Protocols for Secure Communication in Wireless Sensor Networks

More documents

Recommendations

Info

48 Chapter 2. Wireless Sensor Networks and Their Security detected by neighbouring nodes. Legitimate nodes should cooperate in identifying and classifying abnormal behaviour of their fellow nodes. However, the attacker may not change the behaviour of the nodes significantly in the beginning, such that neighbouring nodes cannot detect the intrusion by simply observing the compromised nodes. This gives the adversary time for compromising even more nodes and then start a large-scale attack involving many nodes distributed over a large area at the same time. In order to detect such intrusions, an active approach is needed such as described in [174, 183]. Changing the behaviour of a sensor node requires changing its program code. As there is only limited memory on a sensor node it is likely that in order to apply the changes, the old (legitimate) code has to be erased. Neighbouring nodes can detect these changes by putting out randomized challenges that require the challenged node to prove that it possesses the current legitimate program code. If a node fails to prove it, it could be expelled from the network, or its program code can be updated by its neighbours. Such an update mechanism requires that the bootloader part of the sensor node is kept in a tamper-proof module. There are similarities between sensor networks and ad hoc networks that are relevant to intrusion detection techniques [202]. One such similarity is the lack of a communication infrastructure. As there are no central routers, each node has to rely on its own audit traces (the network traffic it has monitored over time) in order to make decisions about possible intrusions. These traces are limited to the vicinity of a node and therefore provide only partial information. The limited storage capacity restricts the amount of potential evidence that can be stored, and the computational power avaialable for evaluating this data is limited. On the other hand, intrusion detection seems to be easier in sensor networks as the behaviour of nodes is much more restricted and homogeneous than in general ad hoc networks. 2.7.7 Intrusion Tolerance One problem with intrusion detection is that the adversary may be able to adapt the behaviour of compromised nodes in such a way that their aberrant behaviour is not classified as such. Thus, these nodes operate seemingly normally and are able to influence the overall operation of the network. In order to introduce some level of intrusion tolerance, it is advisable not to rely on the reports from a single node but instead require some agreement by a number of nodes before a report is accepted and further processed. A number
2.7. Security Requirements 49 of techniques can be used to achieve this. For example, multiple sensor nodes may transmit their readings independently to the query issuer, or a consensus procotol is executed within a cluster of nodes before a report is generated. Threshold schemes [122] have been proposed [203] in the context of ad hoc networks, but they are similarly applicable in sensor networks. A (k,n) threshold scheme (k ≤ n) lets any subset of k out of n principals compute a function F. Such a scheme has the following general features: • k elements are sufficient to compute F; • no subset of less than k elements can compute F. This would allow a set of k nodes to collaboratively create a signature of a query result that can be verified by the query issuer. The issuer would then be sure that at least k nodes agreed on the result. If there are less than k compromised nodes, the result has been approved by at least one legitimate node. On the other hand, as long as there are k non-compromised nodes, the signature can be generated, providing robustness against denial-of-service attacks. One problem with threshold schemes is their applicability in sensor networks. For the combination of partial results, the individual shares have to be revealed to a combining service. In a sensor network, this service would have to be provided by a sensor node. If this node is compromised, the adversary will learn k shares of legitimate nodes and will thus be able to compute signatures on his own in the future. To avoid this, new shares may be distributed after each signature generation, which is very costly in terms of message complexity. Alternatively, the combination of partial results may be done only by a (trusted) base station, which requires an additional component in the network architecture. A better approach may be to introduce epochs, i.e. time intervals during which the shares are valid. After each epoch, new shares are distributed to all nodes, and the combination service is migrated to a different node. This limits not only the complexity for distributing new shares but also the ability of the adversary to exploit the shares he may have learned through a compromised node running the service. 2.7.8 Availability Several factors can reduce the lifetime of a sensor network, for example naturally occurring phenomena such as extreme temperature variations exhausting the batteries. An attacker could force sensor nodes into frequent retransmission of messages by selectively inducing errors. Over time, this leads to the failure
Page 1:
Diss. ETH Nr. 18174 Protocols for S
Page 4 and 5:
ii often ad hoc and transient natur
Page 6 and 7:
iv Dieses Ziel kann durch kryptogra
Page 9 and 10:
Contents 1 Introduction 1 1.1 Backg
Page 11 and 12: Contents ix 3.3.1 Basic Assumptions
Page 13 and 14: Contents xi 6.3 Performance Evaluat
Page 15 and 16: Chapter 1 Introduction 1.1 Backgrou
Page 17 and 18: 1.3. Contributions 3 on the other h
Page 19 and 20: 1.4. Thesis Outline 5 • Mario Str
Page 21 and 22: Chapter 2 Wireless Sensor Networks
Page 23 and 24: 2.1. Applications of Wireless Senso
Page 25 and 26: 2.1. Applications of Wireless Senso
Page 27 and 28: 2.2. Sensor Node Characteristics 13
Page 35 and 36: 2.3. Related Network Types 21 zero,
Page 37 and 38: 2.3. Related Network Types 23 • P
Page 39 and 40: 2.3. Related Network Types 25 PAN,
Page 41 and 42: 2.4. Related Device Types 27 in con
Page 43 and 44: 2.4. Related Device Types 29 ports
Page 45 and 46: 2.5. Sensor Network Models 31 both
Page 47 and 48: 2.5. Sensor Network Models 33 are a
Page 49 and 50: 2.6. Simulation of Sensor Networks
Page 55 and 56: 2.7. Security Requirements 41 terac
Page 57 and 58: 2.7. Security Requirements 43 netwo
Page 59 and 60: 2.7. Security Requirements 45 acces
Page 61: 2.7. Security Requirements 47 2.7.6
Page 65 and 66: 2.8. Cryptography for Sensor Networ
Page 71 and 72: 2.9. Existing Approaches to Wireles
Page 79 and 80: Chapter 3 A Security Model for Wire
Page 81 and 82: 3.1. Attack Paths 67 field (cf. [17
Page 83 and 84: 3.1. Attack Paths 69 modules [63].
Page 85 and 86: 3.1. Attack Paths 71 closed environ
Page 87 and 88: 3.2. Attack Objectives 73 • Timel
Page 89 and 90: 3.2. Attack Objectives 75 Critical
Page 91 and 92: 3.2. Attack Objectives 77 Actors A
Page 93 and 94: 3.3. Adversary Characteristics 79 a
Page 95 and 96: 3.3. Adversary Characteristics 81 c
Page 97 and 98: 3.3. Adversary Characteristics 83 p
Page 99 and 100: 3.4. The Cost of End-to-End Securit
Page 101 and 102: 3.4. The Cost of End-to-End Securit
Page 103 and 104: 3.5. Approximating End-to-End Secur
Page 109 and 110: 3.7. Summary 95 Location-constraine
Page 111 and 112: Chapter 4 Key Establishment Shared
Page 113 and 114:
4.2. Random Key Pre-Distribution 99
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
Page 125 and 126:
4.3. Key Agreement Based on Hash Ch
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
4.4. Multiple Hash Chains for Key A
Page 133 and 134:
4.4. Multiple Hash Chains for Key A
Page 135 and 136:
4.5. Strengthening Random Key Pre-D
Page 137 and 138:
4.6. Related Work 123 pc = 0.33 Du-
Page 139 and 140:
4.6. Related Work 125 Probability o
Page 141 and 142:
4.7. Summary 127 The security of th
Page 143 and 144:
Chapter 5 Multipath Communication T
Page 145 and 146:
5.1. Principles of Multipath Commun
Page 147 and 148:
5.2. Routing on Spanning Trees 133
Page 149 and 150:
Page 151 and 152:
Page 153 and 154:
Page 155 and 156:
5.3. Properties of Tree Paths 141 b
Page 157 and 158:
5.3. Properties of Tree Paths 143 a
Page 159 and 160:
5.3. Properties of Tree Paths 145 n
Page 161 and 162:
5.3. Properties of Tree Paths 147 F
Page 163 and 164:
5.3. Properties of Tree Paths 149 D
Page 165 and 166:
5.4. Security Evaluation 151 compro
Page 167 and 168:
5.5. Related Work 153 width usage a
Page 169 and 170:
5.5. Related Work 155 separation. F
Page 171 and 172:
Chapter 6 Integrity-Preserving Comm
Page 173 and 174:
6.1. Authentication and Integrity P
Page 175 and 176:
6.2. Basic Interleaved Authenticati
Page 177 and 178:
Page 179 and 180:
Page 181 and 182:
Page 183 and 184:
Page 185 and 186:
Page 187 and 188:
Page 189 and 190:
6.3. Performance Evaluation 175 A B
Page 191 and 192:
6.3. Performance Evaluation 177 We
Page 193 and 194:
6.4. Security Evaluation 179 Bandwi
Page 195 and 196:
6.4. Security Evaluation 181 a sens
Page 197 and 198:
6.4. Security Evaluation 183 Number
Page 199 and 200:
6.4. Security Evaluation 185 We ass
Page 201 and 202:
6.4. Security Evaluation 187 Paths
Page 203 and 204:
6.4. Security Evaluation 189 ity of
Page 205 and 206:
6.4. Security Evaluation 191 of the
Page 207 and 208:
6.4. Security Evaluation 193 The se
Page 209 and 210:
6.5. Extended Interleaved Authentic
Page 211 and 212:
Page 213 and 214:
Page 215 and 216:
Page 217 and 218:
Page 219 and 220:
Page 221 and 222:
6.6. Comparing Interleaved and Mult
Page 223 and 224:
6.7. Applications 209 Psi 1 0.8 0.6
Page 225 and 226:
6.7. Applications 211 codes are att
Page 227 and 228:
6.7. Applications 213 domain. The r
Page 229 and 230:
6.9. Summary 215 simulations and by
Page 231 and 232:
Chapter 7 Conclusion This work prop
Page 233 and 234:
7.1. Secure Communication in Wirele
Page 235 and 236:
7.2. Future Work 221 7.1.4 Shortcut
Page 237 and 238:
Bibliography [1] Specification of t
Page 239 and 240:
Bibliography 225 1st European Works
Page 241 and 242:
Bibliography 227 [41] Rohan Chitrad
Page 243 and 244:
Bibliography 229 [64] L. Eschenauer
Page 245 and 246:
Bibliography 231 [85] Yahoo! Inc. D
Page 247 and 248:
Bibliography 233 [105] Kristof Van
Page 249 and 250:
Bibliography 235 [126] Anne Marie M
Page 251 and 252:
Bibliography 237 [150] Sylvia Ratna
Page 253 and 254:
Bibliography 239 [172] Thanos Stath
Page 255 and 256:
Bibliography 241 [192] Eric W. Weis
Page 257:
Curriculum Vitae Harald Vogt Person
show all

Protocols for Secure Communication in Wireless Sensor Networks

Create successful ePaper yourself

Delete template?

Save as template?