable, Secure Routing Protocols for WSNs 77 / 19 / 19
88 / 19 / 19
SIGF : Secure IGF
Tradeoff between security and state maintenance
Configurability can be adapted at runtime
Higher cost must be borne even when no attacks are occurring
Each protocol is a subset of the next
SIGF-0 : no state at all
SIGF-1 : locally generated state
Limited information learned from interactions with neighbors
SIGF-2 : Cryptographic guarantees in routing
Use keys and sequence numbers shared among neighbors
SIGF : A Family of Configurable, Secure Routing Protocols for WSNs
99 / 19 / 19
SIGF : Secure IGF-0
Lessen but not eliminate the chance of selecting an attackers
Fig-3. SIFG-0 next hop selection for message from current node S to ultimate Destination D
SIGF : A Family of Configurable, Secure Routing Protocols for WSNs
1010 / 19 / 19
SIGF : Secure IGF-0
Configurable dimension
Forward Area
{60° sextant, closer, whole neighborhood}
Collection Window
{one responder, fixed multiple, dynamically lengthened}
Forwarding Candidate Choice
{first, by priority, random, multiple}
Omit location
{ yes, no}
Robust against a black-hole attack cased
by CTS rushing attack
SIGF : A Family of Configurable, Secure Routing Protocols for WSNs
1111 / 19 / 19
SIGF : Secure IGF-1
Reduce the chance of selecting an attacker as the next-hop
State
T : Total # of messages sent to all neighbors)
Nsent = # of messages sent to N
Nforward = # of messages forwarded by neighbor N on this node’s behalf
Nlocation = Last claimed location of node N
Ndelay = average delay between relaying a message to node N
Nsuccess = Nforward / Nsent = forwarding success ratio (reliability)
Nfairness = (T- Nsent ) / T = forwarding fairness ratio
Nconsistency = A consistency score based on N’s claimed location
N performance = (D – N delay) / D
SIGF : A Family of Configurable, Secure Routing Protocols for WSNs
1212 / 19 / 19
SIGF : Secure IGF-1
Per Neighbor Reputation Value
System Parameters for SIGF-1
SIGF : A Family of Configurable, Secure Routing Protocols for WSNs
eperformancyconsistencfairnesssuccess NNNNR
1313 / 19 / 19
SIGF : Secure IGF-2
Shared state secure IGF (for cryptographic operations)
Message Authentication { all messages, only DATA, node)
Message Sequence { yes, no)
Payload Encryption { yes, no}
Attacks resisted by IFG and SIGF protocols
State & Cost
↑
Security ↑
SIGF : A Family of Configurable, Secure Routing Protocols for WSNs
1414 / 19 / 19
Use GloMoSim Simulator
Evaluation
Table. Simulation parameter Fig. Final node location (S,D, A1-4)
SIGF : A Family of Configurable, Secure Routing Protocols for WSNs
1515 / 19 / 19
Evalutation (2/2)
Base System (No attacks)
SIGF : A Family of Configurable, Secure Routing Protocols for WSNs
1616 / 19 / 19
Evalutation (2/2)
Black Hole Attack Selective Forwarding Attack (by A3)
SIGF : A Family of Configurable, Secure Routing Protocols for WSNs
1717 / 19 / 19
Evalutation (2/2)
Sybil Attack (by A3)
SIGF : A Family of Configurable, Secure Routing Protocols for WSNs
1818 / 19 / 19
Conclusion
SIGF (Secure Implicit Geographic Forwarding)
Chooses the next hop dynamically and nondeterministically
Increase robustness to node mobility and failure
SIGF-0, SIGF-1, SIGF-2
Future studies
Evaluate lower densities
How failure-recovery mechanism impacts the performance of SIGF family
SIGF : A Family of Configurable, Secure Routing Protocols for WSNs
1919 / 19 / 19SIG – WORK (4)
Thank you
EXTRA : Wormhole attack (1/4)
Adapted from Chris Karlof and David Wagner's WSNPA slides
Routing Tree
Wormhole attack (2/4)
Routing
Adapted from Chris Karlof and David Wagner's WSNPA slides
Wormhole Attack (3/4)
Tunnel packets received
in one place of the network
and replay them in another
place
The attacker can have no
key material. All it requires
is two transceivers and one
high quality out-of-band
channel Adapted from Chris Karlof and David Wagner's WSNPA slides
Disrupted Routing (4/4)
Adapted from Chris Karlof and David Wagner's WSNPA slides
Most packets will be
routed to the wormhole
The wormhole can drop
packets or more subtly,
selectively forward packets
to avoid detection
Blackhole / Selective forwarding attack
Sybil attack & Rushing attack
Sybil Attack Rushing Attack