| 1. |
- Flury, M., et al.
(författare)
-
Effectiveness of distance-decreasing attacks against impulse radio ranging
- 2010
-
Ingår i: Proceedings of the Third ACM Conference on Wireless Network Security (WiSec). - : ASSOC COMPUTING MACHINERY. - 9781605589237 ; , s. 117-128
-
Konferensbidrag (refereegranskat)abstract
- We expose the vulnerability of an emerging wireless ranging technology, impulse radio ultra-wide band (IR-UWB), to distance-decreasing attacks on the physical communication layer (PITY). These attacks violate the security of secure ranging protocols that allow two wireless devices to securely estimate the distance between them, with the guarantee that the estimate is an upper-bound on the actual distance. Such protocols serve as crucial building blocks in security-sensitive applications such as location tracking, physical access control, or localization.Prior works show the theoretical possibility of PHY attacks bypassing cryptographic mechanisms used by secure ranging protocols. They also demonstrates that for physical layers used in ISO 14443 RFID and wireless sensor networks, some PHY attacks are indeed feasible. IR-UWB was proposed as a possible solution, but we show that the de facto standard for IR-UWB, IEEE 802.15.4a, does not automatically provide security against such attacks. We find that with the mandatory modes of the standard an external attacker can decrease the measured distance by as much as 140 meters with a high probability (above 99%).
|
|
| 2. |
- Poturalski, M., et al.
(författare)
-
Distance Bounding with IEEE 802.15.4a : Attacks and Countermeasures
- 2011
-
Ingår i: IEEE Transactions on Wireless Communications. - 1536-1276. ; 10, s. 1334-1344
-
Tidskriftsartikel (refereegranskat)abstract
- Impulse Radio Ultra-Wideband, in particular the recent standard IEEE 802.15.4a, is a primary candidate for implementing distance bounding protocols, thanks to its ability to perform accurate indoor ranging. Distance bounding protocols allow two wireless devices to securely estimate the distance between themselves, with the guarantee that the estimate is an upper-bound on the actual distance. These protocols serve as building blocks in security-sensitive applications such as tracking, physical access control, or localization.We investigate the resilience of IEEE 802.15.4a to physical-communication-layer attacks that decrease the distance measured by distance bounding protocols, thus violating their security. We consider two attack types: malicious prover (internal) and distance-decreasing relay (external). We show that if the honest devices use energy-detection receivers (popular due to their low cost and complexity), then an adversary can perform highly effective internal and external attacks, decreasing the distance by hundreds of meters. However, by using more sophisticated rake receivers, or by implementing small modifications to IEEE 802.15.4a and employing energy-detection receivers with a simple countermeasure, honest devices can reduce the effectiveness of external distance-decreasing relay attacks to the order of 10m. The same is true for malicious prover attacks, provided that an additional modification to IEEE 802.15.4a is implemented.
|
|
| 3. |
|
|
| 4. |
- Galuba, W., et al.
(författare)
-
Castor : Scalable Secure Routing for Ad Hoc Networks
- 2010
-
Ingår i: 2010 PROCEEDINGS IEEE INFOCOM. - NEW YORK, NY : IEEE. - 9781424458387 ; , s. 1-9
-
Konferensbidrag (refereegranskat)abstract
- Wireless ad hoc networks are inherently vulnerable, as any node can disrupt the communication of potentially any other node in the network. Many solutions to this problem have been proposed. In this paper, we take a fresh and comprehensive approach that addresses simultaneously three aspects: security, scalability and adaptability to changing network conditions. Our communication protocol, Castor, occupies a unique point in the design space: It does not use any control messages except simple packet acknowledgements, and each node makes routing decisions locally and independently without exchanging any routing state with other nodes. Its novel design makes Castor resilient to a wide range of attacks and allows the protocol to scale to large network sizes and to remain efficient under high mobility. We compare Castor against four representative protocols from the literature. Our protocol achieves up to two times higher packet delivery rates, particularly in large and highly volatile networks, while incurring no or only limited additional overhead. At the same time, Castor is able to survive more severe attacks and recovers from them faster.
|
|
| 5. |
- Galuba, W., et al.
(författare)
-
More on Castor : the Scalable Secure Routing Protocol for Ad-hoc Networks
- 2009
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- Wireless ad hoc networks are inherently vulnerable,as any node can disrupt the communication of potentially anyother node in the network. Many solutions to this problem havebeen proposed. In this paper, we take a fresh and comprehen-sive approach, simultaneously addressing three aspects: security,scalability and adaptability to changing network conditions. Ourcommunication protocol, Castor, occupies a unique point in thedesign space: it does not use any control messages except simplepacket acknowledgements, and each node makes routing decisionslocally and independently of other nodes without exchangingrouting state with them. This novel design makes Castor resilientto a wide range of attacks and allows it to scale to large networksizes and to remain efficient under high mobility. We compareCastor against four representative protocols from the literature.Our protocol achieves up to two times higher packet deliveryrates, particularly in large and highly volatile networks, incursno or only limited additional overhead and it is able to survivemore severe attacks and recovers from them faster.
|
|
| 6. |
- Haghani, P., et al.
(författare)
-
Efficient and Robust Secure Aggregation for Sensor Networks
- 2007
-
Ingår i: Proceedings of the Third IEEE ICNP Workshop on Secure Network Protocols (NPSec). ; , s. 1-6
-
Konferensbidrag (refereegranskat)abstract
- Wireless Sensor Networks (WSNs) rely on in networkaggregation for efficiency, however, this comes at aprice: A single adversary can severely influence the outcomeby contributing an arbitrary partial aggregate value. Securein-network aggregation can detect such manipulation [2]. Butas long as such faults persist, no aggregation result can beobtained. In contrast, the collection of individual sensor nodevalues is robust and solves the problem of availability, yet in an inefficient way. Our work seeks to bridge this gap in secure data collection: We propose a system that enhances availability with an efficiency close to that of in-network aggregation. To achieve this, our scheme relies on costly operations to localize and exclude nodes that manipulate the aggregation, but only when a failure is detected. The detection of aggregation disruptions and the removal of faulty nodes provides robustness. At the same time, after removing faulty nodes, the WSN can enjoy low cost (secure) aggregation. Thus, the high exclusion cost is amortized, and efficiency increases.
|
|
| 7. |
|
|
| 8. |
- Poturalski, M., et al.
(författare)
-
Formal Analysis of Secure Neighbor Discovery in Wireless Networks
- 2013
-
Ingår i: IEEE Transactions on Dependable and Secure Computing. - 1545-5971 .- 1941-0018. ; 10:6, s. 355-367
-
Rapport (refereegranskat)abstract
- We develop a formal framework for the analysis of security protocols in wireless networks. The framework captures characteristics necessary to reason about neighbor discovery protocols, such as the neighbor relation, device location, and message propagation time. We use this framework to establish general results about the possibility of neighbor discovery. In particular, we show that time-based protocols cannot in general provide secure neighbor discovery. Given this insight, we also use the framework to prove the security of four concrete neighbor discovery protocols, including two novel time-and-location based protocols. We mechanize the model and some proofs in the theorem prover Isabelle.
|
|
| 9. |
- Poturalski, M., et al.
(författare)
-
Secure Neighbor Discovery in Wireless Networks : Is It Possible?
- 2007
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- Wireless communication enables a broad spectrum of appli-cations, ranging from commodity to tactical systems.Neigh-bor discovery(ND), that is, determining which devices arewithin direct radio communication, is a building block ofnetwork protocols and applications, and its vulnerability canseverely compromise their functionalities. A number of pro-posals tosecureND have been published, but none haveanalyzed the problem formally. In this paper, we contributesuch an analysis: We build a formal model capturing salientcharacteristics of wireless systems, most notably obstaclesand interference, and we provide a speciØcation of a basicvariant of the ND problem. Then, we derive animpossibilityresultfor a general class of protocols we term \time-basedprotocols," to which many of the schemes in the literaturebelong. We also identify the conditions under which the im-possibility result is lifted. Moreover, we explore a secondclass of protocols we term \time- and location-based proto-cols," and prove they can secure ND
|
|
| 10. |
|
|
