Attacks on and Security Measures for Ad Hoc Wireless Networks

1
Attacks on and Security Measures for Ad Hoc
Wireless Networks

• Adapted from the AAAS 05 panel presentation by
  Markus Jakobsson Panos Papadimitratos
  Adrian Perrig XiaoFeng Wang Susanne Wetzel

2
Wireless Networks
A
E
3
Hybrid Ad Hoc Wireless Networks
B
D
C
A
E
F
G
H
4
Ad Hoc Wireless Networks
B
D
C
A
E
F
G
H
5
Ad Hoc Wireless Networks
B
D
C
A
E
F
G
H
6
Ad Hoc Wireless Networks contd

• Motivation
• Easy to deploy
• Less dependency on infrastructure
• Highly dynamic topology (nodes forward traffic on
  behalf of other nodes)
• Numerous applications

7
Applications of Ad Hoc Networks
Military Operations
Search and Rescue Operations
8
Ad Hoc Wireless Networks contd

• Challenges
• Limited wireless transmission range
• Broadcast nature
• Increased packet loss
• Mobility-induced route changes
• Resource constraints
• Security

9
Routing
EE 1
ED 2 EF 2
B
D
EC 3
EE 1
C
A
E
F
G
EA 4
H
10
Routing
EE 1
ED 2 EF 2 EG 2
B
D
EC 3 EG 2
EE 1
C
A
E
F
EG 2
G
EE 1
EA 3
H
G advertises new route to E
11
Routing
EE 1
ED 2 EF 2 EG 2
B
D
EC 3 EG 2
EE 1
C
A
E
F
EG
G
EE 1
EA 4
H
G loses connection to E
12
Stealth Attack
EE 1
ED 2 EF 2 EA 3
B
EC 3 EB 2
D
EE 1
EB 2
C
A
E
F
EA 3
G
EA 3
H
B lies to A about route to E
13
Stealth Attack
EE 1
ED 2 EF 2 EA 3
B
EC 3 EB 2
D
EE 1
C
A
E
F
EC 4 EA 3
G
EA 3
H
B impersonates D and F to C, says loses
connection to E
14
What is so stealthy?

• Privacy Attacks are untraceable due to lack of
  authentication.
• Low effort Incorrect information is propagated
  by others.
• .. And if there were authentication, then this
  would make DoS attacks very easy these could be
  used to disconnect, too.
• More details at www.stealth-attacks.info

15
Why attack?

• Disconnect victims (terrorist or criminal
  disconnects law enforcement)
• Overload victims (DoS of other peoples
  traffic!)
• Selectively hijack traffic to perform
  man-in-the-middle (for espionage and phishing)

Since we cant eradicate routing attacks, we
need to address the above problems!
16
Focus man-in-the-middle attacks
I am pkDevil
I am pkDevil
pkBob
pkAlice
The attacker forwards and replaces
information Result becomes Alice to Bob, and
vice versa
17
Focus man-in-the-middle attacks
I am pwdAlice
I am
pwdAlice
Attacker obtains password of victim Result
becomes Bank to Alice and vice versa
18
Man-in-the-middle not so easy to defend against

• Maher, U. S. patent 5,450,493
• Bluetooth standard

Fails can find keys ahead of time that cause
match Details at www.markus-jakobsson.com/i400/lec
ture4.ppt
Fails verification leaks secret
information Details in Jakobsson-Wetzel 2001
19
Preventing man-in-the-middleVisualization of a
solution
-2
-8
1
9
1
-5
-9
8
3
7
-8
1
9
-5
3
20
Data Communication
Route to A
Route to E
B
D
C
E
A
F
G
H
21
Data Communication (contd)
Message for E
B
D
C
E
A
F
G
H
22
Data Communication (contd)
B
D
C
E
A
F
H
23
Secure Communication Two-Phase Process

• Phase 1 Secure the discovery of routes
• Phase 2 Secure the data transmission

24
Focus on Phase 2 Secure Message Transmission

• Goal Reliable and low-delay data delivery
• Detect and avoid compromised and failing routes
• Tolerate malicious and benign faults
• Assumption The two communicating parties (A and
  E) have set up a shared key
• No man-in-the-middle attack

25
SMT Use Multiple Paths
Route 1 Route 2 Route 3
B
D
C
E
A
F
G
H
Details on Secure Message Transmission www.smt-pr
otocol.info
26
SMT Disperse Data
1
1
2
2
3
Introduce redundancy to the original message

?
?
m-1
n-2
m
n-3
Original message
n
27
SMT Disperse Data (contd)
1
1
2
3
3

?
?
n-2
n-2
Reconstruct message if any m-out-of-n pieces
are intact
n
n-3
n
28
SMT Transmit Simultaneously Across the
Available Routes
Sending n3 E needs m2
B
D
C
E
A
F
Received m pieces!
G
H
29
SMT Get Feedback
Route 1
Route 2
B
D
Route 3
C
E
A
F
Tell A which pieces were intact
G
H
30
SMT Reliable and Real-Time Communication in
Hostile Environments

• Secure Routing Only
• Secure Routing Secure Message Transmission

93 message delivery without retransmissions
Reliability
35 message delivery
Attacker Strength
50 of the network nodes are attacking
31
Who Threatens Ad Hoc Networks?
Why should I forward your messages?
Selfish player
Your misery is my happiness
Enemy
32
How to Counter such Threats?

• Game theory
• Study selfish or malicious players strategies
• Seek best play when opponents are smart
• Mechanism design theory
• Design a game
• Make cooperation the best strategies for all

33
How Difficult is it to Cooperate?

• What are the moves benefiting everyone?
• What is the smart move?
• maximize ones interests given others smart
  moves (equilibrium)
• So, not cooperating is the smart move for
  everyone

B forwards As traffic
B drops As traffic
A drops Bs traffic
A forwards Bs traffic
34
Break the Dilemma

• Tit-for-Tat strategy could lead to a long-term
  cooperation if game repeats
• Otherwise, reputation may help

35
Design a Cooperation Mechanism Payment

• Sender pays forwarding node 2
• Cooperation becomes a common interest !

B drops As traffic
B forwards As traffic
A drops Bs traffic
A forwards Bs traffic
36
Consider Enemies

• Enemys interests are diametric to defenders
  interests
• Strategies in rock-paper-scissors game
• Any fixed choice is beaten by another

rock
scissors
paper
B
A
rock
paper
scissors
37
Defense Game
Strategies invasion DoS
Strategies light defense strong defense

• The defender might randomize its strategy to
  confuse enemy

38
Game Theory in Cooperative Networks?

• Sensor network is cooperative, but
• Enemy may capture some sensors
• Do not completely trust others
• The best moves of enemies?
• Friend-or-foe, how likely?
• ? choose a smart move

39
Another way to defend against man-in-the-middle
Visual Hash Functions

• Input seed for pseudo-random number generator
• Computation generate random mathematical
  expression and evaluate for each pixel
• Output Random Art image

40
Visual Hash for Secure Key Setup

• Two users perform Diffie-Hellman key agreement
  and compare visual hashes of images
• Different images reveal Man-in-the-Middle attack!
• Hash Visualization a New Technique to Improve
  Real-World Security Perrig and Song, Cryptec
  1999

41
(No Transcript)
42
Secure Routing Protocol SEAD

• SEAD Secure Efficient Ad hoc Distance vector
  routing protocol
• SEAD prevents attacker from claiming a shorter
  distance, prevents distance fraud
• Uses very efficient one-way functions
• 10,000 times faster than a digital signature

C0