470 likes | 1.18k Views
Single-hop and Multi-hop MANET Security. S. Srinivasan Professor of CIS University of Louisville Louisville, Kentucky, USA. Outline. Mobile Ad hoc Network (MANET) Single-hop Networks Multi-hop Networks Current models: Denial of Service (DoS) Selfish node Routing Our research
E N D
Single-hop and Multi-hop MANET Security S. Srinivasan Professor of CIS University of Louisville Louisville, Kentucky, USA
Outline • Mobile Ad hoc Network (MANET) • Single-hop Networks • Multi-hop Networks • Current models: • Denial of Service (DoS) • Selfish node • Routing • Our research • Open research areas involving MANET
MANET • MANET is a temporary network • No central server • Infrastructure-free • Comparison with wired network • Trust establishment
FA HA M2 Wired internet M1 M3 Ad hoc network M4 MANET Diagram Wireless network
MANET Security • Principal aspects are: • Confidentiality • Integrity • Vulnerabilities are: • Malicious nodes • Covert channels • Eavesdroppers
Single-hop Networks • Base Station (BS) plays a critical role • BS is involved in communication with every Mobile Node (MN) • BS takes care of channel assignment for RTS (Request To Send) and CTS (Clear To Send) packets • Usual MAC protocol is slotted ALOHA (GSM uses this for access requests)
MN4 MN3 BS MN1 MN2 Single-hop Networks
Single-hop Networks • Usually 7 frequencies are reused • Neighboring cells use different frequencies • Within each cell dedicated single channels are used for each direction of traffic
Multi-hop Networks • Extends coverage area of single-hop networks • Mobile node to mobile node connections allowed • More demands placed on MAC protocols than single-hop networks • Multi-hop networks can provide connection-oriented service by partitioning available bandwidth to multiple channels
MN6 MN3 MN5 MN4 MN1 BS MN2 Multi-hop Networks
MN4 MN8 MN3 MN7 Wired link BS BS MN1 MN5 MN2 MN6 Multi-hop Networks
Multi-hop Networks • Common protocols used are the Floor Acquisition Multiple Access (FAMA) class of protocols • 802.11 DCF (Distributed Coordination Function) protocol is very cost effective and mature. This is actually a CSMA/CA. • Typically the transmission range of a mobile device is not a constraint but the traffic a cell can support is
Multi-hop Networks • Policy of not reusing a channel in adjacent cells works in single-hop networks • In multi-hop networks, sharing of data and control channel in the entire service area is preferable • Benefits of multi-hop networks over single-hop networks are: • robustness • higher bandwidth availability • spatial reuse
Multi-hop Networks • Robustness comes from not having a single path such as via an Access Point (AP) • Example: email • Bandwidth is higher at shorter range • Less power is required to transmit over shorter distances • Since multiple paths exist to the network over multiple nodes, there is no bottleneck of an AP
Current Models • Denial of Service (DoS) • Malicious nodes and selfish nodes cause DoS • Yi et al (2002) discuss Mobile Certification Authority (MOCA) protocol for MANETs using PKI • MOCA distributes Certificate Authority functionality to selected nodes based on trust
Current Models • Avoine et al (2002) discuss their fair key exchange model called Guardian Angel • Uses probabilistic techniques without any trusted third party for key exchange
Current Models • Selfish nodes • Buttyan et al (2003) show using simulation how selfish nodes fail to participate in packet forwarding • Buttyan study shows that every node spends 80% of energy for packet forwarding • A nuglet counter is used here to keep track of selfish node behavior. It is a tamper resistant hardware security module attached to a node. Detects selfishness in packet forwarding.
Current Models • Nuglet counter is decreased when it originates a packet and increased when it forwards a packet • Nodes that participate in the ad hoc network must maintain a positive nuglet counter • If n is the number of intermediate nodes to the destination, then the originator can send the packet if its nuglet counter is >= n. In that case the nuglet counter is decreased by n. Otherwise, the node cannot send its packet • When the node forwards one packet for others then its nuglet counter is increased by one
Current Models • Michiardi et al (2002) have developed the CORE (Collaborative Reputation) model for monitoring behavior of neighboring nodes for selfish behavior • Each node monitors the behavior of neighboring nodes for a specific function. If performance matches expected behavior then observation is positive. • One node sends a probing message to a node one hop away. If the message is acknowledged within the timeout period then the neighbor did the forwarding. • Lack of positive values would result in node getting isolated
Current Models • How selfish behavior is detected: • Each node selects a backoff value in the range [0, CW] where CW is contention window duration • When channel is idle, the backoff counter is decremented by one after every time slot • Counter is frozen when channel is busy • Misbehaving nodes attempt to choose a backoff value in the range [0, CW/4] thereby they get quicker access to the bus • This is controlled by the receiver monitoring the sender behavior by assigning a backoff value to sender
Current Models • Routing • Main methods are: • AODV (Ad hoc On-demand Distance Vector) • DSDV (Destination Sequenced Distance Vector) • AODV is a reactive protocol • DSDV is a proactive protocol • DSDV maintains a dynamic routing table at all times
Current Models • Yang et al, ACM conf., 2002, have developed a unified method called Self Organized Security (SOS) scheme using AODV method • SOS does not assume any prior trust arrangement among nodes • Each node in the network needs a token to participate • Tokens have expiration time stamp • Well-behaving nodes gain longer time duration before renewal
Our Research • We are pursuing four different research threads • Development of Threshold Index (TI) using fuzzy logic • X = { xi } is a sample space of significant parameters (e.g., packets lost, number of collisions) • A = { (xi, µj(xi)), xiε X } where µj is the grade of membership of xi
Our Research m Σ wj yj j = 1 TI = --------------------------- m Σ wj j = 1 where yj denotes the output value (weight) associated with the particular rule in the fuzzy set. Weight wj is min(µj(NC), µj(PL))
Our Research • Rule strength wj = min(µj (xi)) where i ε {1, 2, …, n} and n is the number of input metrics for each rule • Given k membership values, m = kn • A sample fuzzy relation is shown next • In the example, we use the weights to be 1, 5 or 9 based on the firing rule corresponding to small, medium or large
1 Small Medium Large µ(x) -20 0 20 40 60 Number of packets lost Fuzzy Relation
Our Research • TI is used to classify the threat faced by mobile nodes. • Classifications used are normal, uncertain and vulnerable • Extensive simulation using ns2 software has been done • Currently we are in the process of testing the scenarios using specialized hardware
Our Research • A second thread of research involving MANETs deals with multi-hop networks as opposed to single-hop networks • Multi-hop networks involve not only laptops but also PDAs and cell phones • Trust aspects play a key role identifying nodes for inclusion in the network
Our Research • One work is based on a general security control for a multi-hop network • This is aimed at preventing attacks on paging and registration, also forging Foreign Agent (FA) • Uses mobile IP security (provides continuous connectivity for mobile hosts) • One protection method is to require all MNs to register • Authenticate MN, FA, HA as a unit • Allow only authenticated nodes to be in the multi-hop route
Our Research • Another work is based on secured macro/micro-mobility protocol for multi-hop cellular IP • Macro-mobility refers to support between local domains for mobility of MNs • Micro-mobility refers to support within a local domain for mobility of MNs • Multi-hop paging cache is used to maintain location of MNs • Multi-hop routing cache is used to maintain multi-hop routes
Home/Foreign Agent (HA/FA) AP BS2 Internet BS1 AP CN 1 2 3 Multi Hop AP: Access Point BS: Base Station Co-located BS and AP Area CN: Correspondent Node MN: Mobile Node Multi-hop Heterogeneous Network
Simulation Result P denotes a prime number indicating the number of bits used for encryption in the elliptic curve cryptosystem
Our Research • A third line of research involves mobility management • Mobility management involves knowing what nodes are allowable in a network at a given time • A fourth thread of research involves traceback of nodes. This will help in identifying malicious nodes.
Open Research areas in MANET • MOCA method could be extended to browsing neighboring nodes’ routing tables. Goal is to find multiple routes. This will help in avoiding flooding attacks. • CORE method does not address attacks from active intruders. Nuglet counter could be better utilized for mutual provision of information services • Guardian Angel method could be extended to include DoS or routing attacks
Open Research areas in Multi-hop Networks • Studies are available based on routing or selfish-node behavior that involve AODV (Ad hoc On demand Distance Vector) or DSDV (Destination Sequenced Distance Vector). A hybrid approach is a viable alternative for performance considerations. • In Multi-hop cellular networks, we could find ways to improve the MAC protocols for faster throughput
References • Michiardi, P., and Molva, R., “CORE: A COllaborative REputation mechanism to enforce node cooperation in Mobile Ad Hoc Networks,” Communication and Multimedia Security Conference, 2002. • Buttyán, L., and Hubaux, J., “Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks,” Mobile Networks (MONET), 2003. • Avoine, G. and Vaudenay, S., “Cryptography with Guardian Angels: Bringing Civilization to Pirates” Report on a Working Session on Security in Wireless Ad Hoc Networks, Levente Buttyan and Jean-Pierre Hubaux (eds.), ACM Mobile Computing and Communications Review (MC2R), Vol. 6., No. 4., 2002. • Michiardi, P., Molva, R. “Prevention of Denial of Service Attacks and selfishness in Mobile Ad Hoc Networks,” Research Report RR-02-063 - January 2002.
References • Ermanno Pietrosemoli, Mesh Networks http://wireless.ictp.trieste.it/school_2004/lectures/ermanno/mesh.pdf • Yi, S., Naldurg, P., Kravets, R., “A Security-Aware Ad Hoc Routing Protocol for Wireless Networks,” 6th World Multi-Conference on Systemics, Cybernetics and Informatics (SCI 2002), 2002. • S. Alampalayam, A. Kumar, S. Srinivasan, “Mobile Ad hoc Network Security: A Taxonomy,” 7th IEEE Int’l Conf. on Computer Communications Security, Phoenix Park, South Korea, Feb. 23-25, 2005. • Yang, H., Meng, X., and Lu, S., “Self-Organized Network Layer Security in Mobile Ad Hoc Networks,” ACM MOBICOM Wireless Security Workshop (WiSe'02), Atlanta, 2002.
References • Y.D. Lin and Y.C. Hsu, “Multihop Cellular: A new architecture for wireless communications,” IEEE InfoCom 2000, 1273-1282. • R. Ananthapadmanabha, B. S. Manoj, and C. Siva Ram Murthy, “Multi-hop Cellular Networks: The architecture and routing protocols,” 12th Int’l Conf. on PIMRC, vol.2, Sept. 2001, G-78-G82. • B. Xie, A. Kumar, S. Srinivasan, “GSCP: A General Security Control Protocol for Heterogeneous Multi-hop Network” • B. Xie, A. Kumar, S. Srinivasan, “Secured Macro/Micro-Mobility Protocol for Multi-hop Cellular IP” • C. J. Fullmer and J. J. Garcia-Luna-Aceves, “Floor Acquisition Multiple Access (FAMA) for Packet Radio Networks,” ACM SIGCOMM 1995.