Upload
adam-spencer
View
217
Download
2
Tags:
Embed Size (px)
Citation preview
Network-layer Security of Mobile Ad Network-layer Security of Mobile Ad hoc Networkshoc Networks
Jiangyi Hu
Advisor: Dr. Mike Burmester
02/24/20042Network layer security of Manets
OutlineOutline
Introduction
Secure routing
Existing routing protocols
Routing attacks
Secure routing protocols
Cooperation enforcement
Solutions to enforce cooperation
02/24/20043Network layer security of Manets
IntroductionIntroduction
Example of Mobile Ad hoc networks
A B
D
C
E
F
02/24/20044Network layer security of Manets
IntroductionIntroduction
Characteristics of Manet:
Wireless connection, broadcasting
Dynamic topology
Unfriendly environment
Limited resource
02/24/20045Network layer security of Manets
IntroductionIntroduction
AdvantageEase of deployment
Fast to deploy
Decreased dependence on infrastructure
Application of Manetemergency deployments
search and rescue missions
military operations
commercial applications
02/24/20046Network layer security of Manets
IntroductionIntroduction
VulnerabilitiesThe basic mechanism
The security mechanism
Security goalsAvailability
Confidentiality
Integrity
Authentication
Non-repudiation
02/24/20047Network layer security of Manets
Secure routingSecure routing
Existing routing protocols
Security threats for routing
Secure routing protocols
02/24/20048Network layer security of Manets
Existing routing protocolsExisting routing protocols
Table driven routingDSDV (destination sequenced distance vector)
CGSR (Clusterhead Gateway Switch Routing)
WRP (Wireless Routing Protocol)
On demand routingDSR (dynamic source routing)
AODV (ad-hoc on-demand distance vector)
TORA (Temporally Ordered Routing Algorithm)
02/24/20049Network layer security of Manets
DSRDSR
Dynamic source routing
Route discovery/Route maintenance
Every packet have the entire route
02/24/200410Network layer security of Manets
DSRDSR
S
S
S-A
S-C
S-C-E
S-C-E
S-C-E
S-A-B
S-A-B-DS-A-B-D
S-A-B-D
S-C-E-F
S-C-E-H
D
H
F
E
B
A
S
C
S-A-B
S-C-E-H
02/24/200411Network layer security of Manets
AODVAODV
Ad-hoc on-demand distance vector routing
No maintenance of routing table as in DSDV
Each node remembers only the next hop for the route, not the whole route
02/24/200412Network layer security of Manets
AODVAODV
D
S
A
E
F
B
C
: Reverse path
: Forward path
02/24/200413Network layer security of Manets
Routing attacksRouting attacks
Classification:
External attack vs. Internal attack
Passive attack vs. Active attack
02/24/200414Network layer security of Manets
Routing attacksRouting attacks
Attacks for routing:Modification
Fabrication
Wormhole attack (tunneling)
Denial of service attack
Invisible node attack
The Sybil attack
Rushing attack
Non-cooperation
02/24/200415Network layer security of Manets
ModificationModification
Modify the protocol fields of control messages
Compromise the integrity of routing computation
Cause network traffic to be dropped, redirected to a different destination or take a longer route
02/24/200416Network layer security of Manets
FabricationFabrication
Generating false routing messages, e.g. routing error messages
Can cause denial-of-service
CMBS D
: Connected
: Connected through multi-hops
: Forward false error message
02/24/200417Network layer security of Manets
Wormhole attackWormhole attack
Colluding attackers uses “tunnels” between them to forward packets
Place the attacker in a very powerful position
The attackers take control of the route by claiming a shorter path
02/24/200418Network layer security of Manets
Wormhole attackWormhole attack
A
M
B
C
N
D
S
tunnel
Example of wormhole attack
……..….
02/24/200419Network layer security of Manets
Denial of service attackDenial of service attack
Adversary floods irrelevant data
Consume network bandwidth
Consume resource of a particular node
02/24/200420Network layer security of Manets
Invisible node attackInvisible node attack
Attack on DSR
Malicious does not append its IP address
M becomes “invisible” on the path
CMBS D
02/24/200421Network layer security of Manets
The Sybil attackThe Sybil attack
Represents multiple identities
Disrupt geographic and multi-path routing
M1
B
M4
M5M2
M3
02/24/200422Network layer security of Manets
Rushing attackRushing attack
Directed against on-demand routing protocols
The attacker hurries route request packet to the next node to increase the probability of being included in a route
02/24/200423Network layer security of Manets
Non-cooperation Non-cooperation
Node lack of cooperation, not participate in routing or packet forwarding
Node selfishness, save energy for itself
02/24/200424Network layer security of Manets
Secure routing protocolsSecure routing protocols
SRP (Secure Routing Protocol)
ARAN (Authenticated Routing for Ad hoc Networks)
Ariadne
SEAD (Secure Efficient Ad hoc Distance vector routing )
Cope with wormhole attack
02/24/200425Network layer security of Manets
SRPSRP
Assume a shared secret key between the source node and the destination node
Verification of the route request/reply packet using MAC (Message Authentication Code)
Identities of intermediate nodes accumulated in the route request packet
02/24/200426Network layer security of Manets
ARANARAN
Requires a trusted certification authority
Every node forwards a route request or a route reply must verify it and sign it
Asymmetric cryptography is costly in terms of CPU and energy usage
02/24/200427Network layer security of Manets
ARANARAN
Example of ARAN:
D
S B C[[RDP,IPD, CertS, NS, t]KS- , CertS ] KB- , CertB
[[RDP,IPD, CertS, NS, t]KS- , CertS ] KC- , CertC
[REP,IPS , CertD , NS , t]KD-, CertD
[[REP,IPS , CertD , NS , t]KD-, CertD ]KC- , CertC[[REP,IPS , CertD , NS , t]KD-, CertD ]KB- , CertB
[RDP,IPD, CertS, NS, t]KS- , CertS
: broadcast
: unicast
02/24/200428Network layer security of Manets
AriadneAriadne
Each node generates a one-way key chain (K0,K1,…Ki,…Kn) and publishes the keys in reverse order from generation
The sender picks Ki which will still be secret at the time the receiver receives the packet
When a receiver receives a packet, it first verifies Ki is still secret, then it buffers the packet and waits for the sender to publish key Ki
Need time synchronization
02/24/200429Network layer security of Manets
SEADSEAD
Based on Destination-Sequence Distance Vector Protocol (DSDV)
Uses one-way hash chain (h0 ,h1,…hi,…hn )
Use a hash value corresponding to the sequence number and metric in a routing update
Attacker can never forge better sequence number or better metric
02/24/200430Network layer security of Manets
Cope with wormhole attackCope with wormhole attack
Geographic leash
Ensures that the recipient of the packet is within a certain distance from the sender
Temporal leash
Ensures that the packet has an upper bound on its lifetime
02/24/200431Network layer security of Manets
Cooperation enforcementCooperation enforcement
Introduction
Solutions
Currency based
Local monitoring
02/24/200432Network layer security of Manets
Cooperation enforcementCooperation enforcement
Currency based Nuglets
Sprite
Local monitoringWatchdog and path rater
Confidant
CORE
Token-based
02/24/200433Network layer security of Manets
NugletsNuglets
Nuglets ---- a virtual currency
Packet purse model Sender pay nuglets in advance
Intermediate node takes nuglets for forwarding service
Packet trade mode Intermediate nodes “buys” the packet from the previous one and “sells” it to the next one
02/24/200434Network layer security of Manets
NugletsNuglets
Advantage Disadvantage
Packet purse model
deters nodes from sending useless data and overloading the network
difficult to estimate the number of nuglets that are required
Packet trade mode
source does not have to know in advance the number of nuglets required
can not prevent nodes from overloading the network
02/24/200435Network layer security of Manets
SpriteSprite
Uses credit to provide incentive to selfish nodes
Nodes keep receipt to get payments from the Credit Clearance Service (CCS)
Credit that a node receives depends on whether its forwarding is successful or not
02/24/200436Network layer security of Manets
Watchdog and path raterWatchdog and path rater
A node's watchdog Listens promiscuously to the next node's transmissions
If a node does not forward, it is misbehaving
The path rater choose the best path from watchdog ratings
S A B C D
: Connected
: Connected through multi-hops
: Forwarding
: Listening
02/24/200437Network layer security of Manets
ConfidantConfidant
Consists of:
Monitor
Reputation System
Path Manager
Trust Manager
02/24/200438Network layer security of Manets
ConfidantConfidant
Detects malicious nodes
by means of observation or reports about several types of attacks
Allows nodes
to route around misbehaved nodes
to isolate misbehaved nodes from the network
02/24/200439Network layer security of Manets
CORECORE
Basic components:
Reputation table
stored in each node
the reputation value of each node
Watchdog mechanism
detect misbehavior nodes
02/24/200440Network layer security of Manets
Token-basedToken-based
Each node has to have a token
Local neighbors monitor
The token is renewed via multiple neighbors
The period of validity of a node’s token is dependent on how long it has stayed and how well it has behaved
02/24/200441Network layer security of Manets
Token-basedToken-based
Composed of:
Neighbor verification
Neighbor monitoring
Intrusion reaction
Security enhanced routing protocol
02/24/200442Network layer security of Manets
SummarySummary
Introduction
Secure routingExisting routing protocols
Security attacks
Defenses
Node cooperationCurrency based
Local monitoring
Thank you!Thank you!