Dealing with Liars: Misbehavior Identification via R - PowerPoint PPT Presentation

1 / 25
About This Presentation
Title:

Dealing with Liars: Misbehavior Identification via R

Description:

Dealing with Liars: Misbehavior Identification via R nyi-Ulam Games William Kozma Jr., and Loukas Lazos Dept. of Electrical and Computer Engineering – PowerPoint PPT presentation

Number of Views:99
Avg rating:3.0/5.0
Slides: 26
Provided by: Louk1
Category:

less

Transcript and Presenter's Notes

Title: Dealing with Liars: Misbehavior Identification via R


1
Dealing with Liars Misbehavior Identification
via Rényi-Ulam Games
  • William Kozma Jr., and Loukas Lazos
  • Dept. of Electrical and Computer Engineering
  • University of Arizona

2
Routing in Ad Hoc Networks
  • Ad hoc networks lack a network infrastructure
  • Limited communication range
  • Nodes rely on multi-hop routes to communicate
  • Any node may act as a router

Routing implemented on the basis of
collaboration Implicit trust placed on
intermediate routers
3
Node Misbehavior
  • Nodes may be compromised physically or remotely
  • Sophisticated users - alter software/hardware of
    their device
  • Adversaries with intimate knowledge of node
    operation
  • One type of misbehavior is packet dropping
  • Selfishness Refuse to forward packets to
    conserve energy
  • Maliciousness Refuse to forward packets to
    degrade network performance

4
The Misbehavior Identification Problem
  • Given a path PSD from source S to destination D,
    identify misbehaving nodes that drop packets, in
    a resource efficient manner

5
Current Solutions
  • Acknowledgment-Based Schemes (e.g., 2ACK, Liu et.
    al., Byzantine fault detection, Awerbuch et. al.)
  • Packets acknowledged 2 hops or more upstream
  • Reputation-Based (e.g., CONFIDANT, , Buchegger
    et. al.)
  • Rely on message overhearing to verify forwarding
  • Credit-Based (e.g., Sprite, Zhong et. al.))
  • Provide incentive for a node to cooperate

D

n6
n2


n4
n5



S
n1
n3
All schemes incur overhead on a per-packet basis
6
Research Goal
  • Per-packet behavior evaluation is too expensive
    in
  • Energy (operating in promiscuous mode)
  • Performance (must observe instead of sleeping or
    communicating concurrently)
  • Communication (may consume more bandwidth)
  • Critical questions
  • Can we perform per-packet evaluation without
    per-packet monitoring (or very low per-packet
    overhead)?
  • What is the penalty we have to tradeoff?

7
Implicit Node Monitoring

Nodes record a proof of packets they
receive/forward Some nodes are audited to provide
proof of behaving Multiple proofs are combined to
identify misbehavior Use the honest to identify
the malicious
D
Audit Reply
n6
Audit Reply
n2
n4
Audit Request
Audit Request
n5
S
n1
n3
8
Analogy to Rényi-Ulam Games
The process of combining multiple audits to
identify a misbehaving node is analogous to
Rényi-Ulam games
  • Rényi-Ulam game the game of 20 questions
  • Questioner wins if ? is determined in at most q
    questions
  • Responder has a limited number of lies
  • Winning strategy a strategy that wins
    regardless of how lies occur

Search space
Responder
O 1, 2, ,n
?
Questioner
Secret Value ?
q
l
l
9
Misbehavior Identification as a Rényi-Ulam Game
  • Rényi-Ulam Game
  • Misbehaving Node Identification

? y ?
Questioner
Responder
Yes
Secret Value ? in O
Responder
?
S
D
Questioner
n1
n2
n3
n4
n5
Did you see packets X?
Question
Search Space
Yes Proof
Response
10
Types of Rényi-Ulam Games
  • Two questioning modes
  • Batch
  • Adaptive
  • Two types of questions
  • Cut questions
  • Membership questions

O 1, 2, 3, 4, 5, 6, 7, 8, 9, 10
O 1, 2, 3, 4, 5, 6, 7, 8, 9, 10
Goal Devise a strategy to always find ? in the
least number of questions
11
Implementing Cut Questions
  • Xi Set of packets forwarded by node ni
  • Is the misbehavior node upstream of audited node
    ni ( ? y )?
  • XS n Xi XS ni claims misbehavior occurs
    downstream (? y )
  • XS n Xi ltlt XS ni claims misbehavior occurs
    upstream (? y)

12
Adaptive Auditing with Cut Questions
  • Pelcs questioning strategy Pelc 89
  • Binary search requiring log2k questions
    determine value ?'
  • l questions on if ?' ? total of questions
    log2k l
  • Auditing Strategy
  • V PSD n1,,nk
  • XS n Xi XS V ni,,nk
  • XS n Xi ltlt XS V n1,,nk
  • Winning strategy q log2PSD 2 (M 1)
    audits

Misbehaving Link
13
Node Identification
  • One misbehaving node
  • Path division exclude nodes in turn
  • Path expansion add node to remove misbehaving
    link
  • Multiple misbehaving nodes
  • Identification process repeated M 1 times


na
14
How About Colluders?
  • Colluding nodes can cause incorrect convergence
  • To avoid framing n3, n4 are simultaneously
    audited
  • Since X3 n X4 X3, then M2
  • Partition PSD into PSn3, Pn4D search
    independently

3
4
15
Adaptive Auditing with Membership Questions
  • Dhagats questioning strategy Dhagat 92
  • Perform a binary-based search while checking for
    contradicting answers
  • Let Vi O 1,,k divide Vi into two equal
    subsets A 1,,k/2, B k/2,,k
  • Is ? ? A? then Vi1 A
  • Is ? ? B? then Vi1 B
  • Else contradiction among answers return to
    previous stage (Vi-1)
  • Winning strategy if q

16
Adaptive Auditing with Membership Questions
  • Membership questions constructed from two audits
  • Is nM ? A n1,,n4? implies X1 X4 ltlt
    X1
  • Auditing Strategy
  • V1 PSD n1,,nk A n1,,ni, B
    ni,,nk
  • If X1 n Xi ltlt X1, Vi1 A, else
  • If Xi n Xk ltlt Xi, Vi1 B, else
  • Return to previous stage if contradiction found
    (Vi-1)
  • Select a new ni to prevent repetitive lies
  • Worst case q 4 log2 (PSD) 2 (M 1)
    audits

U
?
17
Creating Audit Replies
  • Commit to a claim of a set of packets Xi
    received/forwarded
  • Bloom filters provide a compact representation of
    a membership set Xi

x
x
x

h1
h2
hk
1
1
1
18
Evaluating Responses (1)
  • Source sends audit request
  • Defines the duration and starting packet number
  • Audited node adds packets to its Bloom filter
  • Signs filter with its private key and sends it
    back to the source
  • Signed Bloom filter acts as a commitment to
    packets forwarded
  • Source computes

D
n6
X4
sig4(X4)
n2
n4
Audit Request
n5
S
n1
n3
Per packet evaluation without per-packet
overhead Only m-bit vector sent to source
19
Impact of Mobility
  • Addition/Removal of an honest node does not
    affect REAct
  • Misbehaving node added to PSD
  • Added to V as if there from start of search
  • Added outside of V as if two colluding nodes
    existed in PSD
  • Misbehaving node removed from PSD
  • Performance resumed

20
Performance Evaluation
  • Metrics of interest
  • Communication Overhead
  • Identification Delay
  • Compared our scheme to
  • CONFIDANT (reputation-based scheme)
  • 2ACK (acknowledgment-based scheme)
  • AWERBUCH (acknowledgment-based scheme)
  • For CONFIDANT, defined energy for overhearing as
    0.5 times the energy for transmission
  • For 2ACK, varied percent of packets acknowledged,
    p 1, 0.5, 0.1

21
Communication Overhead
22
Communication Overhead for 2 Misbehaving Nodes
23
Identification Delay
24
Communication Overhead for 1 Misbehaving Node
25
Communication Overhead as a Function of Audit Size
26
Identification Delay
27
Communication Overhead
28
Take Away Remarks
  • For resource-constrained networks, per-packet
    behavior evaluation is too resource demanding
  • We can trade identification delay for
    communication and energy efficiency
  • Showed a logarithmic increase in of transmitted
    messages with path size
  • Showed small increase in identification delay
    compared to savings
  • Differentiation of maliciousness from bad channel
    conditions, congestion and collisions is not yet
    clear (or an easy problem to solve)
Write a Comment
User Comments (0)
About PowerShow.com