secure communication in cellular and ad hoc environments
DESCRIPTION
Secure communication in cellular and ad hoc environments. Bharat Bhargava [email protected] Department of Computer Sciences, Purdue University This is supported by Motorola Communication Research Lab & National Science Foundation. Team at Motorola: Jeff Bonta George Calcev - PowerPoint PPT PresentationTRANSCRIPT
Secure communication in cellular and ad hoc environments
Bharat Bhargava
Department of Computer Sciences,
Purdue University
This is supported by Motorola Communication Research Lab & National Science Foundation
Team at Motorola:Jeff Bonta George CalcevBenetido Fouseca Trefor Delve
Team at Purdue University:X. Wu Research scientist (receives his
PhD from UC-Davis)Y. Lu PhD studentG. Ding PhD studentW. Wang PhD student
3
Problem statement
How to provide secure, continuous, and efficient connectivity for a mobile unit in a structured (cellular based) or unstructured (ad hoc) network environment?
4
Challenges• Dynamic topology
– Movement, node failure, etc.
• Heterogeneous and decentralized control
• Limited resources– Bandwidth, processing ability, energy
• Unfriendly environment– Selfish nodes, malicious attackers
5
Research contributions
• Combining advantages of cellular systems and ad hoc networks to enable a more secure network structure and better performance
• Designing routing protocols for ad hoc networks that adapt to both network topology and traffic congestion
• Designing intruder identification protocols in ad hoc networks
• Conducting experimental studies in heterogeneous wireless environments and evaluating our protocols
6
Research directions
• Cellular-aided Mobile Ad Hoc Network (CAMA)
• Adaptive and Heterogeneous Mobile Wireless Networks
• Intruder Identification in Ad Hoc Networks
Cellular-aided Mobile Ad Hoc Network (CAMA)
8
CAMA: Problem Statement
How to realize commercial peer-to-peer applications over mobile wireless ad hoc networks?
Papers: “Integrating Heterogeneous Wireless Technologies: Cellular-Aided Mobile Wireless Ad hoc Networks (CAMA)”, submitted to ACM Special Issues of the Journal on Special Topics in Mobile Networking and Applicaitons (MONET).
9
Challenges• Authentication and accounting
– No fixed membership
• Security concern – Open medium without any centralized control
• Real time services– Dynamic topology and slow routing
information distribution
10
Current Environment
Cellular network provides:
• Wide coverage
• Multiple services with single cellular ID
• Small packet service in 3G network
• Wireless terminals with different protocols
11
CAMA Description
• Integration of cellular network and ad hoc network
• CAMA agent works as centralized server attached to the cellular network
• CAMA agent provides ad hoc nodes information such as authentication, routing support, keys through cellular channel
• Data transmission uses ad hoc channel
12
CAMA Environment
13
Major Ideas
• Use signals via cellular network for ad hoc routing and security managements
• Centralized CAMA agent provides control over distributed ad hoc network
14
CAMA vs. ad hoc networkCAMA has advantages over pure ad hoc networks in:• Simple network authentication and
accounting• Routing server for more accurate routing
decisions• Certification authority for key distribution• Central security check point for intrusion
detection
15
CAMA vs. cellular/WLAN
CAMA has advantages over cellular/WLAN
integrated network in:
• No extra fixed infrastructure– No access point needed
• No ad hoc channel radio coverage limit– Multi-hop ad hoc link
• No transmission bottleneck – Not all traffic need going through a single node
16
Impact
• Cellular service combined with low-cost, high-data-rate wireless service
17
Research Questions
• Feasibilities in commercial applications requires:– Development of routing algorithm and
protocols for multimedia service– Investigation of CAMA vulnerabilities– Development of security protocols for key
distribution and intrusion detection– Evaluation of gain in ad hoc network– Evaluation of overhead in cellular network
18
Methodology of Research• Building algorithms and protocols• Developing bench marks and performance metrics
on multi-media service• Conducting experimental studies
– Using ns-2
– Using common platform simulator from Motorola Inc.
• Comparing with ad hoc routing protocols– Ad hoc on-demand distance vector routing (AODV)
– Destination source routing (DSR)
19
Research of Interest to Motorola • Evaluating CAMA routing in realistic simulation
environment:– Radio environment
• Adaptive data rate determined by signal-noise-ratio (SNR)– Node mobility
• Exponentially distributed speed– Node density
• 400 users/sq.km to 14800 users/sq.km – Traffic pattern
• VoIP, TCP, Video– Inaccurate position information
• Error of 5m to 100m
20
Research of Interest to Motorola (ctn.)
• Authentication– By CAMA agent– By mobile nodes
• Accounting– Charging rate– Award to intermediate nodes
21
Research of Interest to Motorola (ctn.)
• Key assignment– Group key assignment
• For entire ad hoc network
• For nodes along an active route
– Session key assignment• For peer-to-peer communication
22
Research of Interest to Motorola (ctn.)
• Intrusion detection– Information collection
• Information for different intrusions
– Malicious judging rule• Quick malicious node elimination vs. probability of
wrong judgment
• Detection cost vs. gain
Adaptive and Heterogeneous Mobile Wireless Networks
24
Problem statement
How to provide continuous connectivity for a mobile unit to a network in which every node is moving?
Papers:“Secure Wireless Network with Movable Base Stations”, being revised for IEICE/IEEE Joint Special Issue on Assurance Systems and Networks.
“Study of Distance Vector Routing Protocols for Mobile Ad Hoc Networks”, in Proceedings of IEEE International Conference on Pervasive Computing and Communications (PerCom), 2003.
25
Challenges• Dynamic topology
– Movement, node failure, energy problem, etc.
• Decentralized control
• Limited bandwidth– Congestion is typically the norm rather than the
exception. [RFC 2501]
26
Research contributions• Routing protocols for mobile ad hoc
networks that adapt to not only network topology, but also traffic and congestion.
• Architecture, design of protocols, and experimental evaluation in heterogeneous wireless environments
27
Broad impacts
• Military networks
• Sensor networks
28
Two network environments considered
• Mobile ad hoc networks– No centralized control
• Large scale heterogeneous wireless networks with control in base stations– Wireless networks with movable base stations
(WNMBS)
29
Research questions in mobile ad hoc networks
• Development of ad hoc routing protocols that adapt to traffic load and network congestion.– Identify the network parameters that impact the
performance of routing protocols.
– Determine the appropriateness of on-demand and proactive approaches (given specific routing requirements and network parameters).
– Identify features of ad hoc networks that can be used to improve routing.
30
Related work (routing protocol)• Destination-Sequenced Distance Vector (DSDV) [Perkins/Bhagwat,
SigComm’94] (Nokia)• Ad-hoc On-demand Distance Vector (AODV) [Perkins/Royer/Das,
WMCSA’99, IETF draft 98-03] (Nokia, UCSB, SUNY-Stony Brook)• Dynamic Source Routing (DSR) [Johnson/Maltz, Mobile Computing’96,
IETF draft 03] (Rice Univ., CMU)• Zone Routing Protocol (ZRP) [Haas/Pearlman/Samar, ICUPC’97, IETF
draft 99-02] (Cornell)• Adaptive Distance Vector (ADV) [Boppana/Konduru, InfoCom’01] (UT-
San Antonio)• Source-Tree Adaptive Routing (STAR) [Garcia-Luna-Aceves/Spohn,
MONET’01] (UCSC, Nokia)• Associativity-Based Routing (ABR) [Toh, Wireless Personal
Communications Journal’97] (Cambridge Univ.)• Ad-hoc On-demand Multipath Distance Vector (AOMDV) [Marina/Das,
ICNP’01] (Univ. of Cincinnati)
31
Related work (cont’d)Protocol Approach Routing information
usesAdditional information
DSDV Proactive Distance Vector
DSR On-demand Source routing
AODV On-demand Distance Vector
ZRP Hybrid Distance Vector
ADV Hybrid Distance Vector
STAR Proactive Link State
ABR On-demand Distance Vector Associativity
AOMDV On-demand Distance Vector Multipath
32
Related work (performance comparison)
• Comparison of DSDV, TORA, AODV and DSR [Broch/Maltz/Johnson/Hu/Jetcheva, MobiCom’98] (CMU)
• Scenario-based performance analysis of DSDV, AODV, and DSR [Johansson/Larsson/Hedman/Mielczarek/Degermark, MobiCom’99] (Ericsson)
• Performance comparison of AODV and DSR [Perkins/Royer/Das/Marine, IEEE Personal Communications’01]
33
Methodology of research
• Developing benchmarks and performance metrics for routing protocols
• Conducting experimental studies– Determine guidelines for design– Evaluate protocols
• Building algorithms and protocols
34
Ongoing research
• Study of proactive and on-demand approaches
• Congestion-aware distance vector routing protocol
• Packet loss study
35
Research study
• Investigate the proactive and on-demand approaches– Generalize the results obtained from protocols to the
proactive and on-demand approaches
– Introduce power consumption as a performance metric
– Inject heavy traffic load
– Identify the major causes for packet drop
– Comprehensively study in various network environments
• Propose a congestion-aware routing protocol
36
• DSDV and AODV are studied by varying network environment parameters– Node mobility (maximum moving speed)– Traffic load (number of connections)– Network size (number of mobile nodes)
• Performance metrics – Packet delivery ratio – Average end-to-end delay – Normalized protocol overhead– Normalized power consumption
Simulation experiments
37
Simulation setup for experiments
Simulator ns-2
Examined protocols DSDV and AODV
Simulation duration 1000 seconds
Simulation area 1000 m x 1000 m
Transmission range 250 m
Movement model Random waypoint
Maximum speed 4 – 24 m/s
Traffic type CBR (UDP)
Data payload 512 bytes/packet
Packet rate 4 packets/sec
Node pause time 10 seconds
Bandwidth 1 Mb/s
38
• The proactive protocols provide better support for:– Applications requiring QoS
• Timely propagate network conditions
– Intrusion and anomaly detection• Constantly exchange the network topology information
• The proactive approach exhibits better scalability with respect to the number of mobile nodes and traffic load.
Motivation for a new proactive protocol
39
Proposed protocol: Congestion Aware Distance Vector (CADV)
• Problem with the proactive approach– Congestion
• Objective:– Dynamically detect congestion and route packets through less-
crowded paths
• Method:– Characterize congestion and traffic load by using expected delay.
– Consider expected delay at the next hop as the secondary metric to make routing decisions.
– Allow a one-hop longer route to be chosen.
– Use destination sequence number to avoid loop.
40
Design issues
• Use MAC layer callback to detect broken link– Quick detection
– More triggered updates
– Whether re-queue a packet
• Allowing a one-hop longer route– A one-hop shorter route may not replace the current one if it
introduces significantly more delay.
– To avoid short-lived loop, do not replace the current route with a longer one if they have the same sequence number.
• Deal with fluctuation– Use randomness in routing decisions to reduce fluctuation
41
CADV
• Components:– Real time traffic monitor– Traffic control– Route maintenance module
• Route update:– When broadcasts an update, every node advertises the expected
delay of sending a packet as:
• Route maintenance– Apply a function f(E[D], distance) to evaluate the value of a route
Ln
DDE i][
42
• CADV outperforms AODV and DSDV in terms of delivery ratio
• The end-to-end delay becomes longer because longer routers may be chosen to forward packets
• The protocol overhead of CADV is doubled compared with that of DSDV. It is still less than that of AODV when the network is loaded
• CADV consumes less power per delivered packet than DSDV and AODV do
Observations of CADV
43
Characteristics of wireless networks with movable base stations
• Large scale
• Heterogeneity
• Autonomous sub-nets
• Base stations have more resources
• Base stations take more responsibilities
44
Research questions• How to organize the network?
– Minimize the effect of motion– Minimize the involvement of mobile host
• How to build routing protocol?– IP-compliant– Cooperate with various intra-subnet routing protocols
• How to secure communications?– Authenticate– Maintain authentication when a host is roaming
45
Related work• Integrating ad hoc and cellular
– Mobile-Assisted Connection-Admission (MACA) [Wu/Mukherjee/Chan, GlobeCom’00] (UC-Davis)
– Integrated Cellular and Ad-hoc Relaying (iCAR) [Wu/Qiao/De/Tonguz, JSAC’01] (SUNY-Buffalo)
– Multihop Cellular Networks (MCN) [Lin/Hsu, InfoCom’00] (Taiwan)
• Mobile base station– Distributed, dynamic channel allocation [Nesargi/Prakash, IEEE
Transactions on Vehicular Technology’02] (UT-Dallas)
• Hierarchical structure– Multimedia support for Mobile Wireless Networks (MMWN)
[Ramanathan/Steenstrup, MONET’98] (BBN Technologies)– Clustering scheme for hierarchical control in multi-hop wireless
networks [Banerjee/Khuller, InfoCom’01] (UMD)
46
Methodology of research
• Building architecture, developing algorithms and protocols– Membership management– Inter-subnet routing– Intra- and inter-subnet authentication
• Evaluation through experiments
47
Research results
• Hierarchical mobile wireless network (HMWN)– Hierarchical membership management scheme– Segmented membership-based group routing
protocol– Protection of network infrastructure– Secure roaming and fault-tolerant
authentication
48
Future research plan
• Develop congestion avoidance routing protocol for ad hoc networks.
• Conduct experiments to study the effect of implementing congestion avoidance at different layers.
• Conduct a series of experiments to evaluate HMWN.