2 .7 - Physical- & Link-Layer Wireless Sensor Networks Flashcards
Wireless Sensor Networks
Overview
Applications
Wireless Sensor Networks (WSN)
Wireless Sensor and Actuator Networks (WSAN)
Nodes process information and communicate it wirelessly
Applications:
- Disaster relief operations
- Biodiversity mapping
- Intelligent buildings (or bridges)
- Facility management
- Machine surveillance and preventive maintenance
- Precision agriculture
- Medicine and health care
Roles In WSNs
Sources: Measure data, report them “somewhere”
Sinks: Interested in receiving data from WSN
Actuators: Control device based on data, usually also a sink
General Limitations In WSNs
Limited computational power and memory
- (cryptography is computationally expensive!)
Limited Battery
Multi-Hop Network
- Failure of one/few nodes can cause total net breakdown
Nodes are exposed to an omnipresent attacker with a lot more computational power and infinite battery
Key Management In WSNs
needs cryptographic algorithms depend on secret (key)
Three ways to install keys
- Key exchange
- Key generation
- Pre-shared key
Key exchange often not possible due to limited resources
- Asymmetric cryptography computationally expensive
Key generation additionally includes transmitting and
receiving many messages
- Even higher energy consumption
Applying pre-shared keys is simple
- But nodes can be captured and keys extracted
Attacks On WSNs
- Tampering
- Exhaustion & Interrogation
- Tampered Forwarding
- Wormholes
- Sybil Attack
- HELLO Flooding
Attacks On WSNs #1: Tampering
Nodes of a WSN might be exposed to physical access of an adversary who could tamper with them
Extract sensitive material such as cryptographic keys from memory (Cold boot attack)
Countermeasures:
- prevent nodes from being found
- Tampering detection (tampering sensors (physical, temperature) react on detection)
- keys in CPU registers or CPU cache(shorter retention time)
- Encrypt sensitive information also in RAM
Attacks On WSNs #2: Exhaustion & Interrogation
Make nodes performing superfluous and expensive operations
Battery exhaustion
- force nodes to retransmit messages
- repeatedly initiate energy-draining processes
Countermeasures
- Authenticated requests (expensive Crypto, key management)
- Rate-limited responses: Queue or ignore excessive reqs
- Notify upper layers: Intelligent rate-limiting based on recent history of request traffic
- Client puzzles
Exhaustion & Interrogation countermeasure: Client Puzzles
Concept: Proof-of-Work
Client must solve a task before receiving service
Flooding would exhaust malicious clients’ resources
Asymmetric demand for resources when solving the puzzle
- Server: Creating puzzles must be easy
- Client: Solving the puzzles is of moderate complexity, but feasible
- Solving many puzzles should be very expensive
- Adjust the puzzle’s computational complexity as needed
Attacks On WSNs #3: Tampered Forwarding
WSNs usually require every node to forward packets from its neighbors
Suppose an attacker can modify the behavior of certain devices or the routing tables
- Selective Forwarding: Random drop policy for packets can trigger costly end-to-end recovery mechanisms
- Sinkhole:
- Attacker advertises low-cost routes so that all packets are routed to him
- Used to ease selective forwarding or eavesdropping
- Attacker could drop all packets (blackhole)
- Neighbors suffer from increased traffic and run out of power
- Misdirection:
- Forward messages along wrong path to DoS victim
- Forge source address of messages to confuse or flood the alleged sender
Tampered Forwarding
Countermeasures
Usage of multiple disjoint routing paths
- Mitigates selective forwarding and blackhole attack
Monitoring neighbors
- Nodes monitor their neighbors to gain assurance that messages are being correctly forwarded
- Nodes listen to wireless channel after they send a message to hear their neighbors’ subsequent transmission of the same message
Authenticated routing updates
- Prevents poisoning of the routing tables
- Freshness mechanism can additionally prevent from replay attacks
Periodic end-to-end probing
- Helps to detect congested or attacked network paths
Geographic forwarding
- Geo-location used for routing instead of network addresses
Diversity Coding
- Transmit data over multiple independent paths with redundancy
- Message m is split into N ≥ 2 chunks m0, m1,…,mN of equal length
- Compute parity message c to recover loss
Attacks On WSNs #4: Wormholes
Multiple adversaries create a side-channel that provides an advantage over regular links
This channel can be used to forward information faster than the network
Can for instance be used to delude distance bounding
Countermeasures
- Geographic forwarding
- Authenticated routing messages
Attacks On WSNs #5: Sybil Attack
Most protocols assume that a node has a single identity
Sybil attacker claims to have multiple identities and to be at an arbitrary location
Thus, attacker appears at multiple places at the same time
Countermeasures
- Authenticate nodes and identities
- Location verification, e.g. with distance bounding
Attacks On WSNs #6: HELLO Flooding
Flooding in general aims at overwhelming the victim‘s (or network‘s) limited resources (memory, battery, bandwidth,…)
Many protocols exchange HELLO messages to become aware of the network‘s topology or a node‘s neighbors
Countermeasures:
- Bi-directional verification of local links
- Authenticate nodes
Attacks On WSNs: Summary
WSNs face many attacks which leverage the fact that resources are scarce in WSNs
Most of them aim at a denial of service or eavesdropping
For secure communication and to increase availability, WSNs need
- Tamper-resistance
- An authentication scheme for nodes
- Problem: Key management
- Authenticated messages
- Including protection against replay-attacks
- Multi-path routing
- For e.g. diversity coding
But most countermeasures are in conflict with the limited resources of WSNs and are therefore impractical
