Transcript Mobile Ad hoc Network Security

Single-hop and Multi-hop
MANET Security
S. Srinivasan
Professor of CIS
University of Louisville
Louisville, Kentucky, USA
1
Outline
•
•
•
•
Mobile Ad hoc Network (MANET)
Single-hop Networks
Multi-hop Networks
Current models:
– Denial of Service (DoS)
– Selfish node
– Routing
• Our research
• Open research areas involving MANET
2
MANET
•
•
•
•
•
MANET is a temporary network
No central server
Infrastructure-free
Comparison with wired network
Trust establishment
3
MANET Diagram
Wireless network
HA
Wired
internet
FA
M2
M1
M3
Ad hoc network
M4
4
MANET Security
• Principal aspects are:
– Confidentiality
– Integrity
• Vulnerabilities are:
– Malicious nodes
– Covert channels
– Eavesdroppers
5
Single-hop Networks
• Base Station (BS) plays a critical role
• BS is involved in communication with
every Mobile Node (MN)
• BS takes care of channel assignment for
RTS (Request To Send) and CTS (Clear
To Send) packets
• Usual MAC protocol is slotted ALOHA
(GSM uses this for access requests)
6
Single-hop Networks
MN4
MN1
MN3
BS
MN2
7
Single-hop Networks
• Usually 7 frequencies are reused
• Neighboring cells use different frequencies
• Within each cell dedicated single channels
are used for each direction of traffic
8
Multi-hop Networks
• Extends coverage area of single-hop
networks
• Mobile node to mobile node connections
allowed
• More demands placed on MAC protocols
than single-hop networks
• Multi-hop networks can provide
connection-oriented service by partitioning
available bandwidth to multiple channels
9
Multi-hop Networks
MN6
MN3
MN5
MN4
MN1
BS
MN2
10
Multi-hop Networks
M
N
4
M
N
8
M
N
3
M
N
7
Wired link
M
N
1
B
S
M
N
2
M
N
5
B
S
M
N
6
11
Multi-hop Networks
• Common protocols used are the Floor
Acquisition Multiple Access (FAMA) class
of protocols
• 802.11 DCF (Distributed Coordination
Function) protocol is very cost effective
and mature. This is actually a CSMA/CA.
• Typically the transmission range of a
mobile device is not a constraint but the
traffic a cell can support is
12
Multi-hop Networks
• Policy of not reusing a channel in adjacent cells
works in single-hop networks
• In multi-hop networks, sharing of data and
control channel in the entire service area is
preferable
• Benefits of multi-hop networks over single-hop
networks are:
– robustness
– higher bandwidth availability
– spatial reuse
13
Multi-hop Networks
• Robustness comes from not having a single path
such as via an Access Point (AP)
• Example: email
• Bandwidth is higher at shorter range
• Less power is required to transmit over shorter
distances
• Since multiple paths exist to the network over
multiple nodes, there is no bottleneck of an AP
14
Current Models
• Denial of Service (DoS)
– Malicious nodes and selfish nodes cause DoS
• Yi et al (2002) discuss Mobile Certification
Authority (MOCA) protocol for MANETs
using PKI
• MOCA distributes Certificate Authority
functionality to selected nodes based on
trust
15
Current Models
• Avoine et al (2002) discuss their fair key
exchange model called Guardian Angel
• Uses probabilistic techniques without any
trusted third party for key exchange
16
Current Models
• Selfish nodes
• Buttyan et al (2003) show using simulation how
selfish nodes fail to participate in packet
forwarding
• Buttyan study shows that every node spends
80% of energy for packet forwarding
• A nuglet counter is used here to keep track of
selfish node behavior. It is a tamper resistant
hardware security module attached to a node.
Detects selfishness in packet forwarding.
17
Current Models
• Nuglet counter is decreased when it originates a
packet and increased when it forwards a packet
• Nodes that participate in the ad hoc network
must maintain a positive nuglet counter
• If n is the number of intermediate nodes to the
destination, then the originator can send the
packet if its nuglet counter is >= n. In that case
the nuglet counter is decreased by n.
Otherwise, the node cannot send its packet
• When the node forwards one packet for others
then its nuglet counter is increased by one
18
Current Models
• Michiardi et al (2002) have developed the CORE
(Collaborative Reputation) model for monitoring
behavior of neighboring nodes for selfish behavior
• Each node monitors the behavior of neighboring
nodes for a specific function. If performance matches
expected behavior then observation is positive.
• One node sends a probing message to a node one
hop away. If the message is acknowledged within the
timeout period then the neighbor did the forwarding.
• Lack of positive values would result in node getting
isolated
19
Current Models
• How selfish behavior is detected:
– Each node selects a backoff value in the range
[0, CW] where CW is contention window duration
– When channel is idle, the backoff counter is
decremented by one after every time slot
– Counter is frozen when channel is busy
– Misbehaving nodes attempt to choose a backoff value
in the range [0, CW/4] thereby they get quicker
access to the bus
– This is controlled by the receiver monitoring the
sender behavior by assigning a backoff value to
sender
20
Current Models
• Routing
• Main methods are:
– AODV (Ad hoc On-demand Distance Vector)
– DSDV (Destination Sequenced Distance
Vector)
– AODV is a reactive protocol
– DSDV is a proactive protocol
– DSDV maintains a dynamic routing table at all
times
21
Current Models
• Yang et al, ACM conf., 2002, have developed a
unified method called Self Organized Security
(SOS) scheme using AODV method
• SOS does not assume any prior trust
arrangement among nodes
• Each node in the network needs a token to
participate
• Tokens have expiration time stamp
• Well-behaving nodes gain longer time duration
before renewal
22
Taxonomy
Author
Main Focus
Research
method
Contribution
Software
Results
Yi
Secure
routing
simulation
Secure Aware
routing metric,
Secure routing
protocol
Avoine
Fair key
exchange
analytical
Probabilistic
fair exchange
protocol
without third
parties
Cryptographic
key exchange
without trusted
third parties
Buttyan
Node
cooperation in
packet
forwarding
simulation
Packet
C++
forwarding
Tamper
resistant
security
module, robust
packet
forwarding
Michiardi
Selfishness in
MANET
nodes
simulation
Detect selfish
behavior through
ns2
Lack of
packet
forwarding
Routing and
packet
forwarding
simulation
ns2
Prevents
DOS attacks
in network
layer
Yang
ns2
collaboration
Proactively
isolate
malicious
nodes
Secure
AODV,
secure route
discovery
23
Our Research
• We are pursuing four different research
threads
• Development of Threshold Index (TI) using
fuzzy logic
• X = { xi } is a sample space of significant
parameters (e.g., packets lost, number of
collisions)
• A = { (xi, µj(xi)), xi ε X } where µj is the
grade of membership of xi
24
Our Research
m
Σ wj yj
j=1
TI = --------------------------m
Σ wj
j=1
where yj denotes the output value (weight)
associated with the particular rule in the fuzzy
set. Weight wj is min(µj(NC), µj(PL))
25
Our Research
• Rule strength wj = min(µj (xi)) where
i ε {1, 2, …, n} and n is the number of input
metrics for each rule
• Given k membership values, m = kn
• A sample fuzzy relation is shown next
• In the example, we use the weights to be
1, 5 or 9 based on the firing rule
corresponding to small, medium or large
26
Fuzzy Relation
1
Small
Medium
Large
µ(x)
-20
0
20
40
60
Number of packets lost
27
Example
Rule#(j)
µj(NC)
µj(PL)
Wt. (yj)
1
2
3
4
5
6
7
8
9
0
0
0
0
0
0
1
1
1
0
0
0.5
0
0
0.5
0
0
0.5
1
1
5
1
5
9
5
9
9
RuleStrength
(wj)
0
0
0
0
0
0
0
0
0.5
wjyj
0
0
0
0
0
0
0
0
4.5
28
Our Research
• TI is used to classify the threat faced by
mobile nodes.
• Classifications used are normal, uncertain
and vulnerable
• Extensive simulation using ns2 software
has been done
• Currently we are in the process of testing
the scenarios using specialized hardware
29
Our Research
• A second thread of research involving
MANETs deals with multi-hop networks as
opposed to single-hop networks
• Multi-hop networks involve not only
laptops but also PDAs and cell phones
• Trust aspects play a key role identifying
nodes for inclusion in the network
30
Our Research
• One work is based on a general security control
for a multi-hop network
• This is aimed at preventing attacks on paging
and registration, also forging Foreign Agent (FA)
• Uses mobile IP security (provides continuous
connectivity for mobile hosts)
• One protection method is to require all MNs to
register
• Authenticate MN, FA, HA as a unit
• Allow only authenticated nodes to be in the
multi-hop route
31
Our Research
• Another work is based on secured macro/micromobility protocol for multi-hop cellular IP
• Macro-mobility refers to support between local
domains for mobility of MNs
• Micro-mobility refers to support within a local
domain for mobility of MNs
• Multi-hop paging cache is used to maintain
location of MNs
• Multi-hop routing cache is used to maintain
multi-hop routes
32
Multi-hop Heterogeneous Network
Home/Foreign Agent (HA/FA)
AP
BS2
Internet
BS1
AP
CN
1
2
3
Multi Hop
AP: Access Point
BS: Base Station
Co-located BS and AP Area
CN: Correspondent Node
MN: Mobile Node
33
Simulation Result
P denotes a prime number indicating the number of bits used for
encryption in the elliptic curve cryptosystem
Macro-mobility delay (second)
Macro-mobility delay
0.6
0.55
0.5
0.45
0.4
0.35
0.3
0.25
0.2
0.15
0.1
0.05
0
Micro-mobility without security
Secured Macro-mobility with P = 163
Secured Macro-mobility with P = 175
1
2
3
Number of hops from MS to BS
4
34
Our Research
• A third line of research involves mobility
management
• Mobility management involves knowing
what nodes are allowable in a network at a
given time
• A fourth thread of research involves
traceback of nodes. This will help in
identifying malicious nodes.
35
Open Research areas in MANET
• MOCA method could be extended to browsing
neighboring nodes’ routing tables. Goal is to
find multiple routes. This will help in avoiding
flooding attacks.
• CORE method does not address attacks from
active intruders. Nuglet counter could be better
utilized for mutual provision of information
services
• Guardian Angel method could be extended to
include DoS or routing attacks
36
Open Research areas in Multi-hop
Networks
• Studies are available based on routing or
selfish-node behavior that involve AODV
(Ad hoc On demand Distance Vector) or
DSDV (Destination Sequenced Distance
Vector). A hybrid approach is a viable
alternative for performance considerations.
• In Multi-hop cellular networks, we could
find ways to improve the MAC protocols
for faster throughput
37
References
• Michiardi, P., and Molva, R., “CORE: A COllaborative
REputation mechanism to enforce node cooperation in
Mobile Ad Hoc Networks,” Communication and
Multimedia Security Conference, 2002.
• Buttyán, L., and Hubaux, J., “Stimulating Cooperation in
Self-Organizing Mobile Ad Hoc Networks,” Mobile
Networks (MONET), 2003.
• Avoine, G. and Vaudenay, S., “Cryptography with
Guardian Angels: Bringing Civilization to Pirates” Report
on a Working Session on Security in Wireless Ad
Hoc Networks, Levente Buttyan and Jean-Pierre Hubaux
(eds.), ACM Mobile Computing and Communications
Review (MC2R), Vol. 6., No. 4., 2002.
• Michiardi, P., Molva, R. “Prevention of Denial of Service
Attacks and selfishness in Mobile Ad Hoc Networks,”
Research Report RR-02-063 - January 2002.
38
References
• Ermanno Pietrosemoli, Mesh Networks
http://wireless.ictp.trieste.it/school_2004/lectures/ermann
o/mesh.pdf
• Yi, S., Naldurg, P., Kravets, R., “A Security-Aware Ad
Hoc Routing Protocol for Wireless Networks,” 6th World
Multi-Conference on Systemics, Cybernetics and
Informatics (SCI 2002), 2002.
• S. Alampalayam, A. Kumar, S. Srinivasan, “Mobile Ad
hoc Network Security: A Taxonomy,” 7th IEEE Int’l Conf.
on Computer Communications Security, Phoenix Park,
South Korea, Feb. 23-25, 2005.
• Yang, H., Meng, X., and Lu, S., “Self-Organized Network
Layer Security in Mobile Ad Hoc Networks,” ACM
MOBICOM Wireless Security Workshop (WiSe'02),
Atlanta, 2002.
39
References
• Y.D. Lin and Y.C. Hsu, “Multihop Cellular: A new architecture for
wireless communications,” IEEE InfoCom 2000, 1273-1282.
• R. Ananthapadmanabha, B. S. Manoj, and C. Siva Ram Murthy,
“Multi-hop Cellular Networks: The architecture and routing
protocols,” 12th Int’l Conf. on PIMRC, vol.2, Sept. 2001, G-78-G82.
• B. Xie, A. Kumar, S. Srinivasan, “GSCP: A General Security Control
Protocol for Heterogeneous Multi-hop Network”
• B. Xie, A. Kumar, S. Srinivasan, “Secured Macro/Micro-Mobility
Protocol for Multi-hop Cellular IP”
• C. J. Fullmer and J. J. Garcia-Luna-Aceves, “Floor Acquisition
Multiple Access (FAMA) for Packet Radio Networks,” ACM
SIGCOMM 1995.
40