security and privacy in visual sensor network
TRANSCRIPT
Security and Privacy Protection in Visual Sensor Network
Advisor: Leonid Batyuk
Student: Khan Reaz
1
Agenda
• Attack scenarios on VSN
• Design Challenges
• Requirements
• Privacy Protection Mechanism
2
Application Scenarios
Reactive Monitoring for Enforcement
Reactive Monitoring for Private Safety
Proactive Monitoring for Public Safety
5
Classification of Attacks
Disruptive Attack
Passive AttackActive Attack
7
• Goals
• By Whom
• What Level
Passive:Illegitimately collect data
Active: Partial Control over the infrastructure is achieved
Disrupting: Disrupting Services
Outsiders
Insiders
Classification of Attack (Cont’d…)
• Illegitimate Data Access:
• Disrupting Service:
• Illegitimate Control:
8
Attacker collects data for his/her own use by eavesdropping
Takes (partial) control of a node by forge or injecting control messages.
Takes (partial) control of a node by forge or injecting control messages.Takes (partial) control of a node by forge or injecting control messages.
“Who will guard the guards?”
*Roman poet: Juvenal
Prevention from outsiders attack: - Data Encryption - Authentication - Digital Signature etc.
• Applying Four Eye principle
• Only minimal amount of information is disclosed
9
• Modification of Softwares • Installation of new software (i.e: Malware, Rootkits) • Changes of routing and MAC protocol.
Software vs Hardware Attack
10
Hardware based security: - Smartcards - CPU instruction set extensions - Trusted Platform Module (TPM)
More sophisticated methods: - Reverse engineering of IC - Via side channel exploitation.
Protocol Overview
17
INtrusion-tolerant routing protocol for wireless SEnsor NetworkS (INSENS)
Ariadne: A secure on-demand routing protocol for ad hoc networks by Hu
SPINS: Security Protocol for Sensor Networks: most cited security solutions for WSN
ZigBee [ZigBee Alliance 2012] protocol, coordinator devices take over the role of a trust center that allows other devices to join the network. The coordinator is also responsible for distribution of cryptographic keys. ZigBee distinguishes three types of keys. Preinstalled master keys are not directly used for encryption but serve as an initial shared secret for key establishment between devices. Network keys are used to protect all messages between nodes within the same ZigBee network. Finally, link keys are used to protect unicast messages between two devices.
WirelessHART is designed as a secure protocol that ensures confidentiality, integrity, authenticity, and freshness of transmit- ted data [Raza et al. 2009].
SPINS=SNEP provides the following important baseline security primitives: Data confidentiality, two-party data authentication, and data freshness.
TESLA is a new protocol which provides authenticated broadcast for severely resource-constrained environments
Observations
• Reactive Data Delivery Cannot Replace Security. • Tradeoff between Privacy Protection and System Utility. • Incomplete Security Requirements & unclearResponsibilities.
• Lack of
18
• Node Centric Protection. • User Centric Protection. • Collaboration Security.
{
• No Common Definition • Highly Subjective • Legislative • Identity vs Behavior
Protecting Privacy
19
Remarks
21
• Pre Deployment Audit • Requirements Analysis • Regular Threat Drill • Awareness Campaign