Upload
angie
View
30
Download
1
Embed Size (px)
DESCRIPTION
CSE 5392 Sensor Network Security. Course Introduction. About Instructor. Dr. Donggang Liu, assistant professor, CSE department http://ranger.uta.edu/~dliu [email protected] Tel: (817) 272-0741 Office: 330NH Office hours: Tuesday&Thursday 5:00PM-6:00PM. About TA. TBD Office hours: TBD. - PowerPoint PPT Presentation
Citation preview
CSE 5392 By Dr. Donggang Liu 1
CSE 5392Sensor Network Security
Course Introduction
CSE 5392 By Dr. Donggang Liu 2
About Instructor
• Dr. Donggang Liu, assistant professor, CSE department– http://ranger.uta.edu/~dliu– [email protected]– Tel: (817) 272-0741– Office: 330NH– Office hours: Tuesday&Thursday 5:00PM-6:00PM
CSE 5392 By Dr. Donggang Liu 3
About TA
• TBD
• Office hours:– TBD
CSE 5392 By Dr. Donggang Liu 4
Course Objectives
• Understanding of fundamental concepts, principles, and mechanisms in sensor network security
• Prepare students for graduate research in sensor network security– Advanced topics: key management, security
services, etc– Recently published research papers
CSE 5392 By Dr. Donggang Liu 5
Course Outcomes
• Basic– Explain known security problems in sensor networks – Explain how security mechanisms work for sensor
networks– Distinguish difference between security problems in sensor
networks and those in wired networks.
• Advanced– Identify and analyze new security problems in sensor
networks– Develop mechanisms to solve security problems in sensor
networks.– Design simulations to evaluate and analyze the
performance of algorithms in sensor networks
CSE 5392 By Dr. Donggang Liu 6
Course Style
• By instructor– Sensor network basics– Cryptography and security basics– Sensor network security
• By students– Read research papers on sensor network security– Write reviews– Give in-class presentations (15~20 minutes)
CSE 5392 By Dr. Donggang Liu 7
Prerequisites
• Required– Computer network– Operating system
• Necessary for great success– Technical writing skills– Hardworking
CSE 5392 By Dr. Donggang Liu 8
Textbooks and Papers
• No textbooks• Reference books
– Handbook of Applied Cryptographyby Alfred J. Menezes, Paul C. Van Oorschot, Scott A. Vanstone (http://www.cacr.math.uwaterloo.ca/hac/)
– Cryptography and Network Security: Principles and Practice by William Stallings.
– Practical Cryptography by Niels Ferguson, Bruce Schneier
• Papers and Slides– Links in the course syllabus
CSE 5392 By Dr. Donggang Liu 9
Projects
• Group– 2~3 students– Working alone must be justified– Roles can be negotiated inside the group
• Topics– Should be relevant to the class– Each group can come up with one – The instructor can also give topics (check website)
CSE 5392 By Dr. Donggang Liu 10
Projects (Cont’d)
• Survey paper• Surveys a particular field on sensor network security
• Summarizes the trend in this field
• A proposal (due on 6/10) and a final paper (due on 1/12)
• Research paper• Identify original research problems
• A research paper with original technical contribution
• A proposal (due on 6/10) and a final paper (due on 1/12)
• Start thinking about your team and topic NOW
CSE 5392 By Dr. Donggang Liu 11
On-line resource
• Course website– http://ranger.uta.edu/~dliu/cse5392-sns.htm– For course materials, e.g., papers, homework,
project assignment.– Check frequently for updates
CSE 5392 By Dr. Donggang Liu 12
Grading
• Paper review– 20%
• Participation– 10%
• Project– 40%
• Class presentation– 30% + 10% extra
CSE 5392 By Dr. Donggang Liu 13
Course Policies
• Assignment (paper review) and project deadlines will be firm.
• Late assignments will be accepted with a 10% reduction in grade for each day they are late by.
• All assignments must be turned in before the start of class on the due date
CSE 5392 By Dr. Donggang Liu 14
Academic Integrity
• The university, college, and department policies against academic dishonesty will be strictly enforced.– http://www.uta.edu/studentaffairs/judicialaffairs
CSE 5392 By Dr. Donggang Liu 15
Course Topics
• Cryptography and security basics• Sensor network basics • Useful security tools
– One way hash chain– Merkle hash tree
• Security in Sensor Networks – Key management – Broadcast authentication– Secure localization – Secure data aggregation – Intrusion detection– Privacy
CSE 5392 By Dr. Donggang Liu 16
CSE 5392Sensor Network Security
Basic Security Concepts
CSE 5392 By Dr. Donggang Liu 17
Cryptography and Security
• Cryptography– Study of fundamental algorithms to protect data
– Encryption/decryption, hash, digital signature, etc.
• Security– Study of protocols to protect a system– Usually build upon cryptographic techniques
CSE 5392 By Dr. Donggang Liu 18
Security Objectives
Secrecy(Confidentiality)
Integrity Availability(Denial of Service)
CSE 5392 By Dr. Donggang Liu 19
Secrecy (Confidentiality)
• Prevent/detect/deter improper disclosure of information
• Examples:– An employee should not come to know the salary
of his manager– The target coordinates of a missile should not be
improperly disclosed
CSE 5392 By Dr. Donggang Liu 20
Integrity
• Prevent/detect/deter improper modification of information
• Examples:– An employee should not be able to modify the
employee's own salary– The target coordinates of a missile should not be
improperly modified
CSE 5392 By Dr. Donggang Liu 21
Availability (Denial of Service)
• Prevent/detect/deter improper denial of access to services provided by the system
• Examples:– Paychecks should be printed on time as stipulated
by law– When the proper command is issued the missile
should fire
CSE 5392 By Dr. Donggang Liu 22
Other Security Objectives
• Non-repudiation– Prevent an entity from denying the previous commitments
or actions
• Securing computing resources: – Prevent/detect/deter improper use of computing resources
• Hardware Resources
• Software resources
• Data resources
• Anonymity– Prevent the disclosure of the identify of an entity to others
CSE 5392 By Dr. Donggang Liu 23
Achieving Security
• Security policy — What?
• Security mechanism — How?
• Security assurance — How well?
CSE 5392 By Dr. Donggang Liu 24
Security Policy
• The set of rules that regulate how an organization manages, protects, and distributes sensitive information.
• Convert organization requirements to security policy that a computer system can understand– Interact with human being– Check and remove conflict rules
CSE 5392 By Dr. Donggang Liu 25
Security Mechanism
• Prevention — Access control
• Detection — Auditing and intrusion detection
• Tolerance — Practicality
Good prevention and detection both require good authentication as a foundation
Good prevention and detection both require good authentication as a foundation
CSE 5392 By Dr. Donggang Liu 26
Security Mechanisms
• Security mechanisms implement functions that help prevent, detect, and respond to security attacks
• Prevention is more fundamental, but sometimes detection is the only option, e.g.,– Accountability inproper use of authorized privileges
• Security functions are typically made available to users as a set of security services through APIs or integrated interfaces– Security services: confidentiality, authentication, integrity,
non-repudiation, access control, monitor & response
• Cryptography underlies (almost) all security mechanisms
CSE 5392 By Dr. Donggang Liu 27
Security Assurance
• How well your security mechanisms guarantee your security policy
• Everyone wants high assurance
• High assurance implies high cost– May not be possible
• Trade-off is needed.