Cross-layer Analysis for detecting Wireless Misbehavior - PowerPoint PPT Presentation

About This Presentation
Title:

Cross-layer Analysis for detecting Wireless Misbehavior

Description:

Reliability of information. Security Issues. Wireless communication ... and Communications Conference -- Workshop on Information Assurance , April 2004 ... – PowerPoint PPT presentation

Number of Views:136
Avg rating:3.0/5.0
Slides: 18
Provided by: anandpat
Category:

less

Transcript and Presenter's Notes

Title: Cross-layer Analysis for detecting Wireless Misbehavior


1
Cross-layer Analysis for detecting Wireless
Misbehavior
Anand Patwardhan Ph.D Candidate eBiquity
Group Computer Science and Electrical Engineering
Department
October 19, 2005
2
Securing MANETs
  • Security for resources
  • Malicious behavior (Activity monitoring)
  • Misuse (Resource protection)
  • Response/recourse (Accountability)
  • Trust in other resources
  • Dependence on recommendations (Identities and
    Reputations)
  • Reliability of information

3
Security Issues
  • Wireless communication
  • Short range (802.11, Bluetooth etc.)
  • Open medium
  • Identification and Authentication
  • PKI based solutions infeasible
  • No prior trust relationships
  • Routing
  • Based on dynamic cooperative peer relations
  • Key to survival of MANET
  • Device constraints
  • Power Conservation
  • Finite Storage
  • Computation power

4
Intrusion Detection Challenges
  • Identity
  • Use SUCVs
  • Mobility, congestion, radio interference
  • False positives
  • Scalability
  • Large radio-ranges or dense networks
  • Aggregation of data
  • Communicate intrusions data to warn others

5
Packet Forwarding
6
Stateful Packet Monitoring
7
Threats
  • MAC/PHY level attacks
  • RTS, CTS attacks gain unfair share of
    bandwidth, disruption
  • Routing attacks
  • gray holes, black holes, worm holes
  • Attacks on data traffic
  • Dropping, mangling or injecting data packets
  • Trustworthiness of resources, reliability of
    information
  • Identities, reputations, trust evolution

8
MAC vulnerabilities
  • Wireless Misbehavior
  • MAC protocols have no inbuilt mechanism to
    prevent unfair contention resolution
  • Adversaries can
  • gain unfair share of bandwidth
  • temporarily stall parts of the network, affect
    the routing process
  • Prevention
  • Misbehavior-resilient backoff for contention
    resolution
  • Challenges and shortcomings
  • Require core MAC protocol to be changed
  • Colluding adversaries can still subvert the
    scheme

9
Related Work
  • Proposed approaches
  • Game theoretic models
  • Incentives for fair-sharing
  • Misbehavior resistant MAC contention
  • Drawbacks
  • Colluding adversaries can subvert these schemes
  • Require changing core MAC protocol
  • Inefficient
  • Cannot prevent jamming

10
Sophisticated attacks
  • Classical attacks are easy to detect using
    thresholds
  • Packet dropping, mangling,misrouting etc.
  • To evade detection attacker must stay under the
    detection threshold (insignificant disruption)
  • However more sophisticated attacks are possible
  • Launching attacks at multiple levels, e.g.
    Combining RTS attacks and packet drops
  • Any single attack signature might not suffice for
    detection
  • Observations on a single layer in isolation will
    be inconclusive

11
Intrusion Detection challenges
  • Classifying intrusions
  • Threshold based
  • False positives mobility, environmental
    conditions, limited radio range, short period of
    observations
  • Increase accuracy and efficiency by
  • Incorporate factors like mobility, congestion and
    distance in classifying intrusions
  • Use signal strengths, response times to judge
    distance
  • Monitor media contention and incoming traffic to
    judge congestion

12
Cross-layer Analysis
Trust evolution, reputation management, recourse
Intrusion Detection
Application
Commendations Accusations (to other devices)
Packet dropping, Mangling, injection
Transport
Routing attacks, disruptions
Link
Unfair contention, Jamming
MAC/PHY
Response
13
Neighbor table size
14
True positives (no RTS attack)
15
True positives (RTS attack)
16
Goodput with RTS attacks
17
References
  • Jim Parker et al., Cross Layer Analysis for
    Detecting Wireless Misbehavior, Proceedings of
    CCNC 2006
  • Anand Patwardhan et al., "Active Collaborations
    for Trustworthy Data Management in Ad Hoc
    Networks", Proceedings of the 2nd IEEE
    International Conference on Mobile Ad-Hoc and
    Sensor Systems, November 2005
  • Anand Patwardhan et al., "Secure Routing and
    Intrusion Detection in Ad Hoc Networks",
    Proceedings of the 3rd International Conference
    on Pervasive Computing and Communications, March
    2005
  • Jim Parker et al., "On Intrusion Detection in
    Mobile Ad Hoc Networks", 23rd IEEE International
    Performance Computing and Communications
    Conference -- Workshop on Information Assurance ,
    April 2004
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Cross-layer Analysis for detecting Wireless Misbehavior" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!