New embedded S



Download 1.14 Mb.
Page13/31
Date17.10.2016
Size1.14 Mb.
#272
1   ...   9   10   11   12   13   14   15   16   ...   31

5.3Automatic Access Control


Access controls are mechanisms that are made to protect networks and services from unauthorized access to the target’s resources. Many methods have been proposed to implement access control in a network, depending on the intelligence of the nodes, the memory capabilities and the predefined profiles, and are based on:

  • Profile authentication: If the node has some characteristics, it can join to the network.

  • Access Code: Typical password access, based on memory data, switch configuration, or any other procedure

  • Predefined topology: Only pre-established nodes can join to the network, like MAC filtering in a Wi-Fi.

The denial of service (DoS) attack is an attempt of a malicious entity to obstruct the availability of a network or a service. It is extremely difficult to counter against such attacks, especially in wireless networks. There are many methods to carry out a DoS attack. In the general case, an attacker sends a large amount of requests to a server. The server is kept occupied as it tries to serves those request, exhausts its resources, like power, processing power, network bandwidth and memory, and becomes unavailable to serve requests derived from legitimate users. The past years revealed the fact that poor design decisions in network protocols and operating systems can become a serious obstacle in DoS and Distributed DoS resilient systems and services. The IP protocol is vulnerable to such attacks and basic software design methodologies don’t take into account security requirements that would enable DDoS resilient services.
In wireless networks, DoS attacks that can be performed in the communication link between legitimate tags and readers. These DoS attacks can be classified in three main categories based on the factors that cause them:

  • Kill command: when a tag is manufactured, it is given a secret password. The password can be easily cracked by an attacker, due to the limited memory of the tag. Then he executes a kill command along with the password to disable the tag permanently.

  • Jamming: the attacker performs electromagnetic jamming in order to prevent tags from communicating with the readers.

  • De-synchronization: the attacker uses jamming techniques to de-synchronize the tag and the reader in order to permanently disable the authentication capability of the tag.

  • Tag Data Modification: the attacker modifies the EPC data of the tag, so it is not recognized anymore by the reader.



5.3.1Proposed approaches


There is a special type of DoS attack that can exploit vulnerable access control mechanisms. In the basic scenario of an access protocol, clients exchange encrypted messages with an authentication server in order to gain access to the service. The server has to perform an expensive public key process, like a decryption operation, in order to be able to elaborate the message’s content. Then an attacker can perform a DoS attack by sending a large number of access request messages to the server.

In order to protect networks from this kind of DoS attack lightweight access control mechanisms have been implemented. The automatic access control stands for a technique where the entities that participate in a network can use a lightweight feature to authenticate each other. Thus, the server won’t use an expensive encryption operation that can lead to the DoS attack. The most common technique is to use hash functions. The client sends a hashed secret that is known to the server. Ordinary, the server keeps a map of all these hashed secrets for all of its clients. Then, server only needs to perform a cheap look up function to discover if the user is legitimate. Thereby, the attack can be efficiently encountered. However, several issues can arise from the adaptation of an automatic control mechanism that include mutual authentication, de-synchronization of client and server, DoS attacks in other steps of the propose protocol replay attacks and link-ability of different communications of the same user.

Except from hash functions, other methods that encounter this problem include: authentication using matrix multiplication, pseudorandom number generators and cyclic redundancy check.

Several protocols have been proposed in the literature and associated attacks are considered. Such attacks can involve relevant issues of mutual authentication, de-synchronization of client-server, DoS attacks in other steps of the proposed protocols, replay attacks and link-ability of different communications of the same user. O-FRAP+ [1] and Gossamer [2] are two indicative ultra-lightweight protocols that address this issue. O-FRAP+ uses two keys for every tag, the one from the previous session and the new one for the current session, and the secret key updating procedure is performed in a chain fashion. It provides mutual authentication, privacy-preserving authentication, forward security and resistant against DoS attack. Gossamer makes use of pseudorandom numbers and can effective to provide data confidentiality, tag anonymity, mutual authentication, data integrity, forward security, robustness against replay attacks and DoS attack prevention.

Moreover, even when we use automatic or simple access control the failure of recognizing a legitimate user, leads as to the conclusion that the system can be under attack. Thereby, other mechanisms [3] like anomaly detection, intrusion detection (IDS), intrusion prevention (IPS), intrusion tolerance and mitigation, intrusion response mechanisms and firewalls can take on.

5.3.2Important Attributes


Six important security aspects should be taken into account when we deal with a proposed automatic access control mechanism:

  • ID Anonymity: The ID of user sent on the communication channel can be used by an attacker to impersonate as the legitimate user.

  • Forward Secrecy: An attacker could use the previously captured messages to find a pattern or information about the next transaction.

  • Replay Attack: An attacker can eavesdrop the messages that are transmitted between the client and the server. Then, he retransmits the same message later to obtain a response.

  • DoS attack resistance: Even in presence of a DoS attack, the proposed protocol should overcome the attack and return to the normal state.

  • Mutual Authentication: Both participants should be able to authenticate each other to avoid an attacker from acting as rogue server or rogue client.

  • Non-linkability: Both insiders and outsiders couldn’t be able to ascribe any session to a particular user.

5.3.3References


  1. Dang Nguyen Duc, Kwangjo Kim: Defending RFID authentication protocols against DoS attacks. In Computer Communications, volume 34, pages 384-390. (2011)

  2. Deepak Tagra, Musfiq Rahman, Srinivas Sampalli: Technique for Preventing DoS Attacks on RFID Systems. In 2010 International Conference on Software, Telecommunitaions and Computer Networks (SoftCOM), pages 6-10. (2010)

  3. Christos Douligeris, Aikaterini Mitrokotsa: DDos attacks and defense mechanisms: classification and state-of-the-art. In Computer Networks, volume 44, pages 643-666, 2004. (2004)




Download 1.14 Mb.

Share with your friends:
1   ...   9   10   11   12   13   14   15   16   ...   31




The database is protected by copyright ©ininet.org 2024
send message

    Main page