Counteracting Denial-of-Sleep Attacks in Wake-up-based Sensing - - PowerPoint PPT Presentation

counteracting denial of sleep attacks in wake up based
SMART_READER_LITE
LIVE PREVIEW

Counteracting Denial-of-Sleep Attacks in Wake-up-based Sensing - - PowerPoint PPT Presentation

Aug 22, 2022 196 likes •337 views

IEEE SECON 2016 Counteracting Denial-of-Sleep Attacks in Wake-up-based Sensing Systems Angelo T. Capossele, Valerio Cervo, Chiara Petrioli, Dora Spenza Motivation: Duty Cycling Tradeoff between energy saving and data latency Low duty cycle

slide-1
SLIDE 1

Counteracting Denial-of-Sleep Attacks in Wake-up-based Sensing Systems

Angelo T. Capossele, Valerio Cervo, Chiara Petrioli, Dora Spenza

IEEE SECON 2016

slide-2
SLIDE 2

Motivation: Duty Cycling

Tradeoff between energy saving and data latency

Without duty cycle Low latency Lifetime: <5 days Low duty cycle Latency: 10s of s Lifetime: >1yr

slide-3
SLIDE 3

Nodes with wake-up receivers

  • Energy-efficient on-demand communication
  • ULP receiver continuously monitoring the channel
  • Nodes sleep until communication is needed
  • Selective awakenings (WUR address)
slide-4
SLIDE 4

The problem: Denial of Sleep attack

WAKE UP!!

  • 1. Bruteforce
  • 2. Replay attack
slide-5
SLIDE 5

Effect of DoS attacks on lifetime

Single attacker: replay attack every 10s Normal operation Network under attack

Lifetime (years)

4 20 12 8 16

slide-6
SLIDE 6

Our solution: AntiDoS

Bootstrap phase Key Management Protocol

  • Lightweight
  • Mutual authentication

Prevent replay attack WUR addresses updated in a pseudo- random fashion after every use MAC(common secret key, ...) Secure wake ups only from authorized nodes

slide-7
SLIDE 7

AntiDoS protocol (unicast)

A B

Compute B address Send WUR request WUR address matching Receive Data Send Data Communication Update WUR address Awakening Prevent replay attacks Wake-up radio Main radio MAC(secret, IDs, SN) MAC(secret, IDs, SN)

slide-8
SLIDE 8

Bruteforce

Attacker must use datarate of the WUR

slide-9
SLIDE 9

Simulation setup

  • Simulation framework: GreenCastalia
  • WUR model: actual prototype,

experimental data

  • Monitoring application, converge casting (CTP)
  • Single attacker randomly placed in the field
  • Overhear legitimate WUR addresses
  • Re-broadcast them every 10s to prevent nodes

from sleeping

slide-10
SLIDE 10

Simulations results: Energy

slide-11
SLIDE 11

Experimental validation

  • MagoNode++

○ WUR ○ Energy harvesting

  • TinyOS implementation

Energy consumption of AntiDos operations

  • Scalar addition/multiplication 14 uJ
  • SHA-160

0.04 mJ

  • HMAC

0.28 mJ ...

slide-12
SLIDE 12

Denial of Sleep attacks are a significant threat for WUR-based sensing systems AntiDos

  • Secure wake ups (authorized nodes)
  • “Disposable” WUR addresses thwarts replay

attacks

Conclusion

slide-13
SLIDE 13

Thank you!