Upload
peregrine-nelson
View
219
Download
0
Tags:
Embed Size (px)
Citation preview
Weaponizing Wireless Networks:An Attack Tool for Launching Attacks against
Sensor Networks
Thanassis GiannetsosTassos DimitriouNeeli R. Prasad
Outline
• Background• Network Threats and Wireless Attacks• Tool Architecture Overview • Implemented Attacks and Actions• Conclusion• Reference
Background• Network Threats and Wireless Attacks• Tool Architecture Overview • Implemented Attacks and Actions• Conclusion• Reference
Background
• Wireless sensor network– Monitor physical or environmental conditions,
such as temperature, sound, vibration, pressure, motion or pollutants.
• Equip with a radio transceiver, a microcontroller, and a battery.
• Background
Network Threats and Wireless Attacks• Tool Architecture Overview • Implemented Attacks and Actions• Conclusion• Reference
Network Threats and Wireless Attacks
• Inadequate physical protection– Energy and Cost
• Through the air– Easy to be intercepted
• Wireless Attack– Interception– Alteration– Disruption– Injection
• Background• Network Threats and Wireless Attacks
Tool Architecture Overview • Implemented Attacks and Actions• Conclusion• Reference
Tool Architecture Overview
• Three Main Conceptual Modules:– Network Sniffer:• Monitoring and logging of radio packets.
– Network Attack Tool:• Provides a number of actions for attack.
– Network Visualization:• Display topology、 Traffic、 Nodes State and Status of
attack.
Network Sniffer (1/3)
• The network sniffer relies on packets that are overheard in a sensor's node neighborhood.
• It captures them and logs them for later analysis.
• Components:– Local Packet Monitoring– Packet Storage– Packet Description Database
Network Sniffer (2/3)
• Local Packet Monitoring:– To gather audit data
• Packet Storage:– Logging and analysis– Construct graph of neighborhood topology
• Packet Description Database– User can specify msg content as C structs which
automatically added to DB
Network Attack Tool (1/3)
• Provide a number of actions for compromising the sensor network's security profile.
• Components:– Data Stream Framework– Attack Launcher
Network Attack Tool (2/3)
• Data Stream Framework:– Identified info as its configuration record– Basis msg for Attack Launcher
• Attack Launcher:– 6 types of attacks:
① Data Replay② Malicious Code Injection③ Sinkhole Attack④ Selective Forwarding⑤ Flooding⑥ Program Image Dissemination & Ping Operation
• Background• Network Threats and Wireless Attacks• Tool Architecture Overview
Implemented Attacks and Actions• Conclusion• Reference
Implemented Attacks and Actions (1/3)
• Data Replay– Msg are stored into the Packet Description
Database.• Malicious Code Injection– Buffer overflow– Create self-replicating worm and broadcast it.
• Selective Forwarding
Implemented Attacks and Actions (2/3)
• Sinkhole Attack– Use link quality (LQ) calculations as the routing cost
metric to build the routing tree towards the base station.
– Broadcast a beacon message.– Advertise a very good LQ in order for all neighboring
nodes to choose the tools' attached node as their parent.
• Flooding– Send HELLO messages with high transmission power.
Send Msg
Implemented Attacks and Actions (2/3)
• Program Image Dissemination & Ping Operation– The ping action sends a message to a specific
sensor node to request about its state, its currently executing program image and what other images are stored in that node.
– Program Image dissemination is a fundamental service in sensor networks that relies upon reliable broadcast of image updates.
• Background• Network Threats and Wireless Attacks• Tool Architecture Overview • Implemented Attacks and Actions
Conclusion• Reference
Conclusion
• To reveal the vulnerabilities of such networks• To study the effects of severe attacks on the
network itself • To motivate a better design of security
protocols .