secure localization : location verification and detection of malicious nodes in wsn
DESCRIPTION
Secure Localization : Location Verification and detection of Malicious nodes in WSN. Advisor: Dr. Tricia Chigan Presenter: Solomon Ayalew. Outline. Introduction and Background Location discovery in wireless sensor networks Localization systems Detection of malicious nodes - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/1.jpg)
Secure Localization: Location Verification and detection of
Malicious nodes in WSNAdvisor: Dr. Tricia Chigan
Presenter: Solomon Ayalew
3/16/2012 1
![Page 2: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/2.jpg)
Outline Introduction and Background Location discovery in wireless sensor networks Localization systems Detection of malicious nodes Types of attacks on WSN’s Cryptography in secure localization Revocation of malicious nodes Comparison of Secure Localization Algorithms
3/16/2012 2
![Page 3: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/3.jpg)
Introduction & background (I) Wireless Sensor Ntk’s
Low cost, Low power, mobility of nodes dynamic topology, withstand harsh environment unattended operation, ability to cope with node failure Autonomous systems randomly deployed in remote hostile
environments.
3/16/2012 3
![Page 4: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/4.jpg)
Introduction & background (II)
Multi functional Applications
battlefield surveillance enemy tracking Environmental medical and industrial fields
Their location play’s a very important role in their application localization systems are target of attack Wrong location:- wrong military plan, wrong decision
3/16/2012 4
![Page 5: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/5.jpg)
source of Pictures
http://www.decentlab.com/index.php?id=2http://www.indefia.com/products/hardware/wsn/http://www.sics.se/~luca/profile.html
3/16/2012 5
![Page 6: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/6.jpg)
3/16/2012 6
![Page 7: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/7.jpg)
Cont… Official terminologies
GPS is expensive. So new protocols come: use special nodes called Beacon Nodes (landmarks, anchors, locators)
o They Know their own location through GPS receivers or Manual configuration
Regular (unknown/free/dumb) nodes will learn from the beacons. How????
Detecting beacon node:- node performing detection on received signal Target node:- node being detected Node ID: - Id used by a detecting beacon node to make a target
beacon node believe that a non-beacon node wants to communicate.
3/16/2012 7
![Page 8: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/8.jpg)
cont
3/16/2012 8
Deployment of sensor nodes. Ref [1]
![Page 9: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/9.jpg)
Location discovery in WSN nodes. Stage 1
Non beacon nodes receive radio signal called Beacon Signal/Beacon Packet form Beacon nodes.
Beacon Packet = f (RSSI, ToA, TDoA, AoA, (x,y)) where RSSI is Received Signal Strength Indicator. ToA :- Time of Arrival.
TDoA Time Difference of Arrival. Location References AoA:- Angle of Arrival
Stage 2 Based on different References', nodes determine
their own location with minimum estimation error. But if some beacon nodes r malicious???
3/16/2012 9
![Page 10: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/10.jpg)
Localization systems1. Distance/angle estimation:-
Estimate regarding distance &/or angle b/n 2 nodes.
Based on RSSI, ToA, or hop count analysis.• This values are affected by Δ signal power or introduce
noise obstacles or magnet to the sensor field.
2. Position computation:- Compute the position of a node based on the
received signal.• Some techniques use trilateration, multilateration or
triangulation.
3/16/2012 10
![Page 11: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/11.jpg)
Cont…3. Localization algorithms:-
Main component of the localization system Distributed and multi-hop algorithms Info manipulated; WSN nodes know their
positions.
rref [6]
Fig xx the division of localization systems in to 3 distinct components3/16/2012 11
![Page 12: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/12.jpg)
Detection of malicious nodes
Example. [1]
ref [1]
Detecting node N sends request message to the target node NA.
Target node reply a Beacon Packet (beacon signal) that includes its own location (x’, y’).
Then the detecting node will do calculationsEstimates the distance between them based on Beacon
signal.
3/16/2012 12
![Page 13: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/13.jpg)
Cont..Calculate the distance between them from (x’,y’)&
(x,y)If | - measured distance| > maximum
measurement error, the node is Malicious can’t be a node Malicious by satisfying the above
condition ???? ....Condition not satisfied mean this node is Malicious???
Consider an attacker reply a previously captured signal.
DRBTS[7] (distributed reputation based beacon trust system):- each beacon node monitors its neighborhood for suspicious beacon nodes. Build a trustworthy table so that other nodes will chose
highly trustworthy nodes.3/16/2012 13
![Page 14: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/14.jpg)
Types of Attack’s ref [8]
Distance fraud attack Mafia fraud attack Terrorist fraud attack Wormhole attack Sybil attack Spoofing attack Jamming Overshadowing Manipulation and Replay3/16/2012 14
![Page 15: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/15.jpg)
Attacks against Location discoverybeacon node NB attacking node NA Malicious node NB
(x,y) (x’, y’) (x, y)
I am NB location I am NB & my location is (x, y) (x’, y’)
N N
a) Masquerade beacon b) compromised beacon node
Beacon node NB
I am NB my location attacking node NA
(x, y) is (x, y) (x’,y’) Malicious/ attacking node is a node that have access to a compromised cryptographic keys
. I am NB @ (x,y)
N
c) Replay attack ref [1]3/16/2012 15
![Page 16: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/16.jpg)
Cont…
3/16/2012 16
a) Sybil attack b) reply attack c) wormhole attack
Ref [6]
![Page 17: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/17.jpg)
Cont…
a) Sybil attack:- Malicious node appears in different poistions.
b) Reply attacks:- Store a received packet(from a beacon node) &
respond it later. Estimated distance & calculated distance are
different. Cant be the some????
3/16/2012 17
![Page 18: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/18.jpg)
Cont…C ) Wormhole attack:-
Received signal by malicious node in 1 side of the ntk is sent and replicated by other side of the ntk.
Developed algorithms: Geographical Leashes, Directional
antenna works if two nodes are neighbors. Temporal Leashes needs synchronization and large mem space to save auth. Keys. Round trip time:- doesn’t need synchronization.
Assumption, all nodes are equipped with Wormhole detectors.RTT = [(R4-R1)-(R3-R2)] where t1: time to finish sending first byte of request
t2: time to finish receiving first byte of request
t3: time to finish sending first byte of reply
t4: time to finish receiving first byte of reply
3/16/2012 18
![Page 19: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/19.jpg)
Cryptography in secure localization Cryptograph is against externally deployed hostile nodes.
But here we are talking about compromised nodes. Attackers have access to secret keys and passwords
So most secure localization algorithms use non-cryptographic security techniques.
Cryptography is 2nd Line of defense.E.g HiRLoc, ROUPE, SeRLoc
Communication between beacon nodes &BS and some algorithms use cryptography. E.g SPINe3/16/2012 19
![Page 20: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/20.jpg)
Revocation of Malicious Nodes
• A Beacon node will report its detection to the base station securely. ==>they use shared key.
• Alert [detecting node ID, target node ID].• Base station maintains alert counter & report
counter. Alert counter :- suspiciousness of this node. Report counter:- # of alerts this node reported.
Why?? If malicious node repots against Benign B. nodes
3/16/2012 20
![Page 21: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/21.jpg)
Comparison of different algorithms ref[6]
3/16/2012 21
![Page 22: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/22.jpg)
Cont…
3/16/2012 22
![Page 23: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/23.jpg)
Cont…
HiRloc/SeRloc Rope Liu et al
Based on Distance estimation RTT (round trip time)
WRBTS Keeps neighbor- reputation table Trustworthiness by voting
3/16/2012 23
![Page 24: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/24.jpg)
Cont… HiRloc (High resolution range independent localization)
Extended version of SerLoc (secure range independent localization) doesn’t perform range measurment Sensors don’t interact to determine their location Beacon nodes called locaters Locators know their location and orientation (antenna) Sensors determine their position Passively.
3/16/2012 24
![Page 25: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/25.jpg)
Location determination
Each locator transmits1. Locators coordinate2. Angel of sector boundary3. Locators communication range
Sensors don’t perform Signal strength measurement angle of arrival measurement or time of flight HirLoc and SeRloc are range independent
3/16/2012 25
![Page 26: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/26.jpg)
Cont…
3/16/2012 26
![Page 27: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/27.jpg)
Cont…
Region of intersection (ROI) Is the region formed by intersection of the locators signal Location determination perfection
Varying the antenna orientation or rotation Varying the communication range. SeRloc do this by
Increasing the locator density Narrower antenna sectors hardware complexity, expensive
Weakness of HiRloc and SeRloc, assumption no Jamming
3/16/2012 27
![Page 28: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/28.jpg)
ROPE
ROPE (RObust Position Estimation) Resistant to jamming Accept the existence of malicious nodes Assuming Benign nodes outnumber malicious nodes Statistical and outlier filtering techniques Sensors request update of their position Assumption:-
Sensors share a pair wise key. DBIR (Distance Bounding Intersection Region)
3/16/2012 28
![Page 29: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/29.jpg)
Cont…
3/16/2012 29
![Page 30: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/30.jpg)
Location estimation in ROUPE1. Sensor broadcasts it ID and nonce Ns
2. Locator that is in range performs distance bounding Sensor defines its LDB
3. If LDB>=3 perform Verifiable Multilateration (VM) Computes it location Notify this to locators Terminate the algorithm
4. If locator didn’t receive notification==> sensor don’t know his position. Do more specific steps looks like the above.
Weakness of ROPE, needs at least 3 locators unlike 2 for HiRloc/SeRloc
3/16/2012 30
![Page 31: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/31.jpg)
.
?
3/16/2012 31
![Page 32: Secure Localization : Location Verification and detection of Malicious nodes in WSN](https://reader035.vdocuments.mx/reader035/viewer/2022062310/568163a6550346895dd4b022/html5/thumbnails/32.jpg)
References
1. D.Liu, P.Ning, and W.Du “”Detecting Malicious beacon Nodes fir Secure Location Discovery in Wireless Sensor Networks” 25th ICDCS, 2005,pp.609-19.
2. L.lazos, R. Poovendran, and S.Capkun “Rope: Robust Position Estimation in Wireless sensor Networks” Proc IPSN, Apr. 2005 pp. 324-31
3. L.lazos, and R. Poovendran, “Hirloc: High-Resolution Robust Localization for Wireless Sensor Networks ” IEEE JSAC Vol. 24, Feb 2006, pp. 233-46
4. L.lazos, and R. Poovendran, “Serloc: Secure Range-independent Localization for Wireless Sensor Networks” IPSN, Apr. 2005, pp.324-31.
5. S.Capkun and J. Hubaux “Secure Positioning in Sensor Networks” …6. A.Boukerche, H. Oleiveira, E. Nakamura and A. Loureio “Secure Localization Algorithms for
Wireless Sensor Networks” …7. Z. Li et al., “Robust Statistical Methods for Securing Wireless Localization in Sensor Networks”
IPSN ’05, p. 128. W. Ammar, A. ELDawy, M. Youssef “ Sensor Localization in a Wireless Sensor Networks” June
2007
3/16/2012 32