Chris Karlof scite author profile

We consider routing security in wireless sensor networks. Many sensor network routing protocols have been proposed, but none of them have been designed with security as a goal. We propose security goals for routing in sensor networks, show how attacks against ad-hoc and peer-to-peer networks can be adapted into powerful attacks against sensor networks, introduce two classes of novel attacks against sensor networks--sinkholes and HELLO floods, and analyze the security of all the major sensor network routing protocols. We describe crippling attacks against all of them and suggest countermeasures and design considerations. This is the first such analysis of secure routing in sensor networks.

show abstract

Secure routing in wireless sensor networks: attacks and countermeasures

Karlof

Wagner

905

655

View full text Add to dashboard Cite

show abstract

A practical evaluation of radio signal strength for ranging-based localization

Whitehouse

Karlof

Culler

2007

SIGMOBILE Mob. Comput. Commun. Rev.

285

171

View full text Add to dashboard Cite

Radio signal strength (RSS) is notorious for being a noisy signal that is difficult to use for ranging-based localization. In this study, we demonstrate that RSS can be used to localize a multi-hop sensor network, and we quantify the effects of various environmental factors on the resulting localization error. We achieve 4.1m error in a 49 node network deployed in a half-football field sized area, demonstrating that RSS localization can be a feasible alternative to solutions like GPS given the right conditions. However, we also show that this result is highly sensitive to subtle environmental factors such as the grass height, radio enclosure, and elevation of the nodes from the ground.

show abstract

The effects of ranging noise on multihop localization: an empirical study

Whitehouse

Karlof

Woo

et al.

View full text Add to dashboard Cite

Abstract-This paper presents a study of how empirical ranging characteristics affect multihop localization in wireless sensor networks. We use an objective metric to evaluate a well-established parametric model of ranging called Noisy Disk: if the model accurately predicts the results of a real-world deployment, it sufficiently captures ranging characteristics. When the model does not predict accurately, we systematically replace components of the model with empirical ranging characteristics to identify which components contribute to the discrepancy. We reveal that both the connectivity and noise components of Noisy Disk fail to accurately represent real-world ranging characteristics and show that these shortcomings affect localization in different ways under different circumstances.

show abstract

Dynamic pharming attacks and locked same-origin policies for web browsers

Karlof

Shankar²,

Tygar

et al. 2007

View full text Add to dashboard Cite

We describe a new attack against web authentication, which we call dynamic pharming. Dynamic pharming works by hijacking DNS and sending the victim's browser malicious Javascript, which then exploits DNS rebinding vulnerabilities and the name-based sameorigin policy to hijack a legitimate session after authentication has taken place. As a result, the attack works regardless of the authentication scheme used. Dynamic pharming enables the adversary to eavesdrop on sensitive content, forge transactions, sniff secondary passwords, etc. To counter dynamic pharming attacks, we propose two locked same-origin policies for web browsers. In contrast to the legacy same-origin policy, which regulates cross-object access control in browsers using domain names, the locked same-origin policies enforce access using servers' X.509 certificates and public keys. We show how our policies help two existing web authentication mechanisms, client-side SSL and SSL-only cookies, resist both pharming and stronger active attacks. Also, we present a deployability analysis of our policies based on a study of 14651 SSL domains. Our results suggest one of our policies can be deployed today and interoperate seamlessly with the vast majority of legacy web servers. For our other policy, we present a simple incrementally deployable opt-in mechanism for legacy servers using policy files, and show how web sites can use policy files to support selfsigned and untrusted certificates, shared subdomain objects, and key updates.

show abstract

Design and implementation of a sensor network system for vehicle tracking and autonomous interception

Sharp

Schaffert

Woo

et al.

View full text Add to dashboard Cite

We describe the design and implementation of PEG, a networked system of distributed sensor nodes that detects an uncooperative agent called the evader and assists an autonomous robot called the pursuer in capturing the evader. PEG requires services such as leader election, routing, network aggregation, and closed loop control. Instead of using general purpose distributed system solutions for these services, we employ whole-system analysis and rely on spatial and physical properties to create simple and efficient mechanisms. We believe this approach advances sensor network design, yielding pragmatic solutions that leverage physical properties to simplify design of embedded distributed systems.We deployed PEG on a 400 square meter field using 100 sensor nodes, and successfully intercepted the evader in all runs. While implementing PEG, we confronted practical issues such as node breakage, packaging decisions, in situ debugging, network reprogramming, and system reconfiguration. We discuss the approaches we took to cope with these issues and share our experiences in deploying a large sensor network system.

show abstract

Hidden Markov Model Cryptanalysis

Karlof

Wagner

2003

View full text Add to dashboard Cite

Abstract. We present HMM attacks, a new type of cryptanalysis based on modeling randomized side channel countermeasures as Hidden Markov Models (HMM's). We also introduce Input Driven Hidden Markov Models (IDHMM's), a generalization of HMM's that provides a powerful and unified cryptanalytic framework for analyzing countermeasures whose operational behavior can be modeled by a probabilistic finite state machine. IDHMM's generalize previous cryptanalyses of randomized side channel countermeasures, and they also often yield better results. We present efficient algorithms for key recovery using IDHMM's. Our methods can take advantage of multiple traces of the side channel and are inherently robust to noisy measurements. Lastly, we apply IDHMM's to analyze two randomized exponentiation algorithms proposed by Oswald and Aigner. We completely recover the secret key using as few as ten traces of the side channel.

show abstract

Conditioned-safe ceremonies and a user study of an application to web authentication

Karlof¹,

Tygar²,

Wagner³

2009

View full text Add to dashboard Cite

We introduce the notion of a conditioned-safe ceremony. A "ceremony" is similar to the conventional notion of a protocol, except that a ceremony explicitly includes human participants. Our formulation of a conditioned-safe ceremony draws on several ideas and lessons learned from the human factors and human reliability community: forcing functions, defense in depth, and the use of human tendencies, such as rule-based decision making. We propose design principles for building conditioned-safe ceremonies and apply these principles to develop a registration ceremony for machine authentication based on email. We evaluated our email registration ceremony with a user study of 200 participants. We designed our study to be as ecologically valid as possible: we employed deception, did not use a laboratory environment, and attempted to create an experience of risk. We simulated attacks against the users and found that email registration was significantly more secure than challenge question based registration. We also found evidence that conditioning helped email registration users resist attacks, but contributed towards making challenge question users more vulnerable.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Chris Karlof

Secure routing in wireless sensor networks: attacks and countermeasures

Secure routing in wireless sensor networks: attacks and countermeasures

A practical evaluation of radio signal strength for ranging-based localization

The effects of ranging noise on multihop localization: an empirical study

Dynamic pharming attacks and locked same-origin policies for web browsers

Design and implementation of a sensor network system for vehicle tracking and autonomous interception

Hidden Markov Model Cryptanalysis

Conditioned-safe ceremonies and a user study of an application to web authentication

Contact Info

Product

Resources

About