Scalable Robust and Secure Heterogeneous Wireless Networks

1
Scalable Robust and SecureHeterogeneous Wireless
Networks

• Guevara Noubir
• College of Computer Science
• Northeastern University, Boston, MA
• noubir_at_ccs.neu.edu

2
The Heterogeneous Future of Wireless Networks

• Ambient intelligence aware of peoples presence,
  needs, and context
• Ubiquitous computing maintain seamless access to
  data and services
• Nature and man-made disaster require adequate
  operational modes
• Fast recovery through reconfiguration and
  prioritization of services
• Resiliency to denial of service attack
• Safety services better quality of life for
  elderly and disabled people
• The need for the enabling technology
• Limitations of current wireless technology
• No integration, QoS, seamless adaptivity,
  single-hop, limited data rates, battery life
• Major issues scalability, robustness, security
• We need novel approaches!
• As these applications become more ubiquitous new
  threats will appear
• Amplified by untracability, limited resources
  (energy and computation power)
• Talk focus on networking aspects

3
Outline

• Characteristics of heterogeneous wireless
  networks
• Some security aspects heterogeneous wireless
  networks
• Physical, layer/link, and multi-layer attacks
• Multicasting
• Some novel approaches to scalability and
  robustness
• Cross-layer design
• Accumulative Relaying
• Universal Network Structures
• Conclusion

4
Characteristics

• Limited radio spectrum
• Shared Medium (collisions)
• Limited energy available at the nodes
• Limited computation power
• Limited storage memory
• Unreliable network connectivity
• Dynamic topology
• Need to enforce fairness

5
Flexibility

• Use of various coding/modulation schemes
• Use of various transmission power level
• Use of multiple RF interfaces
• Use of multi-hop relaying
• Clustering and backbone formation
• Planning of the fixed nodes location
• Packets scheduling schemes
• Application adaptivity

6
(No Transcript)
7
Multilayer DoS in Wireless Networks

• Physical layer
• Smart multilayer aware jammers
• MAC layer
• Jamming of control traffic and mechanisms
• Network layer
• Malicious injection/disruption of routing
  information
• Transport layer
• Exploiting weaknesses in congestion control
  mechanisms

8
Physical Layer Jamming

• Leads to
• Network partition
• Forcing packets to be routed over chosen paths
• Low-Power cyber-mines

9
Low-Power Physical Layer Jamming

• Jamming effort
• Jamming duration/packet duration
• IP packet
• 1500 bytes 12000 bits
• Uncoded packet
• Jamming effort in the order of 10-4

10
Jamming IEEE802.11 and 802.11b
11
Jamming Encoded Data Packets
Link Architecture
12
Traditional Anti-Jamming Techniques
Focus on bit-level

• Spread-Spectrum in military provides
• 20-30dB processing gain
• Low-power jamming requires
• 40dB!

13
Mitigating Physical Layer DoS

• Physical Layer
• Spread-Spectrum
• Directional Antennas
• Link Layer
• Cryptographic Interleaver Efficient Coding
• Routing
• Jamming-free paths
• Use of Mobility

14
Proposed Solution for Link Layer

• Cryptographic Interleaving
• Efficient Adaptive Error Correction

• For Binary Modulation
• Cryptographic interleaving transforms the channel
  into a Binary Symmetric Channel
• Capacity of BSC (Shannon)

15
Practical Codes

• Low Density Parity Codes
• Very Close to Shannons Bound
• Best for long packets
• E.g., 16000 bits
• Non-binary modulation e.g., IEEE802.11b (CCK)
  transmits 8 bits
• Use a Reed-Solomon code with symbols of 8 bits
• Maximum length 256 bytes
• Data k ? 256bytes
• Tolerates (256-k)/2 errors

16
Conclusion on Physical Layer DoS

• Existing Wireless Data Networks are easy targets
  of physical layer jamming
• High transmission power, and spread-spectrum are
  not enough
• Jammer effort in the order of 10-4 for an IP
  packet
• Traditional anti-jamming focuses on bit
  protection
• Cryptographic interleaving and Error Control
  Codes provide much better resiliency to Jamming
• Additional technique that derive from the J/S
  ratio directional antennas
• Need adaptivity and careful integration within
  the network stack

17
Link/MAC Layer DoS

• Attack Control Traffic
• RACH/Grant CH/BCCH channels in cellular
• Authentication (e.g., sending deauth message)
• MAC Mechanisms of IEEE802.11
• Reservation
• RTS/CTS are short packets require less energy to
  be jammed
• NAV malicious nodes can force nodes to wait for
  long durations
• EIFS a single pulse every EIFS at high power
• Backoff
• Backoff allows an attacker to spend less energy
  when Jamming
• Selecting attacks on MAC/IP addresses

18
DoS on Routing

• Malicious nodes can attack control traffic
• Jamming
• Inject wrong information
• Attack goals disruption or resource consumption
• Techniques
• Black hole force all packets to go through an
  adversary node
• Rooting loop force packets to loop and consume
  bandwidth and energy
• Gray hole drop some packets (e.g., data but not
  control)
• Detours force sub-optimal paths
• Wormhole use a tunnel between two attacking
  nodes
• Rushing attack drop subsequent legitimate RREQ
• Inject extra traffic consume energy and
  bandwidth
• Blackmailing ruining the routing reputation of a
  node
• Proposed secure routing protocols are still not
  practical

19
DoS on Transport Layer

• Transport layer should be able to differentiate
  between
• Congestion
• Due to traffic pattern change new sessions
• Requires source rate reduction
• Wireless link packets loss
• Due to mobility and interference
• Requires modulation/coding/power/path change
• Malicious nodes
• Selective jamming and disruptions
• Requires isolation of malicious nodes and dead
  areas

20

• Protection against DoS in wireless networks
  requires a careful cross-layer design

21
Secure Multicastingwith Kaya, Lin, Qian
Funded by Draper

• Goal
• Securely and efficiently acquire and disseminate
  time varying information
• Example location information
• Secure multicast applications
• Secure remote tracking of mobiles
• Sharing sensed data
• Military Data/Video streaming from UAV,
  multicasting of command decisions
• Specificity
• Communication over a multihop wireless ad hoc
  network
• Limited computation power, and energy
• Services
• Authentication, integrity, confidentiality,
  revocation, group key management
• Approach
• Overlay network of mobile nodes build secure
  multicast tree

22
Prototype Application
iPAQ PDA
23
Ad Hoc vs. Wired Multicast

• Wireless
• Unreliable links
• Loss of a packet results in node exclusion and
  necessity for new join request
• Mobility
• Higher packet loss
• Necessity of frequent discovery of paths
• Multihop
• Cost of multicast depends on number of hops
• Major factor because of radio resources scarcity
• Ad hoc
• Limited computation nodes cannot manage large
  groups
• Active nodes

24
Group Management
5
1
2
3
4
10
9
6
7
8
12
11
x
Source
13
y
Group member
25
Issues and Results

• Efficient tree construction and maintenance
• Under mobility greedy algorithms can be very good
• Close to optimal trees O(log n) in theory but in
  practice 1.5 approximation
• Minimize broadcast cost and tree maintenance
• Public key encryption is costly
• Memory can be traded with computation
• Revocation in an infrastructure-less environment

26
Novel Approaches to Scalability and Robustness

• Scalability to large networks with limited
  resources requires novel techniques
• Make use of specificity of the environment
• Use techniques from a combination of fields
• Graph theory, linear programming, network flow
• Information theory, coding theory
• Accurate simulation and modeling tools
• Accumulative relaying
• Universal network design

27
Accumulative Power Relayingwith Chen, Jia, Liu,
Sundaram
B
G
C
A
Reliable reception Partial reception

• Problem
• Determine a feasible schedule (N1, P1), , (Nk,
  Pk) that minimizes total energy consumption

28
Accumulative Power Relayingwith Chen, Jia, Liu,
Sundaram
B
G
C
A
Reliable reception Partial reception

• Problem
• Determine a feasible schedule (N1, P1), , (Nk,
  Pk) that minimizes total energy consumption

29
Accumulative Relaying

• Very similar to the relay problem in information
  theory and still open in its general form
• Simpler than the general relay problem
• Every energy optimal sequence can be transformed
  into a canonical form called wavepath
• In a wavepath each node in the sequence activates
  its next hop neighbor and only its next hop
  neighbor
• Finding a minimum energy wavepath is still
  NP-hard for arbitrary networks
• Heuristic for building a wavepath can achieve
  more than 40 energy saving on a Euclidian plane

30
Universal Multicast Tree with Jia, Lin,
Rajaraman, Sundaram

• Problem
• Given a graph G (V, E), n nodes, and a root/sink
• Build a tree T such that for all subgroups T
  leads to a low weight tree for all subgroups
  (through pruning)
• i.e., build T that minimizes the stretch
• Applications
• Environment sensor network where routing is
  difficult
• Dissemination efficient multicasting to dynamic
  groups
• Aggregation from changing groups
• Distributed queries

31
Universal Tree for the Euclidian Space

• Results
• Polynomial time algorithm to build a universal
  tree with stretch O(log k) where k is the size
  of the selected subgroup
• Hardness result no algorithm can build a tree
  with stretch lower O(log n/loglog n)

32
Universal Structures

• Other results
• Algorithm for a universal tree for non-Euclidian
  metrics with poly-logarithmic stretch
• Poly-logarithmic stretch for the universal
  Traveler Salesman Problem
• Extensions
• Universal tree for energy cost
• Universal tree for planar, range limited wireless
  communication
• Fault-tolerant network structures

33
Conclusion

• We live in an exciting era
• Wireless physical layer is capable of providing
  high data rates
• Software flexibility
• Computation power
• This provides the building blocks to enable
  ubiquitous networking
• Creates new threats
• Need smart adaptive control of the physical layer
• Need to deal with security and robustness in a
  scalable way

34
Universal Tree for the Euclidian Space

• Results
• Polynomial time algorithm to build a universal
  tree with stretch O(log k) where k is the size
  of selected subgroup
• Hardness result no algorithm can build a tree
  with stretch lower O(log n/loglog n)
• Definition
• Level i of v Liv u 2i-1 lt d(u, v) ?2i
• Algorithm
• Divide V r into L1r, L2r, , LlogDr,
• Run A(Lir, r) in parallel

L4r
L3r
35

• Algorithm A(U, r)
• L r
• Repeat
• For every u?U, let Iu denote the level of u to
  its nearest neighbor in L
• Let I max Iu u ?U
• Let H u ?U Iu I
• Let H ? H s.t.
• ?u, v ?H d(u,v) ? 2I-1,
• ?u ?H\H ?v ?H s.t. d(u,v) lt 2I-1
• ?u ?H output edge (u, nearest-neighbor(u))
• L L ? H U U\H
• Until no edge output

36
Universal Tree Algorithm
H
H
37
Universal Tree Algorithm
H
H
38
Universal Tree Algorithm
H
H
39
Universal Tree Algorithm
H
H