security of wireless ad-hoc networks
DESCRIPTION
Security of wireless ad-hoc networks. Outline. Properties of Ad-Hoc network Security Challenges MANET vs. Traditional Routing Why traditional routing protocols not suitable for MANET networks? Routing protocols for MANET Nodes misbehave Routing Security Schemes. - PowerPoint PPT PresentationTRANSCRIPT
Security of wireless ad-hoc networks
Outline
• Properties of Ad-Hoc network• Security Challenges• MANET vs. Traditional Routing• Why traditional routing protocols not
suitable for MANET networks?• Routing protocols for MANET• Nodes misbehave• Routing Security Schemes
Properties of Ad-Hoc network (1)
• No fixed topology• Each node is a router• Limited energy• Limited CPU and other resources• Transient connectivity and availability• Shared physical medium• Identity different from address• Physical vulnerability• Lack of central administration
Properties of Ad-Hoc network (2)
• Where Ad hoc network – Installing an infrastructure is not possible– The network is too transient– The infrastructure was destroyed
• Throughput
Security Challenges
• Confidentiality– Encryption and access control with authentication
• Integrity– Also require cryptographic keys
• Availability• Results in two fundamental problem
– Trust establishment, key management and membership control
– Network availability and routing security
MANET vs. Traditional Routing (1)
• Every node is potentially a router in a MANET, while most nodes in traditional wired networks do not route packets
• Topologies are dynamic in MANETs due to mobile nodes, but are relatively static in traditional networks
• MANET topologies tend to have many more redundant links than traditional networks
MANET vs. Traditional Routing (2)
• A MANET router typically has a single interface, while a traditional router has an interface for each network to which it connects
• Power efficiency is an issue in MANETs, while it is normally not an issue in traditional networks
• Low bandwidth links, high bit error rates, frequent changes in network topology, battery-powered devices with limited transmitter power
Why traditional routing protocols not suitable for MANET networks?
• MANETs are usually highly dynamic.
• No pre-existing infrastructure.
• No centralized administration.
• Dynamic topologies.
• Energy-constrained nodes.
• Limited physical security.
Routing protocols for MANET
• IETF MANET working group• Categories
– Proactive=Periodic topology updates– Reactive=On-demand driven protocol– Hierarchial
• Protocols– DSR (draft), FSR, DSDV, TORA, ZRP, AODV
(RFC 3561), OLSR (RFC 3626), TBRPF (RFC 3684)
Nodes misbehave
• Overloaded
• Selfish
• Malicious
• broken
Solutions to misbehaving node
• A priori trust relationship
• Forsake or isolate these nodes form within the actual routing protocol for the network
• Install extra facilities in the network to detect and mitigate routing misbehavior
Routing Security Schemes
• Watchdog and Pathrater
• SEAD
• SRP
Watchdog and pathrater
• Two extensions to the Dynamic Source Routing (DSR) to help mitigate routing failures and attacks in ad-hoc networks
• Watchdog: identifies misbehaving nodes
• Pathrater: avoids routing packets through these nodes
DSR
• Route discovery
Source May receive many ROUTE REPLY
DSR (cont.)
• Route maintenance– Handles link breaks
A BS D
Link break notify
1. Try another path2. Do a route discovery
B moves out of transmission range of A
Link break occurred
Watchdog
Packet in buffer = packet overheard
Packet in the buffer
removed
Remained in the buffer and timeoutWatchdog increases a failure for the node
Match
Not Match
Exceeds a thresholdSends a message to the source notifying it of the misbehaving node
YesNo
Pathrater
• Run be each node in the network
• Rating for every other node
• Path metric• If multiple paths
– Highest metric
A node rates itself 1;assign know nodes a
“ neutral” rating if 0.5.
Rating >=0.8
Link breakRating -=0.05
Rating +=0.01/200ms
Yes
No
Yes
No
Watchdog’s weaknesses
• Ambiguous collisions
• Receiver collisions
• False misbehavior
• Partial dropping
Ambiguous/receiver collisions
• Ambiguous– Prevents A from
overhearing transmissions from B
– If repeatedly fails to detect B forwarding on packets, then A assume B misbehaving
• Receiver– B could be selfish or
malicious (wastes resource)
False misbehavior
• Nodes falsely report other nodes as misbehaving
A BS D
P P P
F
1. S mark B as misbehaving
AA
A
2. S wonder why received replied
1. If A drops Ack Packet
2. B detects this misbehavior and reports it to D
Partial dropping
• A node can circumvent the watchdog by dropping packets at a lower rate than the watchdog's configured minimum misbehavior threshold.
NIST BSAR
pros and cons