Sensor security simulation software S3 was developed as a research simulation software for selected security problems in wireless sensor networks on Faculty of Informatics, Masaryk University. The simulator core, Key Infection and secrecy amplification protocols, probabilistic pre-distribution and evolutionary circuit were written by Petr Svenda, parts devoted to attacks against routing algorithms and probabilistic key predistribution improvements were written by Jiri Kur. Adaptation of simulator for distributed computation via BOINC infrastructure and extensions of secrecy amplification protocols was done by Tobias Smolka. Simulator is written in C++ for MS Windows 2000/XP/Vista/7 operating system with Visual Studio 2010 IDE.
Development of the new simulator instead of using an existing one was motivated by two main reasons:
DownloadsDownload compiled binaries for MS Windows 2000/XP/Vista/7 32bits here: S3_184.108.40.206_32bit.zip (1.2MB).
Download compiled binaries for MS Windows 2000/XP/Vista/7 64bits here: S3_220.127.116.11_64bit.zip (0.8MB).
Download source codes (Visual Studion 2010) here: S3_18.104.22.168_sources.zip (0.9MB).
Older downloadsDownload compiled binaries for MS Windows 2000/XP/Vista 32bits here: S3_22.214.171.124_32bit.zip (360kB).
Download compiled binaries for MS Windows 2000/XP/Vista 64bits here: S3_126.96.36.199_64bit.zip (470kB).
Download source codes (Visual Studion 2005) here: S3_188.8.131.52_sources.zip (970kB).
Please, report any bugs or suggestions to my mail (see footer of the page). Thank you!
Simulator architectureOur simulator has been developed for Microsoft Windows 2K/XP/Vista/7 operating systems in C++, currently having almost forty thousand lines of code. The simulator can be compiled both for 32-bit and 64-bit Intel/AMD architectures, with the 64-bit version providing some performance advantage.
A pseudo-random generator based on the MD5 hash function is used to provide pseudo-random data where required, starting from a specified seed. Once the initial seed is fixed, the simulator steps are fully deterministic, except for random operations used internally by evolutionary algorithms where determinism is undesirable. Truly random data is taken from the QRBG service (http://random.irb.hr/). Simulations are repeatable if the seed is preserved.
The parameters of a simulation can be set either from the GUI or can be provided from a configuration file. Once a simulation is started, all configuration parameters are saved together with the used random seed, making an exact repetition of a particular simulation possible.
The simulator can be run with all settings given from the command line. Support for execution on either local or remote machines with centralized management is implemented. Speedup of extensive simulations with naturally parallel operations can be distributed over several machines with real-time reporting to the central management application (e.g., each deployment is simulated on a separate machine). This capability enables to automatically execute large number of computations in distributed manner via BOINC infrastructure
Support for batch sequential execution of several simulations is also implemented. The start of a particular simulation can be delayed until the previous simulations finish. The selected characteristics of network deployment can be automatically iterated over a specified range with fixed steps, providing separate simulations (e.g., increasing network density within a given range with a defined increase step).
Detailed data produced during simulation is written into files with format suitable for later processing with the Matlab software. Several Matlab scripts were created for further processing, data visualization and graph plotting.
Network deploymentThe deployment of nodes is done in a specified two-dimensional rectangle area, every node having a position in the x and y axes with float number precision. Nodes can be deployed either randomly or according to a freely specifiable pattern. Every node has a definable transmission range with connection to nodes in range established during neighbour discovery. Eavesdropping nodes can be deployed similarly to legal nodes.
Multiple deployments can be performed at the same time. Subsequent operations are performed over all deployments with some simulation results averaged. The averaging of results over multiple deployments decreases the dependence of simulation statistics on the particular placement of nodes. This property is of a special importance for automatic protocol generation, where over-learning on a particular deployment is undesirable.
Support for secrecy amplification protocolsThe deployment of the nodes can be followed by establishment of link keys between neighbours in transmission range with several supported key exchange mechanisms (maximum screaming, whispering, random and probabilistic pre-distribution). Links are marked either secure or compromised based on the attacker model and actual distribution of eavesdropping nodes (Key Infection) or node capture (probabilistic pre-distribution). Such mesh of links with different secrecy state (secure/compromised) forms a starting point for secrecy amplification protocols. These protocols are either directly implemented in the code or can be specified in a metalanguage from script (slower but more flexible option) as a sequence of elementary instructions.
Metalanguage-based execution of amplification protocols is used for automatic protocol generation. The simulator contains a built-in protocol generator based on evolutionary algorithms (GALib package http://lancet.mit.edu/ga/ was used for the implementation). Generated protocols are executed in the deployed networks and evaluated with a fraction of secure links used as an indicator of protocol quality. Interrupted protocol generation can be restarted from a temporal state stored in files generated during simulation.
Primitive instructions setEach party (sensor node) in the protocol is modeled as a computing unit with a limited number of memory slots, where all local information is stored. The memory slot can be loaded with a) random value, b) encryption key and c) message. The set of primitive instructions is defined in such a way that each of the instructions has one or two parameters Nx indicating the node(s) that will execute a given instruction (e.g., local generation of a random value will have only one node parameter; sending a message between nodes will have two parameters) and up to three parameters Rx for the identification of used memory slots. These instructions were selected with the aim to describe all published secrecy amplification protocols and use only (cryptographic) operations available on real nodes. A candidate secrecy amplification protocol is represented as a program composed of these instructions and modeled as an array of bytes.
The instructions set is as follows:
Support for probabilistic pre-distributionSupport for probabilistic key pre-distribution is implemented with evaluation of the number of secure links after a compromise of specified number of randomly or selectively captured nodes. The basic schemes described by Eschenaur and Gligor and extended q-EG are implemented. The simulator is optimized for fast queries with respect to the a subset of shared keys and the evaluation of the compromise impact of node capture.
Support for the automatic generation of node capture attacks is implemented. The subset of nodes selected either randomly or selectively is marked as compromised, keys are extracted and the compromise impact on the network links is evaluated. The implementation of evolutionary algorithms based on the GALib package is used.
Routing protocolsSeveral routing algorithms for data delivery between end nodes and base stations are implemented, namely routing with the selection of the geographically ideal next hop, routing with partial information about the position of neighbours, Implicit Geographic Routing (IGF) and Minimal Cost Forwarding (MCF) algorithms. A high level of abstraction is used, and lower level issues like MAC layers collisions are not considered. Majority of code for routing protocols was written by Jiri Kur. Support for routing protocols is used for automated searching for attacks against routing protocols IGF and MCF.
OpenPGP key : 0x89CEB31C