Ch 6. Security in WMNs Myungchul Kim

Slides:



Advertisements
Similar presentations
Chris Karlof and David Wagner
Advertisements

Security in Mobile Ad Hoc Networks
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.
A Survey of Secure Wireless Ad Hoc Routing
802.11a/b/g Networks Herbert Rubens Some slides taken from UIUC Wireless Networking Group.
Network Layer Routing Issues (I). Infrastructure vs. multi-hop Infrastructure networks: Infrastructure networks: ◦ One or several Access-Points (AP) connected.
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.
Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Security in Ad Hoc Networks Steluta Gheorghiu Universitat Politecnica de Catalunya Departament d’Arquitectura de Computadors.
SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.
Trust Level Based Self-Organized Routing Protocol for Secure Ad Hoc Networks Li Xiaoqi, GiGi 12/3/2002.
Challenge: Securing Routing Protocols Adrian Perrig
Centre for Wireless Communications University of Oulu, Finland
Design of Efficient and Secure Multiple Wireless Mesh Network Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date: 2005/06/28.
ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.
Routing Security in Ad Hoc Networks
Secure Routing in Ad Hoc Wireless Networks
CS541 Advanced Networking 1 Mobile Ad Hoc Networks (MANETs) Neil Tang 02/02/2009.
Security of wireless ad-hoc networks. Outline Properties of Ad-Hoc network Security Challenges MANET vs. Traditional Routing Why traditional routing protocols.
Security Risks for Ad Hoc Networks and how they can be alleviated By: Jones Olaiya Ogunduyilemi Supervisor: Jens Christian Godskesen © Dec
ITIS 6010/8010: Wireless Network Security Weichao Wang.
Ad Hoc Wireless Routing COS 461: Computer Networks
Wireless MESH network Tami Alghamdi. Mesh Architecture – Mesh access points (MAPs). – Mesh clients. – Mesh points (MPs) – MP uses its Wi-Fi interface.
Network-layer Security of Mobile Ad hoc Networks Jiangyi Hu Advisor: Dr. Mike Burmester.
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
Wireless and Security CSCI 5857: Encoding and Encryption.
Itrat Rasool Quadri ST ID COE-543 Wireless and Mobile Networks
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
Performance Analysis of AODV and SAODV Routing Protocols in Ad-Hoc Mesh Networks- A Simulation Study Sangeeta Ghangam Division of Computing Studies, Arizona.
Securing AODV Routing Protocol in Mobile Ad-hoc Networks Phung Huu Phu, Myeongjae Yi, and Myung-Kyun Kim Network-based Automation Research Center and School.
Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,
SECURITY-AWARE AD-HOC ROUTING FOR WIRELESS NETWORKS Seung Yi, Prasad Naldurg, Robin Kravets Department of Computer Science University of Illinois at Urbana-Champaign.
Security in Mobile Ad Hoc Networks (MANETs) Group : ►NS. Farid Zafar Sheikh ►NS. Muhammad Zulkifl Khalid ►NS. Muhammad Ali Akbar ►NS. Wasif Mehmood Awan.
Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.
Trust Model Based Self-Organized Routing Protocol For Secure Ad Hoc Networks Li Xiaoqi CSE Department, CUHK 29/04/2003.
A Security-Aware Routing Protocol for Wireless Ad Hoc Networks
Shambhu Upadhyaya 1 Ad Hoc Networks Routing Security Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 19)
KAIS T Security architecture in a multi-hop mesh network Conference in France, Presented by JooBeom Yun.
Authors: Yih-Chun Hu, Adrian Perrig, David B. Johnson
Secure routing in wireless sensor network: attacks and countermeasures Presenter: Haiou Xiang Author: Chris Karlof, David Wagner Appeared at the First.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner (modified by Sarjana Singh)
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
Security in Ad Hoc Networks. What is an Ad hoc network? “…a collection of wireless mobile hosts forming a temporary network without the aid of any established.
Attacks in Sensor Networks Team Members: Subramanian Madhanagopal Sivasankaran Rahul Poondy Mukundan.
Ch 4. Routing in WMNs Myungchul Kim
SAODV and Distributed Key Management Mark Guzman, Jeff Walter, Dan Bress, Pradhyumna Wani.
Security in Mobile Ad Hoc Networks: Challenges and Solutions (IEEE Wireless Communications 2004) Hao Yang, et al. October 10 th, 2006 Jinkyu Lee.
Ad Hoc Network.
“Challenges of Secure Routing in MANETs: A Simulative Approach using AODV-SEC” Analysis of a technical report from Stephan Eichler and Christian Roman,
Muhammad Mahmudul Islam Ronald Pose Carlo Kopp School of Computer Science & Software Engineering Monash University Australia.
Joint Multi-Channel Link Layer and Multi-Path Routing Design for Wireless Mesh Networks Wai-Hong Tam and Yu-Chee Tseng National Chiao-Tung University,
Wireless Mesh Networks Myungchul Kim
Wireless Network Security CSIS 5857: Encoding and Encryption.
1 Routing security against Threat models CSCI 5931 Wireless & Sensor Networks CSCI 5931 Wireless & Sensor Networks Darshan Chipade.
@Yuan Xue CS 285 Network Security Placement of Security Function and Security Service Yuan Xue Fall 2013.
 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.
Mobile Ad Hoc Networks. What is a MANET (Mobile Ad Hoc Networks)? Formed by wireless hosts which may be mobile No pre-existing infrastructure Routes between.
Authentication and handoff protocols for wireless mesh networks
Mobile Ad hoc Network: Secure Issues In Multi-Hop Routing Protocols
CSE 4340/5349 Mobile Systems Engineering
任課教授:陳朝鈞 教授 學生:王志嘉、馬敏修
Mobile ad hoc networking: imperatives and challenges
ITIS 6010/8010 Wireless Network Security
Authentication and handoff protocols for wireless mesh networks
A Survey of Secure Wireless Ad Hoc Routing
Cross-layer Analysis for detecting Wireless Misbehavior
Presentation transcript:

Ch 6. Security in WMNs Myungchul Kim

–Generic security servies Security technology overview

–IEEE i (Wi-Fi Protected Access: WPA, WPA2) A shared key or AAA server AAA server –Extensible authentication protocol (EAP) –EAP: EAPOL between MS and AP and RADIUS between AP and AAA server –Master session key (MSK) Security technology overview

–IEEE i (Wi-Fi Protected Access: WPA, WPA2) Security technology overview

–IPsec and virtual private networks –Transport layer security protocol (TLS) –Secure socket layer (SSL) –S/MIME or PGP Security technology overview

–Mesh node (MN), user node (UN), mesh user node (MUN) –Ad hoc mesh networks: managed or open networks Mesh usage scenarios

–Factors distringuishing the usage scenarios Mesh usage scenarios

Single administrative domain –Keep the outsiders out –Shared key or node certificate Network infrastructure extension –The mesh network is used by end users to access the infrastructure network –Security of infrasturcture network access by end users and security within the mesh extension itself Mesh federation –The MNs forming a mesh netowrk belong to different adminstrative domains (operators) Community mesh –Not knowing or even trusting each other Mesh usage scenarios

–Ad hoc networks vs WMNs Security challenges –Multihop wireless communications –Nodes are not physically protected –Use of wireless links –Dynamic: topology and membership –The same security solution may not work for both mesh routers and mesh clients Overview of potential attacks to WMNs –External attacks vs internal attacks –Passive and active attacks –Protocol layers Mesh security issues

–Attack types for MANET Impersonation Sinkhole attack –Behaving “logical” next hop for forwarding packets and droping them Wormhole attack –Use a malicious paths through legitimate means Selfish and greedy behavior attack –Increase own share of the common transmission resource Sybil attack –A malicious node pretends the identity of several nodes –Geographic routing protocols? Sleep deprivation –Request services from a certain node over and over again DoS and flooding Mesh security issues

Authentication –Hard in WMN because of the open nature of wireless comm. –Approaches PSK authentication Certificate authentication –How to enable the authentication across different domains? Authentication to roaming UNs? Authentication of MNs ? –Examples Wireless Dual Authentication Protocol (WDAP) Secure Unicast Messaging Protocol (SUMP) Mesh security issues

Secure MAC layer –IEEE : nodes that are heavily loaded tend to capture the channel by continually transmitting data thereby causing lightly loaded neighbors to back off again and again. -> unfairness –Attacks Flooding attack Jamming attack by jamming the RTS signal Sleep deprivation attack Packet dropping attack –Countermeasures to selfish mishbehavior Catch: makes the cooperative neighbors of a selfish node to disconnect it from the rest of the network. Mesh security issues

–Countermeasures to greedy mishbehavior The receiver can detect any misbehavior of the sender and penalize it by increasing the back-off value. DOMINO –Countermeasures to MAC-layer DoS attacks Single adversary attack and two colluding adversaries Ways –Fair MAC protocol –Protecting traffic flow –Distance adjustment Mesh security issues

Secure routing –Threats for ad hoc mesh routing functionality Eavesdropping Sinkhole, wormhole Routing table overflow: attempts to create routes to nonexistent nodes Rushing attack: An attacker forwards RREQs more quickly than legitinate nodes can do so. Thus, … Sleep deprivation Location disclosure Mesh security issues

Secure routing –A secure ad hoc mesh routing protocol should fulfill: Certain discovery Isolation: immune to malicious nodes Lighweight computation Location privacy Self-stabilization Byzantine robustness: a stricter version of the self- stabilization property Mesh security issues

–Cryptography-based solutions Authenticated ruting for ad hoc networks (ARAN) utilizes cryptographic certificates to achieve authentication and nonrepudiation Secure routing protocol (SRP): a shared key Secure efficient ad hoc distance vector (SEAD): DSDV, hash chains to authenticate hop counts and sequence numbers Secure ad hoc on-demand distance vector routing (SAODV): AODV, digital signatures and hash chains Mesh security issues

–Reputation-based solutions The pathrater assesses the results of the watchdog and selects the most reliable path for packet delivery. –Add-ons to existing protocols Security-aware ad hoc routing utilizes a security metric for the route discovery and maintenance functions. –Countermeasures to specific attacks In best-effort fault tolerant routing, path redundany is used to tolerate misbehavior by using disjoint routes. Mesh security issues

Key management and communications security –Key management: supports the establishment and maintenance of keying relationships between authorized parties. –How to distribute initial keys? –A suitable infrastructure can be used A single stakeholder A public-key infra Security master Mesh security issues

Key management and communications security –For routing traffic, options are No security at all Protect integrity of routing messages through a MAC Protect integrity of routing messages through a digital signature in a hop-by-hop mode Protect integrity of routing messages through a digital signature in an end-to-end mode Condifentializty of routing messages –For the protection of user data, options are No security at all Secure comm within a group that shares a secret group key Secure end-to-end communication using public-key crptography Mesh security issues

Intrusion detection –Use “training” data to determine characteristics of normal routing table updates and normal MAC layer. Mesh security issues

System proposals –Tropos 802.1x/EAP-based authentication against a AAA-server (RADIUS) A secure IPsec-based VPN Concrete proposals

Authentication protocols –WDAP for IEEE WMNs –SUMP for sensor networks –The overhead at the server side –Wireless dual authentication protocol (WDAP) Mitigation of the overhead of i –The authentication is already completed when the UN arrives within the range of the next AP –A key caching options to allow the UN and the AP to remember the last used PMK –Since both WS and AP are assumed not to trust each other until the AS authenticates both of them. Concrete proposals

Authentication protocols –Wireless dual authentication protocol (WDAP) Concrete proposals

Authentication protocols –Wireless dual authentication protocol (WDAP) Concrete proposals

Authentication protocols –Wireless dual authentication protocol (WDAP) Concrete proposals

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.