View
44
Download
0
Category
Tags:
Preview:
DESCRIPTION
Collaborative Attacks on Routing Protocols in Ad hoc Networks. Neelima Gupta University of Delhi India. ATTACKS on Routing Protocols in AD-HOC NETWORKS. Black Hole Wormhole Rushing Attack Many more Attacks. Black Hole Attack:. D. RREQ. M. RREQ. RREP. RREP. S. RREQ. RREQ. RREQ. - PowerPoint PPT Presentation
Citation preview
Collaborative Attacks on Routing Protocols in Ad hoc Networks
Neelima Gupta
University of Delhi
India
Neelima Gupta, Dept. of Computer Sc., University of Delhi
ATTACKS on Routing Protocols in AD-HOC NETWORKS Black Hole Wormhole Rushing Attack Many more Attacks
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Black Hole Attack:
MRREQ
RREQ
RREPRREP
RREQ RREQ
RREQS
D
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Worm Hole Attack: Malicious nodes eavesdrops the packets, tunnel
them to another location in the network and retransmit them at the other end.
M1
M2
SD
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Rushing Attack
Forward ROUTE Requests more quickly than legitimate nodes can do so, increase the probability that routes that include the attacker will be discovered,
Attack against all currently proposed on-demand ad hoc network routing protocols.
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Collaborative Attacks
Informal definition:
“Collaborative attacks (CA) occur when more than one attacker synchronize their actions to disturb a target
network”
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Different Models of Collaborative AttackCollaborative Black hole attackCollaborative Black hole and
Wormhole attackCollaborative Black hole and
Rushing Attack
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Collaborative Black Hole Attack
S
M24
12
D
5
M1
3
Neelima Gupta, Dept. of Computer Sc., University of Delhi
S
M24
1
2
D
5
M1
3RREQ
RREQ
RREQ
RREQRREQ
RREP
RREP
RREQ
Neelima Gupta, Dept. of Computer Sc., University of Delhi
S
BH2
4
1 2
D
5
BH1
3
Collaborative Black Hole Attack (cont.)
Neelima Gupta, Dept. of Computer Sc., University of Delhi
S
BH2
4
1 2
D
5
BH1
3
Collaborative Black Hole Attack (cont.)
Existing ApproachesCross Validation from neighbours
(especially Next Hop Neighbours)
will fail
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Dr. Neelima Gupta, Dept. of Computer Sc., University of Delhi
S
M24
1
2
D
5
M1
3RREQ
RREQ
RREQRREQ
RREQRREQ
RREP
RREP
RREP
RREP
RREP RREP RREP
RREQ
Neelima Gupta, Dept. of Computer Sc., University of Delhi
S
BH2
4
1 2
D
5
BH1
3
Collaborative Black Hole Attack (cont.)
Existing ApproachesNeighbour monitoring
M1 will escape
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Collaborative Black hole and Wormhole attack
S
WH2
c4
a1
c1
D
WH1
c3c2
BH1RREQ
RR
EQ
RREQ
RREQ RREQ
RREP
RREP
Out-of-Band Channel
a3a2
RREQ
RREP
RREP
RREP
RREQ
RREQ
RREP
RREP
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Collaborative Black hole and Wormhole attack (cont.)
S
WH2
c4
a1
c1
D
WH1
c3c2
BH1
a3a2
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Collaborative Black hole and Rushing Attack
S
c4
a1
c1
D
a3R1
c3c2
BH1 a2
b2
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Collaborative Black hole and Rushing Attack (cont.)
S
c4
a1
c1
D
R1
c3c2
BH1RREQ
RR
EQ
RREQ
RREQ RREQ
RREP
RREP
a3
a2
RREQ
RREP
RREP
b2
RREQRREQ
RREQ
RREP
RREQ
RREPRREP
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Collaborative Black hole and Rushing Attack (cont.)
S
c4
a1
c1
D
R1
c3c2
BH1
a3
a2
b2
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Current Proposed Solutions to handle collaborative black hole attack
Collacorative Monitoring: Collaborative security architecture for black hole attack prevention in mobile ad hoc networks , A Patcha and A Mishra, Proceedings of RAWCON ’03
Recursive Validation: Sanjay Ramaswamy, Huirong Fu, Manohar Sreekantaradhya, John Dixon and Kendall Nygard. Prevention of Cooperative Black Hole Attack in wireless Ad-Hoc Networks, Intl Conference on wireless netwroks, 2003
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Collaborative Black Hole Attack
S
D
M2
W
W
M1
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Consider this scenario-
S
D
M2
W1
W
RREQ
RREP
M1
Tell W1 to monitor M1
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Case 1: M1 itself drops packets
S
D
M2
W
W
Data
PacketsM1
Buffer of sent packets to M1
Packets are not
forwarded; M1 is
Malicious
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Case 2: M1 forwards but does not inform watchdog to monitor M2
S
DM2
W W
Data
PacketsM1
Buffer of sent packets to M1
Overhear the packets but does not know the next hop id; increments
SUSPECT_NODE counter ->M1 is
Malicious
Does not send
SEND_DATA signal
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Case 3: M1 forwards and informs but M2 drops..will be caught by W2
S
DM2
w1 w2
Data
PacketsM1
Buffer of sent packets to M1
Neelima Gupta, Dept. of Computer Sc., University of Delhi
S
DM2
W W
M1
Buffer of sent packets to M1
Packets are not
forwarded; M2 is
Malicious
SEND_DATA signal
Neelima Gupta, Dept. of Computer Sc., University of Delhi
AnalysisProblem with this appraoch
◦ Monitoring is done during data transmission => loss of data packets. The current solutions does not specify if and how the lost data is re-transmitted
Solution : Some dummy packets may be sent before sending the data packets.
S
21 DM
WW
Data
Packets
M does not have a route to D, so forward to 3
(not in route)
Data Packets
3
NULL or NON-NULL Node
Neighbor List : M
Neighbor List : 3
W
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Another Problem◦Malicious Nodes acting together can
alternately drop packets to keep their individual SUSPECT_NODE counter less than SUSPECT_THRESHOLD, each time a route is established through them.
◦Malicious nodes would not be detected.◦Data packets are permanently lost.
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Recursive neighbor validation
DS
B3
C2
A2A1
B1
C3C1
B2
A3A4
B4
C4
B5
RREQ
RREQRREQRR
EQ
RREQRREQ RREQ
RREQ
RREQRREQ
RREQ
RREQ
RREP
RREP
Intermediate Node, IN
Next Hop Node, NHN
RR
EP
RREP
RREP
RREP
RREP
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Current Proposed Solution to handle collaborative attack
Weichao Wang, Bharat Bhargava, Yi Lu, and Xiaoxin Wu. Defending against wormhole attacks in mobile ad hoc networks. In Wiley Journal Wireless Communications and Mobile Computing (WCMC), volume 6, pages 483 –503. Wiley, 2006.
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Monitoring /characterizing
Defense
Classification
No anomaly
anomaly
Negligible anomaly
Attack handled
Attack
detected
ChallengesTwo much of overhead in• monitoring even if no attack is present.• in isolating the malicious nodes recursively.We propose:1. Get a count of the packets received
from the destination.2. If the count is less than a threshold
then monitor.3. If a node drops more than a certain
threshold, declare it to be malicious. If more than one node drops packet, their sum is compared against the threshold. If greater, both the nodes are delcared to be malicious
Neelima Gupta, Dept. of Computer Sc., University of Delhi
NEED TO THINK DIFFERENTLY
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Neelima Gupta, Dept. of Computer Sc., University of Delhi
Thank You!!!
Recommended