detectability of man-in-the-middle attacker in mobile sensor networks

8/13/2019 Detectability of Man-in-the-Middle Attacker in Mobile Sensor Networks

http://slidepdf.com/reader/full/detectability-of-man-in-the-middle-attacker-in-mobile-sensor-networks 1/5



International Journal of Advanced Computer Science, Vol. 3, No. 2, Pp. 99-103, Feb., 2013.

International Journal Publishers Group (IJPG) ©

100

neighboring in the network if and only if a bidirectional

radio link can be established between them.

Mobility: We do not require the sensor to be immobile

however we do assume that any movement of sensors willoccur at a speed that appears stationary for the duration of

individual radio transmissions. Therefore, although they

are mobile, yet they will be considered stationary for each

individual instance of communication among pairs of nodes.

Identity: We assume certain cryptographic primitives

including: a unique identity for each node assigned a priori

by the authority who maintains the network and private key

pairs among each pair of nodes [8]. These strong

cryptographic key assignments can be used to authenticate

packets and confidentiality of the network.

Timing: We do not assume that our sensor nodes are

equipped with chip-scale atomic clocks (CSACs) [9].

CSACs deliver the accuracy and stability of an atomic clock

to portable applications by consuming relatively little space

and power. CSACs also provide time accuracy two orders of

magnitude better than the quartz-based solution. These tiny

clocks are accurate to within about less than half a

microsecond per day and can effectively remediate the

challenges presented by distributed time synchronization.

3. Attacker Model

We consider a pervasive and computationally bounded

man-in-the-middle adversary who can overwhelm a node’s

radio hardware by transmitting or receiving beyond the

node’s radio capabilities. We assume that the adversary can

control any communication channel he creates and is able to

eavesdrop, insert, and block arbitrary messages within it.

Fig. 1 shows the attacker node along with other two

legitimate nodes and a falsely perceived link (dotted line)

between the two legitimate nodes A and B.

Fig. 1: The attacker (M) relays messages between two

legitimate nodes (A and B), creating the illusion that A and

B are connected.

The attacker (M) receives messages from both A and B

and creates a fake communication link between A and B.

Both A and B assumes there they are communicatingdirectly without any intermediate node. This type of attack

made by M is called the man-in-the-middle attacker.

4. Discussion

In this section, we discuss the how the detectability of aman-in-the-middle attack as mentioned in [6] can vary. First,

we describe detectability in terms of the node’s radio

capacity. Then, we consider the geographical location of the

man-in-the-middle attacker. We demonstrate how

detectability depends on the turnaround time, location, and

radio capacity of the legitimate nodes and the attacker.

A. Radio Capability

The communication or radio capability of a sensor node

is either half-duplex or full-duplex on a given channel. A

half-duplex node can transmit or receive but cannot do bothsimultaneously. A full-duplex node is one which can

simultaneously transmit and receive. A double full-duplex

node has full-duplex capabilities on two independent

channels. Here, we summarized the different scenarios of

the [6] based on the radio model of the attacker and

legitimate nodes. The Table 1 shows the detectability of the

man-in-the-middle attacker based on the various channel

types.

TABLE 1

Detectability of the man-in-the-middle attacker

Legitimate Nodes Attackernode

Detectability

Half-Duplex or

Full-DuplexHalf-duplex Yes (Always)

Half-Duplex Full-DuplexDepends on attacker’s

location

Full-Duplex Full-DuplexDepends on turnaround

time

Half-Duplex or

Full-Duplex

Double

Full-DuplexImpossible

Since a half-duplex attacker cannot transmit and receive

simultaneously, it will introduce more delay than the direct

communication between two legitimate nodes. Therefore, it

is always detectable. On the other hand, a double

full-duplex attacker can inject a constant delay, and thus,

cannot be detected with timing information alone [6]. If the

attacker is equipped with better radio capacity compared to

the legitimate nodes, detectability depends on the

turn-around time of the attacker and therefore is a function

of the distance between each of the nodes and the attacker.



Mohammad Abdus Salam: Detecability of Man-in-the-Middle Attacker in Mobile Sensor Networks.


101

B. Attacker’s Location

As stated in [6], there is proportionality between the

turn-around time of a full-duplex attacker and the minimum

distance required to detect the temporal distortion caused by

that attacker. If the distance between the attacker and eachnode is greater than half the product of each respective

node’s turnaround time and the speed of light, a WSN node

can detect the attacker through careful timing analysis of the

messages exchanged between the nodes. The minimum

distances between nodes A, B and attacker M are expressed

symmetrically:

A MA c 2

1

B MB c 2

1

Here,

MA is the distance between node A and

attacker M. Similarly, MB

is the distance between node

B and attacker M, c is the speed of light, and A

and

B

are the turnaround time of node A and B, respectively. If

an attacker is positioned anywhere outside of ranges MA

and MB

, then we can detect M. On the other hand, if the

attacker M is standing within range of both MA

and

MB

then detection becomes impossible. This distance

relationship is illustrated in Fig. 2.

Fig. 2: Location of attacker M with respect to other legitimate nodes A and

B.

Alternatively, variations of the man-in-the-middle attack

can be framed in terms of the location. For illustrative

purposes we assume that legitimate nodes A, B, and attacker

M are using omnidirectional antennas and their transmission

ranges are r A, r B, and r M, respectively.

If the distance between node A and node B is greater

than minimum of r A and r B, then a link cannot be established

because bi-directional communication is not possible. If the

distance between node A and node B is less than r

(assuming r A=r B), then the nodes can communicate each

other and a link can be established. Fig. 3 illustrated the

communication range of each node. Next, we discuss some

cases where detectability is possible and other cases where

detectability is not possible.

Fig. 3: Nodes transmission range

Case I: A and B are within direct communication range

If the distance between A and B is less than r then the

two legitimate sensor nodes A and B are within the direct

communication range and a link can be established. In this

case, it is very easy to detect the attacker M because at

least 1 out of n packages received by B will come directly

from A [6].

Fig. 4: (Case I) Distant between attacker and node is less than r

Fig. 4 (Case I) illustrates this case where A and B are

less than r distance apart and the attacker M does not have

the complete control of the channel. A and B can

communicate directly and any delayed packet due to the

attacker may be detected easily and discarded.

Case II: A and B are 2rM distant away from each other

The distance between A and B is between r and

2r M. In this case, direct communication between A and B is

impossible and a man-in-the-middle attack may be effective,

persistent and executed by a single well positioned attacker.

Detection is difficult near r but becomes easier as the

distance approaches 2r M through timing mechanisms

described in [6]. When A and B are positioned exactly 2r M

apart, the attacker is at his maximum effective range. Fig. 5

(Case II) confirms this case.



International Journal of Advanced Computer Science, Vol. 3, No. 2, Pp. 99-103, Feb., 2013.


102

Fig. 5: (Case II) Distant between nodes A and B is 2r M

Case III: A and B are more than 2rM distance away from

each other

The distance between A and B is greater than

2r M. Man-in-the-middle attacks are executable only by

multiple attackers and are easy to detect for fixed

turn-around times. Fig. 6 (Case III) illustrates this case. In

this scenario, A and B cannot communicate directly and the

attackers have the complete control over the channel. As thedistance between A and B goes further, multiple attackers

may participate in establishing a link between A and B.

Fig. 6: (Case: III) Distant between nodes A and B is greater than 2r M

In case of multiple man-in-the-middle attackers such as,

M1 and M2, as shown in Fig. 7, they will incur more delay

in the network compared to a single attacker. Moreover, if

we consider multiple attackers combine effect as a single

effect, we will get dotted red rectangle. We can use the

turnaround time and location of the attacker to detect the

attacker M whether it is closer or further from any node.

Fig. 7: Multiple man-in-the-middle attackers cooperating to create the

illusion of one link between A and B

We can summarize the above various cases by Fig. 8 in

terms of their distances and detectability. When the

legitimate nodes are within their direct communication link,

it is easy to detect the attacker. When the legitimate nodes

depart beyond the direct communication range, the attacker

can take the advantages of their distances, and it will be

hard to detect the attacker through timing analysis only.Beyond the distance 2r M, if multiple man-in-the-middle

attackers participate to establish a link between two

legitimate nodes, it will be easy to detect the presence of

attackers because of the imposed longer turnaround time by

the attackers.

Fig. 8: Detectability with distances among the nodes

5. CONCLUSIONS

In this paper, we presented a timing and location-based

analysis of man-in-the-middle attack scenarios. When an

attacker uses same technology as the legitimate nodes, the

attack will always be detectable. Whereas, if the attacker is

using more sophisticated equipment such as double

full-duplex radio channel then it is impossible to detect the

attacker. Moreover, full-duplex attackers may or may not be

detectable depending on location of the attacker and the

turnaround times of the nodes. Further research may includethe utilization of chip-scale atomic clock in various sensor

nodes. Moreover, the utilization of geographical positioning

system to detect the location of sensor nodes is also an

important area to explore further.

Acknowledgment

The author would like to recognize and thank Kevin B.

Bush for his conceptual and editorial contributions to thiswork.

References

[1] M. Salam, O. Soysal, and H. Schneider, “Integration

of wireless sensor networks in geographical

information systems: a survey,” the 2010 international

conference on modeling, simulations & visualization

methods, July 12-15, 2010, Las Vegas, Nevada, USA.

[2] G. Tolle, J. Polastre, R. Szewczyk, N. Turner, K. Tu,

S. Burgess, D. Gay, P. Buonadonna, W. Hong, T.

Dawson, and D. Culler, “A microscope in redwoods,” in

SenSys ’05, November 2005.

[3] Y. Chen, S. Son, “A fault tolerant topology control in

wireless sensor networks,” in proceedings of the



Mohammad Abdus Salam: Detecability of Man-in-the-Middle Attacker in Mobile Sensor Networks.


103

ACS/IEEE 2005 International Conference on Computer

Systems and Applications, 2005.

[4] L. Lamport, R. Shostak, and M. Pease, “The Byzantine

Generals Problem,” ACM Transactions on Programming

Languages and Systems, Vol. 4, No. 3, July 1982, Pages

382-401.[5] S.Guo, Z. Zhong, T. He, “FIND: Faulty node detection

for wireless sensor networks,” in the SenSys ’09,

November 4-6, Berkeley, CA, USA.

[6] J. Chiang, J. Haas, Y. Hu, P. Kumar, and J. Choi,

“Fundamental limits on secure clock synchronization

and man-in-the-middle detection in fixed wireless

networks,” in Proceedings of INFOCOM. IEEE , 2009.

[7] M. Healy, T. Newe, and E. Lewis, “Security for wireless

sensor networks: a review,” IEEE sensor applications

symposium, New Orleans, LA, USA, February 17-19,

2009.

[8]

A. Perrig, R. Szewczyk, V. Wen, D. Cullar, and J. Tygar,“SPINS: Security protocols for sensor networks,” in

proceedings of the 7th ACM International Conference on Mobile Computing and Networking (Mobicom’01).

[9] Chip-scale atomic clock, Available:

http://www.symmetricom.com/csac/.

Mohammad Abdus Salam is an

Associate Professor in the Department of

Computer Science at Southern

University, Baton Rouge, Louisiana. He

received his BS degree in Electrical and

Electronics Engineering fromBangladesh Institute of Technology,

Rajshahi in 1991 and MS and Ph.D. degrees from Fukui

University, Japan, respectively in 1998 and 2001. Prior to 2005, he

worked as an adjunct faculty member of Mathematics and

Computer Science at the City University of New York at York

College, and as a postdoctoral fellow in the Department of

Electrical and Computer Engineering at the University of South

Alabama, Mobile, Alabama. He is a senior member of IEEE. His

research interests include wireless communication, error-control

coding, and sensor networks.

detectability of man-in-the-middle attacker in mobile sensor networks

Documents