Secure Routing for Mobile Ad-hoc Networks

Similar documents
SECURE ROUTING PROTOCOLS IN AD HOC NETWORKS

Security in Mobile Ad-hoc Networks. Wormhole Attacks

Study of Route Reconstruction Mechanism in DSDV Based Routing Protocols

AODV Routing Protocol in MANET based on Cryptographic Authentication Method

Wireless Network Security Spring 2015

Secure routing in ad hoc and sensor networks

Routing in Ad Hoc Wireless Networks PROF. MICHAEL TSAI / DR. KATE LIN 2014/05/14

A Performance Comparison of Multi-Hop Wireless Ad Hoc Network Routing Protocols

International Journal of Advanced Research in Computer Science and Software Engineering

Routing protocols in Mobile Ad Hoc Network

A survey on AODV routing protocol for AD-HOC Network

A Survey of Attacks in Mobile Ad Hoc Network

[Kamboj* et al., 5(9): September, 2016] ISSN: IC Value: 3.00 Impact Factor: 4.116

Gateway Discovery Approaches Implementation and Performance Analysis in the Integrated Mobile Ad Hoc Network (MANET)-Internet Scenario

Defenses against Wormhole Attack

A New Energy-Aware Routing Protocol for. Improving Path Stability in Ad-hoc Networks

REVIEW ON ROUTING PROTOCOLS FOR MOBILE AD HOC NETWORKS

ECS-087: Mobile Computing

Analysis of Black-Hole Attack in MANET using AODV Routing Protocol

Simulation & Performance Analysis of Mobile Ad-Hoc Network Routing Protocol

Management Science Letters

CS551 Ad-hoc Routing

Performance Investigation and Analysis of Secured MANET Routing Protocols

DYNAMIC SEARCH TECHNIQUE USED FOR IMPROVING PASSIVE SOURCE ROUTING PROTOCOL IN MANET

A COMPARISON STUDY OF DSDV AND SEAD WIRELESS AD HOC NETWORK ROUTING PROTOCOLS

Performance Comparison of AODV, DSR, DSDV and OLSR MANET Routing Protocols

Ad Hoc Routing Protocols and Issues

A Novel Secure Routing Protocol for MANETs

COMPARATIVE STUDY AND ANALYSIS OF AODTPRR WITH DSR, DSDV AND AODV FOR MOBILE AD HOC NETWORK

Content. 1. Introduction. 2. The Ad-hoc On-Demand Distance Vector Algorithm. 3. Simulation and Results. 4. Future Work. 5.

Dynamic Search Technique Used for Improving Passive Source Routing Protocol in Manet

Symmetric Key Cryptography based Secure AODV Routing in Mobile Adhoc Networks

Arvind Krishnamurthy Fall 2003

Efficient and Secure Source Authentication for Multicast

Security in Ad Hoc Networks *

Security Issues In Mobile Ad hoc Network Routing Protocols

Wireless Network Security Spring 2013

LECTURE 9. Ad hoc Networks and Routing

Comparison of Various Routing Protocols & Brief of MANET

A COMPARISON OF REACTIVE ROUTING PROTOCOLS DSR, AODV AND TORA IN MANET

Implementation of AODV Protocol and Detection of Malicious Nodes in MANETs

Measure of Impact of Node Misbehavior in Ad Hoc Routing: A Comparative Approach

Maharishi Markandeshwar University

Analysis QoS Parameters for Mobile Ad-Hoc Network Routing Protocols: Under Group Mobility Model

2013, IJARCSSE All Rights Reserved Page 85

Secure Ad-Hoc Routing Protocols

Lecture 13: Routing in multihop wireless networks. Mythili Vutukuru CS 653 Spring 2014 March 3, Monday

PERFORMANCE BASED EVALUATION OF DSDV, AODV AND DSR ROUTING PROTOCOLS IN MANET

Performance Evaluation of MANET through NS2 Simulation

Zone-based Proactive Source Routing Protocol for Ad-hoc Networks

Mobile Ad-hoc Networks (MANET)

Performance Evaluation of Various Routing Protocols in MANET

Secured Routing with Authentication in Mobile Ad Hoc Networks

A Highly Effective and Efficient Route Discovery & Maintenance in DSR

Backward Aodv: An Answer To Connection Loss In Mobile Adhoc Network (Manet)

UCS-805 MOBILE COMPUTING Jan-May,2011 TOPIC 8. ALAK ROY. Assistant Professor Dept. of CSE NIT Agartala.

Optimizing Performance of Routing against Black Hole Attack in MANET using AODV Protocol Prerana A. Chaudhari 1 Vanaraj B.

PERFORMANCE ANALYSIS OF AODV ROUTING PROTOCOL IN MANETS

Security Measures in Aodv for Ad Hoc Network

A Review of Reactive, Proactive & Hybrid Routing Protocols for Mobile Ad Hoc Network

PERFORMANCE BASED EVALUATION OF DSDV, AODV AND DSR ROUTING PROTOCOLS IN MANET

SRPS: Secure Routing Protocol for Static Sensor Networks

International Journal of Advance Research in Computer Science and Management Studies

PERFORMANCE EVALUATION OF DSR USING A NOVEL APPROACH

Outline. CS5984 Mobile Computing. Taxonomy of Routing Protocols AODV 1/2. Dr. Ayman Abdel-Hamid. Routing Protocols in MANETs Part I

Packet Estimation with CBDS Approach to secure MANET

Mobile & Wireless Networking. Lecture 10: Mobile Transport Layer & Ad Hoc Networks. [Schiller, Section 8.3 & Section 9] [Reader, Part 8]

Comparative Study of Routing Protocols in MANET

STUDY ON MOBILE ADHOC NETWORK ROUTING PROTOCOLS

A Hybrid Routing Protocol for Ad-hoc Wireless Network Based on Proactive and Reactive Routing Schemes

Detection of Malicious Nodes in Mobile Adhoc Network

Performance Analysis and Enhancement of Routing Protocol in Manet

A Research Study On Packet Forwarding Attacks In Mobile Ad-Hoc Networks

Routing Protocol Based Shared and Session Key Exchange Protocol for Wireless Mobile Ad-hoc Network

A Comparative Study between AODV and DSDV Routing Protocols in Mobile Ad Hoc Networks using Network Simulator NS2

MANET TECHNOLOGY. Keywords: MANET, Wireless Nodes, Ad-Hoc Network, Mobile Nodes, Routes Protocols.

Volume 3, Issue 6, June 2015 International Journal of Advance Research in Computer Science and Management Studies

Performance Analysis of Three Routing Protocols for Varying MANET Size

Chapter 16. Wireless LAN, Mobile Ad Hoc Networks, and MANET Routing Protocols. Wireless Network Models. Illustration of an ad hoc network

Wireless LAN, Mobile Ad Hoc Networks, and MANET Routing Protocols

Routing Protocols in MANETs

Survey of Routing Protocols for Mobile Ad hoc Networks

A Study of Bellman-Ford, DSR and WRP Routing Protocols with Respect to Performance Parameters for Different Number of Nodes

Performance of Ad-Hoc Network Routing Protocols in Different Network Sizes

COMPARATIVE ANALYSIS AND STUDY OF DIFFERENT QOS PARAMETERS OF WIRELESS AD-HOC NETWORK

Simulation Based Performance Analysis of Routing Protocols Using Random Waypoint Mobility Model in Mobile Ad Hoc Network

ROUTE STABILITY MODEL FOR DSR IN WIRELESS ADHOC NETWORKS

A Graph-based Approach to Compute Multiple Paths in Mobile Ad Hoc Networks

Mobile Ad Hoc Network Routing Protocols: A Comparative Study

Performance Evaluation of AODV DSDV and OLSR Routing Protocols with Varying FTP Connections in MANET

PERFORMANCE EVALUATION OF DSR AND AODV OVER UDP AND TCP CONNECTIONS

Relative Performance Analysis of Reactive (on-demand-driven) Routing Protocols

Secure Bootstrapping and Routing in an IPv6-Based Ad Hoc Network

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

Ariadne: Secure On-Demand Routing in Ad-Hoc Networks an explanation for dummies

Impact of Hello Interval on Performance of AODV Protocol

Analysis of Routing Protocols in MANETs

Architecture of EHARP Routing Protocols in Ad Hoc Wireless Networks

Performance Analysis of Routing Protocols in MANET

Power aware Multi-path Routing Protocol for MANETS

Transcription:

Department of Computer Science IIT Kanpur CS625: Advanced Computer Networks

Outline 1 2 3 4

Outline 1 2 3 4

Need Often setting up an infrastructure is infeasible Disaster relief Community networks (OLPC) Military applications Enter MANETs

Challenges No infrastructure Wireless (duplicate, delayed packets) Mobility Highly dynamic topology Devices are usually resource-limited

Outline 1 2 3 4

Classification Table-driven / Proactive Nodes periodically share their routing information with all others Every node has routing information for the entire network Problems w.r.t. efficiency, scalability DSDV, CGSR On-demand / Reactive First attempt at making a connection triggers Route Discovery Subsequently require Route Maintenance in case nodes in a route go down Drawback setup time for first connection is high AODV, DSR, TORA

Example: DSDV Table-driven protocol Remember Distance Vector routing? And the count-to-infinity problem? DSDV: Destination Sequence Distance Routing Use sequence numbers to tackle count-to-infinity Destination node gives an even sequence number to its own updates If a neighbour finds a destination down, sends updates with next odd sequence number Nodes use routing information with the newest sequence number (or the one with the best metric if the sequence numbers are the same)

Example: DSDV Some optimisations Send a full dump initially and incremental updates periodically Measure average time between first and best updates for each destination Defer future updates for that time period

Example: Dynamic Source Routing On-demand protocol Route Discovery Source broadcasts a route request message containing the destination and a broadcast ID If an intermediate node does not have a route, it forwards the request, appending its own address Intermediate nodes only forward the first instance of the request they see The destination gets the request with the list of intermediate nodes and sends back this list using the reverse route, or using another route request The source now does source routing using this path Route maintenance Route error messages for broken links and acknowledgments to ascertain link status

Outline 1 2 3 4

Attacks Routing disruption Loop creation Blackholes (route all packets through self) Blackmail (force blacklisting of a node) Force suboptimal routing Partition the network Wormholes (require collusion, hard to tackle) Resource consumption Flood control messages

Outline 1 2 3 4

First set of protocols assume some form of initialisation independent of the ad-hoc network Single shared secret One compromised node compromises the network Trusted KDC Introduces some infrastructure Single point of failure Asymmetric cryptography is an option Expensive for low-capacity nodes One-way hash chains

One-way Hash Chains Used to authenticate messages from a sender We are given a publicly known one-way hash function, H Sender generates a random seed, x, and a set of n keys as follows k 0 = x k i = H (k i 1 ) Receivers are preconfigured with k n for each sender One key per message sender sends encrypted/signed message and key Messages is valid if there if H j (key) is equal to some previously received key

Outline 1 2 3 4

TESLA Every node has a one-way hash chain A node releases keys as per a commonly known schedule Requires loose time synchronisation (upto drift) Let maximum end-to-end delay be τ For each message, sender attaches a keyed MAC using a key that will be not be published before (τ + 2 ) time units from time of sending Receiver verifies the TESLA condition The key with which the message has been signed has not yet been published The key will be disclosed soon enough Buffers the packet and waits till the key is published

Ariadne Ariadne is based on DSR Also assumes pair-wise shared secrets for all source-destination pairs (but can be done without) Route request h 0 = MAC SD (msg) Source sends src, dst, id, t i, h 0, (), () An intermediate node, X, verifies that t i is valid h X = H (X, h X 1 ) M X = MAC Xti (msg) X sends src, dst, id, t i, h X, (..., X), (..., M X ) Receiver can calculate h 0, and can thus validate the request (for the most part)

Ariadne Route reply M dst = MAC DS (msg) Receiver sends dst, src, id, t i, nodelist, hashlist, M dst, () Intermediate nodes wait for X ti to be published and then attach it the list at the end Source can now verify the destination MAC, and that of each node in the route Route error If a node finds the next hop is unreachable, sends a Route Error to the source Again use Tesla for authentication sndr, dst, time, MAC, recentkey

Ariadne Node in path might not return Route Error messages Get feedback on received packets through some mechanism Use multiple paths, penalising low-reliability paths If an intruder is detected, include a blacklist in future route requests Route request floods Attacker might flood the network with requests, since these are only finally authenticated by the target Maintain a separate TESLA chain for route requests, and do authentication at neighbours

Outline 1 2 3 4

Bootstrapping Assuming prior initialisation might not be realistic Not all nodes may be administered by a single body Hybrid solution Assume at most t nodes can be compromised (n, t + 1) Threshold Cryptography Some nodes have to act as servers PGP-like mechanism Statistically Unique and Cryptographically Verifiable identifiers

Outline 1 2 3 4

SUCV Every node has a public-private key-pair Address is a hash of the public key Again built on DSR Route request: source sends src, dst, id, sig, pubkey, () Each intermediate node just appends itself to the list at the end Destination can authenticate the request Route reply: destination sends route, src, dst, id, (a, b,...), sig, pubkey Intermediate nodes cannot tamper, source can verify

Route maintenance: intermediate node sends sndr, dst, sig, pubkey Source can verify that the message originated at sndr This mechanism can be used with SEAD, Ariadne, etc. Bugs? Intermediate node can add arbitrary routes during route discovery maybe each intermediate node can append a signature Need timestamps and loose time-synchronisation to prevent replay attacks

Q&A Thanks!

References I Royer and Toh A Review of Current Routing Protocols for Ad Hoc Mobile Wireless Networks IEEE Personal Communications, 1999 Perkins and Bhagwat Highly Dynamic Destination-Sequenced Distance-Vector (DSDV) Routing for Mobile Computers SIGCOMM 94 Johnson and Maltz Dynamic Source Routing in Ad-Hoc Wireless Networks Mobile Computing, 1996

References II Hu, et. al. Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks MobiCom 02 Bobba, et. al Bootstrapping Security Associations for Routing in Mobile Ad-Hoc Networks ISR TR 2002

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback