Secure routing for wireless NANsStudent: Reza Sadeghi

Advisor: Dr. Mazinani

Course: Smart grid

My email: reza.sadeghi@imamreza.ac.ir

im_rezasadeghi@yahoo.com

November & December 2013

2

Smart Grid Common Networks

Neighbor Area Network (NAN) Home Area Network (HAN)

Power Generation Power Transmission Grid Power Distribution Grid Power Consumption

SmartMeterSubstationSubstation Customer

Microgrid

Microgrid

(a) Power System Layer

(b) Communications Layer

WirelessBackhaul

BaseStation

Control Center

Wired BackhaulNetwork

Wide Area Network (WAN)

SmartMeter

Data AggregationPoint (DAP)

Electric Vehicle

Solar EnegyWind Enegy

Non-renewable Enegy

Concentrator SmartHomeDevice

3

NAN is first of the warNew houses produce their supply

4

Materials of NANs in ??IEEE802.11s??

MP->A mesh point (MP) is an IEEE 802.11s entity that mainly acts as

a relay node.MAP->

A mesh access point (MAP) is an MP but can also work as an access point

MPP->A mesh portal (MPP) is a logical point and has a bridging

functionality and connects the mesh network to other networksSTA->Legacy wireless mobile stations (STA) are connected to an MAP

through generic WLAN protocols.

Thus, configuration of an MAP allows a single entity to logically provide both mesh functionalities and AP functionalities

simultaneously.

EXACTLY

5

6

Security in SG inrouting perspective

Security in NANs

Routing protocols

Routing in WMN

Routing discovery

Routing maintenan

ce

Data passing

7

HWMN for IEEE 802.11s

8

Most of Mutable filed are dangerous

9

Attacks on routing

10

Rout discovery attack

11

Routing Loop

12

Rout diversion attack

13

Key Establishment procedure in IEEE 802.11s

Differences?

Pairwise Master

Key

14

SHWMN

•Markle tree

Tree encryption

•IBCPublic and private key

•TOPMulti level keys

15

Markle Tree

SHA1

16

Securing on demand modeF1 F2

In action!

17

Markle Tree for S->B->C

18

Securing on proactive

19

Securing hybrid mode

Proactive mode

Tree

On-demand

Security analyses? Flooding/Rout disruption/ Rout

diversion/Routing Loop

20

Performances analysis

21

Analysis

22

IBC-HWMPIBC(Identity based Cryptosystems)

IBC Algorithm

Encryption

Setup Extract Encrypt

Decrypt

Digital signature

Setup Extract Encrypt

Decrypt

Solve external nod problems

Solve internal

nods problem

23

Encryption

24

Digital signature

25

Changes

The digital signature is incorporated into PREQ and PREP messages by adding two new fields : IBC-Mac Size (digital signature size : 1 Byte) and IBC-MAC (digital signature).

26

SimulationSoftware:NS3The side of the square cell is defined by m step (100m) parameter. We have used a UDP traffic, Packet Size=1024 and Packet Interval=0.1.Three metrics: Mean delay, control routing overhead and throughput.

27

Analysis

Calculation didn’t make any problem for

us

28

TOP(Type of protection)

Possible attacks in mesh networks

Nodes showing unintended behavior due to hardware or software failures: problems caused by such nodes should be solved by fault tolerance mechanisms instead of security mechanisms. Therefore, we will not consider such nodes within this work.

External malicious nodes, which are intentionally not allowed to join the network.

Internal malicious nodes, which legitimately are part of the network and show egoistic behavior or are compromised by an attacker. Egoistic behavior, e. g., intentionally dropping frames, aims at saving resources or gaining higher bandwidth. Attacks could be launched by dropping frames, by corrupting the routine

29

Mainly focus on three attacks

Selective forwarding—With this active attack, an internal malicious node intentionally drops frames of other nodes that actually should be forwarded by the malicious node. This attack may aim at disrupting a certain communication, a specific node, or just the communication of the wireless network.

Routing Attacks—Incase of routing attacks, an internal malicious node tries to influence the routing protocol in a way that incorrect forwarding paths are used. A wormhole attack [6], for example, aims at establishing a route to a victim node even if there are shorter routes. This enables gaining information of specific communications in the network or selectively forwarding frames.

30

Mainly focus on three attacks

Eavesdropping—If no cryptographic protection is applied within a wireless network, external and internal malicious nodes are able to eavesdrop on the traffic. If some protection like Robust Secure Network (RSN) [2] or IEEE 802.11s security mechanisms is present, INTERNAL ATTACKERS ARE STILL ABLE TO EAVESDROP ON ALL TRAFFIC THAT IS SENT WITHIN THEIR NEIGHBORHOOD. External attackers, however, are precluded from eavesdropping.

31

Concept of TOP

Main idea:Wireless mesh network can be as secure as VLAN in Ethernet network

VLANs allow for transport of different virtual networks over a single network by tagging the frames

32

Structure of TOP

33

TOP mapping

34

SimulationNS2

35

Ideas evaluation!1. Insert a hole in Mesh network?2. Broadcasting data in two ways time of money with

Global broadcasting and …3. Change from prime Galvani to binary Galvani? ((prime

Galvani has simplest and better performing in software vs. binary Galvani has better performance in special hardware due to in our wireless mesh network we should use prime Galvani))

4. Travel to secure protocol with less process consume ((bilinear map which is subroutine of discreet logarithm is most effectives strongest algorithm ))

5. Why we create SGN?6. Find Trojans with HMM and etc.7. What are NAN protocol and way we use them?

In field of creating loop and external nodes work is finished but the Trojans are alive to kill us and destroy our world; therefore, we should slaughter them as soon as possible.

36

References1. A survey of routing protocols for smart grid communications written by Nico Saputro, Kemal Akkaya, Suleyman Uludag2. Chapter 5: Smart Grid Communications Networks.ppt produced by Quang-Dung Ho and Tho Le-Ngoc;ECE Dept., McGill University, Montreal, Canada3. M.S. Islam, Y.J. Yoon, M.A. Hamid, C.S. Hong, A secure hybrid wireless mesh protocol for 802.11s mesh network,2008

4. T. Gamer, L.Vlker, M.Zitterbart, Differentiated security in wireless mesh networks, Security and Communication Networks 4 (2011) 257–266.5. On Securing HWMP using IBC(IEEE_05962921)6. Dr. Nikoghadam prsentation7. A New E-HWMP Routing Algorithm in Automatic Meter Reading Networks written by Li Li, Xiaoguang Hu and Ketai He, 20138.www.wikipedia.org

37

END