1 / 23

HotspotBased Traceback for Mobile Ad Hoc Networks

HotspotBased Traceback for Mobile Ad Hoc Networks. Present by 江信龍 12/21. A BSTRACT. 現有追蹤協定不適合在無線網路環境下運行 發展 Tagged Bloom Filters( 存額外資訊 ) 以上述技術為基礎 發展 HotspotBased Traceback. 大綱. 1INTRODUCTION 2PROBLEM STATEMENT 3PREVIOUS PROTOCOLS 4BASIC MECHANISMS 5CONCLUSION. 1 INTRODUCTION.

timon-caldwell
Télécharger la présentation

HotspotBased Traceback for Mobile Ad Hoc Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. HotspotBasedTraceback for Mobile Ad Hoc Networks Present by 江信龍 12/21

  2. ABSTRACT • 現有追蹤協定不適合在無線網路環境下運行 • 發展Tagged Bloom Filters(存額外資訊) • 以上述技術為基礎 發展HotspotBasedTraceback

  3. 大綱 1INTRODUCTION 2PROBLEM STATEMENT 3PREVIOUS PROTOCOLS 4BASIC MECHANISMS 5CONCLUSION

  4. 1 INTRODUCTION 1因有線網路追蹤無法套用在無線網路環境 2使用Source Path Isolation Engine (SPIE) 只需單一攻擊封包為依據資料 3此法即使拓樸隨時間改變仍可以重建攻擊路徑

  5. Bloom filter(1/2)

  6. Bloom filter(2/2) • For each packet received, SPIE computes k independent n-bit digests, and sets the corresponding bits in the 2n-bit digest table

  7. Spie(1/2)

  8. Spie(2/2) • The SPIE network infrastructure, consisting of Data Generation Agents (DGAs), SPIE Collection and Reduction Agents (SCARs), and a SPIE Traceback Manager (STM).

  9. 2 PROBLEM STATEMENT HotspotBased為找出大略攻擊者位置 定義 attack path (AP): 自攻擊者至犧牲者 不可有迴路 分支 重複點

  10. 定義名詞 AP fragment(AP) : a consecutive sequence of well-behaving routers within the attack path observable AP fragment(OAP): an AP fragment where all routers compute the same digest1 of packet Pas the victim does EAP :last OAF which ends at the victim must be observable based on the definition of an OAF

  11. Figure 1: Attack Path

  12. 3. PREVIOUS PROTOCOLS 兩大問題 1動態拓樸 2可靠中介路由器推送攻 擊封包 The Source Path Isolation Engine (SPIE) Infrastructure:內嵌SPIE路由器運行一DGA來 扮演BLOOM FILTER檢查封包 STM控制SCAM Digest Input:使用雜湊函數 TTL TOS 檢查和 來產生摘要資訊

  13. 4. BASIC MECHANISMS 4.1 Tagged Bloom Filter 1Bloom Filter使用SPIE來運作 2 m bits 和k個獨立雜湊表對應到輸入值 3當x被插入雜湊表產生k個index 並且相對應的位元被設定 4Tagged Bloom Filter :multiple bits are stored in each table entry2 5 2c − 2 個有效值 [0, 2c − 3] 2c − 2 是invalid tag and 2c − 1 是empty tag

  14. Tagged Bloom Filter OPERATION(Figure 2)

  15. 0 0 0 0 0 0 1 1 0 0 2 2 0 1 2m-2 2m-2 0 0 2m-1 2m-1 tagged Bloom Filter L-bit counter insert N:m Hash1

  16. 0 0 0 0 0 0 1 1 1 0 2 2 1 1 2m-2 2m-2 0 0 2m-1 2m-1 tagged Bloom Filter L-bit counter insert N:m Hash1

  17. 0 0 0 0 0 0 1 1 1 1 2 2 1 2 2m-2 2m-2 0 0 2m-1 2m-1 tagged Bloom Filter L-bit counter insert N:m Hash1

  18. 4.2RTTL4.3LOCAL NEIGHBOR LIST 1 RTTL(P) ≡ TTL(P) mod (2c − 2) 2 NL(A) NL(B) 只差1個HELLO_INTERVAL 3ρ為 lower bound of Pr(A ∈NL(B)) 對所有成對A 和B在HELLO_INTERVAL內 .

  19. 4.4建立攻擊圖

  20. Figure 3: Attack Graph Example

  21. 4.5熱區偵測

  22. Figure 4: Hotspot Detection Example

  23. 5 CONCLUSION • we presented a distributed traceback approach where no trustworthy infrastructure is needed • Our scheme is very suitable for MANET that consists of mobile nodes

More Related