1 ESAS 2004 New Research Challenges for the Security of Ad Hoc and Sensor Networks Jean-Pierre Hubaux EPFL.

Slides:



Advertisements
Similar presentations
Chris Karlof and David Wagner
Advertisements

Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,
Secure Location Verification with Hidden and Mobile Base Stations -TMC Apr, 2008 Srdjan Capkun, Kasper Bonne Rasmussen, Mario Cagalj, Mani Srivastava.
Detecting MAC Layer Back-off Timer Violations in Mobile Ad Hoc Networks Venkata Nishanth Lolla, Lap Kong Law, Srikanth V. Krishnamurthy, Chinya Ravishankar,
Maximum Battery Life Routing to Support Ubiquitous Mobile Computing in Wireless Ad Hoc Networks By C. K. Toh.
TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.
 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.
A Survey of Secure Wireless Ad Hoc Routing
Hubaux Ne X tworking’03 June 23-25,2003, Chania, Crete, Greece The First COST-IST(EU)-NSF(USA) Workshop on EXCHANGES & TRENDS IN N ETWORKING 1 Self-organization.
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.
CS 495 Advanced Networking David R. Choffnes, Spring 2005 Denial of Service Resilience in Ad Hoc Networks Imad Aad, Jean-Pierre Hubaux, Edward W. Knightly.
Monday, June 01, 2015 ARRIVE: Algorithm for Robust Routing in Volatile Environments 1 NEST Retreat, Lake Tahoe, June
NGMAST- WMS workshop17/09/2008, Cardiff, Wales, UK A Simulation Analysis of Routing Misbehaviour in Mobile Ad hoc Networks 2 nd International Conference.
1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.
1 MSWiM 2004 Rational Behaviors in WiFi Hotspots and in Ad Hoc Networks Jean-Pierre Hubaux EPFL.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
Cooperation between Nodes in Multi-Hop Wireless Networks Jean-Pierre Hubaux 1 Joint work with Naouel Ben Salem 1, Levente Buttyan 2, Srdjan Čapkun 1, Mark.
Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.
Trust Level Based Self-Organized Routing Protocol for Secure Ad Hoc Networks Li Xiaoqi, GiGi 12/3/2002.
Denial of Service Resilience in Ad Hoc Networks Imad Aad, Jean-Pierre Hubaux, and Edward W. Knightly Designed by Yao Zhao.
Secure Localization using Dynamic Verifiers Nashad A. Safa Joint Work With S. Sarkar, R. Safavi-Naini and M.Ghaderi.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Key Distribution in Sensor Networks (work in progress report) Adrian Perrig UC Berkeley.
Secure Routing in Ad Hoc Wireless Networks
Security of wireless ad-hoc networks. Outline Properties of Ad-Hoc network Security Challenges MANET vs. Traditional Routing Why traditional routing protocols.
1 Jean-Pierre Hubaux EPFL/School of Information and Communication Secure Mobility.
Security Risks for Ad Hoc Networks and how they can be alleviated By: Jones Olaiya Ogunduyilemi Supervisor: Jens Christian Godskesen © Dec
1 Laboratory for Computer Communications and Application (LCA) Swiss Federal Institute of Technology (EPFL) Srdjan Čapkun joint work with Jean-Pierre Hubaux.
1 The Security and Privacy of Smart Vehicles Jean-Pierre Hubaux EPFL Joint work with Srdjan Capkun, Jun Luo, and Maxim Raya
1 A Practical Secure Neighbor Verification Protocol for Wireless Sensor Networks Reza Shokri, Marcin Poturalski, Gael Ravot, Panos Papadimitratos, and.
Secure Localization Algorithms for Wireless Sensor Networks proposed by A. Boukerche, H. Oliveira, E. Nakamura, and A. Loureiro (2008) Maria Berenice Carrasco.
Nodes Bearing Grudges: Towards Routing Security, Fairness, and Robustness in Mobile Ad Hoc Networks Sonja Buchegger Jean-Yves Le Boudec.
How Does Topology Affect Security in Wireless Ad Hoc Networks? Ioannis Broustis CS 260 – Seminar on Network Topology.
1 / 18 Fariba alamshahi Secure Routing and Intrusion Detection in Ad Hoc Networks Supervisor: Mr.zaker Translator: fariba alamshahi.
Towards Provable Secure Neighbor Discovery in Wireless Networks Marcin Poturalski Panos Papadimitratos Jean-Pierre Hubaux.
SECURITY-AWARE AD-HOC ROUTING FOR WIRELESS NETWORKS Seung Yi, Prasad Naldurg, Robin Kravets Department of Computer Science University of Illinois at Urbana-Champaign.
A Security-Aware Routing Protocol for Wireless Ad Hoc Networks
Using Directional Antennas to Prevent Wormhole Attacks Lingxuan HuDavid Evans Department of Computer Science University of Virginia.
Integrity-regions: Authentication Through Presence in Wireless Networks Srdjan Čapkun 1 and Mario Čagalj 2 1 Department of Computer Science, ETH Zurich.
Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai 28 October 2003.
Effects of Multi-Rate in Ad Hoc Wireless Networks
1 Some Security Challenges for Mesh Networks Jean-Pierre Hubaux EPFL Switzerland Joint work with Imad Aad, Naouel Ben Salem, Levente Buttyan, Srdjan Capkun,
1 Objective and Secure Reputation-Based Incentive Scheme for Ad-Hoc Networks Dapeng Oliver Wu Electrical and Computer Engineering University of Florida.
Authors: Yih-Chun Hu, Adrian Perrig, David B. Johnson
Secure routing in wireless sensor network: attacks and countermeasures Presenter: Haiou Xiang Author: Chris Karlof, David Wagner Appeared at the First.
Securing Distributed Sensor Networks Udayan Kumar Subhajit Sengupta Sharad Sonapeer.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner (modified by Sarjana Singh)
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
Security in Ad Hoc Networks. What is an Ad hoc network? “…a collection of wireless mobile hosts forming a temporary network without the aid of any established.
Security in Mobile Ad Hoc Networks: Challenges and Solutions (IEEE Wireless Communications 2004) Hao Yang, et al. October 10 th, 2006 Jinkyu Lee.
Security in Wireless Ad Hoc Networks. 2 Outline  wireless ad hoc networks  security challenges  research directions  two selected topics – rational.
1/26 Module C - Part 2 DOMINO Detection Of greedy behavior in MAC layer of IEEE public NetwOrks Prof. JP Hubaux Mobile Networks
Shambhu Upadhyaya 1 Ad Hoc Networks – Network Access Control Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 20)
1 Vehicular Networks Slides are integrated from researchers at EPFL.
1 Routing security against Threat models CSCI 5931 Wireless & Sensor Networks CSCI 5931 Wireless & Sensor Networks Darshan Chipade.
A Key Management Scheme for Distributed Sensor Networks Laurent Eschaenauer and Virgil D. Gligor.
Efficient Geographic Routing in Multihop Wireless Networks Seungjoon Lee*, Bobby Bhattacharjee*, and Suman Banerjee** *Department of Computer Science University.
Secure positioning in Wireless Networks Srdjan Capkun, Jean-Pierre Hubaux IEEE Journal on Selected area in Communication Jeon, Seung.
Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward W. Knightly November 21 th, 2006 Jinkyu Lee.
VADD: Vehicle-Assisted Data Delivery in Vehicular Ad Hoc Networks Zhao, J.; Cao, G. IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY, 鄭宇辰
 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.
A Secure Routing Protocol with Intrusion Detection for Clustering Wireless Sensor Networks International Forum on Information Technology and Applications.
Enforce Collaboration in Mobile Ad Hoc Network Ning Jiang School of EECS University of Central Florida
Presented by Edith Ngai MPhil Term 3 Presentation
Packet Leashes: Defense Against Wormhole Attacks
Self Organized Networks
DOMINO: A System to Detect Greedy Behavior in IEEE Hotspots
DK presents Division of Computer Science, KAIST
Cross-layer Analysis for detecting Wireless Misbehavior
Presentation transcript:

1 ESAS 2004 New Research Challenges for the Security of Ad Hoc and Sensor Networks Jean-Pierre Hubaux EPFL

2 New Research Challenges for the Security of Ad Hoc and Sensor Networks  Some current research themes  Key establishment  Secure routing  Provable encounters  Cooperation: the network layer perspective  New theme 1: Cooperation: the MAC layer perpective  New theme 2: Secure positioning  Verifiable multilateration  Application to vehicle networks  Application to sensor networks  New theme 3: Denial of Service attacks

3 Key establishment techniques in ad hoc networks Underlying questions: What is the identity of a node? What is the relationship between the user and the node? What does trust mean in such a framework? Underlying questions: What is the identity of a node? What is the relationship between the user and the node? What does trust mean in such a framework? Presence of an authority, at least in the initialization phase Usually based on threshold cryptography Presence of an authority, at least in the initialization phase Usually based on threshold cryptography No authority: Keys are generated by the nodes No authority: Keys are generated by the nodes Specialized nodes (servers) Centralized secret share dealer Secure Public Key Mgt Similarity with PGP; certificate and trust relationships Secure Public Key Mgt Similarity with PGP; certificate and trust relationships Mobility helps security Mobility helps security

4 Establishment of security associations (“Mobility helps security”, Mobihoc 2003) Infrared link (Alice, PuK Alice, XYZ) (Bob, PuK Bob, UVW) Visual recognition, conscious establishment of a two-way security association Secure side channel -Typically short distance (a few meters) - Line of sight required - Ensures integrity - Confidentiality not required Name NodeId Alice Bob

5 Pace of establishment of the security associations - Depends on several factors: - Area size - Number of communication partners: s - Number of nodes: n - Number of friends - Mobility model and its parameters (speed, pause times, …) Established security associations : Desired security associations : Convergence :

6 Simulation results, random waypoint Various power ranges (automatic establishment of security associations)

7  Probabilistic key sharing Key setup in sensor networks (Eschenauer and Gligor, 2002)  key pre-distribution  generation of a large pool of P keys  random drawing of k keys out of P  loading of the key ring into each sensor  shared-key discovery  upon initialization every node discovers its neighbors with which it shares keys  path-key establishment (- - -)  assigns a path-key to neighbors w/o shared key  multiple disjoint paths exist between two nodes  example (A,B)  Consequences  node-to-node authentication ?  key revocation scope ? Re-keying ?  resilience: effect of sensor-node capture ?  network extension A B Courtesy: Virgil Gligor

8 Secure routing in ad hoc networks Ariadne SRP Packet leashes RAPI.T. SEAD, ARAN, SAODV RAPI.T. SECTORI.T. DSR AODV FRESH OLSR General Wormhole Rushing attacks Routing protocol Attack Blackhole attack … … I.T. : Incentive Techniques (assuming nodes are rational)

9 Provable encounters (“SECTOR”, SASN 2003) - Initial distribution of keys/hash values - Encounter certification comprised of the following phases: - Authentication - Distance bounding (Cf also Brands and Chaum, 1993) - Issuance of the proof of encounter a) Guaranteeing Encounter Freshness (GEF) b) Guaranteeing the Time of Encounter (GTE) - Encounter verification comprised of the following phases: - Authentication - Verification claimant certifier Encounter certification claimant verifier Encounter verification Solution based on hash chains and on Merkle trees

10 Cooperation in self-organized systems Question: how to enforce cooperation, if each node is its own authority? Solutions: based typically on game theory, on reputation systems, on micropayments proposed by NEC, UC Berkeley, Stanford, CMU, Cornell, U. of Washington,Yale, UCSD, Eurécom, EPFL,… address different scenarios: pure ad hoc, multi-hop access to the backbone,… consider the problem at the network layer (and focus primarily on packet forwarding) S1S1 S2S2 D1D1 D2D2

11 Cooperation between nodes (a closer look) Routing MAC MAC : Medium Access Control : manages the shared transmission medium (the radio link in this case) in a fully distributed way Question 1: How do we prevent greedy behaviour on the MAC layer of multi-hop wireless networks? Question 1’: How is this problem solved today in WiFi hotspots? Answer: It is not solved!

12 Question 1’ : How do we prevent greedy behavior at the MAC layer in WiFi hotspots ? Well-behaved node The access point is trusted The MAC layer is fair: if users have similar needs, they obtain a similar share of the bandwidth

13 Question 1’ : Preventing greedy behavior at the MAC layer in WiFi hotspots Well-behaved node Cheater The access point is trusted

14 IEEE MAC – Brief reminder IEEE is the MAC protocol used in WiFi By default, it is the one used in wireless multi-hop networks IEEE is the MAC protocol used in WiFi By default, it is the one used in wireless multi-hop networks

15 Greedy technique 1/4: oversized NAV

16 Greedy technique 2/4: transmit before DIFS

17 Greedy technique 3/4 : scramble others’ frames

18 Greedy technique 4/4: pick a shorter backoff Implementation of this cheating technique: 3 lines of code!

19 Proposed solution: DOMINO  DOMINO: System for Detection Of greedy behaviour in the MAC layer of WiFi public NetwOrks (Raya, Hubaux, Aad, Mobisys 2004)  Idea: monitor the traffic and detect deviations by comparing average values of observed users  Detection tests: statistical comparison of the observed protocol behaviour  Features: Full standard compliance Needs to be implemented only at the Access Point Simple and efficient  The operator decides the amount of evidence required before taking action (in order e.g. to prevent false positives)  Other solution: Kyasanur + Vaidya, DSN 2003 (but not protocol compliant)

20 Detection Tests of DOMINO Consecutive backoff Actual backoff Maximum backoff: the maximum should be close to CWmin - 1 Backoff manipulation Comparison of the idle time after the last ACK with DIFS Transmission before DIFS Comparison of the declared and actual NAV values Oversized NAV Number of retransmissions Frame scrambling Detection testCheating method

21 Simulation of cheating and detection  Cheating technique: Backoff manipulation  Traffic:  Constant Bit Rate / UDP traffic  FTP / TCP traffic  misbehavior coefficient (m): cheater chooses its backoff as (1 - m) x CWmin  Simulation environment: ns-2 Cheater

22 Simulation results Each point corresponds to 100 simulations Confidence intervals: 95% Each point corresponds to 100 simulations Confidence intervals: 95%

23 Implementation of the demo prototype  Equipment  Adapters based on the Atheros AR5212 chipset  MADWIFI driver  Misbehavior: backoff  Overwrite the values CWmin and CWmax (in driver)  Monitoring  The driver in MONITOR mode  prism2 frame header

24 Conclusion on the prevention of greedy behaviour at the MAC layer  There exist greedy techniques against hotspots  Some of these techniques are straightforward  We have proposed, implemented and patented a simple solution, DOMINO, to prevent them (  The same problem in self-organized wireless systems is still unsolved. Can it be solved?  Game-theoretic study: M. Cagalj, S. Ganeriwal, I. Aad and J.-P. Hubaux "On Cheating in CSMA/CA Networks" Technical report No. IC/2004/27, July 2004  Many problems still need to be solved in this field

25 Question 2: How to securely locate a node Being able to securely verify the positions of devices can enable: - Location-based access control (e.g., prevention of the parking lot attack) - Detection of displacement of valuables - Detection of stealing - Location-based charging - … In multi-hop networks - Secure routing - Secure positioning - Secure data harvesting (sensor networks) - …

26 Attacks against sensor networks positions

27 Positioning systems (and prototypes) - GPS, Galileo, Glonass (Outdoor, Radio Frequency (RF) – Time of Flight (ToF)) - Active Badge (Indoor, Infrared(IR)), Olivetti - Active Bat, Cricket (Indoor, Ultrasound(US)-based), AT&T Lab Cambridge, MIT - RADAR, SpotON, Nibble (Indoor/Outdoor, RF- RSS), Microsoft, Univ of Washington, UCLA+Xerox Palo Alto Lab - Ultra Wideband Precision Asset Location System, (Indoor/Outdoor, RF-(UWB)- ToF), Multispectral solutions, Inc. Ad Hoc/Sensor Network positioning systems: - Convex position estimation (Centralized), UC Berkeley - Angle of Arrival based positioning (Distributed, Angle of Arrival), Rutgers - Dynamic fine-grained localization (Distributed), UCLA - GPS-less low cost outdoor localization (Distributed, Landmark-based), UCLA - GPS-free positioning (Distributed), EPFL

28 Distance measurement techniques - Based on the speed of light (RF, Ir) ts A B (A and B are synchronized - ToF) tr d ABm =(tr-ts)c ts - Based on the speed of sound (Ultrasound) (A and B are NOT synchronized – Round trip ToF) tr d ABm =(tr-ts-t procB )c/2 ts A B tr(RF) d ABm =(tr(RF)-tr(US))s ts tr(US) - Based on Received Signal Strength (RSS)

29 Attacks on RF and US ToF-based techniques - Dishonest device: cheat on the time of sending (ts) or time of reception (tr) ts 1. Overhear and jam 2. Replay with a delay Δt A B (A and B are assumed to be synchronised) tr d ABm =(tr-ts)c ts B tr+Δt d ABm =(tr+Δt-ts)c ts+Δt M => d ABm >d AB - Malicious attacker: 2 steps: M

30 Summary of possible attacks on distance measurement Malicious attackers RSS (Received Signal Strength) Distance enlargement and reduction Distance enlargement and reduction Ultrasound Time of Flight Distance enlargement and reduction Distance enlargement and reduction Radio Time of Flight Distance enlargement and reduction Distance enlargement only Dishonest nodes

31 The challenge of secure positioning - Goals: - preventing a dishonest node from cheating about its own position - preventing a malicious attacker from spoofing the position of an honest node - Our proposal: Verifiable Multilateration

32 Distance Bounding (RF) ts BS A N BS tr - Introduced in 1993 by Brands and Chaum (to prevent the Mafia fraud attack) d real ≤ db = (tr-ts)c/2 (db=distance bound)

33 Distance bounding characteristics RSS Distance enlargement and reduction US ToF Distance enlargement and reduction Distance enlargement and reduction RF ToF Distance enlargement and reduction Distance enlargement only RF Distance Bounding Distance enlargement only US Distance Bounding Distance enlargement only Distance enlargement and reduction Malicious attackers Dishonest nodes - RF distance bounding: - nanosecond precision required, 1ns ~ 30cm - UWB enables clock precision up to 2ns and 1m positioning indoor and outdoor (up to 2km) - US distance bounding: - millisecond precision required,1ms ~ 35cm

34 Verifiable Multilateration (Trilateration) x y (x,y) BS1 BS2 BS3 Verification triangle Distance bounding A

35 Properties of Verifiable Multilateration - a malicious attacker cannot spoof the position of a node such that it seems that the node is at a position different from its real position within the triangle - a node located within the triangle cannot prove to be at another position within the triangle except at its true position. - a node located outside the triangle formed by the verifiers cannot prove to be at any position within the triangle - a malicious attacker cannot spoof the position of a node such that it seems that it is located at a position within the triangle, if the node is outside the triangle The same holds in 3-D, with a triangular pyramid instead of a triangle

36 Conclusion on secure positioning  New research area  Time of flight seems to be the most appropriate technique  Initial solutions for:  Hand-held / automotive devices  Sensor networks Srdjan Capkun and Jean-Pierre Hubaux Securing position and distance verification in wireless networks Technical report EPFL/IC/ , May 2004 Srdjan Capkun and Jean-Pierre Hubaux Secure Positioning in Sensor Networks Technical report EPFL/IC/ , June 2004 (More information available at Srdjan’s home page: SecLoW)

37 Denial of service attacks TCP can be highly vulnerable to protocol-compliant attacks: Packet reordering Packet delaying Packet dropping Aad, Hubaux, Knightly, Mobicom 2004 Illustration of the « JellyFish » re-order attack Isolated relay chain Single JF Standard , 2Mb/s TCP-Sack Simulator: ns-2

38 Conclusion  The security of ad hoc and sensor networks is a strategic research topic  The kind of considered scenario (nature of the network authority, attacker model, capabilities of the nodes,…) can radically influence the solution to be chosen  The study of security problems in the framework of self- organized wireless systems can help identifying problems of and solutions for conventional networks

39 Upcoming Events  WiSe 2004 : 3 rd ACM Workshop on Wireless Security, Philadelphia, October 1  VANET 2004 : 1 st ACM Workshop on Vehicular Ad Hoc Networks, Philadelphia, October 1  SASN 2004 : ACM Workshop on Security of Ad Hoc and Sensor Networks, October 25, Washington DC  escar 2004 : 2 nd Workshop on Security in Cars, Bochum, November 10-11

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.