23-01-2013, 12:07 PM
Security and Privacy in Sensor Nets
Security and Privacy.ppt (Size: 210.5 KB / Downloads: 70)
Sensor Node Compromise
Large scale sensor nets, hard to protect against physical and logical attacks
Countermeasures:
Tamper resistant hardware – expensive
Node-to-node authentication in software
Sensor Networks must be made resilient:
“able to function at high effectiveness even with a small number of malicious nodes. For example, routing protocols must be resilient against compromised nodes that behave maliciously.”
Eavesdropping
Eavesdropping
Passive attack
Countermeasure: Encryption
Must be robust
Must be feasible for limited resources
Hard to implement E2E encryption due to large scale (too many keys need to be stored)
HBH encryption is a solution, but conflicts with E2E arguments
Multipath routing is a solution, where parts of a message is sent over multiple disjoint paths ?!?
Privacy
Privacy of Sensed Data
Access to stored data or by querying or by eavesdropping
Countermeasures:
Encryption
Access control
Reduction in sensed data details (e.g. aggregation)
Distributed processing, where no one node has access to queried results
DoS
Denial of Service Attacks
Aims to destroy network functionality
At the physical layer – e.g. radio jamming
Battery exhaustion
Creating routing loops
Countermeasures:
Spread spectrum techniques
Proper authentication, e.g. authentication techniques itself can be used to exhaust battery
Malicious Commodity Networks
Malicious use of commodity networks
Use of sensor networks for illegal purposes, e.g. planting them in computers to extract private information
Countermeasure:
Deploy sensor detectors to detect malicious sensor nets
It will not protect illegal sensor network deployment, but will make attacks expensive
This is not an attack on sensor nets ?!?
Theory and Application
Small nodes, wireless communication
Data centric vs. address centric
Military, healthcare, environmental monitoring
Large scale
Network must be resilient to individual node failure
Security in the original design of protocols and software applications for all networks