ByAjith U Kamath60-564 Project

Survey onAreas of standardization

ForSecuring Ad hoc networks

Based on

Standardization Areas for securing Ad hoc networksBy Rajesh Talpade and Anthony McAuley

Data Security in Ad hoc networks using Multipath routingBy Souheila Bouam and Jalel Ben-Othman

AGENDA

Introduction Attacks in Ad hoc networks and Areas of

standardization Node configuration Key Management Routing protocol security

Data security based on multipath routing Intrusion Detection Conclusion

Introduction

What are Mobile Ad hoc networks ?

Characteristics

Problems encountered

Attacks in Ad hoc networks

Passive attacks

Active attacks

Black hole attack

Worm hole attack

Routing tables overflow attacks

Attacks in Ad hoc networks Active attacks

Sleep deprivation attacks

Location disclosure attacks

Denial of service attacks

Impersonation attacks

  "Problems worthy of attack

prove their worth by hitting back.“ – By Piet Hein

Areas of Standardization

It is expected in future, multi vendor ad hoc devices would inter-operate securely on a large scale.

Standardization Areas, Node configuration Key management Routing protocol security Intrusion detection

Node ConfigurationIn realistic deployment scenarios nodes of ad hoc network should support auto-configuration.

Link Local IP address assignmentPrivate address spaces (e.g. 169.254/16 prefix)

IPv6 address generation based on hardware interface

Problems: different designs for different link-layers, non-unique interface addresses in some link-layers or vendors, and changeable interface addresses.

Node Configuration Distributed dynamic host configuration

protocol MANET Initialization New node joining the MANET Graceful departure of the node Migration of Requester

tolerate message losses, network partitioning and mergers

does not account for the possibility of nodes behaving maliciously

Key Management

For enforcing confidentiality, integrity, authentication and non-repudiation of messages in ad hoc networks.

Key management Service through CA

A centralized CA-based approach is not applicable to ad hoc networks.

Replicating the CA, introduces the problem of maintaining the synchronization across the multiple CA’s

Key Management Threshold cryptography

An (n; t + 1) threshold cryptography scheme allows ‘n’ parties to share the ability to perform a cryptographic operation, so that any ‘t + 1’ parties can perform this operation jointly, whereas it is infeasible for at most ‘t’ parties to do so, even by collusion.

Key Management

But places unreasonable requirement of forcing some nodes to “volunteer” for specific roles.

Ref: Parallel reliable threshold multisignature by Yair Frankel and Yvo G

Key Management Self organized public key infrastructure

Public key certificates are issued by the users. When user u wants to obtain the authentic public

key of user v, it acquires a chain of public key certificates such that the first certificate of the chain can directly be verified by u using a public key that u holds and trusts.

Similar to PGP but self organized. The approach is probabilistic.

Key Management

Ref: The Quest for Security in Mobile Ad Hoc Networks by Jean-Pierre Hubaux, Levente Butty´an and Srdan Capkun

Routing Protocol Security

An attacker can inject incorrect routing information, replay old information, or cause excessive load to prevent proper routing protocol functioning.

Data security based on multipath routing.Exploit the feature of existence of multiple paths

between nodes in an Ad hoc network.

Routing Protocol Security Assumptions made by the protocol

The sender ‘A’ and the receiver ‘B’ are authenticated.

WEP (Wireless Equivalent Privacy) is used for the encryption/decryption of all the frames at MAC layer and the authentication of the terminals.

A mechanism of discovering the topology of the network is available.

The used routing protocol supports multi-routes.

Routing Protocol Security Description

It uses n routes (n ≥ 3) among N available.

There exist two types of channels

The original message m is divided into (n-1) parts.

The protocol generates, then, a random number x (1< x ≤ (n-1), x integer).

Algorithm can be run with both reactive and proactive routing protocols.

Routing Protocol Security

Ref: Data Security in Ad hoc Networks Using MultiPath Routing By Souheila BOUAM and Jalel BEN-OTHMAN

Routing Protocol Security Position of SDMP

The SDMP header

Routing Protocol Security Improvements

(Accepted in the 2004 International Workshop onMobile Ad Hoc Networks and Interoperability Issues.)

Error and Retransmit management

Ref: Securing Data Transmissions and Retransmissions Management in Ad hoc Networks By Souheila BOUAM and Jalel BEN-OTHMAN

Routing Protocol Security Experimental results

Sending data using the algorithm (n=8 and n=4) and using classical method with one channel are compared. The transmitted file is 4.48 MB length and length of each block is 64 Kbytes.

Ref: Data Security in Ad hoc Networks Using MultiPath Routing By Souheila BOUAM and Jalel BEN-OTHMAN

Routing Protocol Security In the second test, different block sizes at each

data transmission were used. A base file of 19200 Bytes was used.

Ref: Data Security in Ad hoc Networks Using MultiPath Routing By Souheila BOUAM and Jalel BEN-OTHMAN

Routing Protocol Security Drawbacks of the protocol

Diversity coding provides single line failure with only one extra line instantaneously without communicating with the transmitter. But this feature is not made use of in the protocol.

A particular sequence has to be followed to get each message parts. If a message part is lost, all the remaining parts cannot be obtained until receiver receives the lost message part.

More bandwidth is consumed for transmitting the message.

Routing Protocol Security Protocols based on multi path routing

SPREAD (Security Protocol for Reliable data delivery) – uses threshold secret sharing system. Provides maximum security along with reliability of some extent.

Split multi path routing - uses the source routing. The message parts are sent on maximum routes with maximally disjoint paths. The protocol builds multiple routes using request/reply cycles.

M-TCP – Multipath TCP

Routing Protocol Security Dynamic Source Routing

Source routing is a routing technique in which the sender of a packet determines the complete sequence of nodes through which to forward the packet.

Assumes that all hosts wishing to communicate with other hosts within the ad hoc network are willing to participate fully in the protocols of the network.

Route Discovery protocol

Routing Protocol Security Grudging Nodes in DSR

Once non-cooperative behavior has been detected and exceeds threshold values, an ALARM message is sent.

Intrusion Detection

In an ad hoc network, there does not exists natural traffic concentrators such as firewalls/gateways and localized communication pattern.

Intrusion Detection in Ad hoc networks Every node in the ad-hoc network participates

in intrusion detection and response. Each node is responsible for detecting signs of

intrusion locally and independently. Neighboring nodes can collaboratively investigate in

a broader range.

Intrusion DetectionThe conceptual IDS model at every system in the ad hoc network.

Ref: Intrusion Detection in Wireless Ad Hoc Networks By Yongguang Zhang and Wenke Lee

Intrusion Detection

Standardization of the intrusion detection mechanisms and processes enables nodes from multiple vendors to share information and collectively determine the intruding node(s).

Conclusion

Even though significant research work exists in the above areas of ad hoc networks, little or no attempt has been made to standardize mechanisms that would enable multi vendor nodes to inter-operate on a large scale and permit commercial deployments of ad hoc networks. Based on the requirements for each of the identified areas, candidate proposals will need to be evaluated.

Thank You

Questions ? Comments ?