CSY450 Pervasive Computing Lecture 6 PDF

Summary

This document is a lecture on pervasive computing security. It covers traditional security issues including integrity, confidentiality, non-repudiation, and availability and looks at mobile and wireless security issues such as detectability, limited resources, interception, and theft of service. It also discusses ad-hoc networks security.

Full Transcript

CSY450. Pervasive Computing

Lecture 6: Security Issues in
Pervasive Computing.

Heba KH. Ahmed, Ph.D.
Associate Professor, Computer
Systems Department.
Faculty of Computer &
Information Science.
Agenda
1. Security.
2. Traditional Security Issues.
Integrity,
Confidentiality,
Nonrepudiation, and
Availability.
3. Mobile and Wireless Security Issues
Detectability,
Limited resources,
Interception, and
Theft-of-service.
4. Ad Hoc Networks Security Issues
1- Security
The traditional problems of security,

How mobile and wireless systems introduce some
additional problems and make some traditional
problems more difficult

3
2- Traditional Security Issues
1. Integrity,

2. Confidentiality,

3. Nonrepudiation, and

4. Availability.

4
Traditional Security Issues

1- Integrity
System integrity: A system provides integrity if it
performs its intended function in an unimpaired (perfect)
manner, free from deliberate or unintended unauthorized
manipulation of the system.

Data Integrity: Data maintains its integrity if the receiver of
the data can verify that the data have not been modified;
in addition, no one should be able to substitute fake data.

5
Traditional Security Issues
2- Confidentiality
Confidentiality refers to data and is provided when only
intended recipients can read the data.

Anyone other than the intended recipients either cannot
retrieve the data because of access mechanism
protections, or other means, such as encryption, protect
the data even if they are stolen or intercepted.

6
Traditional Security Issues
3- Nonrepudiation
Nonrepudiation is a property of data and means that
the sender should not be able to falsely deny (i.e.,
repudiate) sending the data.

This property is important for electronic commerce
because vendors do not want clients to be able to deny
that they made purchases and thus must pay for any
services or goods they received.

7
Traditional Security Issues
4- Availability
Availability is a property of systems where a third party
with no access should not be able to block legitimate
parties from using a resource.

Denial-of-service (DoS) attacks are commonplace on the
Internet: They can involve one site flooding another with
traffic

Distributed denial-of-service sends a flood of traffic to
disable a site. Unlike the DoS attack, though, the DDoS
attack employs a large number (hundreds or more) of
machines to participate in the attack.
8
Traditional Security Issues
Availability
The “syn flood” attack creates many “halfopen” Transmission
Control Protocol (TCP) connections so that the target computer
no longer accepts any new connections.
The “smurf” attack sends an Internet Control Message Protocol
(ICMP) packet to a broadcast address resulting in a large number
of replies, flooding a local network.
The “ping of death” attack crashes target machines by sending
them ping packets larger than they can handle.

The “teardrop” attack crashes machines that improperly
handled fragmented TCP/IP packets with overlapping Internet
protocol (IP) fragments.
9
3- Mobile and Wireless Security Issues

Detectability,

Limited resources,

Interception, and

Theft-of-service

10
Mobile and Wireless Security Issues

Detectability,
Nonmobile users typically do not face this problem.
In some circumstances, the mobile users do not want their
wireless system to be detected, and this is part of the
reason they are mobile.

11
Mobile and Wireless Security Issues
Resource depletion/exhaustion

Depletion: involves an attack that shortens the lifespan of the
battery, causing it to fail “naturally” at a later date but much
sooner than it would normally.

Exhaustion involves an attack that consumes (and wastes) all
the power in the battery, leaving the unit unable to function.

These attacks can cause key routing nodes in the network to
fail, leaving parts of the network unreachable.
12
 Mobile and Wireless Security Issues

Physical intercept problems (Packet Sniffing)

In wireless systems, the signal is broadcast through the air,
where any receiver can intercept it.

This problem is related to the detectability problem because
once the signal can be detected, the data can be read.

13
 Mobile and Wireless Security Issues
Theft of service
For example, a user may be sitting outside a coffee shop known
to have a public wireless Internet connection.

A business next door also may have a wireless network, and
because of the user’s physical location, she may have better
reception to the next-door business’s wireless network and
connect to it, thinking that she is connecting to the coffee
shop’s network.

Of course, this example assumes that the user has no
malicious intent, nor any knowledge of what network she is
using. 14
4- Ad Hoc Networks Security Issues

Ad hoc networks form on the fly, without a fixed infrastructure.

Data in ad hoc networks typically pass through several other ad
hoc nodes.

Typically, there is no guarantee as to the identity of these
intermediate nodes, so “man in the middle” attacks can be used
to copy or corrupt data in transit.

16
Additional Common Attacks
“Man in the middle” attacks
A man in the middle attack occurs when a malicious
node inserts itself in the path between two nodes.

The most obvious use is to snoop on the conversation
between the two nodes.

In addition, the malicious node may choose to modify
the data from the source before it forwards them to the
recipient or simply to drop certain packets.

17
 Ad Hoc Networks Security Issues

Routing: There are several security risks associated with routing.
spoofing, in which one node impersonates another.

key routing nodes can be disabled via a resource-exhaustion
attack

18
Ad Hoc Networks Security Issues
Pre-keying
One problem when using encryption or authentication is key
management, which involves creating, sharing, storing, and
revoking encryption keys.

Of course, if a fixed key is used, then there is no easy way to handle
compromised keys, nor to change them periodically to avoid the risk
of exposure through use.

For some applications, because of either network or processor
limitations or application constraints, a high-cost key-exchange
protocol is not practical.

Public key encryption is one way to avoid needing a key exchange.
19
 Additional Common Attacks
Traffic analysis

Even without decrypting the data, attackers can gain insight
about the meaning of the data by observing properties such as
message sizes, communication pairs, and the sequence of
encrypted back-and-forth conversations.

This technique is called traffic analysis.

There are stories about pizza deliveries to the Pentagon
dramatically increasing the night before military actions;
20
Additional Common Attacks
Buffer-overflow attacks
A buffer-overflow attack occurs when a code segment that
reads input does not perform any bounds checking on the
amount of input it accepts.

If the input exceeds the input buffer space allocated for it,
it overwrites memory adjacent to the buffer.

Typically, the calling stack or data for local variables gets
corrupted.

21
References
Fundamentals of Mobile and Pervasive Computing - Frank Adelstein and
Sandeep KS Gupta (Chapter 12,13)

Creese, Sadie, Michael Goldsmith, A. W. Roscoe and Irfan Zakiuddin.
“Authentication for Pervasive Computing.” SPC (2003).

22
Thank You ☺

23