Routing Security in Ad Hoc Networks - PowerPoint PPT Presentation

About This Presentation
Title:

Routing Security in Ad Hoc Networks

Description:

Title: PowerPoint Presentation Last modified by: Justin Michael Lomheim Created Date: 1/1/1601 12:00:00 AM Document presentation format: On-screen Show – PowerPoint PPT presentation

Number of Views:65
Avg rating:3.0/5.0
Slides: 34
Provided by: lasrCsUcl
Learn more at: https://lasr.cs.ucla.edu
Category:

less

Transcript and Presenter's Notes

Title: Routing Security in Ad Hoc Networks


1
Routing Security in Ad Hoc Networks
  • Justin Lomheim
  • Shirshanka Das

2
Outline
  • Ad Hoc Networks
  • DSR Review
  • AODV Review
  • Specific Attacks on DSR and AODV
  • ARAN Protocol (e.g. secure AODV)
  • Questions
  • References

3
Ad Hoc Networks
  • infrastructureless
  • dynamic topologies (in mobile ad hoc nets)
  • variable capacity, limited bandwidth links
  • energy constrained operation
  • unicast, multicast, broadcast traffic
  • physical security considerations
  • currently AODV DSR routing under consideration
    for IETF MANET specification

4
Ad Hoc On Demand Distance Vector (AODV) Review
  • distance vector algorithm using sequence numbers
    for updates (based on DSDV)
  • generates routes on-demand, reducing total number
    of broadcasts required
  • classified as a pure on-demand scheme, since
    nodes not involved in routing do not maintain
    routing info or participate in table exchanges

5
Dynamic Source Routing (DSR) Review
  • on-demand protocol based upon source routing
  • designed for scenarios where only a few source
    nodes flow to a few destination nodes
  • source and destination nodes gather routing info
    into caches, through exchange of flooded query
    and reply packets with full routing information
  • once discovered, routes are as needed until they
    fail due to lost message transmissions

6
AODV and DSR Route Discovery
No Route To D !!
RREQ
RREQ
RREQ
RREP
D
RREP
RREP
S
RREP
RREQ
RREP
I
RREQ
Cache Hit !!
7
AODV Link Failure Mgmt
  • infinite metric assigned to broken links
  • if a node along a route moves, its upstream
    neighbor detects it and forwards a notification
    message (RREQ w/ infinite metric)
  • link breakage triggers notification back to users
    of formerly active links until source is reached,
    which may then re-initiate route discovery.

8
AODV versus DSR
  • Both use a similar mechanism of RREP , RREQ and
    route caching
  • AODV maintains DV type next hop forwarding
    tables
  • DSR relies on source routing

9
Specific Attacks on AODV DSR
  • modification
  • sequence numbers
  • hop counts
  • source routes
  • tunneling
  • impersonation
  • fabrication
  • error messages
  • source routes (cache poisoning)
  • DoS
  • trivial DoS

10
Modification of Sequence Numbers
  • In AODV
  • a malicious node may divert traffic through
    itself by advertising a route (via a RREP) with a
    much higher sequence number than actual RREP

11
Modification of Hop Counts
  • In AODV
  • since routing decisions can involve hop count
    metric, a malicious node can request the hop
    count to zero so make itself more likely to be
    chosen along the path to the destination
  • A selfish node could use a high hop count to
    ensure no one routes through it in case it wants
    to save power

12
Modification of Source Routes
  • In DSR
  • as packets are delivered, a malicious node can
    simply remove necessary source route entries in
    the packet header
  • malicious node can drop any error messages coming
    back along the path

13
Tunneling
Falsely tunneled path
M2
M1
Decap
Encap
S
D
14
Impersonation to create loops
A
D
M
E
C
B
X
15
Impersonation to create loops
A
D
M
E
C
B
X
16
Impersonation to create loops
A
D
M
E
C
B
X
17
Impersonation to create loops
A
D
E
C
B
X
M
18
Fabrication Attacks
  • False route error messages in AODV and DSR
  • Route Cache poisoning

19
Challenges
  • No centrally administered secure routers
  • No strict security policies
  • Highly dynamic nature of mobile ad hoc networks
  • Current ad hoc routing protocols trust all
    participating nodes

20
Problem
  • Secure ad hoc routing protocols are difficult to
    design
  • - Existing protocols are optimized to spread
    routing information quickly as the network
    changes
  • - Security mechanisms consume resources and can
    delay or even prevent successful exchanges of
    routing information

21
Specific attacks
  • Location disclosure reveals information
    regarding the location of nodes, or the structure
    of the network
  • Black hole an attacker advertises a zero metric
    for all destinations causing all nodes around it
    to route packets towards it
  • Replay attack an attacker sends old
    advertisements to a node causing it to update its
    routing table with stale routes
  • Wormhole an attacker records packets at one
    location in the network, and tunnels them to
    another location, routing can be disrupted when
    only routing control messages are tunneled

22
Requirements for a secure ad hoc routing protocol
  • Prevents the exploits discussed
  • Route signaling cannot be spoofed
  • Fabricated routing messages cannot be injected
  • Routing messages cannot be altered in transit
    except in accordance with the functionality of
    the routing protocol
  • Routing loops cannot be formed through malicious
    action
  • Routes cannot be redirected from the shortest
    path
  • Unauthorized nodes should be excluded from route
    computation and discovery
  • Network topology should not be exposed neither to
    adversaries not to authorized nodes

23
Authenticated Routing for Ad Hoc Networks (ARAN)
Protocol
  • Effectively basic AODV, except route
    discovery/setup/maintenance are authenticated
  • Utilizes public-key cryptography to verify
    hop-by-hop all route request RDP route reply
    REP packets
  • Eliminates most routing security problems except
    for tunneling trivial DoS attacks

24
ARAN Initial Setup
Certificate B
Certificate C
Certificate D
C
B
D
A
Trusted certificate server T
25
ARAN Route Discovery
Initial RDP packet
C
B
D
A
26
ARAN Route Discovery
Intermediate RDP Packet
verified
C
B
D
A
27
ARAN Route Discovery
Signature by C
verified
verified
C
B
D
A
28
ARAN Route Setup
Initial REP packet
REP A-gtD
verified
verified
verified
C
B
D
A
Replies to first RDP packet
29
ARAN Route Setup
Intermediate REP Packet
REP A -gt D
Signature by C
CertificateC
REP A-gtD
verified
verified
verified
verified
C
B
D
A
30
ARAN Route Setup
REP A-gtD
verified
verified
verified
verified
verified
C
B
D
A
31
ARAN Route Complete
verified
verified
verified
verified
verified
verified
C
B
D
A
32
ARAN Route Maintenance
ERR A-gtD
C
B
D
A
Link broken!
33
Questions
  • Conflict between small weight nodes, cryptography
    is there any reason to implement ARAN?
  • Any way to avoid centralized trust certificate
    server T?
  • Key revocation issues
  • Sensor network security?
Write a Comment
User Comments (0)
About PowerShow.com