Security and Privacy Protection in Visual Sensor Network

Advisor: Leonid Batyuk

Student: Khan Reaz

1

Agenda

• Attack scenarios on VSN

• Design Challenges

• Requirements

• Privacy Protection Mechanism

2

VSN in an open space: Station

Source: http://goo.gl/XjHxYM 3

VSN in a closed space: Power Plant

Source: http://goo.gl/U1mpM4

Application Scenarios

Reactive Monitoring for Enforcement

Reactive Monitoring for Private Safety

Proactive Monitoring for Public Safety

5

Security and Privacy Requirements for VSN

6

Classification of Attacks

Disruptive Attack

Passive AttackActive Attack

7

• Goals

• By Whom

• What Level

Passive:Illegitimately collect data

Active: Partial Control over the infrastructure is achieved

Disrupting: Disrupting Services

Outsiders

Insiders

Classification of Attack (Cont’d…)

• Illegitimate Data Access:

• Disrupting Service:

• Illegitimate Control:

8

Attacker collects data for his/her own use by eavesdropping

Takes (partial) control of a node by forge or injecting control messages.

Takes (partial) control of a node by forge or injecting control messages.Takes (partial) control of a node by forge or injecting control messages.

“Who will guard the guards?”

*Roman poet: Juvenal

Prevention from outsiders attack: - Data Encryption - Authentication - Digital Signature etc.

• Applying Four Eye principle

• Only minimal amount of information is disclosed

9

• Modification of Softwares • Installation of new software (i.e: Malware, Rootkits) • Changes of routing and MAC protocol.

Software vs Hardware Attack

10

Hardware based security: - Smartcards - CPU instruction set extensions - Trusted Platform Module (TPM)

More sophisticated methods: - Reverse engineering of IC - Via side channel exploitation.

Design Challenges in VSN

11

Security Requirements

12

Node Centric Security Requirements

13

Data-Centric Security Requirements

14

User Centric Security Requirements

15

Network Centric Security Requirements

16

Protocol Overview

17

INtrusion-tolerant routing protocol for wireless SEnsor NetworkS (INSENS)

Ariadne: A secure on-demand routing protocol for ad hoc networks by Hu

SPINS: Security Protocol for Sensor Networks: most cited security solutions for WSN

ZigBee [ZigBee Alliance 2012] protocol, coordinator devices take over the role of a trust center that allows other devices to join the network. The coordinator is also responsible for distribution of cryptographic keys. ZigBee distinguishes three types of keys. Preinstalled master keys are not directly used for encryption but serve as an initial shared secret for key establishment between devices. Network keys are used to protect all messages between nodes within the same ZigBee network. Finally, link keys are used to protect unicast messages between two devices.

WirelessHART is designed as a secure protocol that ensures confidentiality, integrity, authenticity, and freshness of transmit- ted data [Raza et al. 2009].

SPINS=SNEP provides the following important baseline security primitives: Data confidentiality, two-party data authentication, and data freshness.

TESLA is a new protocol which provides authenticated broadcast for severely resource-constrained environments

Observations

• Reactive Data Delivery Cannot Replace Security. • Tradeoff between Privacy Protection and System Utility. • Incomplete Security Requirements & unclearResponsibilities.

• Lack of

18

• Node Centric Protection. • User Centric Protection. • Collaboration Security.

{

• No Common Definition • Highly Subjective • Legislative • Identity vs Behavior

Protecting Privacy

19

Privacy Protection Techniques

Blanking Pixelation Abstraction Encryption

20

Detection

Remarks

21

• Pre Deployment Audit • Requirements Analysis • Regular Threat Drill • Awareness Campaign

22

Thank you

• Winkler, T., & Rinner, B. (2014). Security and Privacy Protection in Visual Sensor Networks: A Survey. ACM Computing Surveys (CSUR), 47(1), 2.

References

23