Upload
marjorie-richardson
View
213
Download
0
Tags:
Embed Size (px)
Citation preview
2
Why Mobility Protocols
Satellites with IP-enabled devices capture videos, images and send them to control centers on earth
Need to maintain continuous connectivity with remote computer
Mobility protocols are required to ensure session continuity
3
Employs mechanism similar to postal service mail forwarding
Problems: Inefficient routing High handover latency Packet loss
IETF Solution to IP Mobility: Mobile IP
Home Network
Home Agent
Foreign Agent
Visiting Network
Correspondent Node (CN)
Location Update
Packets from
CN to MHInternet
Encapsulated Packets
Decapsulated Packets
Home Address
Acquires CoA
4
Network Mobility (NEMO)
A collection of nodes moving as a unit (Example: airplanes, trains, ships)
Mobility can be managed in an aggregated way in NEMO Mobile Router acts as default gateway and manages mobility
on behalf of mobile network nodes
Internet
HA
5
NEMO Architecture
Data path
Inside NEMO MR: Mobile Router LFN: Local Fixed Node LMN: Local Mobile node VMN: Visiting Mobile
Node Problems:
Routing through HA Heavy load on HA Drop in throughput
during handover
NEMO
6
Internet
SIGMA
Transport layer solution proposed by the researchers at the TNRL lab Exploits IP-diversity (having multiple IP addresses) of a mobile host Benefits:
Establishes a new connection before disconnecting the old one Decouples location management from data transmission Less handover delay and packet loss, Optimal routing between MH-CN
CN
LocationManager
7
SINEMO
SIGMA-based seamless mobility solution for mobile networks Exploits IP-diversity of the MR
The MR maintains a translation table for all the mobile network nodes
MNN’s private IPs do not change
Default gateway
8
Hierarchical Mobility Protocols: HMIPv6
For high mobility of nodes, frequent location updates for HA
Bandwidth wastage Overhead for HA
Hierarchical Mobile IPv6 attempts to reduce signaling by introducing new Mobility agent: MAP Local HA
Local HA
10
Employs mechanism similar to postal service mail forwarding
Problems: MH must send updates
to HA CoA changes in every
handoff High handover latency Packet loss
Terminal-based Mobility Protocol: Mobile IP
Home Network
Home Agent
Foreign Agent
Visiting Network
Correspondent Node (CN)
Location Update
Packets from
CN to MHInternet
Encapsulated Packets
Decapsulated Packets
Home Address
Acquires CoA
11
Problems of Terminal-based Mobility Protocols
Problems: Requires low-end mobile devices to perform all kinds of mobility
signaling to maintain connectivity New CoA after each handoff, so the cache entry needs to be
changed Wireless bandwidth wastage due to mobility signaling High handover latency Sub-optimal routing and tunneling
Solution: Network-based Mobility Management Network takes care of all the mobility signaling Network entities are responsible to track the mobile device Network entities send required signaling messages on behalf the
mobile devices
12
Proxy Mobile IP: Network-based Mobility Management
Local Mobility Anchor• Local HA for the MH in
a PMIPv6 domain• All traffic destined to
are routed through LMA
Mobility Anchor Gateway• Access router that
tracks MH’s movement in its access link
• Informs the LMA through Proxy BU
Local Home Agent
PMIPv6domain
Access Router that detects node mobility
13
PMIPv6 Operation
Rout
er
Solic
itatio
n
AAA procedure
Binding Cache entry for MH
Prox
y BU
Prox
y BA
PMIPv6domain
14
Proxy Mobile IP Signaling
AAA: Authentication, Authorization and AccountingBCE: Binding Cache EntryPBU: Proxy Binding UpdatePBA: Proxy Binding Ack
15
Benefits of Network-based Mobility Management
Battery power saving No modification in end devices Unique IP address in the whole LMA-domain Movement detection by the network Reduced signaling in the wireless access network Low handover latency Efficient tunneling Less signaling in each handoff
No Duplicate Address Detection (DAD) in each handoff No return routability
17
After moving to new location, MH informs CN about its location though binding update
Improved performance
Route optimization in Mobile IPv6
Home Network
Home Agent
Visiting Network
Correspondent Node
Location Update
Internet
Op
tim
ized
ro
ute
wit
ho
ut
any
enca
psu
lati
on
Bin
din
g u
pd
ate
to C
N
18
Major Security Threats
Man-in-the-middle attack Traffic redirection attack Bombing Attack Replay Attack Home Agent poisoning Blocking legitimate BU Resource exhaustion Forcing sub-optimal route Exploitation of routing headers
19
Traffic Redirection Attack
Internet
Correspondent Node
MHAttacker
Node B
Spo
ofed
bin
ding
upd
ate
(MH
’s ID
, Nod
e B
’s IP
)O
ng
oin
g co
mm
un
icationB
indi
ng A
ck a
ccep
ted
by C
N
Redirected Traffic
Home Agent
20
Man-in-the-middle (MITM) Attack
Internet
Correspondent Node
Home Agent
MHSpoofe
d b
indin
g u
pdate
(MH
’s ID
, Att
ack
er’
s
IP)
Ongoin
g
Com
munica
tion
Bin
din
g A
ck a
ccep
ted b
y
CN
Traf
ficR
edir
ecte
d to
the
Att
acke
r
Attacker learns and modify packets Modified packets
received
21
Bombing Attack
Internet
Streaming server
MHSpoo
fed
bind
ing
upda
te in
volv
ing
MH’s
add
ress
Unw
ante
d stre
am
ing
data
Conn
ection
Set
up w
ith
serv
er
22
Replay Attack
Internet
CN
Subnet A
MH
sen
ds B
U
from
su
bn
et
A
Subnet B
Rec
orde
d B
U
repl
ayed
to C
N
CN
sen
ds p
ackets
to
MH
’s p
revio
us
locati
on
????
Moving to subnet B
MH
sends B
U
from
Subnet B
Home Agent
Attacker records BU for future attack
23
Reflection Attack
Internet
Correspondent Node
Home Agent
MH receives every packet sent by the attacker twice
False in
itial messag
e
24
Home Agent Poisoning
Spoofed BU
Binding ACK
Query for MH
Location information corrupted
Reply (Wrong IP)
25
Resource Depletion
Internet
Memory and transmission power wasted
Subnet A
Subnet B
Att
acke
r es
tab
lish
es m
any
con
nec
tio
ns
wit
h f
ake
IPs
MH sends BUs to all those fake hosts
Home Agent
26
Exploitation of Routing Header
Attack traffic sent to node B with a Routing Header (RH)
Node B overwrites destination field with RH
Traffic is then sent to victim node
Difficult to find source of attack
27
Exploitation of HoA Option
Attack traffic to V
Node V replaces source IP with HoA field (B)
It appears to be an attack from Node B
29
Defense Mechanisms
Goals Simple enough to be implemented in mobile devices Requiring low processing power Low latency solutions Infrastructure-less approach: No such global
infrasturcture
Existing defense mechanisms for Mobile IPv6 IP Security protocol Internet Key Exchange (IKE)-based schemes Return Routability protocol Protection for routing headers Other general measures
30
IP Security Protocols
A suite of protocols to provide security in IP networks Authentication Header (AH) protocol Encapsulating Security Payload (ESP) protocol
In IPsec, a preconfigured Security Associations (SA) is established between MH and HA / CN to choose security parameters / algorithms
Advantage: Very strong authentication Difficult to break
Limitations: High CPU requirement Does not protect against misbehaving MH
31
IPsec: Authentication Header (AH) protocol
AH guarantees data origin authentication of IP packets
Use of such AH ensures that any attacker cannot deceive HA or CN with spoofed BU
As a result, traffic redirection attacks can be avoided
Limitations: Cannot ensure data confidentiality
32
IPsec: AH Operation
Internet
Correspondent Node
Home Agent
Security A
ssociation
Securing BU with AHIP AH
33
IPSec: Encapsulating Security Payload (ESP) protocol
ESP protocol can ensure data confidentiality in addition to authentication
ESP ensures privacy of data by encryption
An encryption algorithm combines data in the datagram with a key to transform it into an encrypted form
34
IPsec: Securing Data using ESP
Internet
Correspondent Node
Home Agent
Sec
uri
ty A
sso
ciat
ion
Secu
ring
BU
with
ES
P
IP
ES
P
IP
ES
PD
ataS
ecurin
g d
ata from
inco
nsisten
cy
35
IKE-based Schemes
Commonly used for mutual authentication and establishing and maintaining security associations for IPSec protocol suite
Ensures confidentiality, data integrity, access control, and data source authentication
IKE helps to dynamically exchange the secret key that is used as the input to the cryptographic algorithms
Limitations: Require existence of a certification authority Very complex and power consuming operations
36
Return Routability Protocol
Proposed to secure binding updates between CN-MH
A node sending a binding update must prove its right to redirect the traffic
RR messages are exchanged among MH, CN and HA before binding updates are sent
37
Message Exchange in RR protocol
MH initiates RR by sending HoTI and CoTI msg to the CN
The CN then sends corresponding challenge packets (HoT and CoT) destined to MH
If successful, CN accepts BU from MH
Advantages Infrastructure-less Low CPU required
Limitations Weak authentication Does not protect
against attackers on the path between HA and CN
HoTI
HoTI
Co
TIHoT
HoT
Co
T
38
Protection against Routing Header (RH) issues
To protect misuse of routing headers, following restrictions are applied while processing RH:
Only one RH per packet
All IPv6 nodes must verify that the address contained within RH is the node’s own HoA
The IP address must be a unicast routable address since it is the MH’s HoA
A node must drop the packet if any of these are NOT met
39
Other possible approaches
Keeping nodes stateless: To avoid resource exhaustion
Keeping short lifetime for binding entry: To avoid replay attack
Use of Cryptographically Generated Address: To avoid redirection / MTIM attacks
40
Comparison among the Schemes
Defense Mechanisms
Protection from Benefits Limitations
IPsec and IKE
Attack on BU between MH-HA
Strong authentication, data confidentiality
High CPU overhead,assumes trust relationship
Return routability
Attack on BU between MH-CN
Infra-structureless,Less CPU requirement
Weak authentication
Keeping nodes stateless
Resource exhaustion attack
Helps in avoiding DoS attacks
May introduce delay for legitimate BU
Short lifetime of BU
Replay attack, HA poisoning
Ensures up-to-date entry in binding cache
Frequent refreshing updates wastes bandwidth
Use of CGA Bombing attack, MTIM, traffic redirection
Hard to target a node Higher complexity, higher CPU