Upload
flavio
View
38
Download
1
Tags:
Embed Size (px)
DESCRIPTION
Reliability Analysis of Wireless Sensor Networks with Distributed Code Attestation. CS 5214 Paper Presentation. Authors: Ing -Ray Chen; Yating Wang Present by: Kaiqun Fu. Outline. Introduction Related works Contribution Notations and basic ideas System and performance models - PowerPoint PPT Presentation
Citation preview
Reliability Analysis of Wireless Sensor Networks with Distributed Code Attestation
Authors: Ing-Ray Chen; Yating WangPresent by: Kaiqun FuCS 5214 Paper Presentation
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
2
Outline Introduction
Related works Contribution Notations and basic ideas
System and performance models System model and assumptions Performance model
Numerical results and analysis Environment setup Results
Conclusion Questions
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
3
Introduction As we know the capacity of the battery is becoming the
bottleneck for the development to the mobile devices. For instance, the standby time for the cell-phones, laptops, etc.
The wireless sensor networks which are broadly deployed in many safety-critical applications, such as health, construction and military are also facing the same problem of the energy shortage. And in such cases, the problem might cause some vital consequences.
While less attestation would lower the security for the whole system, thus, the tradeoff between the energy and the security attracts most of the researchers’ attention.
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
4
This paper analyzes the reliability of a homogeneous wireless sensor network executing a distributed code attestation protocol with neighbor sensor nodes serving as code verifiers.
By considering the tradeoff between energy exhaustion vs. security vulnerability for causing sensor node failures, we can identify how often distributed code attestation should be performed as well as how many neighbor sensors should serve as code verifiers per attestation event to maximize the system lifetime without compromising performance.
Introduction
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
5
Related works Existing work on code attestation mostly focused on
the protocol design for performing code attestation, and verification of the protocol design.
“SCUBA: secure code update by attestation in sensor networks” (by A. Seshadri, et al. Proc. 2006 ACM Workshop on Wireless Security.) assumed the existence of a trusted third party capable of verifying if a SN is compromised through a challenge-response mechanism.
To avoid a single point of failure “Distributed software-based attestation for node compromise detection in sensor networks” (by Y. Yang, et al. Proc. 2007 IEEE Symposium on Reliable Distributed Systems) extended centralized code attestation to distributed code attestation by using designated servers or just neighbor SNs to a target SN.
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
6
Contribution This paper concerns the effect of distributed
code attestation on the reliability and performance of WSNs, taking into account both security failure and energy exhaustion failure.
Compared with existing work, the contribution of this work is that we address reliability and performance issues of distributed code attestation by identifying operational settings to execute distributed code attestation such that the WSN lifetime is maximized without compromising performance.
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
7
Notations (for system model & assumptions) n/π: intensity to a spatial Poisson process. : the SN radio range. T: time interval. : the number of verifiers. (# threshold verifiers) : false positive probability (misdiagnose a good SN as a bad SN). : false negative probability (misidentify a bad SN as a good node). q: the probability that one SN will be attested. : distribution function. : recovery prob. : sensor reading and reporting energy : packet routing energy : running code attestation energy : sending message energy : recovery energy
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
8
Notations (for performance model) : false positive probability for DCA : false negative probability for DCA : the majority of the verifiers. : the number of good SNs out of n at time t. : the number of bad SNs out of n at time t. : # good SNs out of n at time t. (after
attestation) : # bad SNs out of n at time t. (after
attestation)
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
9
Basic ideas The code of a compromised SN would be
different from that of a normal SN. Hence by inspecting if the code is still the same as what originally was put in, the system can detect whether the SN has been compromised.
Challenge-response mechanism is used to send the attestation and the requests.
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
10
System model and assumptions Consider a homogeneous WSN in which SNs
are deployed randomly and distributed according to a homogeneous spatial Poisson process (n/π, , T). Select neighbors .
While, some of the SNs will be compromised and attack the systme (, ).
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
11
System model and assumptions Two types of attacks:
Bad-mouthing attacks: it always votes “no” to a good node to increase the false positive probability of this good node being misidentified as a bad node
Good-mouthing attacks: it always votes “yes” to another bad node to increase the false negative probability of this bad node being undetected by the system
Since all nodes have an equal chance of being captured as they are being deployed randomly in the WSN operational area, the node compromise time may be considered as i.i.d. with a distribution function .
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
12
System model and assumptions Distribution function
input which provides knowledge about the environment hostility
Recovery prob. . depending on its accessibility to a sink node with
code reload capability
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
13
Performance model The and the
(1)
(2)
The first term in Equation 2 accounts for the case in which more than 1/2 of the verifiers selected from the neighbors are bad SNs who will perform good-mouthing attacks by always voting “yes” to this bad node to increase the chance of this bad node being undetected.
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
14
Performance model The second term accounts for the case in
which more than 1/2 of the verifiers selected from the neighbors are good SNs but unfortunately some of these good nodes mistakenly miss the target SN as a good node with probability , resulting in more than 1/2 of the verifiers (some of those may be bad SNs) voting “yes” for the target node.
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
15
Performance model The probability that a SN is compromised at time
t, given that it was a good node at time t − T , is given by:
The number of good neighbor SNs, , is equal to minus the number of newly compromised nodes over T i.e.,
On the other hand, the number of bad neighbor
SNs at time t is given by:
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
16
Performance model The bad and good neighbor SN populations
are adjusted only when code attestation and recovery are performed. That is:
There are two possible ways by which a SN is diagnosed as compromised: the SN is compromised and it is correctly identified
as a bad SN with probability 1- the SN is not compromised and it is incorrectly
misidentified as a bad SN with probability
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
17
Performance model The amount of energy consumed by a SN in
an interval [t, t+T ], denoted by , is given by:
Consequently, a SN will exhaust its energy after sensing and reporting periods, with given by:
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
18
Performance model Let denote the probability that a SN returns
valid sensing readings in the sensing and reporting interval [t, t+T ], which is exactly the same as the probability that the node is a good node at time t when it returns sensor readings. Because of node homogeneity, can be computed by:
And let denote the probability that the WSN is still healthy:
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
19
Performance model The Mean Time to Failure (MTTF) of the WSN,
denoted by , hence can be calculated by:
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
20
Environment setup E: initial energy, 2.5 joules : energy consumption by sensing event, 0.084 mjoules : energy consumption by packet routing, 0.096 mjoules : energy consumption by code attestation, 0.01 mjoules : energy consumption by sending message, 0.024 mjoules : energy consumption by recovery, 0.82 mjoules : good nodes misidentify as bad nodes, less than 1-2%
range : bad nodes misidentify as good nodes, 1-2% range T: sensor reading time interval, 1 min range. λ: sensor compromised rate, range of once per 10 minutes
to once per 30 minutes. q: probability that code attestation will be performed
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
21
Results
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
22
Results
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
23
Results
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
24
Results
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
25
Conclusion Discovered the optimal operational settings
for running distributed code attestation, including how often code attestation should be invoked and how many neighbor verifiers should be used per code attestation event, so that the embedded WSN lifetime is maximized without sacrificing performance.
04/22/2023CS 5214 Paper Presentation Kaiqun Fu
26
Questions