Wireless Network Security Spring 2011

Similar documents
Wireless Network Security Spring 2012

Wireless Network Security Spring 2013

Wireless Network Security Spring 2014

Wireless Network Security Spring 2015

Wireless Network Security Spring 2011

DOMINO: A System to Detect Greedy Behavior in IEEE Hotspots

Mohammad Hossein Manshaei

Resource sharing optimality in WiFi infrastructure networks

AIMAC: An Auction-Inspired MAC Protocol

Wireless Network Security Spring 2011

DOMINO: A System to Detect Greedy Behavior in IEEE Hotspots

Wireless Network Security Spring 2011

Final Exam: Mobile Networking (Part II of the course Réseaux et mobilité )

A Robust Kolmogorov-Smirnov Detector for Misbehavior in IEEE DCF

Attacks on WLAN Alessandro Redondi

Caveat. Much of security-related stuff is mostly beyond my expertise. So coverage of this topic is very limited

Mohamed Khedr.

Practical Lazy Scheduling in Wireless Sensor Networks. Ramana Rao Kompella and Alex C. Snoeren

Malicious or Selfish? Analysis of Carrier Sense Misbehavior in IEEE WLAN

Detection and Prevention of MAC Layer Misbehavior for Ad Hoc Networks. by Alvaro A. Cardenas, Svetlana Radosavac, John S. Baras

Wireless Network Security Spring 2013

Wireless Network Security Spring 2014

MAC LAYER MISBEHAVIOR EFFECTIVENESS AND COLLECTIVE AGGRESSIVE REACTION APPROACH. Department of Electrical Engineering and Computer Science

Wireless Challenges : Computer Networking. Overview. Routing to Mobile Nodes. Lecture 25: Wireless Networking

Subject: Adhoc Networks

Resource Allocation in Contention-Based WiFi Networks

Performance anomaly of b

High Performance Distributed Coordination Function for Wireless LANs

Page 1. EEC173B/ECS152C, Spring Wireless Mesh Networks. Wireless LAN or Cellular Networks. Introduction Flow Control Issues Rate Adaptation

Lecture 16: QoS and "

Detecting IEEE MAC layer misbehavior in ad hoc networks: Robust strategies against individual and colluding attackers

IEEE Proof Print Version

Resource Allocation in Contention-Based Infrastructured and Ad-hoc Wireless Networks

A Study of Jamming Attacks in IEEE Networks. Deepak Nadig Anantha

Intelligent Transportation Systems. Medium Access Control. Prof. Dr. Thomas Strang

Wireless Network Security Spring 2011

Performance Analysis under MAC Layer Misbehavior Attack in Mobile Ad-Hoc Networks

Wireless Networks (MAC)

CS263: Wireless Communications and Sensor Networks

Wireless Networks (MAC) Kate Ching-Ju Lin ( 林靖茹 ) Academia Sinica

936 IEEE/ACM TRANSACTIONS ON NETWORKING, VOL. 17, NO. 3, JUNE In the GSM network, the control channels of the TDM channels use slotted-

A Wired-side Approach to MAC Misbehavior Detection

MAC in /20/06

15-441: Computer Networking. Wireless Networking

Advanced Computer Networks WLAN

Introduction and Scope of Research

PCC: Performance-oriented Congestion Control

Congestion Control In the Network

Detection and Handling of MAC Layer Misbehavior in Wireless Networks

Attackers. Abstract. probabilistic distributed MAC protocol, we focus our analysis on the IEEE MAC. Keywords

Fairness in the IEEE network. Shun Y. Cheung

Game Theory and Learning at the Medium Access Control Layer for Distributed Radio Resource Sharing in Random Access Wireless Networks

Transmission Rate Control through MAC Layer Acknowledgements Feedback

Analytical Models for Understanding Misbehavior and MAC Friendliness in CSMA Networks

Strategies and Guidelines for Improving Wireless Local Area Network Performance

CSE 461: Wireless Networks

Internetwork Expert s CCNP Bootcamp. Wireless LANs. WLANs replace Physical (layer 1) and Data Link (layer 2) transports with wireless

ON SECURITY-ENERGY TRADEOFFS AND COOPERATION FOR WIRELESS AD HOC NETWORKS

Transport layer issues

Mobile Security Fall 2011

Wireless Networks (CSC-7602) Lecture 8 (22 Oct. 2007) Seung-Jong Park (Jay) Fair Queueing

Local Area Networks NETW 901

Interference avoidance in wireless multi-hop networks 1

Auto-configuration of n WLANs

Queuing. Congestion Control and Resource Allocation. Resource Allocation Evaluation Criteria. Resource allocation Drop disciplines Queuing disciplines

Fault-Aware Flow Control and Multi-path Routing in Wireless Sensor Networks

Wireless Network Security Spring 2016

B. Bellalta Mobile Communication Networks

ECE442 Communications Lecture 3. Wireless Local Area Networks

Firewall Simulation COMP620

Cross-layer attacks in wireless ad hoc networks 1

Using Game Theory To Solve Network Security. A brief survey by Willie Cohen

Addressing Asymmetric Link in Wireless Mesh Networks

WiFi Networks: IEEE b Wireless LANs. Carey Williamson Department of Computer Science University of Calgary Winter 2018

Concurrent-MAC: Increasing Concurrent Transmissions in Dense Wireless LANs

CHAPTER 3 ENHANCEMENTS IN DATA LINK LAYER

Wireless Network Security Spring 2014

Detection of Greedy Individual and Colluding MAC Layer Attackers. by Svetlana Radosavac, Alvaro Cardenas, John S. Baras, George V.

Mobile Communications Chapter 7: Wireless LANs

A Measurement Study of Multiplicative Overhead Effects in Wireless Networks

Department of Electrical and Computer Systems Engineering

Wireless TCP Performance Issues

Advanced WiFi Attacks Using Commodity Hardware

Medium Access Control (MAC) Protocols for Ad hoc Wireless Networks -IV

Unit 7 Media Access Control (MAC)

Data Communications. Data Link Layer Protocols Wireless LANs

A SECURITY-ENABLED WIRELESS TOKEN CLUSTER MAC PROTOCOL WITH INTELLIGENT TOKEN POLICY

SIMPLE MODEL FOR TRANSMISSION CONTROL PROTOCOL (TCP) Irma Aslanishvili, Tariel Khvedelidze

1124 IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, VOL. 25, NO. 6, AUGUST Robust Detection of Selfish Misbehavior in Wireless Networks

Wireless Network and Mobility

MOST COMMUNICATION protocols were designed

Lecture 24: CSE 123: Computer Networks Stefan Savage. HW4 due NOW

On the Performance Characteristics of WLANs: Revisited

CS 348: Computer Networks. - WiFi (contd.); 16 th Aug Instructor: Sridhar Iyer IIT Bombay

B. Bellalta Mobile Communication Networks

ICE 1332/0715 Mobile Computing (Summer, 2008)

Overview : Computer Networking. Spectrum Use Comments. Spectrum Allocation in US Link layer challenges and WiFi WiFi

A Survey on Modified RTS/CTS Mechanism

PEERLESS JAMMING ATTACKS AND NETWORK FORTIFICATION POLICIES IN WIRELESS SENSOR NETWORKS

1472 IEEE/ACM TRANSACTIONS ON NETWORKING, VOL. 19, NO. 5, OCTOBER 2011

Transcription:

Wireless Network Security 14-814 Spring 2011 Patrick Tague Feb 15, 2011 SURVEY: MAC Layer Misbehavior

Announcements I'd like to talk with each project team in the next week to get a quick progress update Contact me to set up a time

Survey: MAC Misbehavior Theme: offensive techniques for protocol misbehavior at the MAC layer and detection of such behaviors in 802.11 networks Papers: Čagalj et al., On Cheating in CSMA/CA Ad Hoc Networks, EPFL-IC Tech. Report IC/2004/27 (similar to version from INFOCOM 2005). Raya et al., DOMINO: Detecting MAC Layer Greedy Behavior in IEEE 802.11 Hotspots, IEEE Trans. Mobile Computing, v. 5, n. 12, Dec. 2006. Broustis et al., FIJI: Fighting Implicit Jamming in 802.11 WLANs, SecureComm 2009.

MAC Layer Misbehavior MAC is all about timing: when should you talk Selfish and malicious nodes are free to transmit whenever they desire Selfish nodes can transmit early, while others follow protocols and wait politely Malicious nodes can use well-timed transmissions to intentionally interfere with MAC operation and/or reception Malicious nodes can initiate channel reservations and then not use them, denying availability to others

802.11 MAC

Cheating in CSMA/CA [Čagalj et al., 2004] CSMA/CA was designed with the assumption that the nodes would play by the rules MAC cheaters deliberately fail to follow the IEEE 802.11 protocol, in particular in terms of the contention window size and backoff

N tx-rx pairs in a single collision domain, using 802.11, C of N are cheaters with control of MAC layer parameters Cheaters want to maximize avg. throughput r i As a game: System Game Model Each player (cheater) adjusts its contention window size W i to maximize utility U i = r i Players react to changes of remaining N-C users who play by the rules Authors analyze relationships between throughput and contention window sizes

Single Static Cheater First case: a single cheater with a fixed strategy (i.e. makes a decision and sticks with it) A single cheater gets best throughput at W i =1 In fact, W i =1 is the Nash Equilibrium for the static game with C=1

Multiple Static Cheaters Second case: many cheaters with fixed strategy 2.1 Cheaters don't know about each other 2.2 Cheaters are aware of cheater v. cheater competition in forming strategies Window size W i =1 is no longer optimal

Dynamic Cheating Game In the dynamic game, cheaters can change their strategy in response to other players (including other cheaters) A penalty is enforced on the utility function, so cheaters converge to the optimal operating point Cooperative cheaters can inflict the penalty on non-cooperative cheaters by jamming their packets

Distributed/Adaptive Cheating Cheaters can observe actual throughput and jamming to adapt contention window size Cheaters are forced to cooperate or get lower throughput due to penalization from other cheaters

Detecting Greedy Behavior [Raya et al., 2006] Detection Of greedy behavior in the Mac layer of Ieee 802.11 public NetwOrks (DOMINO) Software installed at/near the access point that can detect and identify greedy players No changes to software of benign players

DOMINO Architecture

Behavior Tests The DOMINO-enabled AP performs a number of behavioral tests as a decision-making basis Scrambled / re-transmitted frames Shorter than DIFS Oversized NAV Observed back-off Consecutive back-off

UDP vs. TCP Traffic Impact of misbehavior varies for different types of target traffic Disparity between cheater and benign users is higher in UDP case

UDP vs. TCP Detection Traffic type also has significant impact on detection capabilities of DOMINO Actual back-off test in UDP vs. Consecutive back-off test in TCP TCP congestion control causes additional timing-related behaviors that can cause detection error

Further Discussions in Paper The DOMINO paper talks about a lot of different types of misbehavior Jamming attacks, timing misbehavior, etc. Design of a deployable system Lots of design parameters that have to be chosen Analysis of numerous types of misbehavior Incorporation of security mechanisms, quality of service, wireless error scenarios (e.g., hidden terminal)

Implicit Jamming in 802.11 [Broustis et al., 2009] 802.11 has a built-in fairness mechanism that basically allows all users to get the same longterm throughput A clever attacker can take advantage of this property to deny service to others by jamming a single user Degradation of the single user effectively starves the other users

Implicit Jamming Low-power jammer attacks a single nearby node, degrades throughput for every user using the same AP

Mitigating Implicit Jamming FIJI: anti-jamming mitigation of the implicit jamming attack Goal 1: ensure that nodes not under attack are not indirectly affected by the attack Goal 2: ensure that the maximum amount of traffic is delivered to the node under attack, given that the node is under attack Both goals rely on explicit detection of the jamming atack

FIJI Detection Component Detection module Since FIJI is run/managed entirely at the AP, detection must also take place there; not typical jamming attack detection Standard jamming detection mechanisms (e.g., using RSSI+PDR) don't apply, need other metrics Instead, look for changes in transmission delay Very large increment in measured transaction time indicates the node is under attack

FIJI Traffic Component Adjust the traffic patterns to all clients based on detection events Trivial solution: don't send any data to jammed clients, but this is unfair and could lead to big problems if any detection errors occur Accept traffic degradation to attacked node, but keep traffic patterns constant for other nodes Two approaches to deal with the attacked node: Adjust the data packet size: shorter packet fragments are more likely to get through Adjust the data rate: send to the jammed nodes less often

FIJI Evaluation

Summary Discussed three papers that discuss MAC layer cheating, attacks, and detection Game theoretic modeling of rational cheating Čagalj et al., On Cheating in CSMA/CA Ad Hoc Networks, EPFL-IC Tech. Report IC/2004/27 (~INFOCOM 2005). Detecting misbehavior with tests Raya et al., DOMINO: Detecting MAC Layer Greedy Behavior in IEEE 802.11 Hotspots, IEEE Trans. Mobile Computing, v. 5, n. 12, Dec. 2006. Implicit jamming leveraging 802.11 fairness Broustis et al., FIJI: Fighting Implicit Jamming in 802.11 WLANs, SecureComm 2009.

Questions?

Discussion Questions Is it reasonable to assume that cheaters are rational (in the game-theoretic sense)? Is a system like DOMINO ultimately scalable, given the number of tests and factors that must be considered to handle all misbehavior types? Which is better, FIJI detection and mitigation or removing the fairness mechanisms from 802.11?

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback