1 / 52

MAC Layer Misbehavior in Wireless Networks

MAC Layer Misbehavior in Wireless Networks. Pradeep Kyasanur Nitin H. Vaidya University of Illinois at Urbana-Champaign. Access Point. Wireless channel. A. B. Problem Definition. Nodes are required to follow Medium Access Control (MAC) rules. Misbehaving nodes may violate MAC rules.

teo
Télécharger la présentation

MAC Layer Misbehavior in Wireless Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. MAC Layer Misbehavior inWireless Networks Pradeep Kyasanur Nitin H. Vaidya University of Illinois at Urbana-Champaign

  2. Access Point Wireless channel A B Problem Definition • Nodes are required to follow Medium Access Control (MAC) rules Misbehaving nodes may violate MAC rules

  3. IEEE 802.11 overview • Distributed Coordination Function (DCF) • Widely used for channel access • DCF is a Carrier Sense Multiple Access/ Collision Avoidance (CSMA/CA) protocol

  4. CSMA/CA • Don’t transmit when channel is busy • Defer transmission for a random duration on idle channel

  5. B1=20 B1=15 B1=0 Transmit S1 wait CW=31 wait S2 Transmit B2=10 B2=25 B2=10 Backoff Example • Choose backoff value B in range [0,CW] • CW is the Contention Window • Count down backoff by 1 every idle slot

  6. RTS CTS B=10 Sender S ACK CTS RTS DATA Receiver R Data Transmission • Reserve channel with RTS/CTS exchange A S R B

  7. Possible Misbehavior • Backoff from biased distribution • Example: Always select a small backoff value B1 = 1 B1 = 1 Misbehaving node Transmit Transmit Well-behaved node wait wait B2 = 20 B2 = 19

  8. Goals of proposed scheme • Diagnose node misbehavior • Catch misbehaving nodes • Discourage misbehavior • Punish misbehaving nodes

  9. Related Work

  10. Routing: Security • Many proposals for securing network layer [Hou02, Zhou99, Awerbuch02] • Attacks: Creating routing loops, misrouting packets, ... • Solutions: Use cryptographic keys to prevent route tampering

  11. Routing: Selfishness • Selfish misbehavior • Nodes cheat primarily to gain benefit • Example: Not relaying packets to save energy • Solutions • Designing protocols resilient to misbehavior • [Savage99, Nisan99, Buttyan01] • Explicitly detect and penalize misbehavior • [Marti00, Zhang00, Buchegger02]

  12. MAC: Selfishness • MacKenzie addresses selfish misbehavior in Aloha networks • Nodes may use higher access probabilities • Solution uses game theoretic approach • Assumes there is some cost for transmitting • Nodes independently adjust access prob. • Under some assumptions network reaches a fair equilibrium

  13. MAC: Selfishness • [Konorski01, Konorski02] discuss selfish misbehavior in 802.11 networks • Game theory used to analyze solution • Nodes use a black-burst to resolve contention • Winner is not the largest burst, but node with burst within  slots of largest burst

  14. Game theory - Discussion • Protocols resilient to misbehavior can be developed • Do not need explicit misbehavior detection • Solutions assume perfect knowledge • No guarantees with imperfect information • Performance at equilibrium may be poor

  15. Proposed protocol

  16. Solution Approaches • Misbehaving node can gain more bandwidth  Use payment schemes, charging per packet • Misbehaving node can achieve lower delay (e.g., by sending packet bursts) Average delay is less with same cost Per-packet payment schemes not sufficient (need to factor delay – harder)

  17. Access Point Wireless channel A Proposed Approach • Receivers detect sender misbehavior • Assume receivers are well-behaved (can be relaxed) • Access Point is trusted. When AP transmits, it is well-behaved • When AP receives, it can monitor sender behavior

  18. Issues • Receiver does not know exact backoff value chosen by sender • Sender chooses random backoff • Hard to distinguish between maliciously chosen small values and a legitimate random sequence • Wireless channel introduces uncertainties • Channel status seen by sender and receiver may be different

  19. Potential Solution:Use long-term statistics • Observe backoffs chosen by sender over multiple packets • Backoff values not from expected distribution  Misbehavior Selecting right observation interval difficult

  20. A Simpler Approach • Remove the non-determinism

  21. A Simpler Approach • Receiver provides backoff values to sender • Receiver specified backoff for next packet in ACK for current packet • Modification does not significantly change 802.11 behavior • Backoffs of different nodes still independent Uncertainty of sender’s backoff eliminated

  22. B Sender S CTS ACK(B) DATA RTS RTS Receiver R Modifications to 802.11 • R provides backoff B to S in ACK • B selected from [0,CWmin] • S uses B for backoff

  23. Protocol steps Step 1: For each transmission: • Detect deviations: Decide if sender backed off for less than required number of slots • Penalize deviations: Penalty is added, if the sender appears to have deviated Goal: Identify and penalize suspected misbehavior • Reacting to individual transmission makes it harder to adapt to the protocol

  24. Protocol steps Step 2: Based on last W transmissions: • Diagnose misbehavior: Identify misbehaving nodes Goal: Identify misbehaving nodes with high probability • Reduce impact of channel uncertainties • Filter out misbehaving nodes from well-behaved nodes

  25. Backoff Sender S ACK(B) RTS Receiver R Bobsr Detecting deviations • Receiver counts number of idle slots Bobsr Condition for detecting deviations:Bobsr <  B (0 <  <= 1)

  26. Threshold scheme is optimal • Goal: Maximize detection percentage while keeping misdiagnosis percentage below some bound • Invoking Neyman-Pearson [Poor94] criteria, we prove that a threshold scheme is optimal (under a simplified channel mode)

  27. Threshold scheme • Threshold is a function of assigned backoff B • In the protocol, we use a constant factor of B as threshold for simplicity

  28. Actual backoff < B Sender S ACK(B) CTS ACK(B+P) DATA RTS Receiver R Bobsr Penalizing Misbehavior • When Bobsr < B, penalty P added • P proportional to  B– Bobsr • Total backoff assigned = B + P

  29. Penalty Scheme issues • Misbehaving sender has two options • Ignore assigned penalty Easier to detect • Follow assigned penalty  No throughput gain • With penalty, sender has to misbehave more for same throughput gain

  30. Diagnosing Misbehavior • Total deviation for last W packets used • Deviation per packet is B – Bobsr • If total deviation > THRESH then sender is designated as misbehaving • Higher layers / administrator can be informed of misbehavior

  31. Results

  32. Simulation Results • Using ns-2 simulator • Results for one receiver, with one misbehaving sender • CBR traffic flows between receiver and all senders

  33. Misbehaving Node Simulation Setup

  34. Misbehavior Models • Persistent Misbehavior Model: • Uses “Percentage of Misbehavior” (PM) as a parameter • Misbehaving node backs off for (100-PM)% of assigned backoff • PM = 0%  well-behaved • Simple misbehavior model used for evaluation of tradeoffs

  35. Proposed Scheme Throughput (Kbps \ node) 802.11 Number of sender nodes Throughput – no misbehavior

  36. Correct Diagnosis Percentage Misdiagnosis Percentage of Misbehavior (of misbehaving node) Persistent Misbehavior -Diagnosis Accuracy

  37. 802.11 Avg. with proposed scheme Proposed Scheme Throughput (Kbps) Avg. with 802.11 Percentage of Misbehavior Persistent Misbehavior- throughput

  38. Observations • Persistent misbehavior detected with high accuracy • Accuracy increases with misbehavior • Accuracy depends on channel conditions • Accuracy not 100% due to channel variations

  39. Extensions to the protocol

  40. Handling other misbehavior • Receiver may misbehave by assigning large or small backoff values • Sender can detect receiver assigning small backoff values • Backoff assigned by receiver has to follow well-known distribution • Sender uses larger of assigned backoff and expected backoff

  41. Handling other misbehavior • Detecting receiver assigning large backoff values not handled • Equivalent to receiver not responding at all • Need higher layer mechanisms • Collusion between sender and receiver • Harder to detect • Requires an observer that can monitor both sender and receiver

  42. A S R B Multiple Observers • Currently, single observer is used (receiver) • Data from multiple observers can be combined to improve diagnosis • S sends a packet to R • A, B also monitor S • Information from A, B, R can be combined

  43. Multiple Observers - Issues • How many observers are needed for obtaining specified diagnosis accuracy? • Impact of channel noise on observations • How to combine multiple observations? • Collect raw observations and then combine • Combine individual diagnoses

  44. Conclusion • MAC layer misbehavior can severely affect throughput of well-behaved nodes • We present simple modifications to IEEE 802.11 to detect/penalize misbehavior • Open issues: • Using multiple observers • Integrate diagnosis scheme with higher layers

  45. Thanks! http://www.crhc.uiuc.edu/wireless/

  46. References • [Savage99] TCP Congestion Control with a misbehaving receiver • [Nisan99] Algoithms for Selfish Agents • [Buttyan01] Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks • [Marti00] Mitigating Routing Misbehavior in Mobile Ad hoc Networks • [Zhang00] Intrusion Detection in wireless ad hoc networks • [Buchegger02] Nodes Bearing Grudges: Towards Routing Security, Fairness and Robustness in Mobile Ad Hoc Networks • [Hu02] Ariadne: A secure on-demand routing protocol for ad hoc networks • [Konorski01] Protection of Fairness for Multimedia Traffic Streams in a Non-cooperative Wireless LAN setting • [MacKenzie01] Selfish users in Aloha: A Game-theoretic Approach • [Konorski02] Multiple Access in Ad Hoc Wireless LANs with Noncooperative stations • [Awerbach02] An On-Demand Secure Routing Protocol resilient to Byzantine Failures • [Zhou99] Securing Ad-hoc Networks • [Poor94] An Introduction to Signal Detection and Estimation

  47. Extra Slides follow ....

  48. Additional details • Mechanisms to address protocol response after packet collisions

  49. B1=10 B1=20 S1 Collision Transmit CW=31 CW=63 S2 Collision wait B2=10 B2=40 Collision Example • On collision double CW • Binary exponential backoff algorithm • Pick new backoff and send again

  50. b1 b2 wait wait Sender S RTS(1) ACK(b1) RTS(2) collision Receiver R Modifications to 802.11 1. On collision new backoff b2 is b2 = f(b1, nodeId of S, attempt number) 2. RTS contains attempt number

More Related