190 likes | 326 Views
Integrating Quality of Protection into Ad Hoc Routing Protocols. Seung Yi, Prasad Naldurg, Robin Kravets University of Illinois at Urbana-Champaign. Traditional ad hoc routing protocols. Cooperative by nature Rely on implicit trust-your-neighbor relationships
E N D
Integrating Quality of Protection into Ad Hoc Routing Protocols Seung Yi, Prasad Naldurg, Robin Kravets University of Illinois at Urbana-Champaign
Traditional ad hoc routing protocols • Cooperative by nature • Rely on implicit trust-your-neighbor relationships • Focus on convergence time and routing performance, rather than security
Security-Aware ad hoc Routing (SAR) • SAR is an approach to routing that incorporates security levels of nodes into traditional routing metrics • SAR is typically added on top of existing routing algorithms
Goals • Applications can specify the quality of protection on their ad hoc route with respect to security attributes relevant to them • SAR aims to protect routing control messages • For example, disclose routing information to trusted nodes only
Routing Protocol • Assume the base protocol is on-demand, such as DSR • Source broadcasts a Route Request (RREQ) with desired quality of protection • Neighbors propagate RREQ only if they could support the specified quality of protection • RREQ sets up reverse path as it propagates • Destination sends Route Reply (RREP) once it receives RREQ
Path Establishment RREQ S D RREP
Quality of Protection • We have seen how quality of protection is used in path establishment • How to specify quality of protection? • Trust hierarchy • Bit vector • One bit for each security attribute
Trust Hierarchy • Each level has predefined quality of protection • These levels represent the security capability of the mobile nodes and also of the paths • Associate a number with each level • Trust level or protection should be immutable • Keys of each level are distributed to nodes on that level. • Encrypt the portion of the RREQ and RREP headers that contain the trust level
Simulation Set-up • ns2 network simulator • 50 mobile nodes and 3 trust levels • 15 (H), 15 (M), 20 (L) • 2 different traffic patterns with 20 flows • 10% (H), 20% (M), 70% (L) • 33% (H), 33% (M), 34% (L) • SAR is implemented on top of AODV
Path Discovery Traffic 1 Traffic 2 • SAR discovered fewer paths • Paths guaranteed to obey the security requirement
Routing Traffic Traffic 1 Traffic 2 • SAR has lower routing traffic overhead • nodes drop routing messages if they can not satisfy the security requirement
Simulation Time Traffic 1 Traffic 2 • SAR takes more time to finish • Data packets may follow longer but more secure paths • Control packets experience processing overhead
Strong Points • Exposes security levels to applications so that applications can adapt its behavior • Concept is simple and effective
Weak Points • Overhead: Encryption, hashes, … • If the ad hoc network does not have a path with nodes that meet RREQ’s security requirements, SAR may fail to find a route even if the network is connected
Open Questions • How does SAR perform in real-world experiments? • Which base protocols are most suitable for SAR?