Title: Security of Sensor Networks
1Security of Sensor Networks
- Tanya Roosta
- TRUST Seminar
- UC Berkeley, November 9, 2006
2Overview
- Taxonomy of attacks on sensor networks
- Convergence analysis of Reweighted-Tree
sum-product algorithms - Time synchronization security
- Reputation system for tracking
- Game theory
3Overview
- Taxonomy of attacks on sensor networks
- Convergence analysis of Reweighted-Tree
sum-product algorithms - Time synchronization security
- Reputation system for tracking
- Game theory
4Background on Sensor Network
- Wireless networks consist of a large number of
motes - self-organizing, highly integrated with changing
environment and network - Highly Constrained resources
- processing, storage, bandwidth, power
- Facilitate large scale deployment
- Health care
- Surveillance
- Critical infrastructure
5Motivation
- Sometimes deployed in hostile environment, and
have random topology - Vision is to integrate sensors into critical
infrastructure, such as wireless Supervisory
Control And Data Acquisition systems (SCADA) - Traditional security techniques can not be
applied because
6Challenges Unique to Sensor Networks
- Random Topology
- Secure aggregation
- Context privacy PMRSSW06
- Scalability of trust/key management schemes
- Power and computation efficiency
PMRBSSW06 Sameer Pai, Marci Meingast, Tanya
Roosta, Sergio Bermudez, Shankar Sastry, Stephen
Wicker. Privacy in Sensor Networks A Focus On
Transactional Information. Under submission to
IEEE Security and Privacy Magazine
7Security Attacks on Sensor Networks
- Need to have a comprehensive taxonomy of security
and confidentiality attacks on sensor networks to
describe RSS06 - Attackers goal
- Trust model
- Security requirements
- Various types of attacks
- RSS06 Tanya Roosta, Shiuhpyng Shieh, Shankar
Sastry. "Taxonomy of Security Attacks on Sensor
Networks". IEEE International Conference on
System Integration and Reliability Improvements
2006
8Attackers Goal
- Eavesdropping (outsider attacker)
- Disruption of applications (insider attacker)
- Subverting a subset of sensor nodes (insider
attacker)
9Trust Model
- There is usually a central base station that
gathers all the data reported by the sensor nodes - Only trust assumption the base station is
trustworthy - No other trust requirement is placed
10Security Requirements
- Confidentiality
- Authentication
- Integrity
- Freshness
- Secure Group Management
- Availability
- Graceful degradation
11Cryptography
- Cryptography is the first line of defense
- Cryptography helps with message integrity,
authentication, and confidentiality - TinySec symmetric key cryptographic algorithm
- TinyECC Elliptic Curve Cryptography (ECC)
- Cryptography can not solve all the problems of
security in sensor networks
12Security Attacks
- Attacks can be categorized into RSS 06
- Attacks on the sensor mote
- Attacks on the protocols and applications
13Attacks on the Sensor Mote
- Non-invasive The embedded device is not
physically tampered with - Side-channel attack
- Invasive Reverse engineering followed by probing
techniques - Extract cryptographic keys
- Exploit software vulnerabilities
- Memory access control
14Attacks on Protocols/Applications
- Denial of service
- Traffic analysis
- Time synchronization
- Key management protocols
- Data aggregation protocols
- Comprehensive list in RSS06
DOS
15Overview
- Taxonomy of attacks on sensor networks
- Convergence analysis of Reweighted-Tree
sum-product algorithms - Time synchronization security
- Reputation system for tracking
- Game theory
16Graphical Models
- In probabilistic graphical models, the nodes are
random variables, and arcs (or lack of them)
encodes the conditional independence of these
random variables
- Specify a joint
probability distribution among random variables
17Graphical Models in Sensor Networks
- Graphical models useful for distributed fusion in
sensor networks CCFIMWW06 - Well-suited for sensor network structure
- Scalable inference algorithm, new message-passing
algorithms - Parallel message-passing
CCFIMWW06 M. Cetin, L. Chen, J. W. Fisher, A.
T. Ihler, R. L. Moses, M. J. Wainwright, A.
Willsky. Distributed Fusion in Sensor
Networks. IEEE Signal Processing Magazine, July
2006.
18Inference on Graphical Models
- Calculating posterior marginals is NP-hard
- Junction Tree algorithm finds exact marginals,
but is computationally expensive - Standard Belief Propagation (BP) is used as an
approximate inference algorithm
BP Equation
19Tree-Reweighted Sum-Product Algorithm
- TRW is a broader class of approximate inference
algorithms - Message adjusted by edge-based weights
- The weights are ?ts20,1
- Computational complexity identical to BP
- ? 1 recovers the standard BP
WJW05 M. J. Wainwright and T. S. Jaakkola and
A. S. Willsky. "A new class of upper bounds on
the log partition function"IEEE Trans. Info.
Theory, 2005.
20Advantages of TRW
- For suitable choices of ?, TRW, in sharp contrast
to BP, always has a unique fixed point for any
graph and any dependency strength - Additional benefit
- Message-passing updates tend to be more stable
- Faster convergence rate
21TRW in Sensor Networks
- TRW can be used in sensor networks CWCW03
- TRW and security
- Compromised nodes give faulty updates
- Need to understand
- How much of an effect the faulty updates will
have on the estimation - How the characteristics of the fixed points of
TRW are changed
CWCW03 L. Chen, M. J. Wainwright, M. Cetin, A.
S. Willsky. Multitarget-Multisensor Data
Association Using Tree-Reweighted Max-Product
Algorithm. SPIE AeroSense Conference, 2003.
22Convergence Analysis of TRW RW06
- The objective is to analyze the convergence of
the family of reweighted sum-product algorithms - We assume that the true messages are fixed
points of the algorithm - The messages are perturbed by some amount
RW06 Tanya Roosta, Martin J. Wainwright.
"Convergence Analysis of Reweighted Sum-Product
Algorithms. Submitted to IEEE International
Conference on Acoustics, Speech, and Signal
Processing (ICASSP)
23Convergence Analysis RW06
- W.L.O.G restrict attention to the case of
pair-wise cliques
?st
- The distribution defined on this graph is
- Analyze homogeneous and non-homogeneous models
24Homogeneous Model
- ?st ?, ?s ? for all edges and all nodes
- Let ddegree of the nodes
- If ?d-1 ? 1, then we are guaranteed uniqueness
and convergence of the updates - If ?d-1 1 , the update equation may have more
than one fixed point, depending on the choice of
? and ? - Proof
25d4
?critical
?
?
- Plot of the appearance of multiple fixed points
versus ? and ?
26Non-Homogeneous Model
- In the general model, convergence analysis is
based on establishing, under suitable conditions,
the updates specify a contractive mapping in the
l1 norm, i.e.
27Simulation Results
- ? uniform from 0.05,0.5, edge potentials ?st,
uniform from 0.01,1, and different values for ? - Number of nodes between 49-169
- Plot of log zm-z1 vs. the number of iterations
(m)
28More figures
29Ongoing and Future Work
- The convergence condition is somewhat
conservative - Requires the message updates be contractive at
every node of the graph - We like to have an average-case analysis
- Require that updates be attractive in an average
sense
30Overview
- Taxonomy of attacks on sensor networks
- Convergence analysis of Reweighted-Tree
sum-product algorithms - Time synchronization security
- Reputation system for tracking
- Game theory
31Why Need Time Sync.?
- Sources of error in time are
- Clock skew the difference in the frequencies of
the clock and the perfect clock - Clock offset the difference between the time
reported by a clock and the real time
Time sync.
32Effect of Time Sync. Attacks
- Time sync. protocols are vulnerable to security
attacks - Effect on applications/services MRS05
- Shooter Localization
- TDMA-based Channel Sharing
- Flexible Power Scheduling
- TDMA-based MAC protocol
- Estimation
- Authenticated Broadcast (?Tesla)
MRS05 Mike Manzo, Tanya Roosta, Shankar Sastry.
Time Synchronization Attacks in Sensor
Networks. The Third ACM Workshop on Security of
Ad Hoc and Sensor Networks 2005
33Time Sync. Protocols in Sensor Network
- Three general categories
- Reference Broadcast Synchronization (RBS)
- TPSN
- Flooding Time Synchronization Protocol (FTSP)
- In MRS05 attacks and possible countermeasures
for each time sync. protocols was explained
Description
34FTSP
- FTSP uses reference points for synchronization
- Reference point (globalTime, localTime)
- globalTime time of the transmitting node
- localTime time of the receiving node
- The receiving node uses linear regression on 8
reference points to find offset and skew
Detail
35Attacks on FTSP RS06
- A compromised node can claim to be the root node
- The compromised root sends false updates, which
will get propagated in the network - Every node accepting the false updates calculates
false offset and skew
RS06 Tanya Roosta, Shankar Sastry. Securing
Flooding Time Synchronization Protocol in Sensor
Networks". Workshop of 6th ACM IEEE Conference
on Embedded Software
36Proposed Countermeasures RS06
- Secure leader election mechanism
- distributed coin-flipping algorithms (use
cryptographic commitments) - Using redundancy
- Instead of LS on one neighbor, run LS on multiple
neighbors and take the median - Run LS on multiple random subsets of data
- Using robust estimators Least Median of Squares
(LMS)
37Future work
- Experiments
- Implementing the attacks
- Analyze the effect on the tracking application
- Implement some of the countermeasures
- Time line 6 months
38Overview
- Taxonomy of attacks on sensor networks
- Convergence analysis of Reweighted-Tree
sum-product algorithms - Time synchronization security
- Reputation system for tracking
- Game theory
39Reputation System
- Reputation systems have been used in online
ranking systems - They have proven useful as a self-policing
mechanism - In GS04 the authors propose extending this
framework to sensor networks
GS04 Saurahb Ganeriwal, Mani Srivastava.
Reputation-based framework for high integrity
sensor Networks. Proceedings of the 2nd ACM
workshop on Security of ad hoc and sensor
networks, 2004.
40Reputation System in Sensor Network
- No unifying way to design the watchdog
mechanism - Application dependent
GS04
41Reputation System for Tracking RMS06
- We designed a reputation system for the tracking
application - Tracking is fundamental in sensor networks
- Surveillance
- Pursuit Evasion Games
- Focused on Hierarchical Multi-Object Tracking
Algorithm (MCMCDA)
RMS06 Tanya Roosta, Marci Meingast, Shankar
Sastry. "Distributed Reputation System for
Tracking Applications in Sensor Networks". In
proc. of International Workshop on Advances in
Sensor Networks 2006
42MCMCDA
- The input
- a set of data indexed by time
- The output
- the association of the observed data with object
tracks - The tracking algorithm has two phases
- Data Fusion
- Data Association
ORS04 S. Oh, S. Russell, and S. Sastry.
Markov Chain Monte Carlo Data Association for
General Multiple-Target Tracking Problems. IEEE
International Conference on Decision and Control
(CDC), 2004.
43Example
ORS04
- Figure (a) shows the observed data indexed by
time, - Figure (b) shows the tracks that were formed
based on the maximum likelihood function
44MCMCDA ORS04
- Nodes equipped with motion detection sensors
- Sensor model
45Data Fusion
- In each local neighborhood, the node with the
highest signal strength declares itself to be the
leader - All the other nodes in the neighborhood send
their observations to this leader - The leader aggregates the data
46Data Association
- Each leader sends the fused observation to the
closest super-node - Super-node send their gathered fused observations
to the base station - Base station uses Markov Chain Monte Carlo (MCMC)
to associate the fused data by maximizing the
posterior of the track, given the observations
Formula
47Possible Attacks RMS06
- Adversary physically captures a subset of the
sensor nodes - Compromised nodes send faulty observations to the
leader
- Results in wrong fused observations and formation
of non-existent tracks for the moving objects
48Attacks Not Considered
- We did not allow the compromised nodes to claim
to be the leader - This problem could be solved using standard
distributed coin-flipping algorithms using
cryptographic commitments - At the central level, we need to use statistical
methods that would filter out the faulty
observations coming from the compromised leaders
49Reputation System RMS06
- The nodes do not share their reputation table
- At this point, we only use first hand
observations for updating the reputation - Each node updates the reputation of its neighbors
only when it becomes the leader - The reputation is a value in 0,1
50The Algorithm RMS06
- Leader node gathers all the observations from its
neighbors - It chooses m subsets of the observations
- The members of each subset are chosen randomly
from among all the neighbors - The leader computes the fused observation for
each subset ( )
51The Algorithm (cont.)
- is the accumulated reputation of the jth
- neighbor at node i up to time t-1
- The leader finds the median of
where i 2 1,,m
52Reputation Assignment RMS06
- The median value of the estimated location is the
trusted value (mtrust) and the nodes in the
corresponding subset are trusted nodes (Strsut) - There are two counters (?ij , ?ij) for
instantaneous reputation - ?ij positive reputation
- ?ij negative reputation
53Reputation Assignment (cont.)
- Nodes in Strust receive an instantaneous
reputation of (1,0) - For the rest of the neighbors, the leader picks
one node, sij, at a time and add it to the subset
Strust and recalculates the location estimation - Call the result of this calculation
54Reputation Update RMS06
- T is a threshold to determine how far can
be pulled away from the median mtrue - T has to take the normal level of observation
noise into account
55Reputation Aggregation RMS06
- Instantaneous reputations are aggregated to
calculate the cumulative positive and negative
reputation (rijt, sijt) - Discounting factor, ?, is used to guarantees old
reputations will be gradually forgotten - The reputation is aggregated using
Beta function
56Simulation
- The surveillance region is a square grid of size
50m x 50m - There is one node placed at each corner of each
square - The number of objects we want to track is ni
- The sensing range Rs is set to 1.5m
57Simulation (cont.)
- The noise represented by a Gaussian standard
distribution N(0,1) - Tested different scenarios
- Example the number of compromised nodes is fixed
and the sensing radius is varied from 1.5m to 3m - T 0.4, m4, and s3
- Metric the average error in the number of tracks
estimated by the algorithm compared to the actual
number of tracks
58250 compromised nodes, varying sensing radius
59Qualitative Comparison
60Future Work
- Extend the observation model to include
probability of compromised nodes using mixture
models RMG06
RMG06 Tanya Roosta, Mubaraq Mishra, Ali
Ghazizadeh. Robust Detection and Estimation in
Ad-Hoc and Sensor Networks. IEEE International
Conference on Mobile Ad-hoc and Sensor Systems,
2006
61Overview
- Taxonomy of attacks on sensor networks
- Convergence analysis of Reweighted-Tree
sum-product algorithms - Time synchronization security
- Reputation system for tracking
- Game theory
62Clustering Game
- Setup
- There are a number of clusters K
- The adversary knows what is being observed
- The adversary can not observe what the other
adversaries are doing (no collusion) - The nodes are monitoring temperature (example)
- What is the optimal compromised node placement
within the clusters to cause the most amount of
damage?
63Good node
Compromised node
Which distribution of the compromised nodes has
the most affect on the final estimation at the
center?
More Game Theory
64Conclusion
- Security in sensor networks is crucial to
successful deployment - In this talk
- proposed a taxonomy of security attacks
- Gave convergence results for TRW
- Described attacks on time sync. Protocols and the
effect on different application - Developed a decentralized reputation system for
tracking - Use of game theory to formulate security attacks
65Thank you!
66Effect on Estimation (Example)
- state of a discrete-time controlled process
- Given the measurement
67Reputation and Beta Function
- The sequence of observations can be considered as
a sample from a binomial distribution, i.e. a
sequence of independent coin tosses, with a bias
parameter P - To be clear, the head corresponds to an honest
node and the tail corresponds to a compromised
node, and the bias is the overall reputation of
the node - We can estimate the rating of a node using
Bayesian parameter estimation of the binomial
distribution - Back
68Reputation and Beta Function (cont.)
- The posterior probability of binary events is
most accurately represented by the Beta
distribution - Beta distribution is a two parameter distribution
with parameters a and b - Parameter a measures the number of successes
(rijt) and b measures the number of failures
(sijt) - The overall reputation is modeled as the expected
value of the Beta distribution
Back
69Proof
- Message updates are characterized by
- Taking the derivative of F(z,?, ?, ?) will give
the rate of convergence
70Proof (cont.)
?
Back
71Robust Detection
- The goal is to detect compromised/faulty nodes
- The lying behavior could be
- Static unchanging behavior
- Dynamic changing liars
- Dynamic colluding liars
- We can model each one of these cases using a
Hidden Markov Model
72Problem Formulation
- The nodes make an observation according to
- No notion of time in our problem setup, i.e. the
nodes collect all their observations, and then
the detection is performed
73Problem Formulation
- Expectation Maximization (EM) framework is used
to find the parameters (probability of a the node
lying and the detection value) - We maximize the log likelihood based on the lying
behavior we are considering (which affects the
hidden parameters)
Back
74RBS
In RBS a reference message is broadcast to two
receivers and the receivers synchronize their
respective local clocks to each other
- A transmitter broadcasts m reference messages
- Each of the n receivers record their local
received time - Receivers exchange their local times.
- Each receiver calculates its phase offset as the
LS linear regression of the phase offsets
Back
75TPSN
- TPSN creates a spanning tree of the sensor
network - Each node finds the clock drift and propagation
delay, using
Back
76(No Transcript)
77Back
78Denial of Service Attacks
- Denial of service attack concerns any attack that
diminishes the networks capacity to perform its
function - Denial of service attacks can be carried out at
any of the layers of the communication stack
Back
79Denial of Service Attacks
Back
WS02 A. Woods, J. StankovicDenial of Service
Attacks in Sensor Networks. IEEE Computer,
35(10)54-62, October 2002
80Ordinary Belief Propagation
- Message and belief updates
Back
81LMS
Back
82Time Synchronization
- Time synchronization protocols provide a
mechanism for synchronizing the local clocks of
the nodes in a sensor network - Two ways to synchronize the clocks
- Synchronization to accurate real time
- Relative synchronization for ordering of the
events - Clock model
Back
83FTSP (cont.)
Back
84Example
Back
85Data Association (cont.)
- Maximizing the posterior of the track, given the
observations, Y
Back
zt number of objects terminated at time t, at
number of new objects at time t, dt the number of
detections, ft the probability of false alarms,
?f the false alarm rate, ?b the birth rate of a
new object, pz the probability of an object
disappearing, and pd the probability of detection.
86Attack Trees
- Attack trees provide a formal, methodical way of
describing the security of systems, based on
varying attacks - The tree can also be used to determine where a
system is vulnerable, and weigh the benefits of
different countermeasures against one another - We want to develop an efficient attack tree for
sensor networks - An example based on the taxonomy paper
87(No Transcript)
88Routing Game1
- The power consumption in routing has been modeled
as a dynamic Bayesian game among the N nodes of
the network - Uses action history hi(tk)(si(t0), , si(tk-1)
) - This Bayesian game has a Nash equilibrium
solution, but the solution strategy has not been
explicitly found
1-Petteri Nurmi. Modelling Routing in Wireless
Ad Hoc Networks with Dynamic Bayesian Games.
IEEE SECON, 2004
89Future Work
- What are the actual solutions to this Bayesian
game (if we can explicitly solve for the
equilibrium)? - Affect of memory/action history length on the
outcome of the Bayesian game - Learning the reputations of nodes dynamically
using the solution to the Bayesian game - Time line 1 year
90TRW Message Update
Back