My course on WSN and VANET Security
This course is included in the Doctoral Program in Information and Communication Technology at the University of L'Aquila. It deals with the security management principles - according to ISO 31000 Risk Management - and the applicable techniques to Wireless Sensor Networks (WSN) and Vehicular Ad hoc NETworks
(VANET), special classes of wireless ad hoc networks.
Wireless sensor networks (Wireless Sensor Network, WSN), wireless inter-vehicular and intra-vehicular networks (Vehicular Ad-hoc Networks, VANET) are instances of wireless ad-hoc networks.
Wireless ad-hoc networks can be rightly considered as enablers for Operational Technologies (OT): nowadays we are observing a process of convergence with the extension of classical IT cyber risks also to OT domain to be managed in accordance with the NIS and NIS2 by OSE (Operatori di Servizi Essenziali).
The seminar objective is introducing WSN and VANET security issues, challenges and solutions as a result of a security management process according to the current standard ISO 31000 "Risk Management" principles. Therefore this course aims to be a concrete guideline to manage a Cyber Security Management Process compliant to current best practises.
According to ISO 31000, we can refer to a "security management process" as a 4-steps cycling process which starts from (1) cyber risk identification, (2) risk evaluation and quantification, (3) risk mitigation and (4) monitoring until the residual risk becomes less or equal to the "acceptable risk" defined by the organization: therefore the "Minimum Security Requirement" or the "Required Security Level" (RSL) identifies the security level corresponding to the acceptable risk. Evaluation and quantification methods for cyber risk (CRQ) are challenging issues and usually only well-defined semi-quantitative techniques for CRQ can be defined. On the other side, the security performance offered by a cyber security function can be quantitatively computed and determines the "Offered Security Level". A good security design results when the "Required Security Level" meets the "Offered Security Level".
ISO 31000 defines passive and active countermeasures according to the availability of feedbacks about the state sequence (or the behaviour) of the system during time: from a security point of view, passive countermeasures (deterrency) include cryptographic techniques to preserve data confidentiality, sender authentication (signature) and message authentication, while active countermeasures include estimation techniques of system behavior able to detect the anomalies induced in the system by cyber attacks (intrusion detection and classification).
ISO 31000 principles inspire methods and procedures for security management in specific engineering domains: e.g. ISO 27000 family for the ICT domain, ISO 21434 for the automotive domain.
Raffinate mathematical methods are introduced to compute both the security performance of a cryptographic technique based on the relevent results of "information theoretic security", i.e. information theory applied to security, introduced by C. E. Shannon in 1949 with its masterwork "Communication Theory of Secrecy Systems" and the performance upper bound in a behavior estimation problem.
Passive security functions for WSNs and VANETs are still based on the ordinary cryptographic mechanisms (symmetric, asymmetric, hybrid schemes) but the resource constraints in terms of energy and memory savings of microprocessors embedded into WSN and VANET push to innovative and raffinate techniques such as elliptic curve cryptography (ECC) and identity-based cryptography (useful for privacy preserving in VANETs).
Active security functions are based on behavior estimators and classifiers derived from the theory of Discrete Event Dynamic Systems and Machine Learning algorithms.
The course deals with the most relevant passive and active security functions applied to ad hoc networks from literature and those that have been designed and developed at Univaq labs in recent industrial projects as SEAMLESS, EMERGE, SHINE-ON, CYBORG: TAKS (Topology Authenticated Key Scheme) and its ECC-based version EC-TAKS as well as the intrusion detection system WIDS (WPM-based Intrusion Detection System) and MVET (Mean-Variance Evaluation Technique).
Slides:
The course. Risk Based Thinking. Elements of a wireless network, Wireless Network Taxonomy: Wireless Sensor Network (WSN) vs. Mobile Ad hoc Network (MANET) vs. Vehicular Ad hoc Network (VANET).
Part I: Security analysis applied to WSN and VANET
I.1 The framework of Security Management. From Risk to Security Management: Security Management Process, Approaches for Risk Evaluation, Techniques for Risk Evaluation, P-I Matrix and isorisk curves, FTA – CVSS, NIST SP 800-30 Guide for Conducting a Risk Assessment. Security management in the automotive domain: ISO / SAE 21434, Threat Analysis and Risk Assessment (TARA), Cybersecurity Risk Quantification technique EVITA, Guide line for TARA execution using EVITA. Reference Cyber Security functions: Security metrics, Timing Constraints, Cyber Risk Mitigation.
I.2 The case of WSN. Definition of WSN. Applications, design issues, reference WSN architecture. IEEE 802.15.4.
I.3 The case of VANET. Definition of VANET. VANET
vs. MANET. VANET applications. Inter-Vehicular communications systems.
Intra-Vehicular communications systems.
I.4 Threats and Attacks against WSN and VANET: Classification of Cyber attackers, Classification of attacks, Cyber attacks against WSN, Cyber attacks against VANET, Cyber attacks against Intra-Vehicle Communications, Classification of the Security Functions.
Part II: Mitigation Measures: Security Techniques for WSN and VANET
II.1 Passive Security Functions. Mathematical background: Kerckhoffs' principle. The Shannon's lessons. Modular Arithmetic, Generating Prime Numbers, Generating Pseudo-random Numbers, Elliptic Curve (EC) Algebra, Discrete Logarithm Problem and its EC version, Zero Knowledge Proof. Techniques: Ciphering, Hash functions, Message authentication codes, Digital signatures. Key Establishment Protocols (KEP): Symmetric KEP, Asymmetric KEP, Hybrid KEP, Authentication of public key. Key Management Protocols (KMP). IEEE 802.15.4 security, IEEE 1609.2 security, secure routing.
II.2 Active Security Functions. Mathematical background: dynamic systems, discrete events dynamical systems (DEDS), the Intrusion Detection Problem: DEDS modeling using Petri Nets, mapping PN into a finite automaton (FA), identification of observables and hidden states, state sequence estimation. Behavior Classifier. Information Theoretic Model of an Intrusion Detection System. Techniques: Machine Learning, Anomaly Detection System, audit data, Representation Model: Rules Based Techniques, Statistics Based Techniques. Classification Model.
II.3 Security Techniques made in Univaq. TAKS/ECTAKS: TAKSx driving ideas & main features, TAKS definition, TAK equations, geometric interpretation of TAK, authenticated network topology. ECC-based TAKS (ECTAKS), ECTAKS vs. ECDHE. ECTAKS schemes for encryption / decryption and sender signature. Intro to ECTAKS Security Proof. Selective Secure Clusterwise Communications. TAKSx release chronology. WIDS/MVET: WIDS driving ideas & main features, reference architecture, technique, security analysis. WIDS for IEEE 802.15.4 systems. MVET driving ideas & main features, reference architecture, technique, performance analysis.
II.4 VANET Security and Privacy. V2X communications security: architecture, analysis, privacy preserving solutions. Intra-Vehicle communications security: vulnerabilities, countermeasures.