1 / 61

An On-Demand Secure Byzantine Routing Protocol

An On-Demand Secure Byzantine Routing Protocol. David Holmer Department of Computer Science. Presentation Outline. Introduction Attacks & Byzantine Behavior ODSBR Results. Feel Free to Ask Questions Throughout the Presentation . Mobile Ad Hoc Wireless Networks.

tannar
Télécharger la présentation

An On-Demand Secure Byzantine Routing Protocol

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. An On-Demand Secure Byzantine Routing Protocol David Holmer Department of Computer Science

  2. Presentation Outline • Introduction • Attacks & Byzantine Behavior • ODSBR • Results Feel Free to Ask Questions Throughout the Presentation

  3. Mobile Ad Hoc Wireless Networks • Non-centralized architecture - All nodes pass traffic • Advantages • Increased Coverage (overall range & less gaps) • Reduced Deployment Cost (less wired connectivity) • Rapid Deployment (self configuring & self healing) • Security Challenges • Collaborative nature • All nodes participate in routing - can we trust them? • Lack of physical security • Wireless broadcast medium - anyone can eavesdrop • Mobile devices highly susceptible to theft and tampering Security is a Vital Component!

  4. WiSE 2002 –“An On-Demand Secure Routing Protocol Resilient to Byzantine Failures” MILCOM 2004 – “The Pulse Protocol: Sensor Network Routing and Power Saving” INFOCOM 2004 – “The Pulse Protocol: Energy Efficient Infrastructure Access” WONS 2004 – “High Throughput Route Selection in Multi-rate Wireless Networks” IZS 2004 – “Swarm Intelligence Routing Resilient to Byzantine Adversaries” WONS 2005 –“The Pulse Protocol: Mobile Ad hoc Network Performance Evaluation” SECURECOM 2005 –“On the Survivability of Routing Protocols in Ad Hoc Wireless Networks” NDSS 2005 –“Secure Multi-hop Infrastructure Access” INFOCOM 2005 –“Provably Competitive Adaptive Routing” MONET Journal 2006 –“The Medium Time Metric: High Throughput Route Selection in Multi-rate Wireless Networks” ESAS 2006 –“Dynamics of Learning Algorithms for the On-Demand Secure Byzantine Routing Protocol” Publications Most relevant to this talk Other work

  5. Trusted Node Correct Node Adversarial Node Basic Problem Source Destination Shortest Path Fault Free Path

  6. Presentation Outline • Introduction • Attacks & Byzantine Behavior • ODSBR • Results Feel Free to Ask Questions Throughout the Presentation

  7. Adversarial Properties Single ~ Majority External ~ Byzantine / Insider Individual ~ Colluding Attacks Insertion/Modification Black hole Wormhole Flood Rushing Denial of service Strong Attacks Black hole Wormhole

  8. Byzantine Behavior • Significant research to protect against external adversaries (traditional secret based exclusion) • However, authenticity and integrity do not provide any guarantee about the legitimacy of actions taken by authenticated / insider nodes • Attacks where the adversary has full control of an authenticated device and can perform arbitrary actions to disrupt the network • Byzantine Generals problem [Lamport – ’82]

  9. Related Work • Byzantine robustness for Wired Link State routing: [Perlman – ’88] • Authentication and integrity: [Zhou, Haas – ’99] [Hubaux, Buttyan, Capkun – ’01] [Dahill, Levine, Shields, Royer – ’02] [Hu, Perrig, Johnson – ‘02, ’01] • Blackhole: [Marti, Giuli, Lai, Baker - ‘00] [Papadimitratos, Haas - ’03] • Wormhole: [Hu, Perrig, Johnson – ’03] [Hu, Evans – ’04] • Flood rushing: [Hu, Perrig, Johnson – ‘03] • Majority do not address the Byzantine adversarial model • Focus on individual attacks - no comprehensive solutions!

  10. Presentation Outline • Introduction • Attacks & Byzantine Behavior • ODSBR • Results Feel Free to Ask Questions Throughout the Presentation

  11. On-Demand Secure Byzantine Routing • Provides Survivable routing in a Byzantine environment • Original version published in WiSe 2002 (>25 cites) • Trust model • Source and Destination are trusted • Intermediate nodes are authenticated (PKI & Symmetric keys)but not fully trusted • Adversarial model • Majority of colluding byzantine adversaries • All routing attacks except - eavesdropping, resource consumption, wormhole creation, other layers • Our solution • An on-demand routing protocol • Link based reliability metric • Bounded losses as long as there exists a fault-free path • Avoids the need for Byzantine Agreement (costly & less capable)

  12. ODSBR Protocol Overview Route Discovery with Fault Avoidance Byzantine Fault Detection Discovered Path Link Weight Management Weight List Faulty Link

  13. ODSBR Protocol Overview Route Discovery with Fault Avoidance Byzantine Fault Detection Discovered Path Link Weight Management Weight List Faulty Link

  14. Route Discovery • On-demand protocol • Finds a least weight path • Request flood • Request includes weight list and signature • Signature verified at every hop • Prevents un-authorized route requests

  15. Route Discovery (cont.) • Response flood • Prevents response block attack • Path and weight accumulated hop by hop • Appends signature to response • Lower cost updates are re-broadcast • Every hops verifies the entire path • Prevents flood rushing/blocking attack • A min-weight path is always established • Path is not guaranteed to be fault free

  16. Fault Detection Phase Route Discovery with Fault Avoidance Byzantine Fault Detection Discovered Path Link Weight Management Weight List Faulty Link

  17. Fault Detection Strategy • Probing technique using authenticated acknowledgements • Naïve probing technique • Too much overhead per data packet!

  18. Secure Adaptive Probing Source Destination Success Fault 1 Fault 2 Fault 3 Fault 4 Binary search = identified in log n faults Trusted Node Successful Probe Successful Interval Intermediate Node Failed Probe Faulty Interval

  19. Probe & Ack Properties • Probes • Inseparable from data - listed on all packets • Integrity checked at each probe - HMAC • Enforces path order - reverse ordered HMAC list • Acks • Authenticated - HMAC • Single combined ack packet - individual HMAC of entire ack packet so far added at each probe • Adversary can’t selectively drop some of the acks • Staggered timeouts - restarts ack packet • A node can’t incriminate any link but its own

  20. Fault Identification • Fault Definition • Packet loss rate violates a fixed threshold • Excessive delay also causes packet loss • Identifies faulty links regardless of reason • Malicious behavior • Non-malicious malfunction • Adverse network behavior • Congestion • Intermittent connectivity

  21. Link Weight Management Phase Route Discovery with Fault Avoidance Byzantine Fault Detection Discovered Path Link Weight Management Weight List Faulty Link

  22. Link Weight Management • Maintains a weight list of identified links • Faulty links have their weight doubled • Resets link weights • Timed by successful transmissions • Bounds average loss rate • Weight scheme provides “soft” avoidance • Minimal penalty for false positives • Network is never partitioned • Allows use of aggressive fault thresholds

  23. Presentation Outline • Introduction • Attacks & Byzantine Behavior • ODSBR • Results Feel Free to Ask Questions Throughout the Presentation

  24. ODSBR Attack Mitigation • Injecting, modifying packets – HMAC • Replay attack – use of nonces • Flood rushing – protocol relies on the metric, and not on timing information • Black hole – unreliable links are avoided using metric • Wormhole – creation is not prevented, but it is avoided using metric

  25. Loss Bound Analysis • Network of n nodes of which k are adversaries • Assume a fault free path exists • Protocol bounds the number of packets lost communicating with the destination

  26. Byzantine Attack Simulation • Simulated attacks: • Black Hole • Wormhole • Super-Wormhole • Flood Rushing Random & StrategicAdversary Placements

  27. AODV Simulation Summery

  28. ODSBR Simulation Summery

  29. Conclusion • On-demand routing protocol resilient to a wide range of colluding byzantine attacks • Adaptive probing scheme identifies faulty link location without Byzantine Agreement • Bounded long term loss rate = guaranteed correctness in any network • Excellent performance in a myriad of practical scenarios

  30. Experimental Lessons Learned • Most important factors: • Flood rushing • Strategic positioning • Quantify the relative strength of different attacks • ODSBR • able to mitigate wide range of Byzantine attacks • not significantly affected by flood rushing • performance decreased when a large number of adversarial links exists

  31. ODSBR - simulation [ACHR - SecureComm05] • Implementation + simulation: NS2 network simulator • 50 nodes randomly placed within a 1000 x 1000 meter square area • In addition, 0 to 10 adversarial nodes were added • Random way-point mobility model • A traffic load of 10 CBR flows • ODSBR vs. AODV

  32. Black Hole Attack • An attacker lies along the selected path • The attacker passes routing control traffic correctly (route request, response, acks, etc.) • However it drops or corrupts data traffic • Strong variants may do this adaptively to avoid detection Source Destination

  33. Black Hole ODSBR Defense • Secured acks detect ANY damage of data flow • Adaptive probing localizes the damage to one of the adversaries links • Weight of adversarial link is increased allowing correct path to be found Source Destination

  34. Black hole attack + Flood Rushing

  35. Worm Hole Attack • Two attackers establish a path and tunnel packets from one to the other • The worm hole turns many hops into one virtual hop creating shortcuts in the network • This allows a group of adversaries to easily draw in packets and drop them Source Destination

  36. Worm Hole ODSBR Defense • Worm hole creation is not prevented • Impossible without assumptions about links and/or additional non-standard hardware/information • Worm holes are “benign” unless they disrupt data flow • Worm hole “link” can be identified and avoided Source Destination

  37. Wormhole attack: random placement

  38. Central wormhole simulation

  39. Complete Coverage simulation

  40. Flood Rushing Attack • exploits flood duplicate suppression • authentication doesn’t help • can result in many adversarial controlled paths • ODSBR Defense: • hop-by-hop authentication • process all duplicate flood packets and rebroadcast lower metric valid flood packets

  41. Byzantine Wormhole attack Adversary Adversary wormhole Destination Source • ODSBR Defense: • wormhole formation is not prevented • wormhole will be detected and avoided

  42. Super-Wormhole • a more general (and stronger) variant of the wormhole attack • several adversaries collude and form an overlay of Byzantine wormholes • for n adversaries, it is equivalent to n2 wormholes

  43. ODSBR - continued • Fault = any disruption that causes significant loss or delay in the network • End-to-end ACKs • Reliability metric based on past history • Faulty links are identified using an adaptive probing technique, and avoided during the secure route discovery • Maximum damage that can be caused by adversaries is bounded: q- -   q+  b  kn  log2n

  44. Black Hole + Flood Rushing • Black Hole = Adversary selectively drops only data packets, but still participates in the routing protocol correctly • Flood Rushing = takes advantage of the flood suppression mechanism • Simulation: • Black hole: drop all data packets • Flood rushing: ignore broadcast delays

  45. Overhead – non-adversarial scenario

More Related