1 無線隨用群播網路安全 (ad-hoc wireless multicasting network security) 主講人 :...
TRANSCRIPT
![Page 1: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/1.jpg)
1
無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security)
主講人 : 賴溪松國立成功大學計算機與網路中心主任
暨電機工程系教授
2004.11.12
![Page 2: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/2.jpg)
2
Outline Introduction of Mobile Ad hoc Networks
(MANET) Challenges and Attacks Solutions From Ad hoc Network to RFID Open problems
![Page 3: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/3.jpg)
3
Introduction of wired and wireless networks (1)
Wired networks Fixed network topology and routing infrastructure Enough network resources High reliability and low packets loss ratio Routing protocols update periodically such as Link-
State (global) and Distance Vector (local) Wireless networks
Access Point Limited bandwidth Median reliability and packets loss ratio Others the same with wired network
![Page 4: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/4.jpg)
4
Introduction of wired and wireless networks (2) Mobile Ad hoc network
Research in the 1970s with DARPA PRNet and the SURAN projects
Formed by the engagement of mobile nodes and without using a pre-existing infrastructure
Routes between nodes may contain multiple hops Dynamic topology and limited resources
Sensor network A type of Ad hoc network A powerful node : clusterhead Other powerless nodes : sensors
![Page 5: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/5.jpg)
5
Mobile Ad Hoc Networks Environment
About 50~100 nodes for ad hoc network, 1000~10000 nodes for sensor network
Transmission range is 250m for a node (sensor 30m) Bandwidth is 2 Mbps
Usually need to traverse multiple links to reach a destination
Mobility causes route changes
![Page 6: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/6.jpg)
6
Why need Ad Hoc Networks ? Ease of deployment Speed of deployment Decreased dependence on infrastructure
![Page 7: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/7.jpg)
7
Many Applications Personal area networking
cell phone, laptop, ear phone, wrist watch Military environments
soldiers, tanks, planes Civilian environments
taxi cab network, meeting rooms, sports stadiums, boats, small aircraft
Emergency operations search-and-rescue, policing and fire fighting
![Page 8: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/8.jpg)
8
Microcosmic Variations Fully Symmetric Environment
all nodes have identical capabilities and responsibilities
Differ Capabilities transmission ranges and radios battery life at different nodes processing capacity speed of movement only some nodes may route packets some nodes may act as leaders of nearby
nodes (e.g., clusterhead)
![Page 9: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/9.jpg)
9
Cosmic Variations Traffic characteristics may differ in different
ad hoc networks bit rate reliability requirements unicast / multicast / geocast
May co-exist (and co-operate) with an infrastructure-based network
![Page 10: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/10.jpg)
10
Unicast, Multicast and Broadcast Unicast
One to one Traditional application
FTP, telnet, http Multicast
One to many, many to many or many to one Difficult to perform security
Join or leave Traditional application
Audio/video conferencing, sharing of text/images Broadcast
One to all Traditional application
Online TV/Radio
![Page 11: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/11.jpg)
11
Ad hoc Routing Protocols Why not use existing protocols ?
Node mobility link failure / repair repeatedly Rate of link failure / repair ∝ movement
New protocol criteria must satisfy route stability despite mobility energy consumption
Flooding based routing Unicast, Multicast routing protocols
![Page 12: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/12.jpg)
12
Flooding Based Routing (1) Broadcasting a control packet
Used to discover routes An example :
S wants to transmits packet P to D
Represents that connected nodes are within each other’s transmission range
B
A
S EF
H
J
D
C
G
IK
Z
Y
M
N
L
![Page 13: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/13.jpg)
13
Flooding Based Routing (2)
B
A
S E
F
H
J
D
C
G
IK
Represents transmission of packet P
Represents a node that receives packet P forthe first time
Z
YBroadcast transmission
M
N
L
![Page 14: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/14.jpg)
14
Flooding Based Routing (3)
B
A
S E
F
H
J
D
C
G
IK
Collision problem 1: receive 2 or more same packets simultaneously, e.g. H,SCollision problem 2: receive a packet that have been received, e.g. S,E,C
Z
Y
M
N
L
![Page 15: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/15.jpg)
15
Flooding Based Routing (4)
B
A
S E
F
H
J
D
C
G
IK
Collision problem : B, C, I
Z
Y
M
N
L
![Page 16: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/16.jpg)
16
Flooding Based Routing (5)
B
A
S E
F
H
J
D
C
G
IK
Z
Y
M
Hidden problem: For example : B, C & H J, K & D
N
L
![Page 17: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/17.jpg)
17
Flooding Based Routing (6)
B
A
S E
F
H
J
D
C
G
IK
Z
Y
Node D does not forward packet P( intended destination )
M
N
L
![Page 18: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/18.jpg)
18
Flooding Based Routing (7)
B
A
S E
F
H
J
D
C
G
IK
• Flooding completed
• Unreachable Nodes: 1. Unlinked nodes: Z, Y 2. Behind Destination node: N
Z
Y
M
N
L
![Page 19: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/19.jpg)
19
Flooding Based Routing (8)
B
A
S E
F
H
J
D
C
G
IK
Characteristic : too many reachable nodes due to dynamic route
Z
Y
M
N
L
![Page 20: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/20.jpg)
20
Challenges Limited wireless transmission range Broadcast nature of the wireless medium
Hidden terminal problem
Packet losses due to transmission errors Mobility-induced route changes and packet losses Battery constraints Potentially frequent network partitions
![Page 21: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/21.jpg)
21
Security Challenges Passive attack : does not disrupt the operation of the
protocol, but tries to discover valuable information by listening to traffic
Eavesdropping Active attacks : injects arbitrary packets and tries to
disrupt the operation of the protocol1. Modification of routing information
a. Redirection by changing the route sequence numberb. Redirection with modified hop countc. Denial of Service (DoS) attacks with modified source routes
2. Impersonation of routing information3. Fabrication routing information4. Dropping routing information5. Denial of Service
![Page 22: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/22.jpg)
22
1. Redirection by changing the route sequence number (1) A wants to communicate with D Node A will broadcast a message asking the better
path to reach the node D The best path is chosen depending on the metric of
the different routes If an intruder replies with the shortest path, it inserts
itself in the network
Node A Node B Node DNode C
![Page 23: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/23.jpg)
23
An intruder listens node C announcing to node B its route metric
The intruder announces to node B a smallest metric to reach D
B deletes its path with node C and replaces it with the intruder path
Figure 3.2
Node A Node B
Node DNode C
Intruder
1. Redirection by changing the route sequence number (2)
![Page 24: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/24.jpg)
24
The node C announces to B a path with a metric value of one The intruder announces to B a path with a metric value of one
too B decides which path is the best by looking into the hop count
value of each route
Node A Node B Node DNode C
Intruder
Metric 1 and 3 hops
Metric 1 and 1 hop
2. Redirection with modified hop count (1)
![Page 25: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/25.jpg)
25
The path with the malicious node is chosen according to the hop count value.
The new figure is illustrated below:
Node A Node B
Node DNode C
Intruder
2. Redirection with modified hop count (2)
![Page 26: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/26.jpg)
26
A malicious node is inserted in the network thanks to one of the previous technique.
The malicious node changes packet headers it receives
The packets will not reach the destination The transmission is aborted The following figure illustrates DoS attacks
3. Denial of Service (DoS) attacks with modified source routes (1)
![Page 27: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/27.jpg)
27
Node A Node B Node DNode CIntruder I
Intruder I decapsulates packets, change the header:
A-B-I-C-E
Node A sends packets with header: (route cache to reach node E)
A-B-I-C-D-E
Node C has no direct route with E, also the packets are dropped
Node E
3. Denial of Service (DoS) attacks with modified source routes (2)
![Page 28: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/28.jpg)
28
Impersonation of routing information (1)
Forming loops by spoofing MAC address Malicious node M can listen all nodes Node M first changes its MAC address to the MAC
address of node A Node M moves closer to node B than node A is, and
stays out of range of node A Node M announces node B a shorter path to reach X
than the node D gives
A
B
C
D E X
M
![Page 29: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/29.jpg)
29
Node B changes its path to reach X Packets will be sent first to node A Node M moves closer to node D than node B is, and
stays out of range of node B Node M announces node D a shorter path to reach X
than the node E gives
A
B
C
D E X
M
Impersonation of routing information (2)
![Page 30: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/30.jpg)
30
Node D changes its path to reach X Packets will be sent first to node B X is now unreachable because of the loop formed
A
B
C
D E X
M
Impersonation of routing information (3)
![Page 31: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/31.jpg)
31
Fabrication of routing information1. Falsifying route error messages
A malicious node can usurp the identity of another node and send error messages to the others to let the victim node be isolated
2. Corrupting routing state An attacker can easily broadcast a message with a
spoofed IP address such as the other nodes add this new route to reach a special node
3. Routing table overflow attack An attacker can send in the network a lot of route to
non-existent nodes until overwhelm the protocol
![Page 32: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/32.jpg)
32
Fabrication of routing information (cont.)4. Replay attack
An attacker sends old advertisements to a node which always update its routing table with stale routes
5. Black hole or worm hole attack Black hole attack
An attacker advertises a zero metric route for all destinations and all the nodes around it will route packets towards it
Worm hole attack An attacker records packets at one location in the network,
and tunnels them to another location
![Page 33: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/33.jpg)
33
Dropping routing information A malicious node just drops a routing packets
that it received The influence on normal networking is less Unless the position of a malicious node is on
single path
![Page 34: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/34.jpg)
34
Security issues summary A lot of different threats for the ad-hoc routing
protocols A new routing protocol should be created
respecting the following rules Focus first on the topology discovery rather than the
data forwarding Able to detect a malicious node and react in
consequence
![Page 35: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/35.jpg)
35
Solutions to problems in ad-hoc routing
Protocol enhancements Secure protocols Intrusion detection for Ad hoc network
![Page 36: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/36.jpg)
36
Protocol enhancements Techniques to enhance security of
existing routing protocols 3 Examples:
Security-Aware ad-hoc Routing, SAR Secure Routing Protocol, SRP The Selfish Node, TSN
![Page 37: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/37.jpg)
37
Secure protocols Instead of extending current protocols,
create new protocols with higher security requirements
Two examples Authenticated Routing for Ad-hoc Networks,
ARAN Secure Position Aided Ad hoc Routing,
SPAAR
![Page 38: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/38.jpg)
38
Intrusion Detection [Zhang00Mobicom]
Detection of abnormal routing table updates Uses “training” data to determine characteristics of normal
routing table updates Efficacy of this approach is not evaluated, and is debatable
Similar abnormal behavior may be detected at other protocol layers For instance, at the Media Access Control (MAC) layer, normal behavior may be characterized for access patterns by various hosts
Abnormal behavior may indicate intrusion Solutions proposed in [Zhang00Mobicom] are
preliminary, not enough detail provided
![Page 39: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/39.jpg)
39
Preventing Traffic Analysis [Jiang00iaas,Jiang00tech]
Even with encryption, an eavesdropper may be able to identify the traffic pattern in the network
Traffic patterns can give away information about the mode of operation Attack versus retreat
Traffic analysis can be prevented by presenting “constant” traffic pattern independent of the underlying operational mode May need insertion of dummy traffic to achieve this
![Page 40: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/40.jpg)
40
From Ad hoc network to RFID In a mall, it is impossible to connect every readers by
wiring. So, the architecture of readers is the same as ad hoc
network. Besides, due to the hardware constraint, we should
sum up the items by back-end system and compare with the value of shopping car.
Because of the architecture, there are also some problems in RFID system.
Modification Impersonation Fabrication Dropping
![Page 41: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/41.jpg)
41
From Ad hoc network to RFID (cont.)
DoS In a mall, an attacker can achieve DoS attack
by interfering the RFID readers which are wireless connected.
Let the item information cannot reach to the back-end system.
Let the back-end system crush by sending readers error messages.
![Page 42: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/42.jpg)
42
From Ad hoc network to RFID (cont.)
Reader
Reader
ReaderBack-end system
Routing path
Tag
Tag
Attacker
RedirctionDropping
A lot of error messages
(DoS)
![Page 43: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/43.jpg)
43
Summary Different environments require different
solutions Different requirements depending on
situation Available infrastructure?
Solutions exist, but all have drawbacks, one has to decide which security aspects are most important
Confidentiality? Availability? Throughput?
![Page 44: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/44.jpg)
44
Security How can I trust you to forward my packets
without tampering? Need to be able to detect tampering
How do I know you are what you claim to be ? Authentication issues Hard to guarantee access to a certification authority
Open Problems (1)
![Page 45: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/45.jpg)
45
Open Problems (2) Other issues received much less attention
Other interesting problems: Address assignment problem Media Access Control (MAC) protocols Improving interaction between protocol layers Distributed algorithms for MANET QoS issues Applications for MANET
![Page 46: 1 無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security) 主講人 : 賴溪松 國立成功大學計算機與網路中心主任 暨電機工程系教授 2004.11.12](https://reader035.vdocuments.site/reader035/viewer/2022081503/56649f035503460f94c1773c/html5/thumbnails/46.jpg)
46
Q & A
Thanks for your attention !