Post on 27-Dec-2015
1
Security of Sensor Networks
Tanya Roosta
TRUST Seminar
UC Berkeley, November 9, 2006
2
Overview
Taxonomy of attacks on sensor networks Convergence analysis of Reweighted-Tree sum-
product algorithms Time synchronization security Reputation system for tracking Game theory
3
Overview
Taxonomy of attacks on sensor networks Convergence analysis of Reweighted-Tree sum-
product algorithms Time synchronization security Reputation system for tracking Game theory
4
Background on Sensor Network
Wireless networks consist of a large number of motes self-organizing, highly integrated with changing
environment and network Highly Constrained resources
processing, storage, bandwidth, power Facilitate large scale deployment
Health care Surveillance Critical infrastructure
5
Motivation Sometimes deployed in hostile environment, and
have random topology Vision is to integrate sensors into critical
infrastructure, such as wireless Supervisory Control And Data Acquisition systems (SCADA)
Traditional security techniques can not be applied because …
6
Challenges Unique to Sensor Networks Random Topology Secure aggregation Context privacy [PMRSSW06] Scalability of trust/key management schemes Power and computation efficiency
[PMRBSSW06] “Sameer Pai, Marci Meingast, Tanya Roosta, Sergio Bermudez, Shankar Sastry, Stephen Wicker. “Privacy in Sensor Networks: A Focus On Transactional Information”. Under submission to IEEE Security and Privacy Magazine
7
Security Attacks on Sensor Networks
Need to have a comprehensive taxonomy of security and confidentiality attacks on sensor networks to describe [RSS06]: Attacker’s goal Trust model Security requirements Various types of attacks
[RSS06] Tanya Roosta, Shiuhpyng Shieh, Shankar Sastry. "Taxonomy of Security Attacks on Sensor Networks". IEEE International Conference on System Integration and Reliability Improvements 2006
8
Attacker’s Goal
Eavesdropping (outsider attacker) Disruption of applications (insider attacker) Subverting a subset of sensor nodes (insider
attacker)
9
There is usually a central base station that gathers all the data reported by the sensor nodes
Only trust assumption: the base station is trustworthy
No other trust requirement is placed
Trust Model
10
Security Requirements
Confidentiality Authentication Integrity Freshness Secure Group Management Availability Graceful degradation
11
Cryptography
Cryptography is the first line of defense Cryptography helps with message integrity,
authentication, and confidentiality TinySec: symmetric key cryptographic algorithm TinyECC: Elliptic Curve Cryptography (ECC)
Cryptography can not solve all the problems of security in sensor networks
12
Security Attacks Attacks can be categorized into [RSS 06]:
Attacks on the sensor mote Attacks on the protocols and applications
13
Non-invasive: The embedded device is not physically tampered with Side-channel attack
Invasive: Reverse engineering followed by probing techniques Extract cryptographic keys Exploit software vulnerabilities:
Memory access control
Attacks on the Sensor Mote
14
Attacks on Protocols/Applications
Denial of service Traffic analysis Time synchronization Key management protocols Data aggregation protocols Comprehensive list in [RSS06]
DOS
15
Overview
Taxonomy of attacks on sensor networks Convergence analysis of Reweighted-Tree sum-
product algorithms Time synchronization security Reputation system for tracking Game theory
16
Graphical Models In probabilistic graphical models, the nodes are
random variables, and arcs (or lack of them) encodes the conditional independence of these random variables
Specify a joint probability distribution among random variables
17
Graphical Models in Sensor Networks Graphical models useful for distributed fusion in
sensor networks [CCFIMWW06]: Well-suited for sensor network structure Scalable inference algorithm, new message-passing
algorithms Parallel message-passing
[CCFIMWW06] M. Cetin, L. Chen, J. W. Fisher, A. T. Ihler, R. L. Moses, M. J. Wainwright, A. Willsky. “Distributed Fusion in Sensor Networks”. IEEE Signal Processing Magazine, July 2006.
18
Inference on Graphical Models
Calculating posterior marginals is NP-hard Junction Tree algorithm finds exact marginals, but is
computationally expensive Standard Belief Propagation (BP) is used as an
approximate inference algorithm
BP Equation
19
Tree-Reweighted Sum-Product Algorithm
TRW is a broader class of approximate inference algorithms Message adjusted by edge-based weights The weights are ts2[0,1] Computational complexity identical to BP = 1: recovers the standard BP
[WJW05] M. J. Wainwright and T. S. Jaakkola and A. S. Willsky. "A new class of upper bounds on the log partition function"IEEE Trans. Info. Theory, 2005.
20
Advantages of TRW
For suitable choices of , TRW, in sharp contrast to BP, always has a unique fixed point for any graph and any dependency strength
Additional benefit: Message-passing updates tend to be more stable Faster convergence rate
21
TRW in Sensor Networks
TRW can be used in sensor networks [CWCW03] TRW and security:
Compromised nodes give faulty updates
Need to understand: How much of an effect the faulty updates will have on
the estimation How the characteristics of the fixed points of TRW are
changed
[CWCW03] L. Chen, M. J. Wainwright, M. Cetin, A. S. Willsky. “Multitarget-Multisensor Data Association Using Tree-Reweighted Max-Product Algorithm”. SPIE AeroSense Conference, 2003.
22
Convergence Analysis of TRW [RW06]
The objective is to analyze the convergence of the family of reweighted sum-product algorithms
We assume that the ‘true’ messages are fixed points of the algorithm
The messages are perturbed by some amount
[RW06] Tanya Roosta, Martin J. Wainwright. "Convergence Analysis of Reweighted Sum-Product Algorithms“. Submitted to IEEE International Conference on Acoustics, Speech, and Signal Processing (ICASSP)
23
Convergence Analysis [RW06] W.L.O.G restrict attention to the case of pair-wise
cliques
The distribution defined on this graph is:
Analyze homogeneous and non-homogeneous models
st
24
Homogeneous Model
st = , s= θ for all edges and all nodes
Let d=degree of the nodes If d-1 1, then we are guaranteed uniqueness and
convergence of the updates If d-1 > 1 , the update equation may have more than
one fixed point, depending on the choice of and
Proof
25Plot of the appearance of multiple fixed points versus and
θ
cri
tica
l
d=4
26
Non-Homogeneous Model In the general model, convergence analysis is based
on establishing, under suitable conditions, the updates specify a contractive mapping in the l1 norm, i.e.
27
Simulation Results
uniform from [0.05,0.5], edge potentials st, uniform from [0.01,1], and different values for
Number of nodes between 49-169 Plot of log |zm-z*|1 vs. the number of iterations (m)
28
More figures
29
Ongoing and Future Work The convergence condition is somewhat
conservative Requires the message updates be contractive at every
node of the graph
We like to have an average-case analysis Require that updates be attractive in an average sense
30
Overview
Taxonomy of attacks on sensor networks Convergence analysis of Reweighted-Tree sum-
product algorithms Time synchronization security Reputation system for tracking Game theory
31
Why Need Time Sync.? Sources of error in time are:
Clock skew: the difference in the frequencies of the clock and the perfect clock
Clock offset: the difference between the time reported by a clock and the real time
Time sync.
32
Effect of Time Sync. Attacks Time sync. protocols are vulnerable to security attacks Effect on applications/services [MRS05]:
Shooter Localization TDMA-based Channel Sharing:
Flexible Power Scheduling TDMA-based MAC protocol
Estimation Authenticated Broadcast (Tesla)
[MRS05] Mike Manzo, Tanya Roosta, Shankar Sastry. “Time Synchronization Attacks in Sensor Networks“. The Third ACM Workshop on Security of Ad Hoc and Sensor Networks 2005
33
Time Sync. Protocols in Sensor Network
Three general categories: Reference Broadcast Synchronization (RBS) TPSN Flooding Time Synchronization Protocol (FTSP)
In [MRS05] attacks and possible countermeasures for each time sync. protocols was explained
Description
34
FTSP FTSP uses reference points for synchronization Reference point = (globalTime, localTime)
globalTime: time of the transmitting node localTime: time of the receiving node
The receiving node uses linear regression on 8 reference points to find offset and skew
Detail
35
Attacks on FTSP [RS06] A compromised node can claim to be the root node The compromised root sends false updates, which
will get propagated in the network Every node accepting the false updates calculates
false offset and skew
[RS06] Tanya Roosta, Shankar Sastry. “Securing Flooding Time Synchronization Protocol in Sensor Networks". Workshop of 6th ACM & IEEE Conference on Embedded Software
36
Proposed Countermeasures [RS06]
Secure leader election mechanism: distributed coin-flipping algorithms (use cryptographic
commitments)
Using redundancy: Instead of LS on one neighbor, run LS on multiple
neighbors and take the median Run LS on multiple random subsets of data
Using robust estimators: Least Median of Squares (LMS)
37
Future work Experiments:
Implementing the attacks
Analyze the effect on the tracking application
Implement some of the countermeasures
Time line: 6 months
38
Overview Taxonomy of attacks on sensor networks Convergence analysis of Reweighted-Tree sum-
product algorithms Time synchronization security Reputation system for tracking Game theory
39
Reputation System Reputation systems have been used in online ranking
systems They have proven useful as a self-policing
mechanism In [GS04] the authors propose extending this
framework to sensor networks
[GS04] Saurahb Ganeriwal, Mani Srivastava. “Reputation-based framework for high integrity sensor Networks”. Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networks, 2004.
40
Reputation System in Sensor Network
No unifying way to design the “watchdog” mechanism Application dependent
[GS04]
41
Reputation System for Tracking [RMS06]
We designed a reputation system for the tracking application
Tracking is fundamental in sensor networks Surveillance Pursuit Evasion Games
Focused on Hierarchical Multi-Object Tracking Algorithm (MCMCDA)
[RMS06] Tanya Roosta, Marci Meingast, Shankar Sastry. "Distributed Reputation System for Tracking Applications in Sensor Networks". In proc. of International Workshop on Advances in Sensor Networks 2006
42
The input: a set of data indexed by time
The output: the association of the observed data with object tracks
The tracking algorithm has two phases: Data Fusion Data Association
MCMCDA
[ORS04] S. Oh, S. Russell, and S. Sastry. “Markov Chain Monte Carlo Data Association for General Multiple-Target Tracking Problems”. IEEE International Conference on Decision and Control (CDC), 2004.
43
Example
Figure (a) shows the observed data indexed by time, Figure (b) shows the tracks that were formed based on the
maximum likelihood function
[ORS04]
44
Nodes equipped with motion detection sensors Sensor model:
MCMCDA [ORS04]
45
Data Fusion In each local neighborhood, the node with the
highest signal strength declares itself to be the leader All the other nodes in the neighborhood send their
observations to this leader The leader aggregates the data:
46
Data Association Each leader sends the fused observation to the
closest super-node Super-node send their gathered fused observations to
the base station Base station uses Markov Chain Monte Carlo
(MCMC) to associate the fused data by maximizing the posterior of the track, given the observations
Formula
47
Possible Attacks [RMS06] Adversary physically captures a subset of the
sensor nodes Compromised nodes send faulty observations to the
leader
Results in wrong fused observations and formation of non-existent tracks for the moving objects
48
Attacks Not Considered
We did not allow the compromised nodes to claim to be the leader
This problem could be solved using standard distributed coin-flipping algorithms using cryptographic commitments
At the central level, we need to use statistical methods that would filter out the faulty observations coming from the compromised leaders
49
Reputation System [RMS06] The nodes do not share their reputation table At this point, we only use first hand observations for
updating the reputation Each node updates the reputation of its neighbors
only when it becomes the leader The reputation is a value in [0,1]
50
The Algorithm [RMS06]
Leader node gathers all the observations from its neighbors
It chooses m subsets of the observations The members of each subset are chosen randomly
from among all the neighbors The leader computes the fused observation for each
subset ( )
51
The Algorithm (cont.)
is the accumulated reputation of the jth neighbor at node i up to time t-1
The leader finds the median of where i 2 {1,…,m}
52
Reputation Assignment [RMS06]
The median value of the estimated location is the trusted value (mtrust) and the nodes in the corresponding subset are trusted nodes (Strsut)
There are two counters (ij , ij) for instantaneous reputation ij : positive reputation
ij : negative reputation
53
Reputation Assignment (cont.)
Nodes in Strust receive an instantaneous reputation of (1,0)
For the rest of the neighbors, the leader picks one node, sij, at a time and add it to the subset Strust and recalculates the location estimation
Call the result of this calculation
54
Reputation Update [RMS06]
T is a threshold to determine how far can be pulled away from the median mtrue
T has to take the normal level of observation noise into account
55
Reputation Aggregation [RMS06]
Instantaneous reputations are aggregated to calculate the cumulative positive and negative reputation (rij
t, sijt)
Discounting factor, , is used to guarantees old reputations will be gradually forgotten
The reputation is aggregated using: Beta function
56
Simulation
The surveillance region is a square grid of size 50m x 50m
There is one node placed at each corner of each square
The number of objects we want to track is ni
The sensing range Rs is set to 1.5m
57
Simulation (cont.)
The noise represented by a Gaussian standard distribution ~N(0,1)
Tested different scenarios Example: the number of compromised nodes is fixed and
the sensing radius is varied from 1.5m to 3m
T= 0.4, m=4, and s=3 Metric: the average error in the number of tracks
estimated by the algorithm compared to the actual number of tracks
58
250 compromised nodes, varying sensing radius
59
Qualitative Comparison
60
Future Work Extend the
observation model to include probability of compromised nodes using mixture models [RMG06]
[RMG06] Tanya Roosta, Mubaraq Mishra, Ali Ghazizadeh. “Robust Detection and Estimation in Ad-Hoc and Sensor Networks”. IEEE International Conference on Mobile Ad-hoc and Sensor Systems, 2006
61
Overview
Taxonomy of attacks on sensor networks Convergence analysis of Reweighted-Tree sum-
product algorithms Time synchronization security Reputation system for tracking Game theory
62
Clustering Game
Setup: There are a number of clusters K The adversary knows what is being observed The adversary can not observe what the other adversaries
are doing (no collusion) The nodes are monitoring temperature (example)
What is the optimal compromised node placement within the clusters to cause the most amount of damage?
63
center
center
Which distribution of the compromised nodes has the most affect on the final estimation at the center?
Good node
Compromised node
More Game Theory
64
Conclusion Security in sensor networks is crucial to successful
deployment In this talk:
proposed a taxonomy of security attacks Gave convergence results for TRW Described attacks on time sync. Protocols and the effect
on different application Developed a decentralized reputation system for tracking Use of game theory to formulate security attacks
65
66
Effect on Estimation (Example) state of a discrete-time controlled process
Given the measurement
Back
67
Reputation and Beta Function
The sequence of observations can be considered as a sample from a binomial distribution, i.e. a sequence of independent coin tosses, with a bias parameter P
To be clear, the head corresponds to an honest node and the tail corresponds to a compromised node, and the bias is the overall reputation of the node
We can estimate the rating of a node using Bayesian parameter estimation of the binomial distribution
Back
68
Reputation and Beta Function (cont.)
The posterior probability of binary events is most accurately represented by the Beta distribution
Beta distribution is a two parameter distribution with parameters a and b
Parameter a measures the number of successes (rijt)
and b measures the number of failures (sijt)
The overall reputation is modeled as the expected value of the Beta distributionBack
69
Proof Message updates are characterized by:
Taking the derivative of F(z,, , ) will give the rate of convergence
70
Proof (cont.)
Back
71
Robust Detection The goal is to detect compromised/faulty nodes
The lying behavior could be: Static unchanging behavior Dynamic changing liars Dynamic colluding liars We can model each one of these cases using a Hidden Markov Model
72
Problem Formulation The nodes make an observation according to:
No notion of time in our problem setup, i.e. the nodes collect all their observations, and then the detection is performed
73
Problem Formulation Expectation Maximization (EM) framework is used
to find the parameters (probability of a the node lying and the detection value)
We maximize the log likelihood based on the lying behavior we are considering (which affects the hidden parameters)
Back
74
RBS
In RBS a reference message is broadcast to two receivers and the receivers synchronize their respective local clocks to each other A transmitter broadcasts m reference messages Each of the n receivers record their local received time Receivers exchange their local times. Each receiver calculates its phase offset as the LS linear regression of the phase offsets Back
75
TPSN TPSN creates a spanning tree of the sensor network Each node finds the clock drift and propagation
delay, using:
2))()(( 3412 TTTT
2))())(( 3412 TTTTd
Back
76
77
Back
78
Denial of Service Attacks
Denial of service attack concerns any attack that diminishes the network’s capacity to perform its function
Denial of service attacks can be carried out at any of the layers of the communication stack
Back
79
Denial of Service Attacks
[WS02] A. Woods, J. Stankovic“Denial of Service Attacks in Sensor Networks”. IEEE Computer, 35(10):54-62, October 2002
Back
80
Ordinary Belief Propagation
ttsu
iutttsttss
its dxxmxxxxm
t
)()(),()(\
1
Message and belief updates:
)()()( tu
iutttt
it xmxxM
t
Back
81
LMS
}{ )10
(,)210
(2,)
110(
1min222
, 10n
Xbbn
YXbbYXbbYMedianSRmed iibb
Back
82
Time Synchronization Time synchronization protocols provide a
mechanism for synchronizing the local clocks of the nodes in a sensor network
Two ways to synchronize the clocks: Synchronization to accurate real time Relative synchronization for ordering of the events
Clock model:Back
83
FTSP (cont.) Offset:
Skew:
Back
84
Example
Back
85
Data Association (cont.)
Maximizing the posterior of the track, given the observations, Y:
zt number of objects terminated at timet, at number of new objects at time t, dt the number of detections, ft the probability of false alarms, f the false alarm rate, b the birth rate of a new object, pz the probability of an object disappearing, and pd the probability of detection.
Back
86
Attack Trees Attack trees provide a formal, methodical way of
describing the security of systems, based on varying attacks
The tree can also be used to determine where a system is vulnerable, and weigh the benefits of different countermeasures against one another
We want to develop an efficient attack tree for sensor networks An example based on the taxonomy paper
87
88
Routing Game1
The power consumption in routing has been modeled as a dynamic Bayesian game among the N nodes of the network Uses action history: hi(tk)=(si(t0), …, si(tk-1) )
This Bayesian game has a Nash equilibrium solution, but the solution strategy has not been explicitly found
1-Petteri Nurmi. “Modelling Routing in Wireless Ad Hoc Networks with Dynamic Bayesian Games”. IEEE SECON, 2004
89
Future Work What are the actual solutions to this Bayesian game
(if we can explicitly solve for the equilibrium)? Affect of memory/action history length on the
outcome of the Bayesian game Learning the reputations of nodes dynamically using
the solution to the Bayesian game Time line: 1 year
90
TRW Message Update
Back