mark w. propst scientific research corporation. attack motivations vulnerability classification ...
TRANSCRIPT
![Page 1: Mark W. Propst Scientific Research Corporation. Attack Motivations Vulnerability Classification Traffic Pattern Analysis Testing Barriers Concluding](https://reader035.vdocuments.mx/reader035/viewer/2022080915/56649dca5503460f94ac0880/html5/thumbnails/1.jpg)
Wireless Sensor Route Obfuscation
Mark W. PropstScientific Research Corporation
![Page 2: Mark W. Propst Scientific Research Corporation. Attack Motivations Vulnerability Classification Traffic Pattern Analysis Testing Barriers Concluding](https://reader035.vdocuments.mx/reader035/viewer/2022080915/56649dca5503460f94ac0880/html5/thumbnails/2.jpg)
2
Attack Motivations Vulnerability Classification Traffic Pattern Analysis Testing Barriers Concluding Remarks
Outline
![Page 3: Mark W. Propst Scientific Research Corporation. Attack Motivations Vulnerability Classification Traffic Pattern Analysis Testing Barriers Concluding](https://reader035.vdocuments.mx/reader035/viewer/2022080915/56649dca5503460f94ac0880/html5/thumbnails/3.jpg)
3
Wireless Sensor Network link-layer protocols are derived from mobile ad hoc networks which leaves them vulnerable to the same type of attacks
They are typically deployed in un-secured hostile environments leaving them vulnerable to physical attack
The sensor nodes lack the processing power and battery life to perform countermeasures typically utilized in many fixed and mobile ad hoc networks
Wireless Sensor Network Utilization
![Page 4: Mark W. Propst Scientific Research Corporation. Attack Motivations Vulnerability Classification Traffic Pattern Analysis Testing Barriers Concluding](https://reader035.vdocuments.mx/reader035/viewer/2022080915/56649dca5503460f94ac0880/html5/thumbnails/4.jpg)
4
Unauthorized data observation Unauthorized data manipulation Data unavailability
Three Vulnerability Classifications1
1) Bertino, E., & Sandhu, R. (2005). Database Security-Concepts, Approaches, and Challenges. IEEE Trans. Dependable Secur. Comput., Vol 2, issue 1, pp. 2–19.
![Page 5: Mark W. Propst Scientific Research Corporation. Attack Motivations Vulnerability Classification Traffic Pattern Analysis Testing Barriers Concluding](https://reader035.vdocuments.mx/reader035/viewer/2022080915/56649dca5503460f94ac0880/html5/thumbnails/5.jpg)
5
There is currently a plethora of research attempting to understand and counter the manipulation of individual nodes within a wireless sensor network
◦ Threshold Cryptography and Authentication2 is an example of unique methods to protect and detect
◦ Similarly, Adaptive Intrusion Detection3 detects malicious nodes in a sensor network
Unauthorized Data Observation/Manipulation
2) Piya, T., & Andrew, J. (2007). Adaptive Intrusion Detection in Wireless Sensor Networks. Intelligent Pervasive Computing, International Conference on, 0, 23-28.3) Marianne, A. A., Sherif, M. E.-K., & Magdy, S. E.-S. (2007). Threshold Cryptography and Authentication in Ad Hoc Networks Survey and Challenges. Systems and Networks Communication, International Conference on, 0, 5.
![Page 6: Mark W. Propst Scientific Research Corporation. Attack Motivations Vulnerability Classification Traffic Pattern Analysis Testing Barriers Concluding](https://reader035.vdocuments.mx/reader035/viewer/2022080915/56649dca5503460f94ac0880/html5/thumbnails/6.jpg)
6
Cluster heads typically have greater processing power, provide geo-location, encryption keys, and act as a gateway of information from the sensor network to the outside world
Attacking and defeating a cluster head will render the entire sensor cluster non-operational
Unlike mobile networks, sensor networks are typically static, leading to predictable routing paths
With predictable routing paths, the cluster head of a sensor network can be detected
Data UnavailabilityCluster Head Attack Motivations
![Page 7: Mark W. Propst Scientific Research Corporation. Attack Motivations Vulnerability Classification Traffic Pattern Analysis Testing Barriers Concluding](https://reader035.vdocuments.mx/reader035/viewer/2022080915/56649dca5503460f94ac0880/html5/thumbnails/7.jpg)
7
There are two methods to attack the same static path vulnerability:◦ Route Correlation (Rate Monitoring)◦ Frequency Domain Analysis (Time Correlation)
Both rely on the correlation of time between transmission events on successive nodes to determine the path to the cluster head
Cluster Head Attack Methodology
![Page 8: Mark W. Propst Scientific Research Corporation. Attack Motivations Vulnerability Classification Traffic Pattern Analysis Testing Barriers Concluding](https://reader035.vdocuments.mx/reader035/viewer/2022080915/56649dca5503460f94ac0880/html5/thumbnails/8.jpg)
8
Link-layer encryption, such as onion encryption, can effectively prevent packet sniffing.
To defeat frequency domain analysis, most obfuscation techniques attempt to bring the noise floor up to the transmission level by generating excess packets
Obfuscation Techniques
![Page 9: Mark W. Propst Scientific Research Corporation. Attack Motivations Vulnerability Classification Traffic Pattern Analysis Testing Barriers Concluding](https://reader035.vdocuments.mx/reader035/viewer/2022080915/56649dca5503460f94ac0880/html5/thumbnails/9.jpg)
9
Transmission Time Correlation
1 6 11 16 21 26 31 36 41 46 51 56 61 66 71 76 81 86 91 960
0.2
0.4
0.6
0.8
1
1.2
1 6 11 16 21 26 31 36 41 46 51 56 61 66 71 76 81 86 91 960
0.2
0.4
0.6
0.8
1
1.2
ΔT ΔT
SHF Power SHF Power
Easily identifiable transmission sequence Theoretical obfuscation
![Page 10: Mark W. Propst Scientific Research Corporation. Attack Motivations Vulnerability Classification Traffic Pattern Analysis Testing Barriers Concluding](https://reader035.vdocuments.mx/reader035/viewer/2022080915/56649dca5503460f94ac0880/html5/thumbnails/10.jpg)
10
Most current methodologies attempt to obfuscate routing signatures by introducing superfluous traffic.
◦ Flooding◦ Generic Random Walk◦ Greedy Random Walk◦ Directed Random Walks◦ Store and Forward
Obfuscation Methodology
![Page 11: Mark W. Propst Scientific Research Corporation. Attack Motivations Vulnerability Classification Traffic Pattern Analysis Testing Barriers Concluding](https://reader035.vdocuments.mx/reader035/viewer/2022080915/56649dca5503460f94ac0880/html5/thumbnails/11.jpg)
Mark W. Propst DCIS 730 11
Onion Routing requires every node to encrypt the packet, consuming valuable battery power encrypting every packet for every hop
Bringing up the noise floor through the utilization of random walk strategies effectively obfuscates the traffic, but at the cost of sensor network life
Obfuscation Short Comings
![Page 12: Mark W. Propst Scientific Research Corporation. Attack Motivations Vulnerability Classification Traffic Pattern Analysis Testing Barriers Concluding](https://reader035.vdocuments.mx/reader035/viewer/2022080915/56649dca5503460f94ac0880/html5/thumbnails/12.jpg)
12
How do we test network routing obfuscation?
◦ This is typically done in simulation by applying a propositional satisfiability solver such as GSAT4
◦ Propositional satisfiability solvers are very efficient at comparing obfuscation methodologies, however, the results between different implementers are NOT comparable
◦ There is currently no repeatability in testing
Testing
4) Selman, B., Levesque, H., & Mitchell, D. (1992). A new method for solving hard satisfiability problems. In National conference on artificial intelligence (pp. 440-446).
![Page 13: Mark W. Propst Scientific Research Corporation. Attack Motivations Vulnerability Classification Traffic Pattern Analysis Testing Barriers Concluding](https://reader035.vdocuments.mx/reader035/viewer/2022080915/56649dca5503460f94ac0880/html5/thumbnails/13.jpg)
13
Development of new energy efficient routing protocols with high obfuscation properties which mask the RF signature of the routing topology must happen to stay ahead of current and developing threats
The development of standardized test tools to compare and contrast new obfuscation protocols is just as important as developing the obfuscation protocols
Conclusion