1 / 30

SPREAD: Improving network security by multipath routing in mobile ad hoc networks

SPREAD: Improving network security by multipath routing in mobile ad hoc networks. Wenjing Lou, Wei Liu, Yanchao Zhang,Yuguang Fang Presented by : Remya Puthanthodiyil. Overview. Introduction SPREAD OVERVIEW System model Threshold secret sharing

dmitri
Download Presentation

SPREAD: Improving network security by multipath routing in mobile ad hoc networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. SPREAD: Improving network security by multipath routing in mobile ad hoc networks Wenjing Lou, Wei Liu, YanchaoZhang,Yuguang Fang Presented by : RemyaPuthanthodiyil

  2. Overview • Introduction • SPREAD OVERVIEW • System model • Threshold secret sharing • Share allocation • Multipath routing • Message share generation • Optimal share allocation • Multipath routing • Multipath routing • Security related link cost function • Performance • Limitations • Conclusion

  3. Introduction • Sensitive information transmitted across a hostile MANET should be protected from passive attacks like eavesdropping. • Data confidentiality is achieved by cryptography. But, the security of cryptographic methods highly depends on the secure and reliable key management system • Stream cipher RC4 which is suitable in resource constrained MANET, are highly sensitive to the keying materials and susceptible to the known plaintext attacks.

  4. contd. • In MANETs, end-to-end encryption is impractical • end-to-end authentication and dynamic session key negotiation becomes less reliable as the number of nodes increase. • Compromised nodes may passively collect information and launch active attacks. • The already proposed secure routing protocols : • ensure the correct exchange of the routing information among legitimate participating nodes • do not exclude the possibility of selecting a compromised • do not prevent a compromised node from collecting information from forwarded messages or maliciously dropping important packets.

  5. SPREAD : • Secure Protocol for Reliable Data Delivery • Message is transformed into multiple shares and delivered via multiple paths. • Two techniques : • multipath routing • secret sharing • To obtain the message, the adversary should intercept multiple pieces from multiple paths • Three major design issues : • how to divide the messages into multiple pieces • how those pieces are allocated onto each path • how to select multiple paths.

  6. System model : Source node : • uses multipath routing algorithm with certain properties (disjoint paths) • determines a secret sharing scheme depending on message security level and number of available multipath • routes message shares by multipath routing protocol. Destination node: • reconstructs original message after receiving certain number of shares. • SPREAD improves security by dealing with the compromised nodes and eaves dropping problem.

  7. System model : Assumptions • Hop-by-hop link encryption • Each link with different key which is negotiated with neighboring nodes. • Addresses eaves dropping problem : assumes if anyone in the transmission range of a transmitting node is able to eaves drop the transmission of that node. • Assumes compromising nodes will attempt to remain in network and launch passive attacks. • Watch dog mechanism identifies and excludes nodes if they perform active attacks.

  8. Threshold secret sharing • How to divide the messages ? • Each segment should not contain explicit information from which the content can be inferred. • Integrity of the message • Threshold sharing algorithm • (T,N) secret sharing algorithm : adversary must compromise atleast T shares out of N shares • Generation and reconstruction of messages are linear operations over finite field

  9. Share Allocation: • Allocate shares in such a way that adversary must compromise maximal number of paths to recover message. • Use (N,N) secret sharing scheme • But in adhoc network, links are unstable and topology changes, so packets might be dropped – difficult to reconstruct the message at destination. • So (T,N) secret sharing mechanism, T< N • Allows redundant share allocation, tolerates certain packet loss and maintains maximum security.

  10. Multipath Routing : • How to find the desired multipath ? • SPREAD is an on-demand source routing protocol • Security is one of the dimensions in QoS metric • Security parameter : probability of path being compromised • Uses link-cache organization to learn the topology • Multiple paths with maximum disjointedness and minimum cost are found for maximum security. .

  11. Message share Generation • Secret message K is divided into N shares , S1,S2…..Sn and paths P1, P2…PN holds 1 share each • Fewer than T participants cannot know K. • 2 algorithms: • Dealer(source): generates and distributes shares among participants f(x) = (a0+a1x +···+aT−1xT-1) mod p , Si = f(i) , where i = 1,2,...N, a0=k and other coefficients are randomly chosen • Combiner(destination): collects shares and recomputes the message If T shares have been obtained, f(x) is determined by solving a set of linear equations over a finite field.

  12. Optimal share allocation: • How to choose appropriate values of (T, N) • If there are M node-disjoint paths we use • vector p =[p1,p2…pM] to denote security • Pi is the probability of path being compromised • P1<=P2<=….<=PM • Vector n=[n1,n2,..nM] denotes the share allocation where ni is the integer number of shares allocated to path isatisfying ni>=0 and . • As the paths are disjoint, probability that one path is compromised is independent of others.

  13. contd. • Probability of message being compromised= probability of T messages being compromised • Pmsg(n) denotes the probability that the message is compromised in terms of the share allocation. • To minimize Pmsg(n)

  14. Maximum security without redundancy • Redundancy factor r= (N-T)/N • Optimal allocation scheme r=0 and N=T • Minimum message compromise probability is when atleast one share and atmost T-1 shares are allocated to each of available paths • To recover message, all paths should be compromised. • Probability of all paths being compromised : • More path the source node uses to distribute shares, lower the probability and more secure delivery.

  15. Maximum security with redundancy : • In adhoc networks, MAC layer collisions, packet drops, wireless channel fading can occur. • Redundancy increases reliability. • If there are M secure paths, the total number of shares allocated to any M-1 paths < T • If N=10 and T=9, and 5 secure paths, • Path1 : 1, Path2 : 4, Path3 : 3, path4 : 1, path5 :1 • Path1 : 2, Path2 : 2, Path3 : 2, path4 : 2, path5 :2 • Redundancy r = N-T/N • For achieving maximum security : • R<= (1/M ) –(1/N)

  16. Multipath routing • Issues : • Constant node mobility causes frequent topological changes • Limited bandwidth restricts timely topological updates • Multipath routing technique combats frequent topological changes and link instability problems • Most of the multipath protocols are on-demand and use source routing technique to control disjointness of path • In on –demand routing, source initiates route discovery by broadcasting route discovery packets throughout network. • Routes previously established are stored

  17. Caching paths: • Routes replied back to source contains complete node list from source to destination. • Path cache organization. • Paths selected based on hop count or propagation delay and not security. • Link cache organization • Routes decomposed into individual links and represented as graph • Use route information more efficiently by connecting individual links to form new paths which do not exist in path cache.

  18. Security related link cost function • Each node ni is associated with a security parameter qi. • qi is the probability that ni is compromised. • qi is estimated by security monitoring software/ hardware (firewalls, intrusion detection devices) • Each node security levels are immutable. • Consider (s,t) path consisting of nodes s, n1, n2…nl,t • Probability (s,t) being compromised : • Link cost between node i and node j is defined as :

  19. contd. • Cost of (s,t) path consisting of nodes s, n1,n2, ….nl,t :

  20. Performance Analysis : • Adhoc network with 100 nodes randomly distributed in a 1000 m X 1000 m areas • 2 sets of simulation • Simulation 1 : • focuses on feasibility and effectiveness of SPREAD • Nodes are not mobile • multiple independent logical channels are assumed among nodes • Implemented in C/C++

  21. contd. • Simulation 2: • Focuses on examining performance metrics under realistic and dynamic scenarios • node mobility • Implemented in OPNET • Two types of security • Type 1 (Equal Qi): each node is equally likely to be compromised with probability qi =0.14. • Type 2 (Different Qi): each node is assigned a probability randomly: 10% of nodes being compromised with probability qi=0.50, 40% of nodes with qi=0.20, and 50% of nodes with qi= 0.02.

  22. Capability of path finding • stopped augmenting the path set when the security property of the found path set does not improve. • more the paths, the better the security but r, if nodes are of different security levels , the security of each path will have more impact on the overall security of the path set • the number of paths selected in type 2 simulations (different Qi) is fewer than that in type 1 simulations (equal Qi).

  23. Message compromise probability : • collusion attack : collaborations among compromised nodes and they add up together to recover the original message • the message compromise probability drops quickly (actually exponentially fast) with the increase of paths

  24. Nodes with different security levels, tends to select more secure paths that further decrease this probability significantly

  25. Message eaves dropping probability: • with the increase of the number of paths, eaves drop probability decreases. • The decrease becomes less significant when more paths are used. • The message eavesdropping probability for collusion attack is pretty high (close to 1)

  26. Eaves dropping probability: • The simulation results with equal Qi is very similar to the ones with different Qiwhich indicate that the physical security and node mobility of each node has little impact on the eavesdropping.

  27. Bandwidth overhead • multipath consumes more network bandwidth because of longer paths

  28. Limitations : • Probability of source node or destination node being compromised is not considered. • Only takes care of data confidentiality. • In security without redundancy scheme, successful reception of all shares are needed to reconstruct message

  29. Conclusion • Secure Protocol for Reliable Data Delivery (SPREAD) • SPREAD distributes the secret by secret sharing algorithm at the source node to generate message shares • deliver these message shares by multipath routing • and even if a small number of shares are compromised, the secret message is not compromised. • Simulation results show that the SPREAD can provide more secure data delivery when messages are transmitted across the insecure network

More Related