Routing Attacks For Ad hoc Networks - PowerPoint PPT Presentation

1 / 31
About This Presentation
Title:

Routing Attacks For Ad hoc Networks

Description:

Zhang: one-time signature on message chains ... Peer to Peer ( Resurrecting duckling) Re-keying issue. Efficient authentication and validation ... – PowerPoint PPT presentation

Number of Views:61
Avg rating:3.0/5.0
Slides: 32
Provided by: yianh
Category:

less

Transcript and Presenter's Notes

Title: Routing Attacks For Ad hoc Networks


1
Routing Attacks For Ad hoc Networks
  • CS 6262 Fall 02
  • (Wednesday, 10/23/2002)

2
Security Efforts
  • Perlman Digital Signatures against Byzantine
    failures
  • Murphy Signatures in advertisement
  • Kent BGP path verification
  • Smith Signatures in BGP
  • Smith Predecessor in DV protocols
  • Hauser Efficient Link-state updates
  • Zhang one-time signature on message chains
  • Goodrich leap-frog signature using secret key
    cryptography
  • Detection Cheung, Bradley, Wu

3
Outline
  • Revisit wired routing security
  • Mobile Ad hoc Networks
  • Classical MANET routing protocols
  • Attack examples
  • Security countermeasures

4
Link State Hash Chain (Hauser)
  • Partly remove the burden to use signature for
    every LSU (Link State Update)
  • Lamport hash chain
  • Generate a random R
  • Generate h(R), h2(R),hn-1(R),hn(R)
  • Present hash chain values one by one, reversely

5
Link State Hash Chain (cont.)
  • All routers agree on hash functions f, h
  • ALSU (anchored) Use signature, every other n
    LSUs or when link state changes
  • LSA, f(LSA)P, timestamp, hn(R), n
  • LSA, timestamp, hn(R), n, f(ALSU)P
  • CLSUi (chained)
  • LSA, hn-i(R)
  • ALSU Verification check signature
  • CLSU Verification h(hn-i(R))hn-i1(R)

6
Cellular Networks
  • Infrastructure dependent
  • High setup costs
  • Large setup time
  • Reliable

7
Some Wireless Applications
  • Cellular networks are not preferred if
  • Casual conferencing
  • low set-up time, cost preferred
  • Battlefield operations/disaster relief
  • infrastructure unavailable
  • Personal area networking
  • devices around the home/office

8
Mobile Ad hoc Networks
  • In Latin, ad hoc means for this, further
    meaning for this purpose only
  • Mobile hosts
  • No fixed infrastructure
  • Multi-hop routing

B
A
C
E
D
9
(No Transcript)
10
Sensor Networks
  • Networks of sensors
  • Randomly scattered in unreachable regions
  • Huge number and density
  • Limited lifetime and capacity
  • Ad hoc?
  • Mobile?

11
Route Change due to Mobility
12
Problems of Traditional Routing Algorithms
  • Dynamic of topology
  • frequent changes of connections, connection
    quality, participants
  • Limited performance of mobile systems
  • periodic updates of routing tables need energy
    without contributing to the transmission of user
    data, sleep modes difficult to realize
  • limited bandwidth of the system is reduced even
    more due to the exchange of routing information
  • Problem protocols have been designed for fixed
    networks with infrequent changes and typically
    assume symmetric links

13
Solutions
  • Clustered and hierarchical
  • On demand
  • Randomized and probabilistic
  • Directional or adaptive antenna
  • Location aided

14
Ad hoc Networks Vulnerabilities
  • Volatile network topologies
  • Power constrained operations
  • Limited physical security
  • Intrinsic mutual trust
  • Where to deploy firewall?

15
Security Elements
  • Confidentiality
  • Integrity
  • Authenticity
  • Availability
  • Order in the wired world?
  • Order in an ad hoc world?

16
Routing Protocols
  • Proactive (table driven) approaches
  • DSDV (destination sequenced distance vector),
    OLSR (optimized link state routing), CGSR
  • Reactive (on demand) approaches
  • DSR (dynamic source routing), AODV (ad-hoc
    on-demand distance vector), TORA
  • Hybrid approaches
  • ZRP (zone routing protocol)

17
Dynamic Source Routing (DSR)
  • On-demand
  • Utilize source routing
  • Discover a path
  • flooding RREQ till a node replies with RREP
  • only if a path for sending packets to a certain
    destination is needed and no path is currently
    available
  • Maintaining a path
  • explicit link breakage notification, RRER
  • only while the path is in use one has to make
    sure that it can be used continuously
  • No periodic updates needed!
  • Mobility of a node can break routes passing
    through it.

18
DSR Attacks
  • Incorrect forwarding or dropping
  • Use and/or advertise bogus source routes
  • Restrict from sending error messages


19
Attack Taxonomy
  • Internal vs. external
  • Active vs. passive
  • Routing disruption vs. resource consumption
  • Attack (m, n)
  • Single point
  • Colluded
  • Majority?

20
Typical attacks
  • Availability
  • Denial of Service
  • Black hole
  • Radio Jamming
  • Sleep deprivation torture
  • Battery Exhaustion

21
Typical attacks (cont.)
  • Wormhole
  • Private tunnel between a pair of attackers
  • Packets received in one end are played back in
    the other
  • Location exposure
  • Exact path to some destination or at least some
    clues (distance, direction, etc.)
  • Why especially harmful in ad hoc environment?

22
Security Countermeasures
  • Cryptographic approaches
  • Key management
  • Threshold cryptography
  • (Adaptive) Trust model
  • Regional trust
  • K-threshold trust
  • Role/level based trust
  • Peer to Peer ( Resurrecting duckling)
  • Re-keying issue
  • Efficient authentication and validation
  • Design new secure routing protocols or revise
    existing protocols

23
Non-Disclosure Method (NDM)
  • Try to solve location exposure problem
  • When a sender A wants to send a message M to the
    receiver B, the message is forwarded to the
    destination by using a route (A, SA1, ..., SAn,
    B)
  • M' E_SA1 (SA2, E_SA2(SA3, ...(SAn, E_SAn(B,
    M))))

24
Security Countermeasures (cont.)
  • It is impossible to build a perfect network
  • Unexpected events, bugs, etc.
  • Internal attacks
  • Tamper proof devices
  • Intrusion detection
  • Misuse pattern detection
  • Anomaly detection
  • Response
  • avoids routing packets through these nodes

25
Watchdog and Pathrater
  • Each node watches its neighbors
  • Increases counters on received packets, decreases
    them on sent packets
  • Also detects violation of integrity
  • Pathrater choose best paths from watchdog
    ratings
  • Only works for DSR

26
Bearing Grudges
  • Gene Selection for birds
  • Suckers
  • Cheats
  • Grudgers
  • What if only suckers and cheats?
  • What if all three groups coexist?
  • Assume cheats are the majority

27
IDS Architecture
  • Six conceptual parts
  • Data collection module
  • Gather local activity logs
  • Local detection engine
  • Uses local activity logs to ascertain if anomaly
    exists
  • Local response model
  • Triggers local actions such as alerting local
    users

28
IDS Architecture
  • Six conceptual parts (cont.)
  • Cooperative detection engine
  • Compiles broader data sets and initiates
    collaboration
  • Global response module
  • Coordinates intrusion response between
    neighboring nodes
  • Secure communication module
  • Establishes high-confidence communication channel
    between IDS agents

29
Cooperative IDS Architecture
30
Local IDS Agent (LIDS)
  • Data source
  • Local
  • Neighborhood
  • External
  • Methodology
  • Misuse Detection
  • Anomaly Detection
  • Problem
  • Incomplete information
  • Dynamic environment
  • Power consumption

31
Global IDS
  • Key idea deploy different level of LIDS on
    different nodes
  • Power efficiency
  • Quick convergence
  • Layered approach
  • Transient cluster based schemes
  • Select clusterhead and run LIDS on them
  • Hierarchy of clusters

32
Response
  • Alert
  • Local
  • Global
  • Automatic protective actions
  • Re-keying
  • Isolating malicious nodes
  • Re-authentication
  • Issues
  • Global investigation
  • Alert correlation
Write a Comment
User Comments (0)
About PowerShow.com