Embed Size (px)
Citation preview
– Generic security servies
Security technology overview
– IEEE 802.11i (Wi-Fi Protected Access: WPA, WPA2)
• A shared key or AAA server
• AAA server– Extensible authentication protocol (EAP)
– EAP: EAPOL between MS and AP and RADIUS between AP and AAA server
– Master session key (MSK)
Security technology overview
– IEEE 802.11i (Wi-Fi Protected Access: WPA, WPA2)
Security technology overview
– IPsec and virtual private networks
– Transport layer security protocol (TLS)
– Secure socket layer (SSL)
– S/MIME or PGP
Security technology overview
– Mesh node (MN), user node (UN), mesh user node (MUN)
– Ad hoc mesh networks: managed or open networks
Mesh usage scenarios
– Factors distringuishing the usage scenarios
Mesh usage scenarios
• Single administrative domain– Keep the outsiders out
– Shared key or node certificate
• Network infrastructure extension– The mesh network is used by end users to access the infrastructure
network
– Security of infrasturcture network access by end users and security within the mesh extension itself
• Mesh federation– The MNs forming a mesh netowrk belong to different adminstrative
domains (operators)
• Community mesh– Not knowing or even trusting each other
Mesh usage scenarios
– Ad hoc networks vs WMNs
• Security challenges– Multihop wireless communications
– Nodes are not physically protected
– Use of wireless links
– Dynamic: topology and membership
– The same security solution may not work for both mesh routers and mesh clients
• Overview of potential attacks to WMNs– External attacks vs internal attacks
– Passive and active attacks
– Protocol layers
Mesh security issues
– Attack types for MANET• Impersonation• Sinkhole attack
– Behaving “logical” next hop for forwarding packets and droping them
• Wormhole attack– Use a malicious paths through legitimate means
• Selfish and greedy behavior attack– Increase own share of the common transmission resource
• Sybil attack– A malicious node pretends the identity of several nodes– Geographic routing protocols?
• Sleep deprivation– Request services from a certain node over and over again
• DoS and flooding
Mesh security issues
• Authentication– Hard in WMN because of the open nature of wireless comm.
– Approaches
• PSK authentication
• Certificate authentication– How to enable the authentication across different domains?
• Authentication to roaming UNs?
• Authentication of MNs ?
– Examples
• Wireless Dual Authentication Protocol (WDAP)
• Secure Unicast Messaging Protocol (SUMP)
Mesh security issues
• Secure MAC layer– IEEE 802.11: nodes that are heavily loaded tend to capture the
channel by continually transmitting data thereby causing lightly loaded neighbors to back off again and again. -> unfairness
– Attacks
• Flooding attack
• Jamming attack by jamming the RTS signal
• Sleep deprivation attack
• Packet dropping attack
– Countermeasures to selfish mishbehavior
• Catch: makes the cooperative neighbors of a selfish node to disconnect it from the rest of the network.
Mesh security issues
– Countermeasures to greedy mishbehavior
• The receiver can detect any misbehavior of the sender and penalize it by increasing the back-off value.
• DOMINO
– Countermeasures to MAC-layer DoS attacks• Single adversary attack and two colluding adversaries
• Ways– Fair MAC protocol
– Protecting traffic flow
– Distance adjustment
Mesh security issues
• Secure routing– Threats for ad hoc mesh routing functionality
• Eavesdropping
• Sinkhole, wormhole
• Routing table overflow: attempts to create routes to nonexistent nodes
• Rushing attack: An attacker forwards RREQs more quickly than legitinate nodes can do so. Thus, …
• Sleep deprivation
• Location disclosure
Mesh security issues
• Secure routing– A secure ad hoc mesh routing protocol should fulfill:
• Certain discovery
• Isolation: immune to malicious nodes
• Lighweight computation
• Location privacy
• Self-stabilization
• Byzantine robustness: a stricter version of the self-stabilization property
Mesh security issues
– Cryptography-based solutions
• Authenticated ruting for ad hoc networks (ARAN) utilizes cryptographic certificates to achieve authentication and nonrepudiation
• Secure routing protocol (SRP): a shared key
• Secure efficient ad hoc distance vector (SEAD): DSDV, hash chains to authenticate hop counts and sequence numbers
• Secure ad hoc on-demand distance vector routing (SAODV): AODV, digital signatures and hash chains
Mesh security issues
– Reputation-based solutions
• The pathrater assesses the results of the watchdog and selects the most reliable path for packet delivery.
– Add-ons to existing protocols• Security-aware ad hoc routing utilizes a security metric for
the route discovery and maintenance functions.
– Countermeasures to specific attacks• In best-effort fault tolerant routing, path redundany is used
to tolerate misbehavior by using disjoint routes.
Mesh security issues
• Key management and communications security– Key management: supports the establishment and maintenance
of keying relationships between authorized parties.
– How to distribute initial keys?
– A suitable infrastructure can be used
• A single stakeholder
• A public-key infra
• Security master
Mesh security issues
• Key management and communications security– For routing traffic, options are
• No security at all• Protect integrity of routing messages through a MAC• Protect integrity of routing messages through a digital signature
in a hop-by-hop mode• Protect integrity of routing messages through a digital signature
in an end-to-end mode • Condifentializty of routing messages
– For the protection of user data, options are• No security at all• Secure comm within a group that shares a secret group key• Secure end-to-end communication using public-key crptography
Mesh security issues
• Intrusion detection– Use “training” data to determine characteristics of normal
routing table updates and normal MAC layer.
Mesh security issues
• System proposals– Tropos
• 802.1x/EAP-based authentication against a AAA-server (RADIUS)
• A secure IPsec-based VPN
Concrete proposals
• Authentication protocols– WDAP for IEEE 802.11 WMNs
– SUMP for sensor networks
– The overhead at the server side
– Wireless dual authentication protocol (WDAP)
• Mitigation of the overhead of 802.11i– The authentication is already completed when the UN
arrives within the range of the next AP
– A key caching options to allow the UN and the AP to remember the last used PMK
– Since both WS and AP are assumed not to trust each other until the AS authenticates both of them.
Concrete proposals
• Authentication protocols– Wireless dual authentication protocol (WDAP)
Concrete proposals
• Authentication protocols– Wireless dual authentication protocol (WDAP)
Concrete proposals
• Authentication protocols– Wireless dual authentication protocol (WDAP)
Concrete proposals
