1 survey presentation course: 60-564 fall 2004 ataul bari instructor: dr. a. k. aggarwal
Post on 21-Dec-2015
221 Views
Preview:
TRANSCRIPT
1
Survey Presentation
Course: 60-564
Fall 2004
Ataul BariInstructor: Dr. A. K. Aggarwal
2
Agenda
IntroductionIntroduction
The DSR ProtocolThe DSR Protocol
The SADSR ProtocolThe SADSR Protocol
The SERAN for Security The SERAN for Security EquipmentEquipment
Closing RemarksClosing Remarks
3
Papers Reviewed
Ghazizadeh, S.; Ilghami, O.; Sirin, E.; Yaman, F.; “Security-aware adaptive dynamic source routing protocol”, Local Computer Networks, 2002. Proceedings. LCN 2002. 27th Annual IEEE Conference on 6-8 Nov. 2002 Pages:751 – 760
Ben-Othman, J.; Xiaoyun Xue; “SERAN: a new protocol to hide an equipment in ad hoc networks”, Computers and Communication, 2003. (ISCC 2003). Proceedings. Eighth IEEE International Symposium on 30 June-3 July 2003 Pages:356 - 361 vol.1
4
Introduction
Wireless Networks Infrastructured Network
Consists of fixed and wired gateways Fixed base station (Access Point) Nodes can move geographically
Ad Hoc (or Infrastructureless) Network All nodes are mobile Nodes communicate with each other No centralized entity (base station, Access point) Nodes are routers
5
Infrastructured Network
6
Ad Hoc Networks
7
Characteristics
Contain a large number of nodes No pre-existing fixed network infrastructure Can be deployed rapidly Nodes can freely move aroundCreation and deletion of network linksDynamically variable topologies Bandwidth constrained links Energy constrained operation
8
The MANET Model
Nodes have fixed IDs (e.g. IP addresses)Wireless communication devices Nodes are powered with lightweight batteries
that have limited life Nodes have equal capability Identical communication devices. Nodes connectivity is not transitive
9
Routing in MANET
Challenging Unpredictable node mobility Dynamic topology variation Nature of wireless media
Types Flat Hierarchical Geo-assisted
Proactive and Reactive Protocols
10
Routing Protocols
11
Security in Ad Hoc Networks
Always a weak Point Inherent quality of wireless media Mobility of the nodes Lack of centralized entity
Security Requirements Availability, Confidentiality, Integrity,
Authentication and Non-Repudiation Threats
DoS, Impersonation, Byzantine Failure, Disclosure and Poor Physical Protection
12
The SADSR Protocol
Security-Aware Adaptive Dynamic Source Routing Protocol
Basic Idea Non-malicious node detects malicious nodes Non-malicious node Isolates malicious nodes
Goal is to Secure DSR Protocol
13
The DSR Protocol
Dynamic Source Routing Protocol Reactive (on-demand) Source-Routed Each node maintains route caches containing the
source routes Updates it whenever it learns about new routes two major phases
Route discovery Route maintenance
14
Route Discovery Contd..
On-DemandCheck Route Cache Initiates route discovery process
Broadcast a RREQ packet Includes Source & Destination Address Includes an unique ID May be replied by intermediate nodes May be replied by destination nodes
15
Route Discovery in DSR
Ref: Padmini Misra; “Routing Protocols for Ad Hoc Mobile Wireless Networks “ http://www.cse.ohio-state.edu/~jain/cis788-99/ftp/adhoc_routing/, 1999
16
Route Maintenance
Route Error Packet Fatal transmission problem at its data link layer Removes that hop from its route cache All routes included that particular hop are truncated
Acknowledgment packets Verify the correct operation of the route links
17
The SADSR
Secure DSR protocol by enhancing it Non-malicious nodes
Detect malicious node Isolate malicious node
Uses digital signatures to authenticate Asymmetric cryptography Keeps
Multiple routes for each destination A local trust value for each node in the network
Each path is assigned with a trust value
18
The Attackers
External attackers Inject erroneous routing information Replay previous routing messages Modify the valid routing information
Internal attackers Trusted at some point of time Not committed to their promises anymore Compromised by external attackers More difficult to detect Isolate affected nodes Pass traffic through special routes
19
Assumptions
Both External and Internal attackers exists Malicious nodes are relatively small All the connections are bidirectional public key crypto is used A secure CA in place All nodes know the public key of CA, Certificate issued on off line basis Certificate bounds a nodes IP with its
public key The certificate obtained from CA never
expires
uA
20
The SADSR Protocol
Three different stages Certificate Acquisition Multi-path Route Discovery Routing
21
Certificate Acquisition
Nodes obtain a certificate from CA Issued in an off-line process Certificates remain valid for entire lifetime Security problem ?
Networks is set up for a certain time onlyCertificate of node v
Nodes get public key of CA,
, ,rv A u v uC E A IP v
uA
22
Multi-path Route Discovery
Initiation of Route discovery processGenerate RREQ message Sign M
Appends, at the end of M, Encrypted hash value of M, Its certificate,
Broadcast M
rv
E H M
vC
, ,dM RREQ IP T
23
Multi-path Route Discovery Contd..
Intermediate node Checks if RREQ not too old Verifies each signature with a probability p Ensures its own signature is not in the sequence Count is less then [(Max. No. of route, m)/2] First RREQ msg. from a neighbor for same route Signs it message Re broadcast the message Entries are discarded after a predefined time, expT
24
Multi-path Route Discovery Contd..
Destination node Sets up a timer for the source node, S Begin to reply Replies all RREQ messages up to the number m Non node-disjoint paths
Use 50% probability to reply To ensure enough route in case of very few neighbor
Generate RREP message, Signs M, Unicast back to S, using same path of RREQ Intermediate nodes checks signature, signs, forwards Rest of RREQs are dropped after time
, ,..., ,d sM RREP IP IP T
expT
25
Routing – Basic Idea
Nodes locally calculate and keep trust value (TV) of the other nodes
Based on the observations it has made so far The trust values of the nodes in a path
Increase every time v successfully sends a message through that path,
Decrease if a message is lost or tampered with Possible as ACK sent through the same path
TV of a path is the product of TVs of its nodes For routing, paths with higher TV are preferred
26
Assignment of Trust Value
Each source node keeps track of The paths through which it has sent packets If it has received the acknowledgement through that path
for the corresponding message
Uses two counters for each v in a path, and The trustworthiness of v, Trustworthiness of a path
=
vx vy
vv
v v
xT
x y
1 2, , ,....., ,ns v v v d 2/1 i
nn
viT
27
Sending Data Packets
For sending a data packet, source node Chose a path randomly from available paths
s are likely to know m paths for d Chance of a path to be chosen is proportional to its trust
value
Appends a sequence number with the data packet Appends the chosen path with the data packet Signs the packet Sends through the chosen path
28
Sending Data Packets Cont’d…
Intermediate nodes Verify the signature of s with a probability p Then forward the packet
Destination node If data packet received through path, Generate an acknowledgement Signs M Sends M to s through the same path, P
Intermediate nodes verify signature, forward
1 2, , ,....,P s v v d
1
, ,....., , ,nv v s sM ACK IP IP IP q
29
Updating Trust Values
The source node s maintains a table of sequence numbers of packets sent the path used and a time stamp for time units
Receives a valid ACK Awards each node on that path Updates entries for each node on that path
Not -Receives a valid ACK after time Assumes that the packet is lost Punish each node on that path Updates entries for each node on that path
ackt
ackt
30
Intermediate Link Failure
fails to communicate with Generate a R.E.M. Signs it Sends it to s
The source node s, after receiving the M Locate and eliminate all path containing the link
kv 1kv
1
, ,....., , ,kv v s sM RERR IP IP IP q
1
,k kv vIP IP
31
Security Analysis
The possible attacks on DSR protocol Attacks on Route Discovery Attacks on Routing Fabrication of Route Error Messages Denial of Service Attacks
32
Attacks on Route Discovery Modification of source routes
content is changed? Detected by signature verification
Some or all node info dropped? No ACK can be reached to S
RREP modified? Not reached S or discarded there
Route cache poisoning Only the destination send back RREP No snooping for intermediate nodes
Not participating in route discovery Passive maliciousness, nothing can do
33
Attacks on Routing
In a Data Packet, may Modify Data
Signature verification fails, No ACK
Routes Not reach destination, No ACK
Dropping the Packets Dropped packet, no ACK Gradual isolation
34
False Route Error Msg. And DoS
Fabrication of Route Error Messages Node may lie that a link is broken Intermediate node do not snoop and update
Denial of Service Attacks Sending RREQs with Fake IDs
Node broadcast may RREQ after spoofing IP intermediate nodes will caught and get rid of some Rest will be caught at the destination, no RREP Still a successful attack can be made
Sending RREQs to a Fake Destination All intermediate nodes will sign and rebroadcast Currently nothing, but may be extended to keep TV for
each S
35
Experimental Results
36
Experimental Results
37
The SERAN
Security Equipment protocol in Routing in Ad hoc Networks
A node is given ability Use the ad hoc network but not provide resources Hide itself from the network
Possible application Conserving energy for critical node Isolate congested node
38
Basic Idea
Neighbouring nodes know each others at the MAC layer
The protected node, communicate with a neighbor
A new layer, SERAN, between the IP and the transport layer
seN
cN
39
Basic Idea Cont’d…
Node needs an IP address to communicate with others Dynamic IP address
Fixed IP addresses -> Normal node No IP addresses -> Invisible node
Use of “Smart Cards” Implementing DHCP in Smart Cards Every time there is a communication
The smart card assigns a IP address to Discards it after that session ended Next time, assigns a different IP address
Ref: http://www.acs.com.hk/smartcardoverview.asp
40
The Smart Card
41
The Communication in SEARAN Whenever there is an outgoing packet
Gets an IP address from the smart cards, pass the packet After passing through the network layer, the address is discarded the packet is uni-cast to including only the destination address in the
SERAN header The SERAN layer is capable of recognizing and sending the message to
the destination. The SERAN header includes the source MAC address to distinguish the
real source.
cN
42
The Communication in SEARAN Incoming packet in the MAC layer, the card checks
The header of the packet to see if the packet’s destination MAC address is its own
If the packet contains the broadcast address (255.255.255.255).
If any of these is true, then get a temporary IP address from the card and pass the packet to the IP layer.
The smart card is capable of decoding the header of the packets.
43
Evaluation of cN
44
Improvement
45
Advantages and Disadvantages
Advantages Can keep a node secret Protected node saves its energy Protected node can send and receive rapidly avoid “overflow routing table”, “sleep deprivation”
Disadvantages Bad influence for the global routing May reduce the number of multi-routes Selection of still remains as an issue cN
46
Conclusions
Security is a weak point in ad hoc networksThe SADSR protocol is proposed to secure
an existing protocol called DSRTests show that SADSR copes well in
presence of malicious nodes SERAN may be used to hide security
equipment in ad hoc networkFirst known approach using smart cardLooking forward to a secure ad hoc network
top related