410 likes | 635 Views
Security in Mobile Ad Hoc Networks (MANETs). Group : NS. Farid Zafar Sheikh NS. Muhammad Zulkifl Khalid NS. Muhammad Ali Akbar NS. Wasif Mehmood Awan Department Of Electrical Engg. College Of E&ME (NUST) ,Rwp. INTRODUCTION. M obile A dhoc NET work (MANETs)
E N D
Security in Mobile Ad Hoc Networks (MANETs) • Group : • NS. Farid Zafar Sheikh • NS. Muhammad Zulkifl Khalid • NS. Muhammad Ali Akbar • NS. Wasif Mehmood Awan • Department Of Electrical Engg. College Of E&ME (NUST) ,Rwp.
INTRODUCTION • Mobile Adhoc NETwork (MANETs) • Adhoc On-demand Distance Vector (AODV) • Security Threats to existing protocols • Secure – AODV (SAODV) • Security analysis • Conclusion
MANETs • One of the most prevalent areas of research in the recent years • Communication via wireless means without need of infrastructure • Nodes can perform the roles of both hosts and routers • No centralized controller and infrastructure • Dynamic network topology
Advantages Of MANETs • Can access information and services regardless of geographic position • Can set up computer networks at any place and time • No need of dedicated infrastructure, hence cost-effective. • Can cope with Dynamic Topologies. • With improved algorithms, becoming more scalable.
Disadvantages Of MANETs • Limited resources • Limited physical security • Limited Bandwidth, high error rate • Mutual trust vulnerable to attacks • Security protocols for wired networks cannot work well for ad hoc networks
MANETs • Classification based on routing table maintenance. • Table Driven : Also called Proactive routing protocols. Maintain routes with every host at all time. • On-Demand : Also called Reactive routing protocols. Create routes to remote hosts on-demand.
MANETs • Available ad hoc routing protocols • Proactive (table driven) approaches • DSDV (Destination Sequenced Distance Vector) • OLSR (Optimized Link State Routing) • Reactive (on demand) approaches • DSR (Dynamic Source Routing) • AODV (Ad-hoc On-demand Distance Vector)
Ad hoc On-demand Distance Vector (AODV) • Uses routing tables, with one route entry per destination • Each entry stores next hop towards destination
AODVRoute Discovery Process • Broadcasting route request (RREQ) packets • Each RREQ is uniquely identified by the sender address, destination address and request id • If the node is either the destination node or has a route to the destination node • Returns a route reply (RREP) containing the route, to sender
2 7 5 1 3 Source 4 6 8 Destination AODV Route Discovery Process Propagation of a Route Request (RREQ) Packet
2 7 5 1 3 Source 4 6 8 Destination AODVRoute Discovery Process Path Taken By the Route Reply (RREP) Packet
AODVRoute Discovery Process • Maintaining “fresh-enough” routes • Uses sequence numbers • Node compares the destination sequence number of the RREQ with that of its route table entry • Either responds with its own route if entry is fresh, or rebroadcasts the RREQ to its neighbors
AODVRoute Discovery Process • Loop prevention • Before forwarding route request, check broadcast_id of RREQ • Dropped those that were already processed • Routing table consists of ‘precursor’ & ‘outgoing’ lists • Precursor list of nodes that use node for forwarding packets • Outgoing list of nodes which act as ‘next hops’ in a route
AODVRoute Maintenance • A routing table entry is “expired” if it is not used recently. • A set of predecessor nodes is maintained per routing table entry • These nodes are notified with a RERR if entry expires • If a link break occurs while the route is active, the node upstream of the break propagates a RERR message to the source node
Attacks Possible On Existing Protocols • Attacks using modification • Attacks using impersonation • Other forms of attacks
Attacks Using Modification • Cause redirection of network traffic and Denial of Service (DoS) attacks by • Altering the protocol fields in routing messages • Injecting routing messages into the network with falsified values in these fields.
M Sn = 99 RREQB Sn = 99 Sn = 10 A B X Source Destination RREQB RREQA Attacks using Modification Redirection with modified route sequence numbers
M RREQB Hop count = 0 Hop count = 0 Hop count = 2 A B X Source Destination RREQA RREQB Attacks using Modification Source Destination Redirection with modified hop counts
RERR M D <M,C,D,X> <M,C,X> RERR A C X Source Destination Attacks using Modification Denial of service with modified source routes
Attacks Using Impersonation • By impersonating another node (spoofing), a malicious node can launch many attacks in a network • Traffic belonging to impersonated node redirected to malicious node (eavesdropping). • Spoofing is readily combined with modification attacks to create loops in routes
Attacks Using Impersonation • Malicious nodes don’t need to impersonate a single node of network • It can take up identity of multiple nodes of a network (Sybil Attack) • Data belonging to multiple nodes can be compromised
Attacks Using Impersonation • By generating false RERR messages • Routes passing through targeted node would be disrupted
RERR: D is broken M B D RERR: D is broken Routing entries for X A C X Source Destination Routing entries for X Attacks using Impersonation I amC!! Falsifying route error messages in AODV and DSR
Other Forms of Attacks • Wormhole attack • Two attacker nodes A and Blinkedvia a private network connection • Aforwards every packet received through the wormhole to Bfor broadcasting, and conversely • Potentially disrupts routing by short circuiting the normal flow of routing packets
SAODV • An extension of the AODV routing protocol • Providing security features like integrity and authentication. • Each node has a signature key pair from a suitable asymmetric cryptosystem (OpenSSL) • Each node is capable of securely verifying the association between the address of a given ad hoc node and the public key of that node
SAODVDigital Signatures • Used to protect the integrity of the nonmutable data in RREQ and RREP messages • Sign everything but the Hop Count (mutable) of the AODV message and the Hash from the SAODV extension • When a node receives a routing message, it will verify the signature before any other action
SAODVHash Chains • Used to authenticate the hop count of RREQ and RREP messages • Ensures that the hop count has not been altered by an attacker • Is formed by applying a one-way hash function repeatedly to a seed
SAODVHash Chains • Calculating Top hash • Generates a random number as the “seed” • Set the Max_Hop_Count field in the message to the TTL value of the packet. • Determine the Hash function and use it to calculate the Top Hash which is obtained by hashing the seed Max_Hop_Count times. • Top Hash = hMax Hop Count (seed) Where: • – h is a hash function. • All this information is stored in the message
SAODVHash Chains • Verification of hop Count • When a node receives a RREQ or a RREP message • Applies the hash function Maximum Hop Count minus Hop Count times to the value in the Hash field, • Top Hash = hMax Hop Count – Hop_Count (seed) • Verifies that the resultant value is equal to the value contained in the Top Hash field. • If it is a valid message, • The node applies the hash function to the Hash value before forwarding it • All the fields mentioned above except the Hash field are protected by digital signatures in order to protect their integrity
SAODVRoute Errors • RERR corruption may cause route destruction • Every node uses digital signatures to sign the whole message • Any neighbour that receives it verifies the signature • Destination Sequence no. never updated from RERR
SAODVSecurity Analysis • The digital signature serves as proof of validity of the information contained in the routing message • Thus, formation of loops by malicious nodes through spoofing is prevented • Able to detect that the malicious nodes are sending out false messages.
SAODVSecurity Analysis • A node attempting to transmit false RERR messages will not succeed • Digital signature will reveal that it is not on the route and hence is not supposed to send a RERR. • Sequence number in the RREQs and RREPs also protected by the digital signature. • Any modifications to the sequence number will invalidate the message
SAODVSecurity Analysis • The hop authentication implemented using hash chains counters the ability of a malicious node for mounting an attack by modifying the hop count
SAODVSecurity Analysis • SAODV is able to handle all attacks using either modification or impersonation • However, it is unable to cope with wormhole attacks.
SAODVKey Management & Distribution • One approach can be that nodes are assigned keys on boot-up by a central authority • Assumption is that: • key distribution is already done • Every node has list of shared keys of network
Conclusion • MANET’s are among the fastest evolving network designs • No need for infrastructure, hence installation costs are minimum. • Provided limited bandwidth and security threats are a BIG issue. • Security needs greater than for fixed topology networks due to ad hoc nature. • Security features can be incorporated using various cryptographic schemes • Security increases packet overhead, further reducing bandwidth. • No protocol yet designed which exhibits complete security features. • Hence, secure routing on Mobile Adhoc Networks still in an evolutionary phase.
We thank you for your patience! open for questions , if any…