Daniele Midi

Kinesis: a security incident response and prevention system for wireless sensor networks

This paper presents Kinesis, a security incident response and prevention system for wireless sensor networks, designed to keep the network functional despite anomalies or attacks and to recover from attacks without significant interruption. Due to the deployment of sensor networks in various critical infrastructures, the applications often impose stringent requirements on data reliability and service availability. Given the failure- and attack-prone nature of sensor networks, it is a pressing concern to enable the sensor networks provide continuous and unobtrusive services. Kinesis is quick and effective in response to incidents, distributed in nature, and dynamic in selecting response actions based on the context. It is lightweight in terms of response policy specification, and communication and energy overhead. A per-node single timer based distributed strategy to select the most effective response executor in a neighborhood makes the system simple and scalable, while achieving proper load distribution and redundant action optimization. We implement Kinesis in TinyOS and measure its performance for various application and network layer incidents. Extensive TOSSIM simulations and testbed experiments show that Kinesis successfully counteracts anomalies/attacks and behaves consistently under various attack scenarios and rates.

Node or Link? Fine-Grained Analysis of Packet-Loss Attacks in Wireless Sensor Networks

In wireless sensor networks, packet losses are often an indicator of possible undergoing attacks. Therefore, security solutions aiming at providing comprehensive protection must include functions for packet-loss detection. Determining the actual cause of these losses is crucial to a quick and automated reaction to the attack, be it a simple reporting of the attack or a more sophisticated action such as packet rerouting and retransmission. Packet losses in wireless sensor networks can be caused by either attacks affecting the nodes or attacks focused on the wireless links. The efficacy of the response to such attacks is highly dependent on an accurate identification of the actual attack cause. Therefore, approaches to correctly identifying the cause of packet losses are needed. The work presented in this article addresses this problem by designing and implementing a fine-grained analysis (FGA) tool that investigates packet-loss events and reports their most likely cause. Our FGA tool profiles the wireless links between the nodes, as well as their neighborhood, by leveraging resident parameters, such as RSSI and LQI, available within every received packet. The design of the system is fully distributed and event-driven, and its low overhead makes it suitable for resource-constrained entities such as wireless motes. We have validated our approach through real-world experiments, showing that our FGA tool is effective in differentiating between the various attacks that may affect nodes and links.

A Game of Things: Strategic Allocation of Security Resources for IoT

In many Internet of ing (IoT) application domains security is a critical requirement, because malicious parties can undermine the eectiveness of IoT-based systems by compromising single components and/or communication channels. us, a security infrastructure is needed to ensure the proper functioning of such systems even under aack. However, it is also critical that security be at a reasonable resource and energy cost, as many IoT devices may not have sucient resources to host expensive security tools. In this paper, we focus on the problem of eciently and eectively securing IoT networks by carefully allocating security tools. We model our problem according to game theory, and provide a Paretooptimal solution, in which the cost of the security infrastructure, its energy consumption, and the probability of a successful aack, are minimized. Our experimental evaluation shows that our technique improves the system robustness in terms of packet delivery rate for dierent network topologies.

Kalis — A System for Knowledge-Driven Adaptable Intrusion Detection for the Internet of Things

In this paper, we introduce Kalis, a self-adapting, knowledge-driven expert Intrusion Detection System able to detect attacks in real time across a wide range of IoT systems. Kalis does not require changes to existing IoT software, can monitor a wide variety of protocols, has no performance impact on applications on IoT devices, and enables collaborative security scenarios. Kalis is the first comprehensive approach to intrusion detection for IoT that does not target individual protocols or applications, and adapts the detection strategy to the specific network features. Extensive evaluation shows that Kalis is effective and efficient in detecting attacks to IoT systems.

Adaptive Trust Threshold Strategy for Misbehaving Node Detection and Isolation

Due to dynamic network topology, distributed architecture and absence of a centralized authority, mobile ad hoc networks (MANETs) are vulnerable to various attacks from misbehaving nodes. To enhance security, various trust-based schemes have been proposed that augment traditional cryptography-based security schemes. However, most of them use static and predefined trust thresholds for node misbehavior detection, without taking into consideration the network conditions locally at each node. Using static thresholds for misbehavior detection may result in high false positives, low malicious node detection rate, and network partitioning. In this paper, we propose a novel Adaptive Trust Threshold (ATT) computation strategy, that adapts the trust threshold in the routing protocol according to network conditions such as rate of link changes, node degree and connectivity, and average neighborhood trustworthiness. We identify the topology factors that affect the trust threshold at each node, and leverage them to build a mathematical model for ATT computation. Our simulation results indicate that the ATT strategy achieves significant improvements in packet delivery ratio, reduction in false positives, and increase in detection rate as compared to traditional static threshold strategies.

Fine-Grained Analysis of Packet Losses in Wireless Sensor Networks

Packet losses in a wireless sensor network represent an indicator of possible attacks to the network. Detecting and reacting to such losses is thus an important component of any comprehensive security solution. However, in order to quickly and automatically react to such a loss, it is important to determine the actual cause of the loss. In a wireless sensor network, packet losses can result from attacks affecting the nodes or the wireless links connecting the nodes. Failure to identify the actual attack can undermine the efficacy of the attack responses. We thus need approaches to correctly identify the cause of packet losses. In this paper, we address this problem by proposing and building a fine-grained analysis (FGA) tool that investigates the causes of packet losses and reports the most likely cause of these losses. Our tool uses parameters, e.g. RSSI and LQI, present within every received packet to profile the links between nodes and their corresponding neighborhood. Through real-world experiments, we have validated our approach and shown that our tool is able to differentiate between the various attacks that may affect the nodes and the links.

Memory Safety for Embedded Devices with nesCheck

Applications for TinyOS, a popular operating system for embedded systems and wireless sensor networks, are written in nesC, a C dialect prone to the same type and memory safety vulnerabilities as C. While availability and integrity are critical requirements, the distributed and concurrent nature of such applications, combined with the intrinsic unsafety of the language, makes those security goals hard to achieve. Traditional memory safety techniques cannot be applied, due to the strict platform constraints and hardware differences of embedded systems. We design nesCheck, an approach that combines static analysis and dynamic checking to automatically enforce memory safety on nesC programs without requiring source modifications. nesCheck analyzes the source code, identifies the minimal conservative set of vulnerable pointers, finds static memory bugs, and instruments the code with the required dynamic runtime checks. Our prototype extends the existing TinyOS compiler toolchain with LLVM-based passes. Our evaluation shows that nesCheck effectively and efficiently enforces memory protection, catching all memory errors with an overhead of 0.84% on energy, 5.3% on code size, up to 8.4% on performance, and 16.7% on RAM.

A System for Response and Prevention of Security Incidents in Wireless Sensor Networks

Resource constraints, unattended operating environments, and communication phenomena make Wireless Sensor Networks (WSNs) susceptible to operational failures and security attacks. However, applications often impose stringent requirements on data reliability and service availability, due to the deployment of sensor networks in various critical infrastructures. Given the failure- and attack-prone nature of sensor networks, enabling sensor networks to continuously provide their services as well as to effectively recover from attacks is a crucial requirement. We present Kinesis, a security incident response system designed to keep WSNs functional despite anomalies or attacks and to recover from attacks without significant interruption. Kinesis is quick and effective in responding to incidents, distributed in nature, dynamic in selecting response actions based on the context, and lightweight in terms of response policy specification, communication, and energy overhead. A per-node single timer-based distributed strategy to select the most effective response executor in a neighborhood makes the system simple and scalable, while achieving load balancing and redundant action optimization. We implement Kinesis in TinyOS and measure its performance for various application and network layer incidents. Extensive TOSSIM simulations and testbed experiments show that Kinesis successfully counteracts anomalies/attacks and behaves consistently under various attack scenarios and rates.

Strategic Security Resource Allocation for Internet of Things

In many Internet of Thing (IoT) application domains security is a critical requirement, because malicious parties can undermine the effectiveness of IoT-based systems by compromising single components and/or communication channels. Thus, a security infrastructure is needed to ensure the proper functioning of such systems even under attack. In this paper, we focus on the problem of efficiently and effectively securing IoT networks by carefully allocating security tools.

Fine-Grained Analysis of Packet Loss in MANETs

Most existing trust-based security schemes for mobile ad-hoc networks (MANETs) consider packet loss an indicator of possible attacks by malicious nodes. There may be several reasons for packet losses, such as interference, queue overflow, and node mobility. Identifying the real underlying cause of a packet loss event is important for any security solution. To detect truly malicious nodes, it is necessary to carry out a fine-grained analysis (FGA) to determine the underlying cause of such loss. Without such analysis, the performance of any security solution may degrade, due to the punishment of innocent nodes while actual malicious nodes may remain undetected. Therefore, approaches are required that can correctly identify the reason for packet losses and can react accordingly. In this paper, we present a scheme that is able to correctly identify malicious nodes, using network parameters to determine whether packet losses are due to queue overflows or node mobility in MANETs. The contributions of this paper include the FGA scheme for packet loss and the development of a comprehensive trust model for malicious node identification and isolation. Our proposed FGA scheme is evaluated in terms of effectiveness and performance metrics under different network parameters and configurations. The experimental results show that our proposed trust model achieves a significant reduction in false positives rate and an increase in the rate of detection of truly malicious nodes compared with traditional non-FGA schemes.