Slide 1/29 DCSL: Dependable Computing Systems Lab L ITE W ORP : A Lightweight Countermeasure for the Wormhole Attack in Multihop Wireless Networks Issa.

Slides:



Advertisements
Similar presentations
Chris Karlof and David Wagner
Advertisements

Jason Li Jeremy Fowers. Background Information Wireless sensor network characteristics General sensor network security mechanisms DoS attacks and defenses.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.
Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,
Collaborative Attacks on Routing Protocols in Ad hoc Networks Neelima Gupta University of Delhi India.
A Survey of Secure Wireless Ad Hoc Routing
Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks Mingyan Li, Iordanis Koutsopoulos, Radha Poovendran (InfoComm ’07) Presented.
Secure Routing in Wireless Sensor Network Soumyajit Manna Kent State University 5/11/2015Kent State University1.
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
Transmission Time-based Mechanism to Detect Wormhole in Ad-hoc Networks Tran Van Phuong U-Security Group RTMM Lab, Kyung Hee Uni, Korea
Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.
Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1
Monday, June 01, 2015 ARRIVE: Algorithm for Robust Routing in Volatile Environments 1 NEST Retreat, Lake Tahoe, June
1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.
Security Issues In Sensor Networks By Priya Palanivelu.
Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.
SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.
Mitigating routing misbehavior in ad hoc networks Mary Baker Departments of Computer Science and.
Denial of Service Resilience in Ad Hoc Networks Imad Aad, Jean-Pierre Hubaux, and Edward W. Knightly Designed by Yao Zhao.
INSENS: Intrusion-Tolerant Routing For Wireless Sensor Networks By: Jing Deng, Richard Han, Shivakant Mishra Presented by: Daryl Lonnon.
Key Distribution in Sensor Networks (work in progress report) Adrian Perrig UC Berkeley.
Routing Security in Ad Hoc Networks
© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 6: Securing neighbor discovery.
Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
Ad Hoc Wireless Routing COS 461: Computer Networks
Secure Localization Algorithms for Wireless Sensor Networks proposed by A. Boukerche, H. Oliveira, E. Nakamura, and A. Loureiro (2008) Maria Berenice Carrasco.
Nodes Bearing Grudges: Towards Routing Security, Fairness, and Robustness in Mobile Ad Hoc Networks Sonja Buchegger Jean-Yves Le Boudec.
Unwanted Link Layer Traffic in Large IEEE Wireless Network By Naga V K Akkineni.
Itrat Rasool Quadri ST ID COE-543 Wireless and Mobile Networks
Security of Routing Protocols in Ad Hoc Wireless Networks presented by Reza Curtmola – Advanced Topics in Wireless Networks.
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
Secure Cell Relay Routing Protocol for Sensor Networks Xiaojiang Du, Fengiing Lin Department of Computer Science North Dakota State University 24th IEEE.
An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.
Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,
GZ06 : Mobile and Adaptive Systems A Secure On-Demand Routing Protocol for Ad Hoc Networks Allan HUNT Wandao PUNYAPORN Yong CHENG Tingting OUYANG.
Power Save Mechanisms for Multi-Hop Wireless Networks Matthew J. Miller and Nitin H. Vaidya University of Illinois at Urbana-Champaign BROADNETS October.
Using Directional Antennas to Prevent Wormhole Attacks Lingxuan HuDavid Evans Department of Computer Science University of Virginia.
A survey of Routing Attacks in Mobile Ad Hoc Networks Bounpadith Kannhavong, Hidehisa Nakayama, Yoshiaki Nemoto, Nei Kato, and Abbas Jamalipour Presented.
Computer Science 1 CSC 774 Advanced Network Security Distributed detection of node replication attacks in sensor networks (By Bryan Parno, Adrian Perrig,
Dynamic Source Routing in ad hoc wireless networks Alexander Stojanovic IST Lisabon 1.
ENERGY-EFFICIENT FORWARDING STRATEGIES FOR GEOGRAPHIC ROUTING in LOSSY WIRELESS SENSOR NETWORKS Presented by Prasad D. Karnik.
Authors: Yih-Chun Hu, Adrian Perrig, David B. Johnson
Secure routing in wireless sensor network: attacks and countermeasures Presenter: Haiou Xiang Author: Chris Karlof, David Wagner Appeared at the First.
1 Detecting and Evading Wormholes in Mobile Ad-hoc Wireless Networks Asad Amir Pirzada and Chris McDonald.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner (modified by Sarjana Singh)
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
Energy-Efficient Shortest Path Self-Stabilizing Multicast Protocol for Mobile Ad Hoc Networks Ganesh Sridharan
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof David Wagner University of California at Berkeley 1st IEEE International.
DSR: Introduction Reference: D. B. Johnson, D. A. Maltz, Y.-C. Hu, and J. G. Jetcheva, “The Dynamic Source Routing Protocol for Mobile Ad Hoc Networks,”
Attacks in Sensor Networks Team Members: Subramanian Madhanagopal Sivasankaran Rahul Poondy Mukundan.
Energy and Latency Control in Low Duty Cycle MAC Protocols Yuan Li, Wei Ye, John Heidemann Information Sciences Institute, University of Southern California.
SRL: A Bidirectional Abstraction for Unidirectional Ad Hoc Networks. Venugopalan Ramasubramanian Ranveer Chandra Daniel Mosse.
Computer Science 1 TinySeRSync: Secure and Resilient Time Synchronization in Wireless Sensor Networks Speaker: Sangwon Hyun Acknowledgement: Slides were.
Computer Science 1 Using Directional Antennas to Prevent Wormhole Attacks Presented by: Juan Du Nov 16, 2005.
Shambhu Upadhyaya 1 Ad Hoc Networks – Network Access Control Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 20)
Mitigating Routing Misbehavior in Mobile Ad Hoc Networks Sergio Marti, T.J. Giuli, Kevin.
KAIS T SIGF : A Family of Configurable, Secure Routing Protocols for WSNs Sep. 20, 2007 Presented by Kim, Chano Brian Blum, Tian He, Sang Son, Jack Stankovic.
Shambhu Upadhyaya 1 Sensor Networks – Hop- by-Hop Authentication Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 22)
An Energy-Efficient Geographic Routing with Location Errors in Wireless Sensor Networks Julien Champ and Clement Saad I-SPAN 2008, Sydney (The international.
Computer Science Using Directional Antennas to Prevent Wormhole Attacks Stephen Thomas Acknowledgement: Portions of this presentation have been donated.
NDSS 2004Hu and Evans, UVa1 Using Directional Antennas to Prevent Wormhole Attacks Lingxuan Hu and David Evans [lingxuan, Department.
1 An Interleaved Hop-by-Hop Authentication Scheme for Filtering of Injected False Data in Sensor Networks Sencun Zhu, Sanjeev Setia, Sushil Jajodia, Peng.
1 Routing security against Threat models CSCI 5931 Wireless & Sensor Networks CSCI 5931 Wireless & Sensor Networks Darshan Chipade.
Jinfang Jiang, Guangjie Han, Lei Shu, Han-Chieh Chao, Shojiro Nishio
MAC Protocols for Sensor Networks
Enforce Collaboration in Mobile Ad Hoc Network Ning Jiang School of EECS University of Central Florida
Packet Leashes: Defense Against Wormhole Attacks
ITIS 6010/8010 Wireless Network Security
Protocols.
Protocols.
Presentation transcript:

Slide 1/29 DCSL: Dependable Computing Systems Lab L ITE W ORP : A Lightweight Countermeasure for the Wormhole Attack in Multihop Wireless Networks Issa Khalil, Saurabh Bagchi, Ness Shroff Dependable Computing Systems Lab (DCSL) & Center for Wireless Systems and Applications (CWSA) School of Electrical and Computer Engineering Purdue University

Slide 2/29 DCSL: Dependable Computing Systems Lab Outline Introduction –What is the wormhole attack? –Wormhole attack against DSR and TinyOS beaconing –Wormhole attack modes Motivation Related work L ITE W ORP protocol description Conclusion & take away lessons

Slide 3/29 DCSL: Dependable Computing Systems Lab What is the Wormhole Attack? Colluding nodes tunnel packets received in one place of the network to a distant location where they are replayed Can be launched without having any cryptographic keys Puts the attacker in a powerful position to play havoc with the traffic –Insinuate attacker in a route and then manipulate data traffic Example: Selectively drop data packets –Routing disruptions Example: Prevent discovery of legitimate route –Traffic analysis Example: Observe traffic patterns as a way of leaking information

Slide 4/29 DCSL: Dependable Computing Systems Lab Wormhole Attack Against DSR S has two routes to D –S  A  B  C  D (4 hops) –S  X  Y  D (3 hops) –S selects the shortest available route S D A B C X Y

Slide 5/29 DCSL: Dependable Computing Systems Lab Wormhole Attack Against TinyOS Beaconing Sensors collect data and forward it to the base station TinyOS beaconing for routing Tree routing rooted at the base station Used in TinyOS for Berkeley motes Attacker tunnels packets to a colluding party The colluding party replays them Most packets will be routed to the wormhole The attacker can drop packets or more subtly, selectively forward packets to avoid detection

Slide 6/29 DCSL: Dependable Computing Systems Lab How Wormhole Attack can be Launched? The wormhole attack can be launched by many different ways Wormhole modes differ in the level of sophistication needed by the adversary We study five different wormhole attack modes, namely –Mode 1: Packet encapsulation No specialized hardware At least two attacker nodes –Mode 2: Out-of-band channel Requires specialized hardware Needs at least two attacker nodes –Mode 3: High power transmission –Mode 4: Packet relay –Mode 5: Protocol deviation S D C X Y B E Good node Malicious node U V W Z

Slide 7/29 DCSL: Dependable Computing Systems Lab Motivation We need to mitigate the wormhole attack –In resource constrained environments, such as sensor networks In particular, needs to limit communication overhead to conserve bandwidth and energy –Without the use of specialized hardware –Existing approaches do not address all the modes of the wormhole attack –Not just detect the attack but also perform response action

Slide 8/29 DCSL: Dependable Computing Systems Lab Previous Countermeasures of the Wormhole Attack Packet Leashes –Geographical Leashes Requires location determination (e.g. GPS H/W) Require loose time synchronization Attach P s and t s and limit the distance based on P r and t r –Temporal Leashes Require tight time synchronization Uses t s and t r and the speed of light to limit the distance traveled by the packet –Problems Inaccurate due to unpredictable processing time and channel availability Expensive (GPS or tight time synchronization) Does not provide diagnosis and isolation Can not prevent DoS attacks against route establishment Directional antennas –Requires specialized hardware (e.g., directional antenna) –Fail to mitigate most of the modes of the attack

Slide 9/29 DCSL: Dependable Computing Systems Lab Outline

Slide 10/29 DCSL: Dependable Computing Systems Lab Assumptions & Model System assumptions –Existing key distribution mechanism –Static networks –Bi-directional links –A node cannot be compromised instantly –Attack-free environment during the deployment phase Attack model –Links may be subjected to eavesdropping and message tampering –Attacker can replace a compromised node by a more powerful network entity, and can establish out-of-band fast channels –External adversary nodes –Internal adversary nodes aka compromised nodes –Byzantine behavior –Arbitrary Collusion –Brute force denial of service attacks are not considered

Slide 11/29 DCSL: Dependable Computing Systems Lab Neighbor Discovery Build a secure list of first and second hop neighbors Started as soon as a node is deployed in the field Used in local monitoring Build a list of one-hop neighbors, R 1 –Each node sends out clear-text one-hop HELLO broadcast –Each neighbor sends authenticated unicast reply Build list of second hop neighbors, R 2 –We use one-to-one authentication broadcast –Saves communication over multiple authentication unicast A B C R 1 =[A||C||K commit ],E(K BA,R 1 ),E(K BC,R 1 ) R1R1 K AB K AC K AZ B, C, …, Z

Slide 12/29 DCSL: Dependable Computing Systems Lab Local Monitoring S D BX M N A A X Y The transmission range of node Y A collaborative detection strategy in which a node monitors the traffic going in and out of its neighbors. Requires each node to include the ID of the prev-hop in the forwarded packet A guard of a node A for the link from X to A is any node that lies within the transmission range of both X and A M, X, and N are the guards of node A for the link from X to A A guard saves information about incoming packets in a watch buffer Matches an output packet with information in buffer

Slide 13/29 DCSL: Dependable Computing Systems Lab Local monitoring: Details Local monitoring can be used to detect different kinds of control attacks by changing the information maintained in the buffer and the kind of checking that goes on The different kinds of malicious activity that can be done by a node –Fabrication –Modification –Delay –Drop Correspondingly the kind of checking that needs to be done are: –An outgoing packet that has no corresponding incoming info –Difference between the incoming and ingoing packet fields –Forwards after a threshold time –Not forwarding within a maximum acceptable timeout threshold S D BX M N A A X

Slide 14/29 DCSL: Dependable Computing Systems Lab Local Response Propagate detection knowledge to isolate malicious nodes When a guard G detects a malicious event by node M –G increments a counter Mal C (G,M) –Different malicious activities cause different increments When Mal C (G,M) crosses a threshold –G revokes M –G sends an authenticated alert to the neighbors of M When N receives an alert about a neighbor M –Collects alert information from multiple guards –When the number of alerts reaches the detection confidence (γ), N revokes M

Slide 15/29 DCSL: Dependable Computing Systems Lab Outline

Slide 16/29 DCSL: Dependable Computing Systems Lab Detection Using Local Monitoring L S D C M1M1 M2M2 AE F P Q R B Z X N W Choice#1 M 1 claims that the R REP is from M 2 Detection strategy The guards of M 1 over the link Z  M 1, (P,Z,Q) detect this malicious behavior, because they have nothing in their watch buffers about R REP coming from Z Detection strategy All the neighbors of M 1 (S,R,P,Z,Q,B) detect this malicious activity, because they know that M 2 is not a neighbor of M 1 Choice#2 M 1 claims that the R REP comes from one of its neighbors, say Z Attacker goal: including malicious nodes in the route These detection approaches require the guards to monitor the route reply (R REP ) packets

Slide 17/29 DCSL: Dependable Computing Systems Lab Detection Using Local Monitoring L S D C M1M1 M2M2 AE F P Q R B Z X N W Choice#1 M 2 claims that the R REQ comes from M 1 Detection strategy The guards of M 2 over the link X  M 2, (N,X,L) detect this malicious behavior, because they have nothing in their watch buffers about R REQ coming from X1 Detection strategy All the neighbors of M 2 (X,L,N,D,W) detect this malicious activity, because they know that M 1 is not a neighbor of M 2 Choice#2 M 2 claims that the R REQ comes from one of its neighbors, say X Attacker goal: disrupting route establishment These detection strategies require the guards to monitor the route request (R REQ ) packets, which are more in number than the R REP packets and incur more overhead

Slide 18/29 DCSL: Dependable Computing Systems Lab Analysis: Detection Coverage Due to collision the following may occur Missed detection: A malicious event goes undetected –Collision at the guard (G) when the node (D) transmits False detection: A normal event is detected as a malicious event –Collision at the guard (G) when the sender (S) transmits a packet –Detection at the guard when the monitored node (D) forwards the packet G S D X G Missed the fabrication of D G missed the packet sent by S G falsely accuse D

Slide 19/29 DCSL: Dependable Computing Systems Lab Analysis: Detection Coverage Node density = 20 As the detection confidence increases, it becomes more difficult to get an alert from all the monitors 

Slide 20/29 DCSL: Dependable Computing Systems Lab Detection Coverage … The detection confidence = 3 Initial increase due to more available guards Then decrease due to collision

Slide 21/29 DCSL: Dependable Computing Systems Lab Analysis: False Detection The detection confidence = 3 Initial increase due to increasing the number of possible guards which makes it easier to get more than γ false alarms (correlated collisions) Decrease due to collision

Slide 22/29 DCSL: Dependable Computing Systems Lab Simulation Results The relationship between number of malicious routes and number of dropped packets is not linear due to the aggressive nature of the wormhole Over time, L ITE W ORP results levels off to zero since malicious nodes are isolated Over time, base case results stabilize to a certain value depending on the number of the malicious nodes A snapshot at T =2000

Slide 23/29 DCSL: Dependable Computing Systems Lab Simulation Results L ITE W ORP packet drop stabilizes with time since malicious nodes are identified and isolated Base case packet drop continues to increase steadily with time # packets dropped w/o L ITE W ORP # packets dropped w/ L ITE W ORP

Slide 24/29 DCSL: Dependable Computing Systems Lab Simulation Results The isolation latency is not very significant even for high confidence index value

Slide 25/29 DCSL: Dependable Computing Systems Lab Cost Analysis Memory –Number of nodes involved in monitoring a route reply –The number of replies a node is involved in per unit of time –For example, if N=100 nodes, h = 4 hops, and f = 1 route every 4 time units, then N REP = 17, and each node watches only 4 route replies every 100 time units Computation –Managing a small buffer (add, delete, search) Bandwidth –Only at startup during neighbor discovery –Upon the detection of a malicious node

Slide 26/29 DCSL: Dependable Computing Systems Lab Conclusion Proposed a generic strategy for cooperative distributed detection of the wormhole traffic Proposed a generic strategy for locally isolating the malicious nodes Demonstrated the mitigation approach is conservative in resource consumption Future Work: –Guard scheduling to work with sleep scheduling algorithms –Extension to mobile ad hoc networks

Slide 27/29 DCSL: Dependable Computing Systems Lab Thanks Questions?

Slide 28/29 DCSL: Dependable Computing Systems Lab Contributions Proposed a strategy for cooperative distributed detection of the wormhole attack Proposed a strategy for locally isolating malicious nodes Demonstrated that the mitigation approach is conservative in resource consumption

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.