1 / 39

Scalable Robust and Secure Heterogeneous Wireless Networks

Scalable Robust and Secure Heterogeneous Wireless Networks. Guevara Noubir College of Computer Science Northeastern University, Boston, MA noubir@ccs.neu.edu. The Heterogeneous Future of Wireless Networks. Ambient intelligence aware of people’s presence, needs, and context

ashanti
Download Presentation

Scalable Robust and Secure Heterogeneous Wireless Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Scalable Robust and SecureHeterogeneous Wireless Networks Guevara Noubir College of Computer Science Northeastern University, Boston, MA noubir@ccs.neu.edu

  2. The Heterogeneous Future of Wireless Networks • Ambient intelligence aware of people’s presence, needs, and context • Ubiquitous computing: maintain seamless access to data and services • Nature and man-made disaster: require adequate operational modes • Fast recovery through reconfiguration and prioritization of services • Resiliency to denial of service attack • Safety services: better quality of life for elderly and disabled people • The need for the enabling technology • Limitations of current wireless technology: • No integration, QoS, seamless adaptivity, single-hop, limited data rates, battery life • Major issues: scalability, robustness, security • We need novel approaches! • As these applications become more ubiquitous new threats will appear: • Amplified by: untracability, limited resources (energy and computation power) • Talk focus on networking aspects

  3. Outline • Characteristics of heterogeneous wireless networks • Some security aspects heterogeneous wireless networks • Physical, layer/link, and multi-layer attacks • Multicasting • Some novel approaches to scalability and robustness • Cross-layer design • Accumulative Relaying • Universal Network Structures • Conclusion

  4. Characteristics • Limited radio spectrum • Shared Medium (collisions) • Limited energy available at the nodes • Limited computation power • Limited storage memory • Unreliable network connectivity • Dynamic topology • Need to enforce fairness

  5. Flexibility • Use of various coding/modulation schemes • Use of various transmission power level • Use of multiple RF interfaces • Use of multi-hop relaying • Clustering and backbone formation • Planning of the fixed nodes location • Packets scheduling schemes • Application adaptivity

  6. Multilayer DoS in Wireless Networks • Physical layer • Smart multilayer aware jammers • MAC layer • Jamming of control traffic and mechanisms • Network layer • Malicious injection/disruption of routing information • Transport layer • Exploiting weaknesses in congestion control mechanisms

  7. Physical Layer Jamming • Leads to: • Network partition • Forcing packets to be routed over chosen paths • Low-Power: cyber-mines

  8. Low-Power Physical Layer Jamming • Jamming effort: • Jamming duration/packet duration • IP packet: • 1500 bytes = 12000 bits • Uncoded packet: • Jamming effort in the order of 10-4

  9. Modulation/coding Rate Packet length IP packet Number of bits needed to jam Jamming Efficiency BPSK 1500*8 1 12000 QPSK 1500*8 2 6000 CCK (5.5Mbps) 1500*8 4 3000 CCK (11Mbps) 1500*8 8 1500 Jamming IEEE802.11 and 802.11b

  10. Jamming Encoded Data Packets Link Architecture

  11. Pj: jammer power Gjr: antenna gain from jammer to receiver Grj: antenna gain from receiver to jammer Rtr: distance from transmitter to receiver Lr: communication signal loss Br: communications receiver bandwidth Pt: transmitter power Gtr: antenna gain from transmitter to receiver Grt: antenna gain from receiver to transmitter Rjr: distance from jammer to receiver Lj: jammer signal loss Bj: jamming transmitter bandwidth Traditional Anti-Jamming Techniques • Spread-Spectrum in military provides: • 20-30dB processing gain • Low-power jamming requires: • 40dB! Focus on bit-level

  12. Mitigating Physical Layer DoS • Physical Layer: • Spread-Spectrum • Directional Antennas • Link Layer: • Cryptographic Interleaver + Efficient Coding • Routing: • Jamming-free paths • Use of Mobility

  13. Proposed Solution for Link Layer Cryptographic Interleaving + Efficient Adaptive Error Correction • For Binary Modulation: • Cryptographic interleaving transforms the channel into a Binary Symmetric Channel • Capacity of BSC (Shannon):

  14. Jamming Effort Code Rate Shannon Limit Code Throughput 8% 0.5 0.598 0.5 17.4% 0.25 0.333 0.25 Practical Codes • Low Density Parity Codes: • Very Close to Shannon’s Bound • Best for long packets: • E.g., 16000 bits • Non-binary modulation e.g., IEEE802.11b (CCK): transmits 8 bits • Use a Reed-Solomon code with symbols of 8 bits • Maximum length: 256 bytes • Data: k 256bytes • Tolerates: (256-k)/2 errors

  15. Conclusion on Physical Layer DoS • Existing Wireless Data Networks are easy targets of physical layer jamming • High transmission power, and spread-spectrum are not enough • Jammer effort in the order of 10-4 for an IP packet • Traditional anti-jamming focuses on bit protection • Cryptographic interleaving and Error Control Codes provide much better resiliency to Jamming • Additional technique that derive from the J/S ratio: directional antennas • Need adaptivity and careful integration within the network stack

  16. Link/MAC Layer DoS • Attack Control Traffic • RACH/Grant CH/BCCH channels in cellular • Authentication (e.g., sending deauth message) • MAC Mechanisms of IEEE802.11: • Reservation: • RTS/CTS are short packets: require less energy to be jammed • NAV: malicious nodes can force nodes to wait for long durations • EIFS: a single pulse every EIFS at high power • Backoff: • Backoff allows an attacker to spend less energy when Jamming • Selecting attacks on MAC/IP addresses

  17. DoS on Routing • Malicious nodes can attack control traffic: • Jamming • Inject wrong information • Attack goals: disruption or resource consumption • Techniques: • Black hole: force all packets to go through an adversary node • Rooting loop: force packets to loop and consume bandwidth and energy • Gray hole: drop some packets (e.g., data but not control) • Detours: force sub-optimal paths • Wormhole: use a tunnel between two attacking nodes • Rushing attack: drop subsequent legitimate RREQ • Inject extra traffic: consume energy and bandwidth • Blackmailing: ruining the routing reputation of a node • Proposed secure routing protocols are still not practical

  18. DoS on Transport Layer • Transport layer should be able to differentiate between: • Congestion • Due to traffic pattern change: new sessions • Requires source rate reduction • Wireless link packets loss • Due to mobility and interference • Requires modulation/coding/power/path change • Malicious nodes • Selective jamming and disruptions • Requires isolation of malicious nodes and dead areas

  19. Protection against DoS in wireless networks requires a careful cross-layer design

  20. Secure Multicasting[with Kaya, Lin, Qian – Funded by Draper] • Goal: • Securely and efficiently acquire and disseminate time varying information • Example: location information • Secure multicast applications: • Secure remote tracking of mobiles • Sharing sensed data • Military: Data/Video streaming from UAV, multicasting of command decisions • Specificity: • Communication over a multihop wireless ad hoc network • Limited computation power, and energy • Services: • Authentication, integrity, confidentiality, revocation, group key management • Approach: • Overlay network of mobile nodes build secure multicast tree

  21. Prototype Application iPAQ PDA

  22. Ad Hoc vs. Wired Multicast • Wireless: • Unreliable links • Loss of a packet results in node exclusion and necessity for new join request • Mobility: • Higher packet loss • Necessity of frequent discovery of paths • Multihop: • Cost of multicast depends on number of hops • Major factor because of radio resources scarcity • Ad hoc: • Limited computation: nodes cannot manage large groups • Active nodes

  23. Group Management 1 5 2 3 4 10 9 6 7 8 12 11 x Source 13 y Group member

  24. Issues and Results • Efficient tree construction and maintenance • Under mobility greedy algorithms can be very good • Close to optimal trees O(log n) in theory but in practice 1.5 approximation • Minimize broadcast cost and tree maintenance • Public key encryption is costly: • Memory can be traded with computation • Revocation in an infrastructure-less environment

  25. Novel Approaches to Scalability and Robustness • Scalability to large networks with limited resources requires novel techniques • Make use of specificity of the environment • Use techniques from a combination of fields: • Graph theory, linear programming, network flow • Information theory, coding theory • Accurate simulation and modeling tools • Accumulative relaying • Universal network design

  26. Accumulative Power Relaying[with Chen, Jia, Liu, Sundaram] • Problem: • Determine a feasible schedule [(N1, P1), …, (Nk, Pk)] that minimizes total energy consumption B G C A Reliable reception Partial reception

  27. Accumulative Power Relaying[with Chen, Jia, Liu, Sundaram] • Problem: • Determine a feasible schedule [(N1, P1), …, (Nk, Pk)] that minimizes total energy consumption B G C A Reliable reception Partial reception

  28. Accumulative Relaying • Very similar to the relay problem in information theory and still open in it’s general form • Simpler than the general relay problem: • Every energy optimal sequence can be transformed into a canonical form called wavepath • In a wavepath each node in the sequence activates its next hop neighbor and only its next hop neighbor • Finding a minimum energy wavepath is still NP-hard for arbitrary networks • Heuristic for building a wavepath can achieve more than 40% energy saving on a Euclidian plane

  29. Universal Multicast Tree [with Jia, Lin, Rajaraman, Sundaram] • Problem: • Given a graph G (V, E), n nodes, and a root/sink • Build a tree T such that for all subgroupsT leads to a low weighttree for all subgroups (through pruning) • i.e., build T that minimizes the stretch • Applications: • Environment: sensor network where routing is difficult • Dissemination: efficient multicasting to dynamic groups • Aggregation from changing groups • Distributed queries

  30. Universal Tree for the Euclidian Space • Results: • Polynomial time algorithm to build a universal tree with stretch O(log k) [where k is the size of the selected subgroup] • Hardness result: no algorithm can build a tree with stretch lower O(log n/loglog n)

  31. Universal Structures • Other results: • Algorithm for a universal tree for non-Euclidian metrics with poly-logarithmic stretch • Poly-logarithmic stretch for the universal Traveler Salesman Problem • Extensions: • Universal tree for energy cost • Universal tree for planar, range limited wireless communication • Fault-tolerant network structures

  32. Conclusion • We live in an exciting era: • Wireless physical layer is capable of providing high data rates • Software flexibility • Computation power • This provides the building blocks to enable ubiquitous networking • Creates new threats • Need smart adaptive control of the physical layer • Need to deal with security and robustness in a scalable way

  33. Universal Tree for the Euclidian Space • Results: • Polynomial time algorithm to build a universal tree with stretch O(log k) [where k is the size of selected subgroup] • Hardness result: no algorithm can build a tree with stretch lower O(log n/loglog n) • Definition: • Level i of v: Liv = {u: 2i-1 < d(u, v) 2i} • Algorithm: • Divide V –{r} into L1r, L2r, …, LlogDr, • Run A(Lir, r) in parallel L4r L3r

  34. Algorithm A(U, r) • L = {r} • Repeat • For every uU, let Iudenote the level of u to its nearest neighbor in L; • Let I = max {Iu : uU} • Let H = {uU : Iu = I} • Let H’  H s.t. • u, v H’ d(u,v)  2I-1, • u H\H’ v H’ s.t. d(u,v) < 2I-1 • u H’ output edge (u, nearest-neighbor(u)) • L = L  H’; U = U\H’; Until no edge output;

  35. Universal Tree Algorithm H H’

  36. Universal Tree Algorithm H H’

  37. Universal Tree Algorithm H H’

  38. Universal Tree Algorithm H H’

More Related