1 / 107

Secure communication in cellular and ad hoc environments

Secure communication in cellular and ad hoc environments. Bharat Bhargava bb@cs.purdue.edu Department of Computer Sciences, Purdue University This is supported by Motorola Communication Research Lab & National Science Foundation. Team at Motorola: Jeff Bonta George Calcev

oleg
Download Presentation

Secure communication in cellular and ad hoc environments

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Secure communication in cellular and ad hoc environments Bharat Bhargava bb@cs.purdue.edu Department of Computer Sciences, Purdue University This is supported by Motorola Communication Research Lab & National Science Foundation

  2. Team at Motorola: Jeff Bonta George Calcev Benetido Fouseca Trefor Delve Team at Purdue University: X. Wu Research scientist (receives his PhD from UC-Davis) Y. Lu PhD student G. Ding PhD student W. Wang PhD student

  3. Problem statement How to provide secure, continuous, and efficient connectivity for a mobile unit in a structured (cellular based) or unstructured (ad hoc) network environment?

  4. Challenges • Dynamic topology • Movement, node failure, etc. • Heterogeneous and decentralized control • Limited resources • Bandwidth, processing ability, energy • Unfriendly environment • Selfish nodes, malicious attackers

  5. Research contributions • Combining advantages of cellular systems and ad hoc networks to enable a more secure network structure and better performance • Designing routing protocols for ad hoc networks that adapt to both network topology and traffic congestion • Designing intruder identification protocols in ad hoc networks • Conducting experimental studies in heterogeneous wireless environments and evaluating our protocols

  6. Research directions • Cellular-aided Mobile Ad Hoc Network (CAMA) • Adaptive and Heterogeneous Mobile Wireless Networks • Intruder Identification in Ad Hoc Networks

  7. Cellular-aided Mobile Ad Hoc Network (CAMA)

  8. CAMA: Problem Statement How to realize commercial peer-to-peer applications over mobile wireless ad hoc networks? Papers: “Integrating Heterogeneous Wireless Technologies: Cellular-Aided Mobile Wireless Ad hoc Networks (CAMA)”, submitted to ACM Special Issues of the Journal on Special Topics in Mobile Networking and Applicaitons (MONET).

  9. Challenges • Authentication and accounting • No fixed membership • Security concern • Open medium without any centralized control • Real time services • Dynamic topology and slow routing information distribution

  10. Current Environment Cellular network provides: • Wide coverage • Multiple services with single cellular ID • Small packet service in 3G network • Wireless terminals with different protocols

  11. CAMA Description • Integration of cellular network and ad hoc network • CAMA agent works as centralized server attached to the cellular network • CAMA agent provides ad hoc nodes information such as authentication, routing support, keys through cellular channel • Data transmission uses ad hoc channel

  12. CAMA Environment

  13. Major Ideas • Use signals via cellular network for ad hoc routing and security managements • Centralized CAMA agent provides control over distributed ad hoc network

  14. CAMA vs. ad hoc network CAMA has advantages over pure ad hoc networks in: • Simple network authentication and accounting • Routing server for more accurate routing decisions • Certification authority for key distribution • Central security check point for intrusion detection

  15. CAMA vs. cellular/WLAN CAMA has advantages over cellular/WLAN integrated network in: • No extra fixed infrastructure • No access point needed • No ad hoc channel radio coverage limit • Multi-hop ad hoc link • No transmission bottleneck • Not all traffic need going through a single node

  16. Impact • Cellular service combined with low-cost, high-data-rate wireless service

  17. Research Questions • Feasibilities in commercial applications requires: • Development of routing algorithm and protocols for multimedia service • Investigation of CAMA vulnerabilities • Development of security protocols for key distribution and intrusion detection • Evaluation of gain in ad hoc network • Evaluation of overhead in cellular network

  18. Methodology of Research • Building algorithms and protocols • Developing bench marks and performance metrics on multi-media service • Conducting experimental studies • Using ns-2 • Using common platform simulator from Motorola Inc. • Comparing with ad hoc routing protocols • Ad hoc on-demand distance vector routing (AODV) • Destination source routing (DSR)

  19. Research of Interest to Motorola • Evaluating CAMA routing in realistic simulation environment: • Radio environment • Adaptive data rate determined by signal-noise-ratio (SNR) • Node mobility • Exponentially distributed speed • Node density • 400 users/sq.km to 14800 users/sq.km • Traffic pattern • VoIP, TCP, Video • Inaccurate position information • Error of 5m to 100m

  20. Research of Interest to Motorola (ctn.) • Authentication • By CAMA agent • By mobile nodes • Accounting • Charging rate • Award to intermediate nodes

  21. Research of Interest to Motorola (ctn.) • Key assignment • Group key assignment • For entire ad hoc network • For nodes along an active route • Session key assignment • For peer-to-peer communication

  22. Research of Interest to Motorola (ctn.) • Intrusion detection • Information collection • Information for different intrusions • Malicious judging rule • Quick malicious node elimination vs. probability of wrong judgment • Detection cost vs. gain

  23. Adaptive and Heterogeneous Mobile Wireless Networks

  24. Problem statement How to provide continuous connectivity for a mobile unit to a network in which every node is moving? Papers: “Secure Wireless Network with Movable Base Stations”, being revised for IEICE/IEEE Joint Special Issue on Assurance Systems and Networks. “Study of Distance Vector Routing Protocols for Mobile Ad Hoc Networks”, in Proceedings of IEEE International Conference on Pervasive Computing and Communications (PerCom), 2003.

  25. Challenges • Dynamic topology • Movement, node failure, energy problem, etc. • Decentralized control • Limited bandwidth • Congestion is typically the norm rather than the exception. [RFC 2501]

  26. Research contributions • Routing protocols for mobile ad hoc networks that adapt to not only network topology, but also traffic and congestion. • Architecture, design of protocols, and experimental evaluation in heterogeneous wireless environments

  27. Broad impacts • Sensor networks • Military networks

  28. Two network environments considered • Mobile ad hoc networks • No centralized control • Large scale heterogeneous wireless networks with control in base stations • Wireless networks with movable base stations (WNMBS)

  29. Research questions in mobile ad hoc networks • Development of ad hoc routing protocols that adapt to traffic load and network congestion. • Identify the network parameters that impact the performance of routing protocols. • Determine the appropriateness of on-demand and proactive approaches (given specific routing requirements and network parameters). • Identify features of ad hoc networks that can be used to improve routing.

  30. Related work (routing protocol) • Destination-Sequenced Distance Vector (DSDV) [Perkins/Bhagwat, SigComm’94] (Nokia) • Ad-hoc On-demand Distance Vector (AODV) [Perkins/Royer/Das, WMCSA’99, IETF draft 98-03] (Nokia, UCSB, SUNY-Stony Brook) • Dynamic Source Routing (DSR) [Johnson/Maltz, Mobile Computing’96, IETF draft 03] (Rice Univ., CMU) • Zone Routing Protocol (ZRP) [Haas/Pearlman/Samar, ICUPC’97, IETF draft 99-02] (Cornell) • Adaptive Distance Vector (ADV) [Boppana/Konduru, InfoCom’01] (UT-San Antonio) • Source-Tree Adaptive Routing (STAR) [Garcia-Luna-Aceves/Spohn, MONET’01] (UCSC, Nokia) • Associativity-Based Routing (ABR) [Toh, Wireless Personal Communications Journal’97] (Cambridge Univ.) • Ad-hoc On-demand Multipath Distance Vector (AOMDV) [Marina/Das, ICNP’01] (Univ. of Cincinnati)

  31. Related work (cont’d)

  32. Related work (performance comparison) • Comparison of DSDV, TORA, AODV and DSR [Broch/Maltz/Johnson/Hu/Jetcheva, MobiCom’98] (CMU) • Scenario-based performance analysis of DSDV, AODV, and DSR [Johansson/Larsson/Hedman/Mielczarek/Degermark, MobiCom’99] (Ericsson) • Performance comparison of AODV and DSR [Perkins/Royer/Das/Marine, IEEE Personal Communications’01]

  33. Methodology of research • Developing benchmarks and performance metrics for routing protocols • Conducting experimental studies • Determine guidelines for design • Evaluate protocols • Building algorithms and protocols

  34. Ongoing research • Study of proactive and on-demand approaches • Congestion-aware distance vector routing protocol • Packet loss study

  35. Research study • Investigate the proactive and on-demand approaches • Generalize the results obtained from protocols to the proactive and on-demand approaches • Introduce power consumption as a performance metric • Inject heavy traffic load • Identify the major causes for packet drop • Comprehensively study in various network environments • Propose a congestion-aware routing protocol

  36. Simulation experiments • DSDV and AODV are studied by varying network environment parameters • Node mobility (maximum moving speed) • Traffic load (number of connections) • Network size (number of mobile nodes) • Performance metrics • Packet delivery ratio • Average end-to-end delay • Normalized protocol overhead • Normalized power consumption

  37. Simulation setup for experiments

  38. Motivation for a new proactive protocol • The proactive protocols provide better support for: • Applications requiring QoS • Timely propagate network conditions • Intrusion and anomaly detection • Constantly exchange the network topology information • The proactive approach exhibits better scalability with respect to the number of mobile nodes and traffic load.

  39. Proposed protocol: Congestion Aware Distance Vector (CADV) • Problem with the proactive approach • Congestion • Objective: • Dynamically detect congestion and route packets through less-crowded paths • Method: • Characterize congestion and traffic load by using expected delay. • Consider expected delay at the next hop as the secondary metric to make routing decisions. • Allow a one-hop longer route to be chosen. • Use destination sequence number to avoid loop.

  40. Design issues • Use MAC layer callback to detect broken link • Quick detection • More triggered updates • Whether re-queue a packet • Allowing a one-hop longer route • A one-hop shorter route may not replace the current one if it introduces significantly more delay. • To avoid short-lived loop, do not replace the current route with a longer one if they have the same sequence number. • Deal with fluctuation • Use randomness in routing decisions to reduce fluctuation

  41. CADV • Components: • Real time traffic monitor • Traffic control • Route maintenance module • Route update: • When broadcasts an update, every node advertises the expected delay of sending a packet as: • Route maintenance • Apply a function f(E[D], distance) to evaluate the value of a route

  42. Observations of CADV • CADV outperforms AODV and DSDV in terms of delivery ratio • The end-to-end delay becomes longer because longer routers may be chosen to forward packets • The protocol overhead of CADV is doubled compared with that of DSDV. It is still less than that of AODV when the network is loaded • CADV consumes less power per delivered packet than DSDV and AODV do

  43. Characteristics of wireless networks with movable base stations • Large scale • Heterogeneity • Autonomous sub-nets • Base stations have more resources • Base stations take more responsibilities

  44. Research questions • How to organize the network? • Minimize the effect of motion • Minimize the involvement of mobile host • How to build routing protocol? • IP-compliant • Cooperate with various intra-subnet routing protocols • How to secure communications? • Authenticate • Maintain authentication when a host is roaming

  45. Related work • Integrating ad hoc and cellular • Mobile-Assisted Connection-Admission (MACA) [Wu/Mukherjee/Chan, GlobeCom’00] (UC-Davis) • Integrated Cellular and Ad-hoc Relaying (iCAR) [Wu/Qiao/De/Tonguz, JSAC’01] (SUNY-Buffalo) • Multihop Cellular Networks (MCN) [Lin/Hsu, InfoCom’00] (Taiwan) • Mobile base station • Distributed, dynamic channel allocation [Nesargi/Prakash, IEEE Transactions on Vehicular Technology’02] (UT-Dallas) • Hierarchical structure • Multimedia support for Mobile Wireless Networks (MMWN) [Ramanathan/Steenstrup, MONET’98] (BBN Technologies) • Clustering scheme for hierarchical control in multi-hop wireless networks [Banerjee/Khuller, InfoCom’01] (UMD)

  46. Methodology of research • Building architecture, developing algorithms and protocols • Membership management • Inter-subnet routing • Intra- and inter-subnet authentication • Evaluation through experiments

  47. Research results • Hierarchical mobile wireless network (HMWN) • Hierarchical membership management scheme • Segmented membership-based group routing protocol • Protection of network infrastructure • Secure roaming and fault-tolerant authentication

  48. Future research plan • Develop congestion avoidance routing protocol for ad hoc networks. • Conduct experiments to study the effect of implementing congestion avoidance at different layers. • Conduct a series of experiments to evaluate HMWN.

  49. Intruder Identification in Ad Hoc Networks

  50. Problem Statement • Intruder identification in ad hoc networks is the procedure of identifying the user or host that conducts the inappropriate, incorrect, or anomalous activities that threaten the connectivity or reliability of the networks and the authenticity of the data traffic in the networks. Papers: “On Security Study of Two Distance Vector Routing Protocols for Mobile Ad Hoc Networks”, in Proceedings of IEEE International Conference on Pervasive Computing and Communications (PerCom),2003. “On Vulnerability and Protection of Ad Hoc On-demand Distance Vector Protocol”, in Proceedings of 10th IEEE International Conference on Telecommunication (ICT),2003.

More Related