1 / 30

Paranoid Protocols: Enhancing Security in Wireless Networks

This presentation explores the necessity for more paranoid protocols in wireless networks compared to wired systems due to unique vulnerabilities. It outlines the design principles of paranoid protocols aimed at protecting against a variety of threats. Key mistakes often made in wireless security design are discussed, including the pitfalls of assuming extreme scenarios, relying too heavily on in-band solutions, and misapplying wired equivalent protocols. The conclusion emphasizes focusing on realistic threats and developing complementary out-of-band solutions for robust network security.

osgood
Télécharger la présentation

Paranoid Protocols: Enhancing Security in Wireless Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Protocols for the Wireless Paranoid Nitin Vaidya University of Illinois http://www.crhc.uiuc.edu/wireless Slightly revised version of slides used for a 2005 INFOCOM (Miami) panel on Paranoid Protocol Design for Wireless Networks March 16, 2005 Other panelists: Jean-Pierre Hubaux (Moderator), Bill Arbaugh,Ed Knightly, Adrian Perrig

  2. Disclaimer If you review my research proposals, ignore everything I say here

  3. Panel’s Premise • Wireless networks needmore paranoid protocolsthan wired networks

  4. Wireless Networks • Greater paranoia may be desirable in wireless networks • Easier to “tap” into • Limited resources  Incentive to cheat  Programmable devices provide means to cheat • But …

  5. What are Paranoid ProtocolsAnyway?

  6. Department of NetLand Security(DNS) Severe Paranoid High Characterized by extreme and irrational distrust Elevated Guarded Low Threat Assessment

  7. Paranoid Design Principles • Everything that can go wrong, will - Murphy’s Law • Protect against everything

  8. Research Community’s Response • Enumerate all possible ways things can go wrong • Separate solution for each of the ills • Not quite the right approach • Proof by Example  3 Mistakes often made

  9. Mistake 1:Assuming Extreme Scenarioas the Common Case Ad hoc network are coming ! Ad hoc networks are coming !!

  10. “Extreme” Ad Hoc NetworkingLarge Isolated Networks No infrastructure C E A B

  11. Why build networks this way, if you don’t have to? Not all networks are for the battlefield !! Extreme Scenario • “Extreme” ad hoc networks: No infrastructure  No certification authority  No DHCP server  Long-lived partitions

  12. Extreme Ad Hoc Networks • Model acceptable when exploring design space for MAC and routing • Assuming same model for “security” can lead tounnecessary complexity

  13. More Likely Ad Hoc NetworksAccess to Infrastructure or Small internet C E A B

  14. More Likely Ad Hoc NetworksAccess to Infrastructure or Small

  15. Mesh node Mesh node Wireless channel Wireless channel More Realistic Multi-Hop WirelessMesh Networks internet Wireless “backbone” B C A

  16. Access Point Wireless channel More Realistic Multi-Hop WirelessHybrid Networks internet Access Point Wireless channel E B C A D

  17. Even Vehicles Can Have Intermittent Infrastructure Access Picture courtesy Prof. Jean-Pierre Hubaux (somewhat modified from Prof. Hubaux’s version)

  18. Multi-Hop Wireless is Here(Summary) • Multi-hop wireless,but “infrastructure” can be accessed selectively • Not all enumerable scenarios are relevant  Design protocols for the likely scenarios

  19. Mistake 2:“In-Band” Solutions • “In-band” solutions Solution tied closely to attack

  20. Mistake 2:“In-Band” Solutions • Example attack: Node refuses to forward packets • In-band solution: Watch each other for the misbehavior P C A B Discard

  21. Out-of-Band SolutionsOften More Practical • Disincentives for not forwarding packets • Misbehavior translates to poor performance  Re-route around “bad” parts of the network Single out-of-band solution can help with manyattacks

  22. Access Point Wireless channel Mistake 2: “In-Band” Solutions • Example Attack: MAC Layer selfish misbehavior for performance gains • In-band solution: Detect whether a node followsprotocol faithfully • Out-of-band solution: Determine whether a node receives unfair share

  23. Out-of-Band Solutions(Summary) • Out-of-band solutions often superior, and easier to implement

  24. Mistake 3Wireless = Wired Equivalent • Many protocols work correctly only when nodes seeidentical wireless channel status

  25. Access Point Wireless channel When C transmits, A and B may see different channel status A B C Mistake 3Wireless = Wired Equivalent • Many protocols work correctly only when nodes seeidentical wireless channel status  Protocols cannot perform as advertised

  26. Mistake 3Wireless = Wired Equivalent • Under realistic channel conditions, some of the attacks also difficult to launch undetected • Example: Certain “wormhole” attacks Ignore such attacks?

  27. Mistake 3(Summary) • Pay attention to the physical layer • Wired equivalent for wireless not always reasonable • Use solutions that do not rely on such assumptionsOut-of-band solutions, removed from the cause, may be less prone

  28. Conclusion • Not everything that can go wrong isworth the cost of protection • Develop small set of solutions for alarge problem space • Know the wireless channel Need to protect wireless networks …but

  29. Conclusion Wireless networks are complex Focus on the real problems, ignore the imaginary

  30. Thanks !nhv@uiuc.edu

More Related