denial of service resilience in ad hoc networks (mobicom 2004) imad aad, jean-pierre hubaux, and...
DESCRIPTION
3 Introduction Do ad hoc networks have sufficiently redundant paths and counter-DoS mechanisms to make DoS attacks largely ineffective? Or are there attack and system factors that can lead to devastating effects? Related Work Securing Routing Protocols Usage of Multiple Routes Securing Packet Forwarding Identification of the Attacking NodesTRANSCRIPT
![Page 1: Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward…](https://reader035.vdocuments.site/reader035/viewer/2022062911/5a4d1c027f8b9ab0599f001b/html5/thumbnails/1.jpg)
Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004)Imad Aad, Jean-Pierre Hubaux, and Edward W. Knightly
November 21th, 2006Jinkyu Lee
![Page 2: Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward…](https://reader035.vdocuments.site/reader035/viewer/2022062911/5a4d1c027f8b9ab0599f001b/html5/thumbnails/2.jpg)
2
Contents
• Introduction• DoS Attacks• Analytical Model• Assessment of Performance under DoS Attack• Conclusion
![Page 3: Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward…](https://reader035.vdocuments.site/reader035/viewer/2022062911/5a4d1c027f8b9ab0599f001b/html5/thumbnails/3.jpg)
3
Introduction
• Do ad hoc networks have sufficiently redundant paths and counter-DoS mechanisms to make DoS attacks largely ineffective?
• Or are there attack and system factors that can lead to devastating effects?
• Related WorkSecuring Routing Protocols
Usage of Multiple RoutesSecuring Packet Forwarding
Identification of the Attacking Nodes
![Page 4: Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward…](https://reader035.vdocuments.site/reader035/viewer/2022062911/5a4d1c027f8b9ab0599f001b/html5/thumbnails/4.jpg)
4
Introduction
• Goal of the paper
– To quantify via analytical models and simulation experiments the damage that a successful attacker (using DoS attack) can have on the performance of an ad hoc network
![Page 5: Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward…](https://reader035.vdocuments.site/reader035/viewer/2022062911/5a4d1c027f8b9ab0599f001b/html5/thumbnails/5.jpg)
5
DoS Attacks
• System Model– To ensure node authentication– To ensure message authentication– To ensure one identity per node– To prevent control plane misbehavior (query floods,
rushing attacks …)
![Page 6: Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward…](https://reader035.vdocuments.site/reader035/viewer/2022062911/5a4d1c027f8b9ab0599f001b/html5/thumbnails/6.jpg)
6
DoS Attacks
• Jellyfish Attack
– Target• Closed-loop flows (such as TCP)
– Protocol compliance• To obey routing and forwarding protocol
specification– Malicious behaviors
• Reorder attack• Periodic dropping attack• Delay variance attack
![Page 7: Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward…](https://reader035.vdocuments.site/reader035/viewer/2022062911/5a4d1c027f8b9ab0599f001b/html5/thumbnails/7.jpg)
7
DoS Attacks
• Impact of Jellyfish Reorder Attack
![Page 8: Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward…](https://reader035.vdocuments.site/reader035/viewer/2022062911/5a4d1c027f8b9ab0599f001b/html5/thumbnails/8.jpg)
8
DoS Attacks
• Impact of Jellyfish Drop Attack
![Page 9: Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward…](https://reader035.vdocuments.site/reader035/viewer/2022062911/5a4d1c027f8b9ab0599f001b/html5/thumbnails/9.jpg)
9
DoS Attacks
• Impact of Jellyfish Jitter Attack
![Page 10: Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward…](https://reader035.vdocuments.site/reader035/viewer/2022062911/5a4d1c027f8b9ab0599f001b/html5/thumbnails/10.jpg)
10
DoS Attacks
• Black Hole Attacks
– Target• Flows that are not congestion
controlled– Protocol compliance
• To obey routing and forwarding protocol specification
– Malicious behaviors• To absorb all data packets
– Hard to detect
![Page 11: Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward…](https://reader035.vdocuments.site/reader035/viewer/2022062911/5a4d1c027f8b9ab0599f001b/html5/thumbnails/11.jpg)
11
DoS Attacks
• Misbehavior Diagnosis – Fail!– Detection of MAC layer failure
• Cross-layer design in DSR– Passive acknowledgement (PACK)
• Watchdog– Layer 4 endpoint detection
• Hard to detect the malicious node
• Victim Response– To establish an alternate path– To employ multi-path routing– To establish backup routes
![Page 12: Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward…](https://reader035.vdocuments.site/reader035/viewer/2022062911/5a4d1c027f8b9ab0599f001b/html5/thumbnails/12.jpg)
12
Analytical Model
• # of total nodes: N• # of Jellyfish or Black hole nodes: pN
![Page 13: Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward…](https://reader035.vdocuments.site/reader035/viewer/2022062911/5a4d1c027f8b9ab0599f001b/html5/thumbnails/13.jpg)
13
Assessment of Performance under DoS Attack
• Methodology– System Fairness
– Number of Hops for Received Packets
– Total System Throughput
– Probability of interception
![Page 14: Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward…](https://reader035.vdocuments.site/reader035/viewer/2022062911/5a4d1c027f8b9ab0599f001b/html5/thumbnails/14.jpg)
14
Assessment of Performance under DoS Attack
• Baseline– 200 nodes– 2000m X 2000m– Random movement (Max velocity: 10m/s, pausing for
10s on average)– IEEE 802.11 MAC (transmission range: 250m)– 100 nodes communicate with each other (50 flows)– Jellyfish nodes are placed in grid
![Page 15: Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward…](https://reader035.vdocuments.site/reader035/viewer/2022062911/5a4d1c027f8b9ab0599f001b/html5/thumbnails/15.jpg)
15
Assessment of Performance under DoS Attack
• Distribution of the Number of Hops for Received Packets
![Page 16: Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward…](https://reader035.vdocuments.site/reader035/viewer/2022062911/5a4d1c027f8b9ab0599f001b/html5/thumbnails/16.jpg)
16
Assessment of Performance under DoS Attack
• Fairness Index for the Baseline Case
![Page 17: Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward…](https://reader035.vdocuments.site/reader035/viewer/2022062911/5a4d1c027f8b9ab0599f001b/html5/thumbnails/17.jpg)
17
Assessment of Performance under DoS Attack
• Average Number of Hops for Received Packets
![Page 18: Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward…](https://reader035.vdocuments.site/reader035/viewer/2022062911/5a4d1c027f8b9ab0599f001b/html5/thumbnails/18.jpg)
18
Assessment of Performance under DoS Attack
• Offered Load and TCP
1234
3
2
14
1234
1
23
4
![Page 19: Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward…](https://reader035.vdocuments.site/reader035/viewer/2022062911/5a4d1c027f8b9ab0599f001b/html5/thumbnails/19.jpg)
19
Assessment of Performance under DoS Attack
• Extensive Simulations
– Jellyfish Placement– Mobility– Node Density– System Size
![Page 20: Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward…](https://reader035.vdocuments.site/reader035/viewer/2022062911/5a4d1c027f8b9ab0599f001b/html5/thumbnails/20.jpg)
20
Conclusion
• This is the first paper to quantify DoS effects on ad hoc networks– DoS increases capacity, but blocks long flows– DoS decreses fairness– Throughput is not enough to measure DoS impacts