Upload
reza-sadeghi
View
37
Download
1
Tags:
Embed Size (px)
Citation preview
Secure routing for wireless NANsStudent: Reza Sadeghi
Advisor: Dr. Mazinani
Course: Smart grid
My email: [email protected]
November & December 2013
2
Smart Grid Common Networks
Neighbor Area Network (NAN) Home Area Network (HAN)
Power Generation Power Transmission Grid Power Distribution Grid Power Consumption
SmartMeterSubstationSubstation Customer
Microgrid
Microgrid
(a) Power System Layer
(b) Communications Layer
WirelessBackhaul
BaseStation
Control Center
Wired BackhaulNetwork
Wide Area Network (WAN)
SmartMeter
Data AggregationPoint (DAP)
Electric Vehicle
Solar EnegyWind Enegy
Non-renewable Enegy
Concentrator SmartHomeDevice
3
NAN is first of the warNew houses produce their supply
4
Materials of NANs in ??IEEE802.11s??
MP->A mesh point (MP) is an IEEE 802.11s entity that mainly acts as
a relay node.MAP->
A mesh access point (MAP) is an MP but can also work as an access point
MPP->A mesh portal (MPP) is a logical point and has a bridging
functionality and connects the mesh network to other networksSTA->Legacy wireless mobile stations (STA) are connected to an MAP
through generic WLAN protocols.
Thus, configuration of an MAP allows a single entity to logically provide both mesh functionalities and AP functionalities
simultaneously.
EXACTLY
5
6
Security in SG inrouting perspective
Security in NANs
Routing protocols
Routing in WMN
Routing discovery
Routing maintenan
ce
Data passing
7
HWMN for IEEE 802.11s
8
Most of Mutable filed are dangerous
9
Attacks on routing
10
Rout discovery attack
11
Routing Loop
12
Rout diversion attack
13
Key Establishment procedure in IEEE 802.11s
Differences?
Pairwise Master
Key
14
SHWMN
•Markle tree
Tree encryption
•IBCPublic and private key
•TOPMulti level keys
15
Markle Tree
SHA1
16
Securing on demand modeF1 F2
In action!
17
Markle Tree for S->B->C
18
Securing on proactive
19
Securing hybrid mode
Proactive mode
Tree
On-demand
Security analyses? Flooding/Rout disruption/ Rout
diversion/Routing Loop
20
Performances analysis
21
Analysis
22
IBC-HWMPIBC(Identity based Cryptosystems)
IBC Algorithm
Encryption
Setup Extract Encrypt
Decrypt
Digital signature
Setup Extract Encrypt
Decrypt
Solve external nod problems
Solve internal
nods problem
23
Encryption
24
Digital signature
25
Changes
The digital signature is incorporated into PREQ and PREP messages by adding two new fields : IBC-Mac Size (digital signature size : 1 Byte) and IBC-MAC (digital signature).
26
SimulationSoftware:NS3The side of the square cell is defined by m step (100m) parameter. We have used a UDP traffic, Packet Size=1024 and Packet Interval=0.1.Three metrics: Mean delay, control routing overhead and throughput.
27
Analysis
Calculation didn’t make any problem for
us
28
TOP(Type of protection)
Possible attacks in mesh networks
Nodes showing unintended behavior due to hardware or software failures: problems caused by such nodes should be solved by fault tolerance mechanisms instead of security mechanisms. Therefore, we will not consider such nodes within this work.
External malicious nodes, which are intentionally not allowed to join the network.
Internal malicious nodes, which legitimately are part of the network and show egoistic behavior or are compromised by an attacker. Egoistic behavior, e. g., intentionally dropping frames, aims at saving resources or gaining higher bandwidth. Attacks could be launched by dropping frames, by corrupting the routine
29
Mainly focus on three attacks
Selective forwarding—With this active attack, an internal malicious node intentionally drops frames of other nodes that actually should be forwarded by the malicious node. This attack may aim at disrupting a certain communication, a specific node, or just the communication of the wireless network.
Routing Attacks—Incase of routing attacks, an internal malicious node tries to influence the routing protocol in a way that incorrect forwarding paths are used. A wormhole attack [6], for example, aims at establishing a route to a victim node even if there are shorter routes. This enables gaining information of specific communications in the network or selectively forwarding frames.
30
Mainly focus on three attacks
Eavesdropping—If no cryptographic protection is applied within a wireless network, external and internal malicious nodes are able to eavesdrop on the traffic. If some protection like Robust Secure Network (RSN) [2] or IEEE 802.11s security mechanisms is present, INTERNAL ATTACKERS ARE STILL ABLE TO EAVESDROP ON ALL TRAFFIC THAT IS SENT WITHIN THEIR NEIGHBORHOOD. External attackers, however, are precluded from eavesdropping.
31
Concept of TOP
Main idea:Wireless mesh network can be as secure as VLAN in Ethernet network
VLANs allow for transport of different virtual networks over a single network by tagging the frames
32
Structure of TOP
33
TOP mapping
34
SimulationNS2
35
Ideas evaluation!1. Insert a hole in Mesh network?2. Broadcasting data in two ways time of money with
Global broadcasting and …3. Change from prime Galvani to binary Galvani? ((prime
Galvani has simplest and better performing in software vs. binary Galvani has better performance in special hardware due to in our wireless mesh network we should use prime Galvani))
4. Travel to secure protocol with less process consume ((bilinear map which is subroutine of discreet logarithm is most effectives strongest algorithm ))
5. Why we create SGN?6. Find Trojans with HMM and etc.7. What are NAN protocol and way we use them?
In field of creating loop and external nodes work is finished but the Trojans are alive to kill us and destroy our world; therefore, we should slaughter them as soon as possible.
36
References1. A survey of routing protocols for smart grid communications written by Nico Saputro, Kemal Akkaya, Suleyman Uludag2. Chapter 5: Smart Grid Communications Networks.ppt produced by Quang-Dung Ho and Tho Le-Ngoc;ECE Dept., McGill University, Montreal, Canada3. M.S. Islam, Y.J. Yoon, M.A. Hamid, C.S. Hong, A secure hybrid wireless mesh protocol for 802.11s mesh network,2008
4. T. Gamer, L.Vlker, M.Zitterbart, Differentiated security in wireless mesh networks, Security and Communication Networks 4 (2011) 257–266.5. On Securing HWMP using IBC(IEEE_05962921)6. Dr. Nikoghadam prsentation7. A New E-HWMP Routing Algorithm in Automatic Meter Reading Networks written by Li Li, Xiaoguang Hu and Ketai He, 20138.www.wikipedia.org
37
END