Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
SlideShare a Scribd company logo

Unit 4 ec8702 - ad hoc and wireless sensor networks unit -4 mr.darwin nesakumar, ap-ece, rmkec

Download as PPTX, PDF
Darwin Nesakumar
Darwin Nesakumar

This document provides an overview of sensor network security. It begins with objectives to learn about ad hoc and sensor network security aspects, attacks, and transport layer security issues. It then covers topics like security requirements, challenges in provisioning security, network security attacks categorized by layer (physical, data link, network, transport, application), and possible solutions for jamming, tampering, black hole attacks, and flooding attacks. The document also discusses key distribution, management techniques and procedures, and secure routing protocols like SPINS.

Related slideshows

Dsdv
DsdvDsdv
Dsdv
 
Wsn 08
Wsn 08Wsn 08
Wsn 08
 
Lecture 23 27. quality of services in ad hoc wireless networks
Lecture 23 27. quality of services in ad hoc wireless networksLecture 23 27. quality of services in ad hoc wireless networks
Lecture 23 27. quality of services in ad hoc wireless networks
 
1 of 43
SENSOR NETWORK SECURITY
SENSOR NETWORK SECURITY Presented by, Darwin Nesakumar A, M.E.,(P.hD) Assistant Professor R.M.K.Engineering College Kavaraipettai
SENSOR NETWORK SECURITY • Learn Ad hoc network and Sensor Network Security • Understand the different security aspects • Have an in-depth knowledge on sensor network attacks and its issues related to network security • Understand the transport layer and security issues possible in Ad hoc and Sensor networks OBJECTIVES: We should be made to,
TOPICS • Network Security Requirements, • Issues and Challenges in Security Provisioning, • Network Security Attacks, • Layer wise attacks in wireless sensor networks, • Possible solutions for – Jamming, – Tampering, – Black Hole Attack, – Flooding Attack. • Key Distribution and Management, • Secure Routing – SPINS, • Reliability Requirements in Sensor Networks.
NETWORK SECURITY REQUIREMENTS • A security protocol for ad hoc wireless networks should satisfy the following requirements. Confidentiality Integrity Availability Non-repudiation
ISSUES IN SECURITY PROVISIONING • In this section, some of the issues to be considered while designing a security concern for ad hoc wireless networks are discussed. Induced traffic Induced throughput unfairness Separation of congestion control, reliability, and flow control Power and bandwidth constraints Misinterpretation of congestion Completely decoupled transport layer Dynamic topology
CHALLENGES IN SECURITY PROVISIONING The following are the Challenges to be met while make a security for ad hoc wireless networks: Throughput maximization Minimum connection setup and connection maintenance overheads Congestion control and flow control
CHALLENGES IN SECURITY PROVISIONING Reliable and unreliable connections Protocol Bandwidth availability Effective, scalable, and protocol-independent interaction End-to-end semantics
ISSUES AND CHALLENGES IN SECURITY PROVISIONING A detailed discussion on how each of the above mentioned characteristics causes difficulty in providing security in ad hoc wireless networks is given below. Shared broadcast radio channel Insecure operational environment Lack of central authority Lack of association Limited resource availability Physical vulnerability
NETWORK SECURITY ATTACKS Core Reason for Network Security Attacks Misinterpretation of packet loss Frequent path breaks Effect of path length Misinterpretation of congestion window Asymmetric link behaviour
NETWORK SECURITY ATTACKS Uni-directional path Multipath routing Network partitioning and remerging The use of sliding-window-based transmission
CATEGORIES OF SECURITY ATTACKS Attacks on ad hoc wireless networks can be classified into two broad categories, Passive Attack Active Attack
ATTACKS IN WIRELESS SENSOR NETWORKS
PASSIVE ATTACK • In a passive attack the attack monitors the transmissions to obtain message content or monitors traffic flows, but does not modify the message • There are many types of passive attacks: – Eavesdropping (tapping) – Traffic Analysis – Sniffing and snooping – Spoofing – Monitoring
ACTIVE ATTACKS • In an active attack the network exploit in which a hacker attempts to make changes to data on the target or data route to the target. And also attacker acquires the message and modifies the contents of the message to obtain unauthorized effects
DIFFERENCE BETWEEN ACTIVE ATTACK AND PASSIVE ATTACK Active Attacks: The attacker efforts to change or modify the content of messages. Active Attack is danger for Integrity as well as availability. Due to active attack system is always damaged and System resources can be changed. The most important thing is that, In active attack, Victim gets informed about the attack. Passive Attacks: The attacker observes the content of messages or copy the content of messages. It is danger for Confidentiality. Due to passive attack, there is no any harm to the system. The most important thing is that In passive attack, Victim does not get informed about the attack.
DIFFERENCE BETWEEN ACTIVE ATTACK AND PASSIVE ATTACK Active Attack Passive Attack Modification in Information Does Not Integrity & Availability Confidentiality Attention is on Detection Attention is on prevention System is Always Damaged No any Harm to the System Victim gets Informed Victim does not get informed System resources can be change Not change Influence the services Information and messages in the system or network are acquire Information collected and used during executing Information like passwords, messages by itself Restrict from entering systems Easy to prohibited
TYPES OF ACTIVE ATTACKS -LAYER BASED • Layer Attacks on WSN Securing wireless ad-hoc networks is a highly challenging issue. • Attacks can occur in different layers of the network protocol stack. • Layer based Types of active attacks definitions –Attacks at Physical Layer –Attacks at Data Link Layer –Attacks at Network Layer –Attacks at Transport Layer –Attacks at Application Layer
ENHANCING SECURITY VIA PHYSICAL LAYER • The classic hierarchical structure of communication protocol stack and the examples of security mechanisms deployed at each layer.
ATTACKS AT PHYSICAL LAYER Some of Attacks occurs at Physical Layer – Timing attack – Eavesdropping, – Interference and Jamming Solutions:  Access Restriction  Encryption.
ATTACKS AT DATA LINK LAYER Some of the Attacks occurs at Data Link Layer • Flooding Attacks • Topology Engagement Attacks Solutions:  Misbehavior Detection.  Identity Protection
ATTACKS AT NETWORK LAYER • The attacks of the network layer are: – IP spoofing, – Hijacking, – Smurf, – Wormhole, – Blackhole, – Sybil and sinkhole • It was observed that are many other attacks that effectives physical layer – Eavesdropping, – Jamming – Network Injection. IP spoofing Hijacking Smurf attack Solutions:  Routing Access Restriction.  False Routing Information Detection.
ATTACKS AT TRANSPORT LAYER • The attacks of the transport layer are • TCP Attacks • UDP Attacks Solutions:  Limit number of connections from a particular node.  Header or full packet authentication
ATTACKS AT APPLICATION LAYER • Application Layer Attacks, also known as Layer 7 Attacks after the OSI model, – BGP Hijacking – Slowloris, Slow Post, Slow Read – HTTP(/s) Flooding – Low and Slow Attack – Large Payload POST – Mimicked User Browsing Solutions:  Data Integrity Protection.  Data Confidentiality Protection.
POSSIBLE SOLUTIONS FOR JAMMING ATTACK To address jamming problem • Localization • Detection • Countermeasure mechanisms
TAMPERING • TAMPERING – Tampering means changing or deleting a resource without authorization. – Data tampering or data manipulation is a way that a hacker or a malicious user gets into a web site and changes, deletes or to access unauthorized files. – Data tampering indirectly by using a script exploit to mask itself as a user input from a page. – Data tampering through; • Cookie tampering, • HTML form field tampering • URL query string tampering • Password cracking tampering
POSSIBLE SOLUTIONS FOR DATA TAMPERING Data tampering could become the greatest cybersecurity threat organizations face • Data tampering – Anti-Tamper • Copy-On-Write (COW) Data tampering or data manipulation can usually be done through the following ways – Cookies – HTML Form Fields – URL Query Strings – HTTP Headers and – Password Cracking
PREVENTION AND COUNTER-MEASURES • To use a firewall and windows security • Guarding against script exploits • Appropriate and safe steps against malicious executable code. • Counter-Measures to prevent data tampering – Data signing and harsing • using digital signatures, • using strong authorization, • using tamper resistant protocols • using secure communication links • using strong and powerful firewalls • using complicated passwords and • blocking IP addresses for failed login attempts • Using access controls to protect data • Using role based security
BLACK HOLE ATTACK • Blackhole attack is a type of denial-of-service attack • Black hole attack is one of the possible attacks in WSN. • The attacker drops packets selectively • Intermediate malicious node will suffer from partial or total data loss.
POSSIBLE SOLUTIONS FOR BLACK HOLE ATTACK • Routing Protocol Enhancements • Safe Route • Find and Secure Alternate Route • Neighboring Nodes Maintenance • Malicious Paths Identification • Timely Data Transmission • Link Break Detection
FLOODING ATTACK • Flooding attack involves the generation of spurious messages to increase traffic on the network for consuming server’s or network’s resources • DoS and DDoS attacks can be divided into three types: – Volume Based Attacks • UDP floods, • ICMP floods, and • spoofed-packet floods – Protocol Attacks • SYN floods • fragmented packet attacks • Ping of Death • Smurf DDoS – Application Layer Attacks
POSSIBLE SOLUTIONS FOR JAMMING, TAMPERING, BLACK HOLE ATTACK, FLOODING ATTACK •Volume Based Attacks •Protocol Attacks •Application Layer Attacks
KEY DISTRIBUTION AND MANAGEMENT The objective of key management is to maintain keying relationships and keying material in a manner that counters relevant threats. In practice an additional objective is conformance to a relevant security policy • Delivers a key to two parties • Sort of mechanism or protocol need for security • Sort of mechanism or protocol
KEY MANAGEMENT • Key management is the set of techniques and procedures supporting the establishment and maintenance of keying relationships between authorized parties. • A keying relationship is the state wherein communicating entities share common data(keying material) to facilitate cryptography techniques. This data may include public or secret keys, initialization values, and additional non-secret parameters
KEY MANAGEMENT TECHNIQUES AND PROCEDURES • Initialization • Generation, Distribution, and Installation • Controlling • Update, Revocation, and Destruction • Storage, Backup/Recovery, and Archive
SECURITY POLICY & THREATS • Security policy explicitly or implicitly defines the threats a system is intended to address Security policy may affect the stringency of cryptographic requirements, depending on the susceptibility of the environment in questions to various types of attack. • Threats – Compromise of confidentiality of secret keys – Compromise of authenticity of secret or public keys. – Unauthorized use of public or secret keys
KEY MANAGEMENT TECHNIQUES • Public-key techniques –Simplified key management –On-line trusted server not required –Enhanced functionality
SIMPLIFIED KEY MANAGEMENT SYMMETRIC-KEY Encryption PUBLIC-KEY Encryption
KEY MANAGEMENT LIFE CYCLE User Registration User Initialization Key Generation Key Installation Key Registration Normal UseKey Backup Key Update Archival Key De- registration And Destruction Key Recovery Key Revocation
AUTOMATIC KEY DISTRIBUTION
KEY DISTRIBUTION
SIMPLE SECRET KEY DISTRIBUTION Fig 1. Simple Secret Key Distribution Fig 2. Secret Key Distribution with Confidentiality and Authentication
DISTRIBUTION OF PUBLIC KEYS • Distribution of Public Keys can be considered as using one of: –Public Announcement –Publicly Available Directory –Public-key Authority –Public-key Certificates

More Related Content

Unit 4 ec8702 - ad hoc and wireless sensor networks unit -4 mr.darwin nesakumar, ap-ece, rmkec

  • 2. SENSOR NETWORK SECURITY Presented by, Darwin Nesakumar A, M.E.,(P.hD) Assistant Professor R.M.K.Engineering College Kavaraipettai
  • 3. SENSOR NETWORK SECURITY • Learn Ad hoc network and Sensor Network Security • Understand the different security aspects • Have an in-depth knowledge on sensor network attacks and its issues related to network security • Understand the transport layer and security issues possible in Ad hoc and Sensor networks OBJECTIVES: We should be made to,
  • 4. TOPICS • Network Security Requirements, • Issues and Challenges in Security Provisioning, • Network Security Attacks, • Layer wise attacks in wireless sensor networks, • Possible solutions for – Jamming, – Tampering, – Black Hole Attack, – Flooding Attack. • Key Distribution and Management, • Secure Routing – SPINS, • Reliability Requirements in Sensor Networks.
  • 5. NETWORK SECURITY REQUIREMENTS • A security protocol for ad hoc wireless networks should satisfy the following requirements. Confidentiality Integrity Availability Non-repudiation
  • 6. ISSUES IN SECURITY PROVISIONING • In this section, some of the issues to be considered while designing a security concern for ad hoc wireless networks are discussed. Induced traffic Induced throughput unfairness Separation of congestion control, reliability, and flow control Power and bandwidth constraints Misinterpretation of congestion Completely decoupled transport layer Dynamic topology
  • 7. CHALLENGES IN SECURITY PROVISIONING The following are the Challenges to be met while make a security for ad hoc wireless networks: Throughput maximization Minimum connection setup and connection maintenance overheads Congestion control and flow control
  • 8. CHALLENGES IN SECURITY PROVISIONING Reliable and unreliable connections Protocol Bandwidth availability Effective, scalable, and protocol-independent interaction End-to-end semantics
  • 9. ISSUES AND CHALLENGES IN SECURITY PROVISIONING A detailed discussion on how each of the above mentioned characteristics causes difficulty in providing security in ad hoc wireless networks is given below. Shared broadcast radio channel Insecure operational environment Lack of central authority Lack of association Limited resource availability Physical vulnerability
  • 10. NETWORK SECURITY ATTACKS Core Reason for Network Security Attacks Misinterpretation of packet loss Frequent path breaks Effect of path length Misinterpretation of congestion window Asymmetric link behaviour
  • 11. NETWORK SECURITY ATTACKS Uni-directional path Multipath routing Network partitioning and remerging The use of sliding-window-based transmission
  • 12. CATEGORIES OF SECURITY ATTACKS Attacks on ad hoc wireless networks can be classified into two broad categories, Passive Attack Active Attack
  • 13. ATTACKS IN WIRELESS SENSOR NETWORKS
  • 14. PASSIVE ATTACK • In a passive attack the attack monitors the transmissions to obtain message content or monitors traffic flows, but does not modify the message • There are many types of passive attacks: – Eavesdropping (tapping) – Traffic Analysis – Sniffing and snooping – Spoofing – Monitoring
  • 15. ACTIVE ATTACKS • In an active attack the network exploit in which a hacker attempts to make changes to data on the target or data route to the target. And also attacker acquires the message and modifies the contents of the message to obtain unauthorized effects
  • 16. DIFFERENCE BETWEEN ACTIVE ATTACK AND PASSIVE ATTACK Active Attacks: The attacker efforts to change or modify the content of messages. Active Attack is danger for Integrity as well as availability. Due to active attack system is always damaged and System resources can be changed. The most important thing is that, In active attack, Victim gets informed about the attack. Passive Attacks: The attacker observes the content of messages or copy the content of messages. It is danger for Confidentiality. Due to passive attack, there is no any harm to the system. The most important thing is that In passive attack, Victim does not get informed about the attack.
  • 17. DIFFERENCE BETWEEN ACTIVE ATTACK AND PASSIVE ATTACK Active Attack Passive Attack Modification in Information Does Not Integrity & Availability Confidentiality Attention is on Detection Attention is on prevention System is Always Damaged No any Harm to the System Victim gets Informed Victim does not get informed System resources can be change Not change Influence the services Information and messages in the system or network are acquire Information collected and used during executing Information like passwords, messages by itself Restrict from entering systems Easy to prohibited
  • 18. TYPES OF ACTIVE ATTACKS -LAYER BASED • Layer Attacks on WSN Securing wireless ad-hoc networks is a highly challenging issue. • Attacks can occur in different layers of the network protocol stack. • Layer based Types of active attacks definitions –Attacks at Physical Layer –Attacks at Data Link Layer –Attacks at Network Layer –Attacks at Transport Layer –Attacks at Application Layer
  • 19. ENHANCING SECURITY VIA PHYSICAL LAYER • The classic hierarchical structure of communication protocol stack and the examples of security mechanisms deployed at each layer.
  • 20. ATTACKS AT PHYSICAL LAYER Some of Attacks occurs at Physical Layer – Timing attack – Eavesdropping, – Interference and Jamming Solutions:  Access Restriction  Encryption.
  • 21. ATTACKS AT DATA LINK LAYER Some of the Attacks occurs at Data Link Layer • Flooding Attacks • Topology Engagement Attacks Solutions:  Misbehavior Detection.  Identity Protection
  • 22. ATTACKS AT NETWORK LAYER • The attacks of the network layer are: – IP spoofing, – Hijacking, – Smurf, – Wormhole, – Blackhole, – Sybil and sinkhole • It was observed that are many other attacks that effectives physical layer – Eavesdropping, – Jamming – Network Injection. IP spoofing Hijacking Smurf attack Solutions:  Routing Access Restriction.  False Routing Information Detection.
  • 23. ATTACKS AT TRANSPORT LAYER • The attacks of the transport layer are • TCP Attacks • UDP Attacks Solutions:  Limit number of connections from a particular node.  Header or full packet authentication
  • 24. ATTACKS AT APPLICATION LAYER • Application Layer Attacks, also known as Layer 7 Attacks after the OSI model, – BGP Hijacking – Slowloris, Slow Post, Slow Read – HTTP(/s) Flooding – Low and Slow Attack – Large Payload POST – Mimicked User Browsing Solutions:  Data Integrity Protection.  Data Confidentiality Protection.
  • 25. POSSIBLE SOLUTIONS FOR JAMMING ATTACK To address jamming problem • Localization • Detection • Countermeasure mechanisms
  • 26. TAMPERING • TAMPERING – Tampering means changing or deleting a resource without authorization. – Data tampering or data manipulation is a way that a hacker or a malicious user gets into a web site and changes, deletes or to access unauthorized files. – Data tampering indirectly by using a script exploit to mask itself as a user input from a page. – Data tampering through; • Cookie tampering, • HTML form field tampering • URL query string tampering • Password cracking tampering
  • 27. POSSIBLE SOLUTIONS FOR DATA TAMPERING Data tampering could become the greatest cybersecurity threat organizations face • Data tampering – Anti-Tamper • Copy-On-Write (COW) Data tampering or data manipulation can usually be done through the following ways – Cookies – HTML Form Fields – URL Query Strings – HTTP Headers and – Password Cracking
  • 28. PREVENTION AND COUNTER-MEASURES • To use a firewall and windows security • Guarding against script exploits • Appropriate and safe steps against malicious executable code. • Counter-Measures to prevent data tampering – Data signing and harsing • using digital signatures, • using strong authorization, • using tamper resistant protocols • using secure communication links • using strong and powerful firewalls • using complicated passwords and • blocking IP addresses for failed login attempts • Using access controls to protect data • Using role based security
  • 29. BLACK HOLE ATTACK • Blackhole attack is a type of denial-of-service attack • Black hole attack is one of the possible attacks in WSN. • The attacker drops packets selectively • Intermediate malicious node will suffer from partial or total data loss.
  • 30. POSSIBLE SOLUTIONS FOR BLACK HOLE ATTACK • Routing Protocol Enhancements • Safe Route • Find and Secure Alternate Route • Neighboring Nodes Maintenance • Malicious Paths Identification • Timely Data Transmission • Link Break Detection
  • 31. FLOODING ATTACK • Flooding attack involves the generation of spurious messages to increase traffic on the network for consuming server’s or network’s resources • DoS and DDoS attacks can be divided into three types: – Volume Based Attacks • UDP floods, • ICMP floods, and • spoofed-packet floods – Protocol Attacks • SYN floods • fragmented packet attacks • Ping of Death • Smurf DDoS – Application Layer Attacks
  • 32. POSSIBLE SOLUTIONS FOR JAMMING, TAMPERING, BLACK HOLE ATTACK, FLOODING ATTACK •Volume Based Attacks •Protocol Attacks •Application Layer Attacks
  • 33. KEY DISTRIBUTION AND MANAGEMENT The objective of key management is to maintain keying relationships and keying material in a manner that counters relevant threats. In practice an additional objective is conformance to a relevant security policy • Delivers a key to two parties • Sort of mechanism or protocol need for security • Sort of mechanism or protocol
  • 34. KEY MANAGEMENT • Key management is the set of techniques and procedures supporting the establishment and maintenance of keying relationships between authorized parties. • A keying relationship is the state wherein communicating entities share common data(keying material) to facilitate cryptography techniques. This data may include public or secret keys, initialization values, and additional non-secret parameters
  • 35. KEY MANAGEMENT TECHNIQUES AND PROCEDURES • Initialization • Generation, Distribution, and Installation • Controlling • Update, Revocation, and Destruction • Storage, Backup/Recovery, and Archive
  • 36. SECURITY POLICY & THREATS • Security policy explicitly or implicitly defines the threats a system is intended to address Security policy may affect the stringency of cryptographic requirements, depending on the susceptibility of the environment in questions to various types of attack. • Threats – Compromise of confidentiality of secret keys – Compromise of authenticity of secret or public keys. – Unauthorized use of public or secret keys
  • 37. KEY MANAGEMENT TECHNIQUES • Public-key techniques –Simplified key management –On-line trusted server not required –Enhanced functionality
  • 38. SIMPLIFIED KEY MANAGEMENT SYMMETRIC-KEY Encryption PUBLIC-KEY Encryption
  • 39. KEY MANAGEMENT LIFE CYCLE User Registration User Initialization Key Generation Key Installation Key Registration Normal UseKey Backup Key Update Archival Key De- registration And Destruction Key Recovery Key Revocation
  • 42. SIMPLE SECRET KEY DISTRIBUTION Fig 1. Simple Secret Key Distribution Fig 2. Secret Key Distribution with Confidentiality and Authentication
  • 43. DISTRIBUTION OF PUBLIC KEYS • Distribution of Public Keys can be considered as using one of: –Public Announcement –Publicly Available Directory –Public-key Authority –Public-key Certificates