Wireless Network Security Spring 2015

Similar documents
Wireless Network Security Spring 2013

Wireless Network Security Spring 2016

Wireless Network Security Spring 2016

SECURE ROUTING PROTOCOLS IN AD HOC NETWORKS

Lecture 13: Routing in multihop wireless networks. Mythili Vutukuru CS 653 Spring 2014 March 3, Monday

Mobile Ad-hoc and Sensor Networks Lesson 04 Mobile Ad-hoc Network (MANET) Routing Algorithms Part 1

AODV Routing Protocol in MANET based on Cryptographic Authentication Method

Content. 1. Introduction. 2. The Ad-hoc On-Demand Distance Vector Algorithm. 3. Simulation and Results. 4. Future Work. 5.

Secured Routing with Authentication in Mobile Ad Hoc Networks

A Novel Secure Routing Protocol for MANETs

Management Science Letters

Analysis of Black-Hole Attack in MANET using AODV Routing Protocol

Routing in Ad Hoc Wireless Networks PROF. MICHAEL TSAI / DR. KATE LIN 2014/05/14

SEAR: a secure efficient ad hoc on demand routing protocol for wireless networks

LECTURE 9. Ad hoc Networks and Routing

A Research Study On Packet Forwarding Attacks In Mobile Ad-Hoc Networks

Symmetric Key Cryptography based Secure AODV Routing in Mobile Adhoc Networks

CMPE 257: Wireless and Mobile Networking

Secure routing in ad hoc and sensor networks

Authenticated Routing for Ad hoc Networks

Secure Routing for Mobile Ad-hoc Networks

Performance Investigation and Analysis of Secured MANET Routing Protocols

Mobile Ad-hoc Networks (MANET)

Security Measures in Aodv for Ad Hoc Network

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

Security Issues In Mobile Ad hoc Network Routing Protocols

6. Node Disjoint Split Multipath Protocol for Unified. Multicasting through Announcements (NDSM-PUMA)

SECURED VECTOR ROUTING PROTOCOL FOR MANET S IN PRESENCE OF MALICIOUS NODES

UCS-805 MOBILE COMPUTING Jan-May,2011 TOPIC 8. ALAK ROY. Assistant Professor Dept. of CSE NIT Agartala.

Unicast Routing in Mobile Ad Hoc Networks. Dr. Ashikur Rahman CSE 6811: Wireless Ad hoc Networks

Security in Ad Hoc Networks *

Security in Mobile Ad-hoc Networks. Wormhole Attacks

Routing Protocols in MANETs

Enhanced Secure Routing Model for MANET

A Survey of Existing Approaches for Secure Ad Hoc Routing and Their Applicability to VANETS

Secure Routing Techniques to Mitigate Insider Attacks in Wireless Ad Hoc Networks

Secure Ad-Hoc Routing Protocols

White Paper. Mobile Ad hoc Networking (MANET) with AODV. Revision 1.0

A Comparative Study of Routing Protocols for Mobile Ad-Hoc Networks

Wireless Networking & Mobile Computing

Wireless Network Security Spring 2015

A Survey on Security Analysis of Routing Protocols By J.Viji Gripsy, Dr. Anna Saro Vijendran

ECS-087: Mobile Computing

Routing protocols in Mobile Ad Hoc Network

Mobile & Wireless Networking. Lecture 10: Mobile Transport Layer & Ad Hoc Networks. [Schiller, Section 8.3 & Section 9] [Reader, Part 8]

Implementation of AODV Protocol and Detection of Malicious Nodes in MANETs

A Review of Reactive, Proactive & Hybrid Routing Protocols for Mobile Ad Hoc Network

CHAPTER II LITERATURE REVIEW. route to reach the destination and it will distribute the routing information when there is

Outline. CS5984 Mobile Computing. Taxonomy of Routing Protocols AODV 1/2. Dr. Ayman Abdel-Hamid. Routing Protocols in MANETs Part I

Securing AODV Using HMAC of Cryptography for MANETs

Secure Routing and Transmission Protocols for Ad Hoc Networks

Scenario Based Performance Evaluation of Secure Routing in MANETs

An Efficient Approach against Rushing Attack in MANET

Self-Organized Network-Layer Security in Mobile Ad Hoc Networks

Ad-Hoc Data Processing and Its Relation with Cloud Computing Process Using Functional Approach

A Review on Black Hole Attack in MANET

MANET TECHNOLOGY. Keywords: MANET, Wireless Nodes, Ad-Hoc Network, Mobile Nodes, Routes Protocols.

SCENARIO BASED PERFORMANCE EVALUATION OF SECURE ROUTING IN MANETs

Mohamed Ahmed Abdelshafy Abdallah

Considerable Detection of Black Hole Attack and Analyzing its Performance on AODV Routing Protocol in MANET (Mobile Ad Hoc Network)

A COMPARISON OF IMPROVED AODV ROUTING PROTOCOL BASED ON IEEE AND IEEE

A Survey on Wireless Routing Protocols (AODV, DSR, DSDV)

Wireless Network Security Spring 2011

Secure and Efficient Routing Mechanism in Mobile Ad-Hoc Networks

Ad Hoc Networks: Issues and Routing

Computation of Multiple Node Disjoint Paths

CS551 Ad-hoc Routing

Secure Bootstrapping and Routing in an IPv6-Based Ad Hoc Network

A Comparative study of On-Demand Data Delivery with Tables Driven and On-Demand Protocols for Mobile Ad-Hoc Network

Mobile Ad-Hoc Networks & Routing Algorithms

A Comparative Study between AODV and DSDV Routing Protocols in Mobile Ad Hoc Networks using Network Simulator NS2

Performance Comparison of AODV, DSR, DSDV and OLSR MANET Routing Protocols

Figure 1: Ad-Hoc routing protocols.

Mobile Communications. Ad-hoc and Mesh Networks

Kapitel 5: Mobile Ad Hoc Networks. Characteristics. Applications of Ad Hoc Networks. Wireless Communication. Wireless communication networks types

Optimizing Performance of Routing against Black Hole Attack in MANET using AODV Protocol Prerana A. Chaudhari 1 Vanaraj B.

Trust Based Routing for Dynamic Source Routing Protocol

An On-demand Secure Routing Protocol Resilient to Byzantine Failures

Mobility and Density Aware AODV Protocol Extension for Mobile Adhoc Networks-MADA-AODV

Simulation and Comparative Analysis of AODV, DSR, DSDV and OLSR Routing Protocol in MANET Abstract Keywords:

Secure Routing with the AODV Protocol

Experiment and Evaluation of a Mobile Ad Hoc Network with AODV Routing Protocol

Varying Overhead Ad Hoc on Demand Vector Routing in Highly Mobile Ad Hoc Network

A Survey on Security Enhanced Multicast Routing Protocols in Mobile Ad Hoc Networks

Gurinder Pal Singh Chakkal, Sukhdeep Singh Dhillon

Arvind Krishnamurthy Fall 2003

A Secure Routing Protocol for Ad Hoc Networks

Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols

AODV-PA: AODV with Path Accumulation

Performance Analysis of Aodv Protocol under Black Hole Attack

Power aware Multi-path Routing Protocol for MANETS

Ad-hoc and Infrastructured Networks Interconnection

Performance Evaluation of MANET through NS2 Simulation

A Comparative Analysis of Energy Preservation Performance Metric for ERAODV, RAODV, AODV and DSDV Routing Protocols in MANET

Security Issues in Mobile Ad hoc Network Noman Islam 1, Zubair A.Shaikh 2

Wireless Network Security Spring 2015

Webpage: Volume 4, Issue VI, June 2016 ISSN

QoS Routing By Ad-Hoc on Demand Vector Routing Protocol for MANET

[Nitnaware *, 5(11): November 2018] ISSN DOI /zenodo Impact Factor

SRPS: Secure Routing Protocol for Static Sensor Networks

Transcription:

Wireless Network Security Spring 2015 Patrick Tague Class #11 Routing and Forwarding Security 2015 Patrick Tague 1

Class #11 Basics of routing in ad hoc networks Control-plane attacks and defenses Data-plane attacks and defenses 2015 Patrick Tague 2

Let's start with some basics of MANET Routing 2015 Patrick Tague 3

Popular Routing Protocols Link State (LS) routing Optimized Link State Routing (OLSR) Proactive Distance Vector (DV) routing Destination Sequenced Distance Vector (DSDV) Ad hoc On-demand Distance Vector (AODV) Dynamic Source Routing (DSR) On Demand 2015 Patrick Tague 4

On-Demand Routing On-demand routing has several advantages and disadvantages in MANETs Efficiency: (+) Routing information isn't constantly collected and updated, only when needed (-) One-time cost of info collection can be higher Security: (+) Source nodes are aware of the entire path, unlike fully distributed algorithms that just focus on next hop (-) Long-term information typically isn't available Overall, advantages outweigh the disadvantages, so ondemand routing (esp. source routing) is popular 2015 Patrick Tague 5

Route Discovery Source S and neighboring nodes use control message exchanges to discover a route from S to destination D 2015 Patrick Tague 6

Route request flooding: Route Discovery Source S broadcasts a Route Request (RREQ) packet to its neighbors 2015 Patrick Tague 7

RREQ forwarding: Route Discovery If the neighbor has no prior relationship with the destination, it will further broadcast the RREQ 2015 Patrick Tague 8

Route Discovery Flooding of control packets to discover routes Once the RREQ packet reaches the destination, or a node that knows the destination, the node will unicast a RREP packet to the source via the routed path 2015 Patrick Tague 9

Route Discovery Upon receiving the RREQ, D (or another node that knows D) will unicast a Route Reply (RREP) back to S along the found path 2015 Patrick Tague 10

Route Maintenance If a node can no longer reach the next hop Sends Route Error (RERR) control packet to inform upstream neighbors Route cache alternative (DSR) or rediscovery 2015 Patrick Tague 11

AODV vs. DSR AODV Routing tables one route per destination DSR Routing caches multiple routes per destination Always chooses fresher routes Sequence numbers Does not have explicit mechanism to expire stale routes More frequent discovery flood to ensure freshness Source Routing Intermediate nodes learn routes in 1 discovery cycle 2015 Patrick Tague 12

Now, how could an attacker interfere or manipulate MANET routing? 2015 Patrick Tague 13

Modification Attacks AODV seq# modification AODV uses seq# as a timestamp (high seq# fresh) Attacker can raise seq# to make its path attractive DSR hop count modification DSR uses #hops for efficiency (low #hops cheap) Attacker can lower/raise #hops to attract/repel 2015 Patrick Tague 14

Modification Attacks DSR route modification Non-existent route (DoS) Loops (resource exhaustion, DoS) No control to prevent loops after route discovery (more of a data plane attack, we'll get there later) Tunneling 2015 Patrick Tague 15

RREQ Flooding Flood the network with RREQs to an unreachable destination address Example : S continuously send RREQ packet to destination X 2015 Patrick Tague 16

AODV/DSR Spoofing Attacker listens for RREQ/RREP from neighbors Send an attractive RREP with spoofed ID Spoof more IDs with interesting results 2015 Patrick Tague 17

Fabrication Attacks DoS against AODV/DSR by falsifying route errors 2015 Patrick Tague 18

Fabrication Attacks DSR route cache poisoning 2015 Patrick Tague 19

Control-Plane Security How to guarantee that an established path can be efficient (e.g., short) and/or reliable? How to prevent attackers from manipulating path discovery/construction? What metrics can be used to quantify the value of a path? Length? Latency? Trust? 2015 Patrick Tague 20

Securing DV Routing Distance vector (DV) routing is one of the classical approaches to network routing SEAD: Secure Efficient Ad hoc DV routing [Hu et al., Ad Hoc Networks 2003] Based on DSDV protocol using sequence numbers to prevent routing loops and async. update issues Uses hash chains to authenticate routing updates Relies on existing mechanisms to distribute authentic hash chain end-elements 2015 Patrick Tague 21

Securing LS Routing Link-state (LS) routing is another classical approach to network routing SLSP: Secure Link-State Protocol [Papadimitratos and Haas, WSAAN 2003] MAC address / IP address pairs are bound using digital signatures Allows for detection of address re-use and change Link state updates are signed and propagated only in a limited zone, with the hop count authenticated by a hash chain 2015 Patrick Tague 22

Secure Routing Protocol [Papadimitratos & Haas, 2002] SRP authenticates single-hop exchanges in DSR request and reply messages Since protection is hop-by-hop, SRP over DSR is vulnerable to path (or other parameter) modification 2015 Patrick Tague 23

SAODV [Guerrero Zapata & Asokan, 2002] Secure AODV introduces signatures into the AODV routing protocol to authenticate various message fields RREQ and RREP messages are signed, hop counts are authenticated using hash chains 2015 Patrick Tague 24

ARAN [Sanzgiri et al., ICNP 2002] ARAN: Authenticated Routing for Ad hoc Networks (based on AODV) Make use of cryptographic certificates and asymmetric key to achieve authentication, message integrity and nonrepudiation Need preliminary certification process before a route instantiation process Routing messages are authenticated at each hop from source to destination and vice versa 2015 Patrick Tague 25

Auth. Route Discovery Broadcast Message Unicast Message 2015 Patrick Tague 26

Auth. Route Setup Broadcast Message Unicast Message 2015 Patrick Tague 27

Route Maintenance Send ERR message to deactivate route Broadcast Message Unicast Message 2015 Patrick Tague 28

Modification attacks ARAN Security Prevents redirection using seq# or #hops Prevents DoS with modified source routes Prevents tunneling attacks Impersonation attacks Prevents loop-forming by spoofing Fabrication attacks Prevents route error falsification 2015 Patrick Tague 29

ARAN Limitations ARAN relies on an underlying PKI Requires a trusted third-party / infrastructure Requires either: Significant communication overhead to interact with the TTP for near-term updates/revocation Long delays in certificate updates, revocation lists, etc. 2015 Patrick Tague 30

Ariadne [Hu, Perrig, & Johnson, 2004] Ariadne is a secure on-demand routing protocol built on DSR and Tesla DSR: Dynamic Source Routing, Tesla: Timed Efficient Stream Loss-tolerant Authentication (broadcast auth) Route request and reply messages are authenticated Ariadne is vulnerable to malicious forwarding by attackers on the selected routing path requires an additional mechanism to feed back path loss/quality 2015 Patrick Tague 31

Feb 24: Forwarding Security; Network Privacy & Anonymity 2015 Patrick Tague 32

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback