View
44
Download
0
Category
Tags:
Preview:
DESCRIPTION
Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks. Reference: “Mitigating Routing Misbehavior in Mobile Ad Hoc Networks”, Sergio Marti, T.J. Giuli, Kevin Lai, and Mary Baker, MobiCom 2000. Overview. Introduction Node misbehavior on routing Proposed approach from the paper Watchdog - PowerPoint PPT Presentation
Citation preview
Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks
Reference: “Mitigating Routing Misbehavior in Mobile Ad Hoc Networks”, Sergio Marti, T.J. Giuli, Kevin Lai, and Mary Baker, MobiCom 2000.
Overview
Introduction Node misbehavior on routing Proposed approach from the paper
Watchdog Pathrater
Simulation results Conclusion & comments
Ad-Hoc Network
A collection of wireless mobile hosts forming a temporary network without the aid of any established infrastructure or centralized administration. Lack of infrastructure Distributed peer-to-peer mode of operations Multi-hop Routing
Applications Military communication Rescue missions in times of natural disasters
Vulnerabilities
Vulnerabilities of wireless links Changing topology Absence of infrastructure Nodes may be physically controlled by the
attacker
Research areas in security
Key establishment Secure routing Selfishness Intrusion Detection Secure sensor networks Lightweight cryptographic protocols
Node Misbehavior
Ad hoc networks maximize total network throughput by using all available nodes for routing and forwarding.
A node may misbehave by agreeing to forward the packet and then failing to do so due to overloaded, selfish, malicious or broken
Misbehaving nodes can be a significant problem
Contemporary Solutions
Forward packets only through nodes that share a prior trust relationship. Require key distribution Trust nodes can still be overloaded, broken or
compromised Untrusted nodes may be well behaved
Isolate the misbehaving from the network. Would add significant complexity to protocols whose
behavior must be very well defined
Proposed Approach
Install extra facilities in the network to detect and mitigate routing misbehavior.
Make only minimal changes to the underlying routing algorithm.
Introduce two extensions to the Dynamic Source Routing Protocol (DSR) Watchdog Pathrater
Definitions & Assumptions
Neighbor A node that is within wireless transmission range of
another node Neighborhood
All the nodes that are within wireless transmission range of a node
Links between the nodes are bi-directional Nodes are in promiscuous mode operation Malicious node does not work in group
Dynamic Source Routing (DSR)
“on-demand” Route paths are discovered at the time a source sends a
packet to a destination for which the source has no path Route Request Message Route Reply Message
Generate when the route request reach the destination Or when an intermediate node which contains in its
route cache an unexpired route to the destination Route Error
Handle link breaks
DSR (Route Request)
1
2
3
5
7
6
8
4
11-2
11-3
1-3-4
1-3-4
1-3-4
1-2-5
1-3-4-6
1-3-4-7S
D
DSR (Route Reply)
1
2
3
5
7
6
8
4
1-2-5-81-2-5-8 1-2-5-8
S
D
Two extensions on DSR
Watchdog Detects misbehaving nodes by overhearing
transmission
Pathrater Avoids routing packets through misbehavior
nodes
S A B DC
Watchdog
Maintain a buffer of recently sent packets Compare each overheard packet with the packet
in the buffer to see if there is a match If a packet remained for longer than timeout,
increments a failure tally for the node responsible
If the tally exceeds a threshold, the node is determined to be misbehaving and the source will be notified
Watchdog
Advantages Can detect misbehavior at the forwarding
level Disadvantages
Might not detect in presence of Ambiguous collisions Receiver collisions Limited transmission power Others
Ambiguous Collisions
The ambiguous problem prevents node A from overhearing transmission from B
S
A B
D
Receiver Collision
Node S can only tell this whether node A sends the packet to node B, but it cannot tell if B receives it
S
A B
D
Limited Transmission Power
Misbehaving node can control its transmission power to circumvent the watchdog
S
A B
D
Other disadvantages
False Misbehavior When nodes falsely report other nodes as
misbehaving Collusion
Multiple nodes in collusion can mount a more sophisticated attack
Partial Dropping A node can circumvent the watchdog by dropping
packets at a lower rate than the threshold
Pathrater
Each node maintains a rating for every other node it knows about in the network
It calculates a path metric by averaging the node ratings in the path
The metric gives a comparison of the overall reliability of different paths
If there are multiple paths to the same destination, it choose the path with the highest metric
Methodology
Berkeley’s Network Simulator (ns) with wireless extensions made by the CMU Monarch project
Simulate 50 nodes Moving speed: 0 - 20m/s Pause time: 0s or 60s % of compromised node: 0 – 40% in 5%
increments
Metrics of Evaluation
Throughput % of sent data packets actually received by the
intended destinations Overhead
Ratio of routing-related transmissions to data transmissions
False Positive Impact of watchdog false positive on network
throughput
Simulation
Extensions Watchdog (WD) Pathrater (PR) Route request (SRR)
4 combinations by extensions WD=ON, PR=ON, SRR=ON WD=ON, PR=ON, SRR=OFF WD=OFF, PR=ON, SRR=OFF WD=OFF, PR=OFF, SRR=OFF
Simulation
Each metric includes two graphs of simulation results for two separate pause times (0s, 60s)
Simulate two different node mobility patterns using 4 different pseudo-random number generator seeds
Seeds determine which nodes misbehave Plot the average of the 8 simulations
Network Throughput (0s pause time)
Network Throughput (60s pause time)
Routing Overhead(0s pause time)
Routing Overhead(60s pause time)
Effects of False Detection(0s pause time)
Effects of False Detection(60s pause time)
Conclusion
Ad hoc networks are vulnerable to nodes that misbehave when routing packets
Proposed two possible extensions to DSR to mitigate the effects of routing misbehavior
Simulation evaluates that the 2 techniques increases throughput by 17% in network with moderate
mobility, while increase ratio of overhead to data transmission from 9% to 17%
increases throughput by 27% in network with extreme mobility, while increase ratio of overhead to data transmission from 12% to 24%
Comments
Work does not mention about how the threshold value is calculated - it is one of the important factor in detecting malicious nodes.
If malicious nodes work in a group then it is difficult to identify them
Paper does not address other attacks such as Mac attack, False route request and reply messages that bring down throughput in ad-hoc network
Thank you!
Recommended