Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cross-layer Analysis for detecting Wireless Misbehavior

Published byCarin Jaeger Modified over 5 years ago

Similar presentations

Presentation on theme: "Cross-layer Analysis for detecting Wireless Misbehavior"— Presentation transcript:

1 Cross-layer Analysis for detecting Wireless Misbehavior
Anand Patwardhan Ph.D Candidate eBiquity Group Computer Science and Electrical Engineering Department October 19, 2005

2 Securing MANETs Security for resources Trust in other resources
Malicious behavior (Activity monitoring) Misuse (Resource protection) Response/recourse (Accountability) Trust in other resources Dependence on recommendations (Identities and Reputations) Reliability of information

3 Security Issues Wireless communication
Short range (802.11, Bluetooth etc.) Open medium Identification and Authentication PKI based solutions infeasible No prior trust relationships Routing Based on dynamic cooperative peer relations Key to survival of MANET Device constraints Power Conservation Finite Storage Computation power

4 Intrusion Detection Challenges
Identity Use SUCVs Mobility, congestion, radio interference False positives Scalability Large radio-ranges or dense networks Aggregation of data Communicate intrusions data to warn others

5 Packet Forwarding B A C Datagram dgram_in has:
Source IPv6 address, x  U – {B,C} Destination IPv6 address, y  U – {B,C} MAC source, mac(u), u  U – {B,C} MAC destination, mac(B) Corresponding dgram_out must have: Source IPv6 address, x Destination IPv6 address, y MAC source, mac(B) MAC destination, mac(u), u ε U – {B,C} dgram_in dgram_out

6 Stateful Packet Monitoring
AODV TCP IPv6 Ethernet Frame { RREQ, RREP, RERR } { TCP Sequence no., TCP checksum } Update in-memory Hash table Build and Maintain Neighbor table (mac, ipv6) pairs And route status From the packet capture library (pcap) Packets that should be forwarded

7 Threats MAC/PHY level attacks Routing attacks Attacks on data traffic
RTS, CTS attacks – gain unfair share of bandwidth, disruption Routing attacks gray holes, black holes, worm holes … Attacks on data traffic Dropping, mangling or injecting data packets Trustworthiness of resources, reliability of information Identities, reputations, trust evolution

8 MAC vulnerabilities Wireless Misbehavior Prevention
MAC protocols have no inbuilt mechanism to prevent unfair contention resolution Adversaries can: gain unfair share of bandwidth temporarily stall parts of the network, affect the routing process Prevention Misbehavior-resilient backoff for contention resolution Challenges and shortcomings Require core MAC protocol to be changed Colluding adversaries can still subvert the scheme

9 Related Work Proposed approaches Drawbacks Game theoretic models
Incentives for fair-sharing Misbehavior resistant MAC contention Drawbacks Colluding adversaries can subvert these schemes Require changing core MAC protocol Inefficient Cannot prevent jamming

10 Sophisticated attacks
Classical attacks are easy to detect using thresholds Packet dropping, mangling,misrouting etc. To evade detection attacker must stay under the detection threshold (insignificant disruption) However more sophisticated attacks are possible Launching attacks at multiple levels, e.g. Combining RTS attacks and packet drops Any single attack signature might not suffice for detection Observations on a single layer in isolation will be inconclusive

11 Intrusion Detection challenges
Classifying intrusions Threshold based False positives – mobility, environmental conditions, limited radio range, short period of observations Increase accuracy and efficiency by Incorporate factors like mobility, congestion and distance in classifying intrusions Use signal strengths, response times to judge distance Monitor media contention and incoming traffic to judge congestion

12 Trust evolution, reputation management,
Cross-layer Analysis Trust evolution, reputation management, recourse Intrusion Detection Application Commendations Accusations (to other devices) Packet dropping, Mangling, injection Transport Routing attacks, disruptions Link Unfair contention, Jamming MAC/PHY Response

13 Neighbor table size

14 True positives (no RTS attack)

15 True positives (RTS attack)

16 Goodput with RTS attacks

17 References Jim Parker et al., “Cross Layer Analysis for Detecting Wireless Misbehavior,” Proceedings of CCNC 2006 Anand Patwardhan et al., "Active Collaborations for Trustworthy Data Management in Ad Hoc Networks", Proceedings of the 2nd IEEE International Conference on Mobile Ad-Hoc and Sensor Systems, November 2005 Anand Patwardhan et al., "Secure Routing and Intrusion Detection in Ad Hoc Networks", Proceedings of the 3rd International Conference on Pervasive Computing and Communications, March 2005 Jim Parker et al., "On Intrusion Detection in Mobile Ad Hoc Networks", 23rd IEEE International Performance Computing and Communications Conference -- Workshop on Information Assurance , April 2004

Download ppt "Cross-layer Analysis for detecting Wireless Misbehavior"

Similar presentations

Chris Karlof and David Wagner

Chris Karlof and David Wagner
Security in Mobile Ad Hoc Networks

Security in Mobile Ad Hoc Networks
SELF-ORGANIZING MEDIA ACCESS MECHANISM OF A WIRELESS SENSOR NETWORK AHM QUAMRUZZAMAN.

SELF-ORGANIZING MEDIA ACCESS MECHANISM OF A WIRELESS SENSOR NETWORK AHM QUAMRUZZAMAN.
Denial of Service in Sensor Networks Anthony D. Wood and John A. Stankovic.

Denial of Service in Sensor Networks Anthony D. Wood and John A. Stankovic.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.

TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.
 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.
A Survey of Secure Wireless Ad Hoc Routing

A Survey of Secure Wireless Ad Hoc Routing
CSE 6590 Department of Computer Science & Engineering York University 1 Introduction to Wireless Ad-hoc Networking 5/4/2015 2:17 PM.

CSE 6590 Department of Computer Science & Engineering York University 1 Introduction to Wireless Ad-hoc Networking 5/4/2015 2:17 PM.
Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1

Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1
NGMAST- WMS workshop17/09/2008, Cardiff, Wales, UK A Simulation Analysis of Routing Misbehaviour in Mobile Ad hoc Networks 2 nd International Conference.

NGMAST- WMS workshop17/09/2008, Cardiff, Wales, UK A Simulation Analysis of Routing Misbehaviour in Mobile Ad hoc Networks 2 nd International Conference.
Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.

Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.
Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.

Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.
Secure communication in cellular and ad hoc environments Bharat Bhargava Department of Computer Sciences, Purdue University This is supported.

Secure communication in cellular and ad hoc environments Bharat Bhargava Department of Computer Sciences, Purdue University This is supported.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 3: Trust assumptions and.

© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 3: Trust assumptions and.
An Architecture for Dynamic Trust Monitoring in Mobile Networks Onolaja Olufunmilola, Rami Bahsoon, Georgios Theodoropoulos School of Computer Science.

An Architecture for Dynamic Trust Monitoring in Mobile Networks Onolaja Olufunmilola, Rami Bahsoon, Georgios Theodoropoulos School of Computer Science.
MANETs A Mobile Ad Hoc Network (MANET) is a self-configuring network of mobile nodes connected by wireless links. Characteristics include: no fixed infrastructure.

MANETs A Mobile Ad Hoc Network (MANET) is a self-configuring network of mobile nodes connected by wireless links. Characteristics include: no fixed infrastructure.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

Similar presentations

Ads by Google