Security in Mobile Systems

1
Security in Mobile Systems

• Vineeth Subramanyam
• Computer Engg Computer Science
• University of Missouri-Columbia
• http//www.missouri.edu/c697168/academics/Paper.p
  df

2
Goals of Secure Computing

• Confidentiality - prevent unauthorized access
• Integrity - no modification of existing info
• Availability - guarantee access
• Legitimacy - only to authorized entities
• Accountability - entities held responsible

3
Problem Levels Approach

• Detecting a security problem
• Analysis of the problem
• Learning from the problem

• Prevention of an attack
• Detection of an attack
• Post-action (what is done after the attack)

4
Mobile IP

• Home Agent, Foreign Agent, Care-of-address
• IP address (static)
• network layer routing
• transport layer TCP connections
• Address Translation Unit (mobile)

5
Special issues in mobility

• Mobility of users hosts
• global authentication
• adaptive routing
• Resource poor clients
• asymmetry
• Wireless network
• high error rate/low BW
• disconnection(s)
• eavesdropping

• To consider
• Reduced message-exchange
• Authentication schemes
• too much burden on the mobile client
• Route Optimization

6
Sample Protocol

• M-gtR M,RK-H,H, message K-MR
• R-gtH above message K-RH, R
• H-gtR R,H,M,KMRK-RH
• R-gtM challengeK-MR
• M-gtR response K-MR

7
Need for another scheme

• 5 steps executed for every authentication and
  always routed through Home?
• Mobile client generates session-keys each time it
  moves
• Server computes the keys again!
• Rouge servers and black-hole routers

8
Static Environment
Client
Server
Mobile Environment
Proxy
Client
Server
Wireless Link
9
MSS
MSS
Keys are generated with neighbors
MSS
Sent as single msg to client
MH
MSS
10
Proposed Approach

• Transfer the burden to the MSS
• The MSS communicates with each neighbor
• Single message exchange with client
• Knowledge of key sufficient to authenticate
• Eliminates problem of rouge server by inductive
  reasoning

11
Intrusion Detection

• Anomaly Detection
• Learning a users profile
• updating the profile
• abnormal behavior may not be intrusive
• system can be trained to pass off intrusive
  behavior as normal!

• Misuse Detection
• Expert Systems
• Model-based Systems
• State-Transition Analysis
• Key-stroke monitoring
• only looks for a fixed set of intrusions
• faster

12
Intrusions in the Static case

• Pattern Recognition (COAST Group, Purdue
  University)
• state transition diagrams
• guard at each state should be satisfied
• e.g., TCP connection establishment involves a
  three-way handshake.

13
Intrusions in the MOBILE case

• Multiple agents are needed to monitor the network
• Active networks - communicating agents
• Send program(s) in addition to data packets