Security of wireless ad-hoc networks

Outline Properties of Ad-Hoc network Security Challenges MANET vs. Traditional Routing Why traditional routing protocols not suitable for MANET networks? Routing protocols for MANET Nodes misbehave Routing Security Schemes

Properties of Ad-Hoc network (1) No fixed topology Each node is a router Limited energy Limited CPU and other resources Transient connectivity and availability Shared physical medium Identity different from address Physical vulnerability Lack of central administration

Properties of Ad-Hoc network (2) Where Ad hoc network –Installing an infrastructure is not possible –The network is too transient –The infrastructure was destroyed Throughput

Security Challenges Confidentiality –Encryption and access control with authentication Integrity –Also require cryptographic keys Availability Results in two fundamental problem –Trust establishment, key management and membership control –Network availability and routing security

MANET vs. Traditional Routing (1) Every node is potentially a router in a MANET, while most nodes in traditional wired networks do not route packets Topologies are dynamic in MANETs due to mobile nodes, but are relatively static in traditional networks MANET topologies tend to have many more redundant links than traditional networks

MANET vs. Traditional Routing (2) A MANET router typically has a single interface, while a traditional router has an interface for each network to which it connects Power efficiency is an issue in MANETs, while it is normally not an issue in traditional networks Low bandwidth links, high bit error rates, frequent changes in network topology, battery- powered devices with limited transmitter power

Why traditional routing protocols not suitable for MANET networks? MANETs are usually highly dynamic. No pre-existing infrastructure. No centralized administration. Dynamic topologies. Energy-constrained nodes. Limited physical security.

Routing protocols for MANET IETF MANET working group Categories –Proactive=Periodic topology updates –Reactive=On-demand driven protocol –Hierarchial Protocols –DSR (draft), FSR, DSDV, TORA, ZRP, AODV (RFC 3561), OLSR (RFC 3626), TBRPF (RFC 3684)

Nodes misbehave Overloaded Selfish Malicious broken

Solutions to misbehaving node A priori trust relationship Forsake or isolate these nodes form within the actual routing protocol for the network Install extra facilities in the network to detect and mitigate routing misbehavior

Routing Security Schemes Watchdog and Pathrater SEAD SRP

Watchdog and pathrater Two extensions to the Dynamic Source Routing (DSR) to help mitigate routing failures and attacks in ad-hoc networks Watchdog: identifies misbehaving nodes Pathrater: avoids routing packets through these nodes

DSR Route discovery Source May receive many ROUTE REPLY

DSR (cont.) Route maintenance –Handles link breaks ABSD Link break notify 1.Try another path 2.Do a route discovery B moves out of transmission range of A Link break occurred

Watchdog

Pathrater Run be each node in the network Rating for every other node Path metric If multiple paths –Highest metric

Watchdog’s weaknesses Ambiguous collisions Receiver collisions False misbehavior Partial dropping

Ambiguous/receiver collisions Ambiguous –Prevents A from overhearing transmissions from B –If repeatedly fails to detect B forwarding on packets, then A assume B misbehaving Receiver –B could be selfish or malicious (wastes resource)

False misbehavior Nodes falsely report other nodes as misbehaving ABSD PPP F 1. S mark B as misbehaving A A A 2. S wonder why received replied 1. If A drops Ack Packet 2. B detects this misbehavior and reports it to D

Partial dropping A node can circumvent the watchdog by dropping packets at a lower rate than the watchdog's configured minimum misbehavior threshold.

SEAD A routing protocol based on authenticating DSDV.

SRP

NIST BSAR

pros and cons