View
222
Download
0
Tags:
Embed Size (px)
Citation preview
Securing Future Wireless Networks: Securing Future Wireless Networks: Challenges and Strategies Challenges and Strategies
Pandurang Kamat
Wade Trappe
Talk OverviewTalk Overview
Security has been one of the great detractors for wireless technologies (and the Internet, too!)
We have a chance to consider security as we redesign the network
Think about the questions:– Should security be considered separately from the network?
– What benefits are there if we integrate security into the network?
– Should we reevaluate the definition of security?
– How private do we really want our lives?
This talk will not focus on classical “Internet Security” but on “Wireless Security”
Through the Looking Glass, the Wireless WorldThrough the Looking Glass, the Wireless World
Key properties and differentiators that make wireless desirable– Ubiquity
– Mobility
– Resource adaptability
– Portability
– Affordability
– Platform heterogeneity MPC8260
TMS320C6701XC2V6000FPGA
100BaseT EthernetMegarrayConnector-
244 ConfigurableI/O pins
Reevaluating the Security ParadigmReevaluating the Security Paradigm
Confidentiality
Integrity Availability
System (CIA) Paradigm
Data Confidentiality
Data Integrity
Authentication
Non-repudiation
Algorithmic Paradigm
These paradigms have been the traditionalframeworks for security on conventional
networks, but what can we do differently for wireless systems?
Reevaluating the Security Paradigm, pg. 2Reevaluating the Security Paradigm, pg. 2
ConfidentialityAvailability Integrity
NonRepudiation
IntrusionDetection
Privacy
ResourceManagement
LocationServices
We still need traditional security methods.
But the wireless world has additional problemsand new modalities for solutions!
Wireless is easy to sniff.We still need encryption services
and key management.Key freshness is an issue.
The value of a wireless network is its promise of ubiquitous availability.
Wireless networks are easy to break!
Wireless resources (e.g. power and spectrum) must be managed.
Greedy user behavior will cause resource management to malfunction.
Perpetual connectivity can mean constant surveillance!
With snooping one can monitor mobility and handoffs between
networks.
The pervasiveness of the wireless networks should not mean that just
anyone can participate!Example: Rogue APs
RF energy radiates, and wireless entities within the radio coverage
pattern may serve as witnesses for the actions of the transmitter.
Wireless hardware/equipment need to be safe from modification.
Data/control info should not be modified before or during transit.
Location is a new form of information provided by wireless systems that will
facilitate new services. Location information needs to be trusted.
Drill Down:Drill Down:Specific Challenges and Some Specific Challenges and Some
StrategiesStrategies
Availability Attack: Radio InterferenceAvailability Attack: Radio Interference
Bob Alice
Hello … Hi …
@#$%%$#@&…
Mr. X
Alice and Bob are attacked by malicious Mr. X.
A story for the problem of wireless denial of service attack we focus on.
– Alice and Bob two communicating nodes, A and B.
– Mr. X an adversarial interferer X.– Mr. X’s insane behavior the jamming style DoS.– People and nodes in wireless network both
communicate via shared medium.
Jamming style DoS Attack: – Behavior that prevents other nodes from using the
channel to communicate by occupying the channel that they are communicating on
A B C
D E F G
H I J
K L
X
A
B
X0AP0
AP1
AP2
C
D X1
Availability: Jamming Detection/DefenseAvailability: Jamming Detection/Defense Detection:
– Challenge is to discriminate between legitimate causes of poor connectivity and jamming
Motivation from “The Art of War” by Sun Tze:– “He who cannot defeat his enemy
should retreat.” Defense Strategies:
– Spectral Evasion (Channel Surfing)– Spatial Evasion
Latency and synchronicity is an issue as you move to many node networks!
SDRs will allow more advanced forms of spectral evasion.
Jammed Region
PDR %
PDR VS. SS
SS
(dB
m)
Trial Number (Time)
Channel Surfing Experiment
Packet
Delivery
Rate
Jammer turned
on
Change channel
1
0.5
1.5
0
Intrusion Detection: Wireless SpoofingIntrusion Detection: Wireless Spoofing Many wireless security threats are
possible because it is easy to spoof legitimate devices (ioctl/ipconfig)
Example– Attacker armed with a laptop having 2
wireless cards. – One card monitors all TCP traffic on the
AP channel– Second card sends back TCP replies to
select TCP requests (e.g. all requests for a particular web page). These are sent as if appearing from the server the user was connecting to.
– At the MAC layer the attacker spoofs AP by injecting custom 802.11x frames with AP’s source MAC address.
Results: – The user session is hijacked.– Requested service is DoSed.– Easy to launch flooding DoS attacks at
higher-layer buffers
Internet
MAC: x.y.z.w
MAC: x.y.z.w
Late!
Intrusion DetectionIntrusion Detection : Spoofing Defense : Spoofing Defense Spoofing can be addressed through
authentication services– Traditional authentication services employ
cryptographic solutions (e.g. MACs, signatures)
– Light-weight alternatives can reduce the load on buffers into cryptographic functions
A lesson learned from 802.11: – 802.11 has several fields controlled by
firmware, which are hard for an attacker to bypass
– The 12bit sequence # field is increased monotonically by 1 for each packet
– Monotonicity provides a rule whose violation is easy to detect
The sequence number was not intended to be a security field, but it can be!
We may introduce filters that check monotonic conditions (or more generic rules)
Wireless Localization SecurityWireless Localization Security
Location information will facilitate new computing services– Location-based file access control
Problem: Localization methods are not secure! Traditional cryptography and network security can address
cryptographic attacks (Is this beacon really from the AP?)
Localization algorithms depend on measurements that are susceptible to attack!!
Is cryptography alone enough?
No!
Attacks on Signal StrengthAttacks on Signal Strength
Distance is measured using the relationship between received signal strength and distance
Adversary may affect the receive signal power by:– Alter transmit power of nodes– Remove direct path by
introducing obstacles– Introduce absorbing or
attenuating material– Introduce ambient channel
noise
Distance
Po
wer
Rec
eiv
ed
d1
r1
Absorbing Material
r2
d2
Defenses for Wireless LocalizationDefenses for Wireless Localization
• Don’t rely entirely on traditional security!• Two-tier approach to defending wireless localization…
Add Security and Robustness!
SECURITY
ALGORITHM
Attacks
ROBUST
ALG
Add Authentication,Entity Verification,
Etc…