Secure communication in cellular and ad hoc environments Bharat Bhargava Department of Computer Sciences, Purdue University This is supported by Motorola Communication Research Lab & National Science Foundation
Team at Motorola: Jeff Bonta George Calcev Benetido Fouseca Trefor Delve Team at Purdue University: X. WuResearch scientist (receives his PhD from UC-Davis) Y. LuPhD student G. DingPhD student W. WangPhD student
3 Problem statement How to provide secure, continuous, and efficient connectivity for a mobile unit in a structured (cellular based) or unstructured (ad hoc) network environment?
4 Challenges Dynamic topology –Movement, node failure, etc. Heterogeneous and decentralized control Limited resources –Bandwidth, processing ability, energy Unfriendly environment –Selfish nodes, malicious attackers
5 Research contributions Combining advantages of cellular systems and ad hoc networks to enable a more secure network structure and better performance Designing routing protocols for ad hoc networks that adapt to both network topology and traffic congestion Designing intruder identification protocols in ad hoc networks Conducting experimental studies in heterogeneous wireless environments and evaluating our protocols
6 Research directions Cellular-aided Mobile Ad Hoc Network (CAMA) Adaptive and Heterogeneous Mobile Wireless Networks Intruder Identification in Ad Hoc Networks
Cellular-aided Mobile Ad Hoc Network (CAMA)
8 CAMA: Problem Statement How to realize commercial peer-to-peer applications over mobile wireless ad hoc networks? Papers: “Integrating Heterogeneous Wireless Technologies: Cellular-Aided Mobile Wireless Ad hoc Networks (CAMA)”, submitted to ACM Special Issues of the Journal on Special Topics in Mobile Networking and Applicaitons (MONET).
9 Challenges Authentication and accounting –No fixed membership Security concern –Open medium without any centralized control Real time services –Dynamic topology and slow routing information distribution
10 Current Environment Cellular network provides: Wide coverage Multiple services with single cellular ID Small packet service in 3G network Wireless terminals with different protocols
11 CAMA Description Integration of cellular network and ad hoc network CAMA agent works as centralized server attached to the cellular network CAMA agent provides ad hoc nodes information such as authentication, routing support, keys through cellular channel Data transmission uses ad hoc channel
12 CAMA Environment
13 Major Ideas Use signals via cellular network for ad hoc routing and security managements Centralized CAMA agent provides control over distributed ad hoc network
14 CAMA vs. ad hoc network CAMA has advantages over pure ad hoc networks in: Simple network authentication and accounting Routing server for more accurate routing decisions Certification authority for key distribution Central security check point for intrusion detection
15 CAMA vs. cellular/WLAN CAMA has advantages over cellular/WLAN integrated network in: No extra fixed infrastructure –No access point needed No ad hoc channel radio coverage limit –Multi-hop ad hoc link No transmission bottleneck –Not all traffic need going through a single node
16 Impact Cellular service combined with low-cost, high-data-rate wireless service
17 Research Questions Feasibilities in commercial applications requires: –Development of routing algorithm and protocols for multimedia service –Investigation of CAMA vulnerabilities –Development of security protocols for key distribution and intrusion detection –Evaluation of gain in ad hoc network –Evaluation of overhead in cellular network
18 Methodology of Research Building algorithms and protocols Developing bench marks and performance metrics on multi-media service Conducting experimental studies –Using ns-2 –Using common platform simulator from Motorola Inc. Comparing with ad hoc routing protocols –Ad hoc on-demand distance vector routing (AODV) –Destination source routing (DSR)
19 Research of Interest to Motorola Evaluating CAMA routing in realistic simulation environment: –Radio environment Adaptive data rate determined by signal-noise-ratio (SNR) –Node mobility Exponentially distributed speed –Node density 400 users/sq.km to users/sq.km –Traffic pattern VoIP, TCP, Video –Inaccurate position information Error of 5m to 100m
20 Research of Interest to Motorola (ctn.) Authentication –By CAMA agent –By mobile nodes Accounting –Charging rate –Award to intermediate nodes
21 Research of Interest to Motorola (ctn.) Key assignment –Group key assignment For entire ad hoc network For nodes along an active route –Session key assignment For peer-to-peer communication
22 Research of Interest to Motorola (ctn.) Intrusion detection –Information collection Information for different intrusions –Malicious judging rule Quick malicious node elimination vs. probability of wrong judgment Detection cost vs. gain
Adaptive and Heterogeneous Mobile Wireless Networks
24 Problem statement How to provide continuous connectivity for a mobile unit to a network in which every node is moving? Papers: “Secure Wireless Network with Movable Base Stations”, being revised for IEICE/IEEE Joint Special Issue on Assurance Systems and Networks. “Study of Distance Vector Routing Protocols for Mobile Ad Hoc Networks”, in Proceedings of IEEE International Conference on Pervasive Computing and Communications (PerCom), 2003.
25 Challenges Dynamic topology –Movement, node failure, energy problem, etc. Decentralized control Limited bandwidth –Congestion is typically the norm rather than the exception. [RFC 2501]
26 Research contributions Routing protocols for mobile ad hoc networks that adapt to not only network topology, but also traffic and congestion. Architecture, design of protocols, and experimental evaluation in heterogeneous wireless environments
27 Broad impacts Military networks Sensor networks
28 Two network environments considered Mobile ad hoc networks –No centralized control Large scale heterogeneous wireless networks with control in base stations –Wireless networks with movable base stations (WNMBS)
29 Research questions in mobile ad hoc networks Development of ad hoc routing protocols that adapt to traffic load and network congestion. –Identify the network parameters that impact the performance of routing protocols. –Determine the appropriateness of on-demand and proactive approaches (given specific routing requirements and network parameters). –Identify features of ad hoc networks that can be used to improve routing.
30 Related work (routing protocol) Destination-Sequenced Distance Vector (DSDV) [Perkins/Bhagwat, SigComm’94] (Nokia) Ad-hoc On-demand Distance Vector (AODV) [Perkins/Royer/Das, WMCSA’99, IETF draft 98-03] (Nokia, UCSB, SUNY-Stony Brook) Dynamic Source Routing (DSR) [Johnson/Maltz, Mobile Computing’96, IETF draft 03] (Rice Univ., CMU) Zone Routing Protocol (ZRP) [Haas/Pearlman/Samar, ICUPC’97, IETF draft 99-02] (Cornell) Adaptive Distance Vector (ADV) [Boppana/Konduru, InfoCom’01] (UT- San Antonio) Source-Tree Adaptive Routing (STAR) [Garcia-Luna-Aceves/Spohn, MONET’01] (UCSC, Nokia) Associativity-Based Routing (ABR) [Toh, Wireless Personal Communications Journal’97] (Cambridge Univ.) Ad-hoc On-demand Multipath Distance Vector (AOMDV) [Marina/Das, ICNP’01] (Univ. of Cincinnati)
31 Related work (cont’d) ProtocolApproachRouting information uses Additional information DSDVProactiveDistance Vector DSROn-demandSource routing AODVOn-demandDistance Vector ZRPHybridDistance Vector ADVHybridDistance Vector STARProactiveLink State ABROn-demandDistance VectorAssociativity AOMDVOn-demandDistance VectorMultipath
32 Related work (performance comparison) Comparison of DSDV, TORA, AODV and DSR [Broch/Maltz/Johnson/Hu/Jetcheva, MobiCom’98] (CMU) Scenario-based performance analysis of DSDV, AODV, and DSR [Johansson/Larsson/Hedman/Mielczarek/Degerma rk, MobiCom’99] (Ericsson) Performance comparison of AODV and DSR [Perkins/Royer/Das/Marine, IEEE Personal Communications’01]
33 Methodology of research Developing benchmarks and performance metrics for routing protocols Conducting experimental studies –Determine guidelines for design –Evaluate protocols Building algorithms and protocols
34 Ongoing research Study of proactive and on-demand approaches Congestion-aware distance vector routing protocol Packet loss study
35 Research study Investigate the proactive and on-demand approaches –Generalize the results obtained from protocols to the proactive and on-demand approaches –Introduce power consumption as a performance metric –Inject heavy traffic load –Identify the major causes for packet drop –Comprehensively study in various network environments Propose a congestion-aware routing protocol
36 DSDV and AODV are studied by varying network environment parameters –Node mobility (maximum moving speed) –Traffic load (number of connections) –Network size (number of mobile nodes) Performance metrics –Packet delivery ratio –Average end-to-end delay –Normalized protocol overhead –Normalized power consumption Simulation experiments
37 Simulation setup for experiments Simulatorns-2 Examined protocolsDSDV and AODV Simulation duration1000 seconds Simulation area1000 m x 1000 m Transmission range250 m Movement modelRandom waypoint Maximum speed4 – 24 m/s Traffic typeCBR (UDP) Data payload512 bytes/packet Packet rate4 packets/sec Node pause time10 seconds Bandwidth1 Mb/s
38 The proactive protocols provide better support for: –Applications requiring QoS Timely propagate network conditions –Intrusion and anomaly detection Constantly exchange the network topology information The proactive approach exhibits better scalability with respect to the number of mobile nodes and traffic load. Motivation for a new proactive protocol
39 Proposed protocol: Congestion Aware Distance Vector (CADV) Problem with the proactive approach –Congestion Objective: –Dynamically detect congestion and route packets through less- crowded paths Method: –Characterize congestion and traffic load by using expected delay. –Consider expected delay at the next hop as the secondary metric to make routing decisions. –Allow a one-hop longer route to be chosen. –Use destination sequence number to avoid loop.
40 Design issues Use MAC layer callback to detect broken link –Quick detection –More triggered updates –Whether re-queue a packet Allowing a one-hop longer route –A one-hop shorter route may not replace the current one if it introduces significantly more delay. –To avoid short-lived loop, do not replace the current route with a longer one if they have the same sequence number. Deal with fluctuation –Use randomness in routing decisions to reduce fluctuation
41 CADV Components: –Real time traffic monitor –Traffic control –Route maintenance module Route update: –When broadcasts an update, every node advertises the expected delay of sending a packet as: Route maintenance –Apply a function f(E[D], distance) to evaluate the value of a route
42 CADV outperforms AODV and DSDV in terms of delivery ratio The end-to-end delay becomes longer because longer routers may be chosen to forward packets The protocol overhead of CADV is doubled compared with that of DSDV. It is still less than that of AODV when the network is loaded CADV consumes less power per delivered packet than DSDV and AODV do Observations of CADV
43 Characteristics of wireless networks with movable base stations Large scale Heterogeneity Autonomous sub-nets Base stations have more resources Base stations take more responsibilities
44 Research questions How to organize the network? –Minimize the effect of motion –Minimize the involvement of mobile host How to build routing protocol? –IP-compliant –Cooperate with various intra-subnet routing protocols How to secure communications? –Authenticate –Maintain authentication when a host is roaming
45 Related work Integrating ad hoc and cellular –Mobile-Assisted Connection-Admission (MACA) [Wu/Mukherjee/Chan, GlobeCom’00] (UC-Davis) –Integrated Cellular and Ad-hoc Relaying (iCAR) [Wu/Qiao/De/Tonguz, JSAC’01] (SUNY-Buffalo) –Multihop Cellular Networks (MCN) [Lin/Hsu, InfoCom’00] (Taiwan) Mobile base station –Distributed, dynamic channel allocation [Nesargi/Prakash, IEEE Transactions on Vehicular Technology’02] (UT-Dallas) Hierarchical structure –Multimedia support for Mobile Wireless Networks (MMWN) [Ramanathan/Steenstrup, MONET’98] (BBN Technologies) –Clustering scheme for hierarchical control in multi-hop wireless networks [Banerjee/Khuller, InfoCom’01] (UMD)
46 Methodology of research Building architecture, developing algorithms and protocols –Membership management –Inter-subnet routing –Intra- and inter-subnet authentication Evaluation through experiments
47 Research results Hierarchical mobile wireless network (HMWN) –Hierarchical membership management scheme –Segmented membership-based group routing protocol –Protection of network infrastructure –Secure roaming and fault-tolerant authentication
48 Future research plan Develop congestion avoidance routing protocol for ad hoc networks. Conduct experiments to study the effect of implementing congestion avoidance at different layers. Conduct a series of experiments to evaluate HMWN.