the sybil attacksybil

8/13/2019 The Sybil Attacksybil

1/43

THE SYBIL ATTACKIN SENSOR NETWORK

Presented By: Hossen Mustafa


2/43

References

J. Newsome, E. Shi, D. Song and A. Perrig.Sybil Attack in Sensor Network: Analysis & D

In IPSN04

M. Demirbas and Y. Song.An RSSI-based Scfor Sybil Attack Detection in Wireless Sensor

Networks.


3/43

Outline

Definition of Sybil Attack Sybil Attack Taxonomy

Sybil Attacks in Sensor Network

Defense Mechanisms Conclusion


4/43

What is Sybil Attack?

The Sybil attack is defined as a malicious dillegitimately taking on multiple identities.

I am

Bob

I am

DanI am

Casey

I am

Alice

Eve


5/43

Sybil Attack Taxonomy

Three Dimensional Taxonomy1. Direct vs. Indirect Communications

2. Fabricated vs. Stolen Identities

3. Simultaneity


6/43

Direct vs. Indirect Communicatio

Direct Communication: Sybil Nodes communicates directly

with legitimate nodes

Indirect Communication Legitimate nodes are not able to

communicate directly with Sybilnode, communicates throughmalicious nodes


7/43

Fabricated vs. Stolen Identities

Fabricated Identities Attacker creates arbitrary new

identities

Stolen Identities Attacker assigns legitimate identities

to Sybil nodes


8/43

Simultaneity

Simultaneous Attacker participates with all his

identities at once

Non-Simultaneous Attacker presents a large

number of identities over a

period of time


9/43

Types of Attack

Distributed Storage Routing

Data Aggregation

Voting Fair Resource Allocation

Misbehavior Detection


10/43

Distributed Storage

Attack on replication and fragmentationmechanism

1 2 3

Process

M

Process

321


11/43

Routing

In multipath or disparity routing in, seemingdisjoint paths could in fact go through a sing

malicious node presenting Sybil identities.

S D

2

1

4

3

y

5

6


12/43

Data Aggregation

Some sensor network protocols aggregate thereading of sensors in order to conserve energy

than returning individual readings. By Sybil at

one malicious node may able to alter the read

3

2

1

34

y

5

6

7

4

1

2

1

4 5

6

52

20

1 2


13/43


14/43

Fair Resource Allocation

Sybil attack can be used in fair resourceallocation which will allow a malicious node

obtain unfair share of resources.

Ay

5

6

7

1

x

x

x

x


15/43

Misbehavior Detection

Sybil nodes can be used to spread the blaa misbehavior detection network.

Jy

5

6

7

1

x

xx

x

Node 1 misbehaved

xx


16/43

Defense Mechanism

There are two mechanisms for validating thidentity of a node:

Direct Validation: A node directly tests whethe

another node is valid or not

Indirect Validation: A node that has been veri

allowed to vouch for or refute other nodes


17/43

Previous Defenses against Sybil At

Resource Testing Assumption is that each entity is limited in some re

Verifier tests that each identity has as much of ph

resources as a physical device

Computation, storage and communication are prto be used as resources


18/43

Previous Defenses against Sybil At

Resource Testing But, computation and storage are unsuitable for w

sensor networks because attacker may have largresources

For testing communication, it is proposed to broad

request for identities and then accept replies withgiven time interval

This is also unsuitable for wireless sensor network make part of the network congested


19/43

Defenses

Radio Resource Testing Random Key Pre-distribution

Registration

Position Verification RSSI-based Detection scheme

Code Attestation


20/43

Radio Resource Testing

Assumption: Any physical device has only one radio

Radio is incapable of simultaneously sending

receiving on more than one channel


21/43


22/43


Probability of

Detection for

n = 15

channel = 15

s = 1/2/3


23/43


Probability of

Detection for

n = 15

s = 5

m = 5channel = varia


24/43

Random Key Predistribution (RK

Radom key predistribution technique allowswireless nodes to establish secure links to ot

nodes

Random set of keys is assigned to each sen

node so that it can compute common key to

node-to-node secrecy


25/43

Random Key Pre-distribution (RK

The key ideas are:1. Associate each node with the keys assigned

node

2. Key validation

Verify part or all of the keys that an identity cl

have.

Indirect and direct validation


26/43

RKP: Key Pool

A set of k keys are assigned randomly to node from a pool of m keys

During initialization phase, if two nodes sh

common keys, they can establish a link

1 2

K_2, K_4, K_5 K_3, K_4, K_7

k = 3

q = 1

K_4


27/43

RKP: Key Pool

Usable Sybil Identity: The ID that can partithe sensor network without being detected i

initialization phase

S

K_1, K_4, K_8


28/43

RKP: Key Pool Validation

Direct Validation

Indirect Validation

S 2

K_1, K_4, K_8 K_3, K_4, K_7

5

K_1, K_3, K_9

S 2

K_1, K_4, K_8 K_3, K_4, K_7

5

K_1, K_3, K_9


29/43

RKP: Key Pool Validation

Full validation is not done as it would resultexcessive communication overhead and pot

DOS attack

Validation can be limited to within the vicin

the node being validated


30/43

RKP: Key Pool

Probability a ran

generated Sybil

node is usable in

pool scheme withPool size = 20,00

Key ring size = 2


31/43

RKP: Single Space Pairwise Key Distr

This scheme assigns a unique key to each pnodes.

Each sensor node i stores unique public info

private info Vi

1 2

V1, U1, U2 V2, U1, U2

k = f(V1, U2) k


32/43

RKP: Single Space Pairwise Key Distr

This scheme ensures - secure property which m Pairwise key calculation requires + 1 memory s

each node

Network is secured even if c nodes are compromi

long as c


33/43

RKP: Multi-space Pairwise Key Distrib

This scheme can be viewed as a combination opool scheme and single space approach

The setup server randomly generates a pool okeys, each having unique private info

Each sensor node is assigned k key spaces If two nodes have at least one common key sp

they can compute their pairwise key


34/43

RKP: Multi-space Pairwise Key Distrib

Probability that an attac

Sybil identities with the

Pool m = 50

Space/node k = 4

= 49


35/43

Registration

In some sensor networks, a trusted central aumay be available for managing the network

Poll the network and compare the result to know

deployment

Any node can check the list of registered nodthe central authority


36/43

Position Verification

Applies to immobile sensor network only

Sybil node will be detected as the position

malicious node will be same


37/43

RSSI-based Detection

It uses localization algorithm Upon receiving a message, the four

detector nodes compute the locationof sender and associate this location

with the sender-ID included in themessage

But location calculation is costly

D2


38/43


Let M is a malicious node and attime t1 its forged ID is S1

D2, D3 and D4 report the received

RSSI value to representative D1

D1 computes and stores the ratios at

t1

D2


39/43


Let at time t2

its forged ID is S2

Similarly, D1 computes and stores theratios at t2

By comparing the values at t1 and t2,D1 can detect Sybil node

D2


40/43


D1

s

D2

D1

sD2 D3

D4

4-Detector Setup

100% Detection

0% False-positive

2-Detector Setup

100% Detection

3% False-positive

1-Dete

99% D

25% F


41/43

Code Attestation

The basic idea is to exploit the fact that therunning on a malicious node must be differe

from that on a legitimate node

Node can be validated by comparing its m

content


42/43

Future Work

Find out new Sybil Attack and propose exisnew defense mechanism

Scheme for Code Attestation

Effective scheme for indirect validation


43/43

QUESTIONS??

the sybil attacksybil

Documents