1 / 23

Security of wireless ad-hoc networks

Security of wireless ad-hoc networks. Outline. Properties of Ad-Hoc network Security Challenges MANET vs. Traditional Routing Why traditional routing protocols not suitable for MANET networks? Routing protocols for MANET Nodes misbehave Routing Security Schemes.

kiaria
Télécharger la présentation

Security of wireless ad-hoc networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security of wireless ad-hoc networks

  2. Outline • Properties of Ad-Hoc network • Security Challenges • MANET vs. Traditional Routing • Why traditional routing protocols not suitable for MANET networks? • Routing protocols for MANET • Nodes misbehave • Routing Security Schemes

  3. Properties of Ad-Hoc network (1) • No fixed topology • Each node is a router • Limited energy • Limited CPU and other resources • Transient connectivity and availability • Shared physical medium • Identity different from address • Physical vulnerability • Lack of central administration

  4. Properties of Ad-Hoc network (2) • Where Ad hoc network • Installing an infrastructure is not possible • The network is too transient • The infrastructure was destroyed • Throughput

  5. Security Challenges • Confidentiality • Encryption and access control with authentication • Integrity • Also require cryptographic keys • Availability • Results in two fundamental problem • Trust establishment, key management and membership control • Network availability and routing security

  6. MANET vs. Traditional Routing (1) • Every node is potentially a router in a MANET, while most nodes in traditional wired networks do not route packets • Topologies are dynamic in MANETs due to mobile nodes, but are relatively static in traditional networks • MANET topologies tend to have many more redundant links than traditional networks

  7. MANET vs. Traditional Routing (2) • A MANET router typically has a single interface, while a traditional router has an interface for each network to which it connects • Power efficiency is an issue in MANETs, while it is normally not an issue in traditional networks • Low bandwidth links, high bit error rates, frequent changes in network topology, battery-powered devices with limited transmitter power

  8. Why traditional routing protocols not suitable for MANET networks? • MANETs are usually highly dynamic. • No pre-existing infrastructure. • No centralized administration. • Dynamic topologies. • Energy-constrained nodes. • Limited physical security.

  9. Routing protocols for MANET • IETF MANET working group • Categories • Proactive=Periodic topology updates • Reactive=On-demand driven protocol • Hierarchial • Protocols • DSR (draft), FSR, DSDV, TORA, ZRP, AODV (RFC 3561), OLSR (RFC 3626), TBRPF (RFC 3684)

  10. Nodes misbehave • Overloaded • Selfish • Malicious • broken

  11. Solutions to misbehaving node • A priori trust relationship • Forsake or isolate these nodes form within the actual routing protocol for the network • Install extra facilities in the network to detect and mitigate routing misbehavior

  12. Routing Security Schemes • Watchdog and Pathrater • SEAD • SRP

  13. Watchdog and pathrater • Two extensions to the Dynamic Source Routing (DSR) to help mitigate routing failures and attacks in ad-hoc networks • Watchdog: identifies misbehaving nodes • Pathrater: avoids routing packets through these nodes

  14. DSR • Route discovery Source May receive many ROUTE REPLY

  15. Link break notify DSR (cont.) • Route maintenance • Handles link breaks Link break occurred S A B D • Try another path • Do a route discovery B moves out of transmission range of A

  16. Watchdog

  17. Pathrater • Run be each node in the network • Rating for every other node • Path metric • If multiple paths • Highest metric

  18. Watchdog’s weaknesses • Ambiguous collisions • Receiver collisions • False misbehavior • Partial dropping

  19. Ambiguous/receiver collisions • Ambiguous • Prevents A from overhearing transmissions from B • If repeatedly fails to detect B forwarding on packets, then A assume B misbehaving • Receiver • B could be selfish or malicious (wastes resource)

  20. False misbehavior • Nodes falsely report other nodes as misbehaving 1. S mark B as misbehaving 2. S wonder why received replied P P P S A B D F A A A 1. If A drops Ack Packet 2. B detects this misbehavior and reports it to D

  21. Partial dropping • A node can circumvent the watchdog by dropping packets at a lower rate than the watchdog's configured minimum misbehavior threshold.

  22. NIST BSAR

  23. pros and cons

More Related