Upload
diltvk
View
224
Download
0
Embed Size (px)
Citation preview
8/13/2019 The Sybil Attacksybil
1/43
THE SYBIL ATTACKIN SENSOR NETWORK
Presented By: Hossen Mustafa
8/13/2019 The Sybil Attacksybil
2/43
References
J. Newsome, E. Shi, D. Song and A. Perrig.Sybil Attack in Sensor Network: Analysis & D
In IPSN04
M. Demirbas and Y. Song.An RSSI-based Scfor Sybil Attack Detection in Wireless Sensor
Networks.
8/13/2019 The Sybil Attacksybil
3/43
Outline
Definition of Sybil Attack Sybil Attack Taxonomy
Sybil Attacks in Sensor Network
Defense Mechanisms Conclusion
8/13/2019 The Sybil Attacksybil
4/43
What is Sybil Attack?
The Sybil attack is defined as a malicious dillegitimately taking on multiple identities.
I am
Bob
I am
DanI am
Casey
I am
Alice
Eve
8/13/2019 The Sybil Attacksybil
5/43
Sybil Attack Taxonomy
Three Dimensional Taxonomy1. Direct vs. Indirect Communications
2. Fabricated vs. Stolen Identities
3. Simultaneity
8/13/2019 The Sybil Attacksybil
6/43
Direct vs. Indirect Communicatio
Direct Communication: Sybil Nodes communicates directly
with legitimate nodes
Indirect Communication Legitimate nodes are not able to
communicate directly with Sybilnode, communicates throughmalicious nodes
8/13/2019 The Sybil Attacksybil
7/43
Fabricated vs. Stolen Identities
Fabricated Identities Attacker creates arbitrary new
identities
Stolen Identities Attacker assigns legitimate identities
to Sybil nodes
8/13/2019 The Sybil Attacksybil
8/43
Simultaneity
Simultaneous Attacker participates with all his
identities at once
Non-Simultaneous Attacker presents a large
number of identities over a
period of time
8/13/2019 The Sybil Attacksybil
9/43
Types of Attack
Distributed Storage Routing
Data Aggregation
Voting Fair Resource Allocation
Misbehavior Detection
8/13/2019 The Sybil Attacksybil
10/43
Distributed Storage
Attack on replication and fragmentationmechanism
1 2 3
Process
M
Process
321
8/13/2019 The Sybil Attacksybil
11/43
Routing
In multipath or disparity routing in, seemingdisjoint paths could in fact go through a sing
malicious node presenting Sybil identities.
S D
2
1
4
3
y
5
6
8/13/2019 The Sybil Attacksybil
12/43
Data Aggregation
Some sensor network protocols aggregate thereading of sensors in order to conserve energy
than returning individual readings. By Sybil at
one malicious node may able to alter the read
3
2
1
34
y
5
6
7
4
1
2
1
4 5
6
52
20
1 2
8/13/2019 The Sybil Attacksybil
13/43
8/13/2019 The Sybil Attacksybil
14/43
Fair Resource Allocation
Sybil attack can be used in fair resourceallocation which will allow a malicious node
obtain unfair share of resources.
Ay
5
6
7
1
x
x
x
x
8/13/2019 The Sybil Attacksybil
15/43
Misbehavior Detection
Sybil nodes can be used to spread the blaa misbehavior detection network.
Jy
5
6
7
1
x
xx
x
Node 1 misbehaved
xx
8/13/2019 The Sybil Attacksybil
16/43
Defense Mechanism
There are two mechanisms for validating thidentity of a node:
Direct Validation: A node directly tests whethe
another node is valid or not
Indirect Validation: A node that has been veri
allowed to vouch for or refute other nodes
8/13/2019 The Sybil Attacksybil
17/43
Previous Defenses against Sybil At
Resource Testing Assumption is that each entity is limited in some re
Verifier tests that each identity has as much of ph
resources as a physical device
Computation, storage and communication are prto be used as resources
8/13/2019 The Sybil Attacksybil
18/43
Previous Defenses against Sybil At
Resource Testing But, computation and storage are unsuitable for w
sensor networks because attacker may have largresources
For testing communication, it is proposed to broad
request for identities and then accept replies withgiven time interval
This is also unsuitable for wireless sensor network make part of the network congested
8/13/2019 The Sybil Attacksybil
19/43
Defenses
Radio Resource Testing Random Key Pre-distribution
Registration
Position Verification RSSI-based Detection scheme
Code Attestation
8/13/2019 The Sybil Attacksybil
20/43
Radio Resource Testing
Assumption: Any physical device has only one radio
Radio is incapable of simultaneously sending
receiving on more than one channel
8/13/2019 The Sybil Attacksybil
21/43
8/13/2019 The Sybil Attacksybil
22/43
Radio Resource Testing
Probability of
Detection for
n = 15
channel = 15
s = 1/2/3
8/13/2019 The Sybil Attacksybil
23/43
Radio Resource Testing
Probability of
Detection for
n = 15
s = 5
m = 5channel = varia
8/13/2019 The Sybil Attacksybil
24/43
Random Key Predistribution (RK
Radom key predistribution technique allowswireless nodes to establish secure links to ot
nodes
Random set of keys is assigned to each sen
node so that it can compute common key to
node-to-node secrecy
8/13/2019 The Sybil Attacksybil
25/43
Random Key Pre-distribution (RK
The key ideas are:1. Associate each node with the keys assigned
node
2. Key validation
Verify part or all of the keys that an identity cl
have.
Indirect and direct validation
8/13/2019 The Sybil Attacksybil
26/43
RKP: Key Pool
A set of k keys are assigned randomly to node from a pool of m keys
During initialization phase, if two nodes sh
common keys, they can establish a link
1 2
K_2, K_4, K_5 K_3, K_4, K_7
k = 3
q = 1
K_4
8/13/2019 The Sybil Attacksybil
27/43
RKP: Key Pool
Usable Sybil Identity: The ID that can partithe sensor network without being detected i
initialization phase
S
K_1, K_4, K_8
8/13/2019 The Sybil Attacksybil
28/43
RKP: Key Pool Validation
Direct Validation
Indirect Validation
S 2
K_1, K_4, K_8 K_3, K_4, K_7
5
K_1, K_3, K_9
S 2
K_1, K_4, K_8 K_3, K_4, K_7
5
K_1, K_3, K_9
8/13/2019 The Sybil Attacksybil
29/43
RKP: Key Pool Validation
Full validation is not done as it would resultexcessive communication overhead and pot
DOS attack
Validation can be limited to within the vicin
the node being validated
8/13/2019 The Sybil Attacksybil
30/43
RKP: Key Pool
Probability a ran
generated Sybil
node is usable in
pool scheme withPool size = 20,00
Key ring size = 2
8/13/2019 The Sybil Attacksybil
31/43
RKP: Single Space Pairwise Key Distr
This scheme assigns a unique key to each pnodes.
Each sensor node i stores unique public info
private info Vi
1 2
V1, U1, U2 V2, U1, U2
k = f(V1, U2) k
8/13/2019 The Sybil Attacksybil
32/43
RKP: Single Space Pairwise Key Distr
This scheme ensures - secure property which m Pairwise key calculation requires + 1 memory s
each node
Network is secured even if c nodes are compromi
long as c
8/13/2019 The Sybil Attacksybil
33/43
RKP: Multi-space Pairwise Key Distrib
This scheme can be viewed as a combination opool scheme and single space approach
The setup server randomly generates a pool okeys, each having unique private info
Each sensor node is assigned k key spaces If two nodes have at least one common key sp
they can compute their pairwise key
8/13/2019 The Sybil Attacksybil
34/43
RKP: Multi-space Pairwise Key Distrib
Probability that an attac
Sybil identities with the
Pool m = 50
Space/node k = 4
= 49
8/13/2019 The Sybil Attacksybil
35/43
Registration
In some sensor networks, a trusted central aumay be available for managing the network
Poll the network and compare the result to know
deployment
Any node can check the list of registered nodthe central authority
8/13/2019 The Sybil Attacksybil
36/43
Position Verification
Applies to immobile sensor network only
Sybil node will be detected as the position
malicious node will be same
8/13/2019 The Sybil Attacksybil
37/43
RSSI-based Detection
It uses localization algorithm Upon receiving a message, the four
detector nodes compute the locationof sender and associate this location
with the sender-ID included in themessage
But location calculation is costly
D2
8/13/2019 The Sybil Attacksybil
38/43
RSSI-based Detection
Let M is a malicious node and attime t1 its forged ID is S1
D2, D3 and D4 report the received
RSSI value to representative D1
D1 computes and stores the ratios at
t1
D2
8/13/2019 The Sybil Attacksybil
39/43
RSSI-based Detection
Let at time t2
its forged ID is S2
Similarly, D1 computes and stores theratios at t2
By comparing the values at t1 and t2,D1 can detect Sybil node
D2
8/13/2019 The Sybil Attacksybil
40/43
RSSI-based Detection
D1
s
D2
D1
sD2 D3
D4
4-Detector Setup
100% Detection
0% False-positive
2-Detector Setup
100% Detection
3% False-positive
1-Dete
99% D
25% F
8/13/2019 The Sybil Attacksybil
41/43
Code Attestation
The basic idea is to exploit the fact that therunning on a malicious node must be differe
from that on a legitimate node
Node can be validated by comparing its m
content
8/13/2019 The Sybil Attacksybil
42/43
Future Work
Find out new Sybil Attack and propose exisnew defense mechanism
Scheme for Code Attestation
Effective scheme for indirect validation
8/13/2019 The Sybil Attacksybil
43/43
QUESTIONS??