Security in Mobile Ad Hoc Networks: Challenges and Solutions

Yang et. alUCLA Computer Science Dept.IEEE Wireless 2004

Outline

Motivation and background Attacks Network layer security

Secure routing Secure forwarding

Link layer security Conclusion

Motivation

MANETS recent popularity Self-configuration Self-maintenance

Challenges to security Open network architecture Shared medium Resource constraints Dynamic topology

Goals of MANET Security Protect network connectivity over

multi-hop wireless channels Link level solutions + network level

solutions Approaches

Proactive Reactive

Considerations Overhead versus performance

Attacks (Network Layer) Routing attacks

Attempt to “screw up” the others’ routing tables (remote effect)

Forwarding attacks Leave routing tables alone, but change

delivery of packets (local effect) Attack dependent on underlying

protocol Effects

Attacks (Link Layer)

Key attacks WEP

DoS attacks Manipulation of backoff interval Easy corruption of other’s data

Effects are compounded at higher layers

Solution Outline – A Multi-fence Security Solution

Challenges Distribution Involve multiple layers Attack awareness Completeness

Network Layer Security Overview

Message authentication primitives Secure routing Secure forwarding

Message Authentication Primitives

Message authentication code One-way hash function based on shared

key Send data + MAC Verified only by intended receiver Low computational overhead Storage requirement

O(n2) keys

Message Authentication Primitives

Digital signature Public key infrastructure w/ certificates Encrypt w/ private and decrypt w/ public Verified by all receivers High computational overhead Storage requirement

O(n) keys Certificate revocation lists

Less resilient to DoS attacks

Message Authentication Primitives One-way Hash-based Key Chain

Key chain generated by repeated application of MAC

Keys used in reverse order Verified by nodes w/ commitments Lower computational overhead Storage requirement

Buffer messages, key chains Delayed, lost keys

Extra communication and time synchronization Key revelation

Secure Routing

Usually proactive approach Authenticate source and routing

information Based on routing protocols

Source-based routing Distance vector routing Link state routing Others

Secure Source-based Routing

Append node ids to dynamically create routing path

Goal: Prevent intermediate nodes from altering routing list

End-to-end verification of nodes in paths

Example protocol (Adriadne) uses hash chaining technique

Secure Source-based Routing (2)

e.g. Ariadne (on DSR)

Secure Distance Vector Routing Advertise global shortest paths to

neighbor Based on a distance metric

Goal: ensure correct advertisement of distance metric and authentic sender

Authenticate aggregation of metric Unclear example in the paper that

used hash chain on hop count

Secure Link State Routing

Discover neighbors and broadcast that info to everyone

Links only added if bidirectional Nodes can collude

Goal: authenticate both neighbor discovery and neighbor broadcast

Example protocol (SLSP) uses digital signatures

Other Secure Routing Protocols Broadcast and reply like SBR

Difference route is constructed on the reply Goal: Authenticate link to link

One reply is sent back Possible sub-optimal path or failure

Other Secure Routing Protocols Broadcast both ways to provide redundancy

Improved path length Use of path metric

More communication and less computation

Secure Packet Forwarding

Prevention impossible Detection

Monitor neighbors Probe path (for failures)

Reaction Related to prevention mechanism Global End-host

Open Challenges Larger problem space

Thwart attacks but include failures, misconfigurations, and network overload

Intrusion toleration Make system robust in the presence of attacks

Larger solution space Supplement encryption with other mechanisms

(connectivity or route redundancy) Use redundancy on system and protocol

levels

Open Challenges Collaborative approach

Trust groups of nodes Multi-fence

Devices, layers, protocol stacks, solutions

Better analysis tools Performance tradeoffs Security tradeoffs Interaction of both

Conclusions

High level description of security issues in MANETS

Focused on network layer Especially routing

Proposed “resiliency-oriented” multi-layered solution design – increased fault tolerance in security systems

Called for better analysis models