Network-layer Security of Mobile Ad hoc Networks Jiangyi Hu Advisor: Dr. Mike Burmester.

Slides:



Advertisements
Similar presentations
Chris Karlof and David Wagner
Advertisements

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.
1 A Review of Current Routing Protocols for Ad-Hoc Mobile Wireless Networks By Lei Chen.
Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,
TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.
A Survey of Secure Wireless Ad Hoc Routing
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
Security Improvement for Ad Hoc Wireless Network Visal Kith ECE /05/2006.
NGMAST- WMS workshop17/09/2008, Cardiff, Wales, UK A Simulation Analysis of Routing Misbehaviour in Mobile Ad hoc Networks 2 nd International Conference.
Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.
Jorge Hortelano, Juan Carlos Ruiz, Pietro Manzoni
1 Spring Semester 2007, Dept. of Computer Science, Technion Internet Networking recitation #4 Mobile Ad-Hoc Networks AODV Routing.
Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.
Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.
Yih-Chun Hu Carnegie Mellon University
Trust Level Based Self-Organized Routing Protocol for Secure Ad Hoc Networks Li Xiaoqi, GiGi 12/3/2002.
Centre for Wireless Communications University of Oulu, Finland
ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.
Routing Security in Ad Hoc Networks
Security & Efficiency in Ad- Hoc Routing Protocol with emphasis on Distance Vector and Link State. Ayo Fakolujo Wichita State University.
Secure Routing in Ad Hoc Wireless Networks
Security of wireless ad-hoc networks. Outline Properties of Ad-Hoc network Security Challenges MANET vs. Traditional Routing Why traditional routing protocols.
Security Risks for Ad Hoc Networks and how they can be alleviated By: Jones Olaiya Ogunduyilemi Supervisor: Jens Christian Godskesen © Dec
Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
ITIS 6010/8010: Wireless Network Security Weichao Wang.
Ad Hoc Wireless Routing COS 461: Computer Networks
BLACK HOLE IN MANET SUBMITTED TO:--SUBMITTED BY:-- Dr. SAPNA GAMBHIRINDRAJEET KUMAR CSE DEPTT.MNW/887/2K11.
C.O.B.R.A. Kyle Morse Matthew Denker Mark Srebro Derrick Chiu.
Secure Localization Algorithms for Wireless Sensor Networks proposed by A. Boukerche, H. Oliveira, E. Nakamura, and A. Loureiro (2008) Maria Berenice Carrasco.
Itrat Rasool Quadri ST ID COE-543 Wireless and Mobile Networks
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
1 Trust Mechanisms in Ad Hoc Networks Azar Rahimi Dehaghani Lei Hu Trust and Security Case Study 2.
Mobile Ad-Hoc Networking By Jared Roberts. Overview What is a MANET? What is a MANET? Problems with routing in a MANET Problems with routing in a MANET.
Ch 6. Security in WMNs Myungchul Kim
Securing AODV Routing Protocol in Mobile Ad-hoc Networks Phung Huu Phu, Myeongjae Yi, and Myung-Kyun Kim Network-based Automation Research Center and School.
Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,
Mobile Adhoc Network: Routing Protocol:AODV
GZ06 : Mobile and Adaptive Systems A Secure On-Demand Routing Protocol for Ad Hoc Networks Allan HUNT Wandao PUNYAPORN Yong CHENG Tingting OUYANG.
Security in Mobile Ad Hoc Networks (MANETs) Group : ►NS. Farid Zafar Sheikh ►NS. Muhammad Zulkifl Khalid ►NS. Muhammad Ali Akbar ►NS. Wasif Mehmood Awan.
Ad hoc On-demand Distance Vector (AODV) Routing Protocol ECE 695 Spring 2006.
Shambhu Upadhyaya 1 Ad Hoc Networks Routing Security Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 19)
A survey of Routing Attacks in Mobile Ad Hoc Networks Bounpadith Kannhavong, Hidehisa Nakayama, Yoshiaki Nemoto, Nei Kato, and Abbas Jamalipour Presented.
Routing Protocols of On- Demand Dynamic Source Routing (DSR) Ad-Hoc On-Demand Distance Vector (AODV)
1 Objective and Secure Reputation-Based Incentive Scheme for Ad-Hoc Networks Dapeng Oliver Wu Electrical and Computer Engineering University of Florida.
Authors: Yih-Chun Hu, Adrian Perrig, David B. Johnson
Secure routing in wireless sensor network: attacks and countermeasures Presenter: Haiou Xiang Author: Chris Karlof, David Wagner Appeared at the First.
1 Detecting and Evading Wormholes in Mobile Ad-hoc Wireless Networks Asad Amir Pirzada and Chris McDonald.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner (modified by Sarjana Singh)
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
Security in Ad Hoc Networks. What is an Ad hoc network? “…a collection of wireless mobile hosts forming a temporary network without the aid of any established.
Security in Mobile Ad Hoc Networks: Challenges and Solutions (IEEE Wireless Communications 2004) Hao Yang, et al. October 10 th, 2006 Jinkyu Lee.
Ad Hoc Network.
Shambhu Upadhyaya 1 Ad Hoc Networks – Network Access Control Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 20)
SEAD: Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Network Raymond Chang March 30, 2005 EECS 600 Advanced Network Research, Spring.
1 Routing security against Threat models CSCI 5931 Wireless & Sensor Networks CSCI 5931 Wireless & Sensor Networks Darshan Chipade.
Ad Hoc On-Demand Distance Vector Routing (AODV) ietf
S E A D Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Networks Yih-Chun Hu,David B.Johnson, Adrian Perrig.
Mobile Ad Hoc Networking By Shaena Price. What is it? Autonomous system of routers and hosts connected by wireless links Can work flawlessly in a standalone.
Mobile Ad Hoc Networks. What is a MANET (Mobile Ad Hoc Networks)? Formed by wireless hosts which may be mobile No pre-existing infrastructure Routes between.
TAODV: A Trusted AODV Routing Protocol for MANET
Lecture 28 Mobile Ad hoc Network Dr. Ghalib A. Shah
Packet Leashes: Defense Against Wormhole Attacks
A comparison of Ad-Hoc Routing Protocols
Sensor Network Routing
Mobile Ad hoc Network: Secure Issues In Multi-Hop Routing Protocols
Ariadne A Secure On-Demand Routing Protocol for Ad Hoc Networks
Subject Name: Computer Networks - II Subject Code: 10CS64
ITIS 6010/8010 Wireless Network Security
A Survey of Secure Wireless Ad Hoc Routing
Vinay Singh Graduate school of Software Dongseo University
Presentation transcript:

Network-layer Security of Mobile Ad hoc Networks Jiangyi Hu Advisor: Dr. Mike Burmester

02/24/20042Network layer security of Manets Outline Introduction Secure routing Existing routing protocols Routing attacks Secure routing protocols Cooperation enforcement Solutions to enforce cooperation

02/24/20043Network layer security of Manets Introduction Example of Mobile Ad hoc networks A B D C E F

02/24/20044Network layer security of Manets Introduction Characteristics of Manet: Wireless connection, broadcasting Dynamic topology Unfriendly environment Limited resource

02/24/20045Network layer security of Manets Introduction Advantage Ease of deployment Fast to deploy Decreased dependence on infrastructure Application of Manet emergency deployments search and rescue missions military operations commercial applications

02/24/20046Network layer security of Manets Introduction Vulnerabilities The basic mechanism The security mechanism Security goals Availability Confidentiality Integrity Authentication Non-repudiation

02/24/20047Network layer security of Manets Secure routing Existing routing protocols Security threats for routing Secure routing protocols

02/24/20048Network layer security of Manets Existing routing protocols Table driven routing DSDV (destination sequenced distance vector) CGSR (Clusterhead Gateway Switch Routing) WRP (Wireless Routing Protocol) On demand routing DSR (dynamic source routing) AODV (ad-hoc on-demand distance vector) TORA (Temporally Ordered Routing Algorithm)

02/24/20049Network layer security of Manets DSR Dynamic source routing Route discovery/Route maintenance Every packet have the entire route

02/24/200410Network layer security of Manets DSR S S S-A S-C S-C-E S-A-BS-A-B-D S-C-E-F S-C-E-H D H F E B A S C S-A-B S-C-E-H

02/24/200411Network layer security of Manets AODV Ad-hoc on-demand distance vector routing No maintenance of routing table as in DSDV Each node remembers only the next hop for the route, not the whole route

02/24/200412Network layer security of Manets AODV D S A E F B C : Reverse path : Forward path

02/24/200413Network layer security of Manets Routing attacks Classification: External attack vs. Internal attack Passive attack vs. Active attack

02/24/200414Network layer security of Manets Routing attacks Attacks for routing: Modification Fabrication Wormhole attack (tunneling) Denial of service attack Invisible node attack The Sybil attack Rushing attack Non-cooperation

02/24/200415Network layer security of Manets Modification Modify the protocol fields of control messages Compromise the integrity of routing computation Cause network traffic to be dropped, redirected to a different destination or take a longer route

02/24/200416Network layer security of Manets Fabrication Generating false routing messages, e.g. routing error messages Can cause denial-of-service CMBSD : Connected : Connected through multi-hops : Forward false error message

02/24/200417Network layer security of Manets Wormhole attack Colluding attackers uses “ tunnels ” between them to forward packets Place the attacker in a very powerful position The attackers take control of the route by claiming a shorter path

02/24/200418Network layer security of Manets Wormhole attack A M B C N D S tunnel Example of wormhole attack ……..….

02/24/200419Network layer security of Manets Denial of service attack Adversary floods irrelevant data Consume network bandwidth Consume resource of a particular node

02/24/200420Network layer security of Manets Invisible node attack Attack on DSR Malicious does not append its IP address M becomes “invisible” on the path CMBSD

02/24/200421Network layer security of Manets The Sybil attack Represents multiple identities Disrupt geographic and multi-path routing M1M1 B M4M4 M5M5 M2M2 M3M3

02/24/200422Network layer security of Manets Rushing attack Directed against on-demand routing protocols The attacker hurries route request packet to the next node to increase the probability of being included in a route

02/24/200423Network layer security of Manets Non-cooperation Node lack of cooperation, not participate in routing or packet forwarding Node selfishness, save energy for itself

02/24/200424Network layer security of Manets Secure routing protocols SRP (Secure Routing Protocol) ARAN (Authenticated Routing for Ad hoc Networks) Ariadne SEAD (Secure Efficient Ad hoc Distance vector routing ) Cope with wormhole attack

02/24/200425Network layer security of Manets SRP Assume a shared secret key between the source node and the destination node Verification of the route request/reply packet using MAC (Message Authentication Code) Identities of intermediate nodes accumulated in the route request packet

02/24/200426Network layer security of Manets ARAN Requires a trusted certification authority Every node forwards a route request or a route reply must verify it and sign it Asymmetric cryptography is costly in terms of CPU and energy usage

02/24/200427Network layer security of Manets ARAN Example of ARAN: D S B C [[RDP,IP D, Cert S, N S, t]K S -, Cert S ] K B -, Cert B [[RDP,IP D, Cert S, N S, t]K S -, Cert S ] K C -, Cert C [REP,IP S, Cert D, N S, t]K D -, Cert D [[REP,IP S, Cert D, N S, t]K D -, Cert D ]K C -, Cert C [[REP,IP S, Cert D, N S, t]K D -, Cert D ]K B -, Cert B [RDP,IP D, Cert S, N S, t]K S -, Cert S : broadcast : unicast

02/24/200428Network layer security of Manets Ariadne Each node generates a one-way key chain (K 0,K 1,…K i,…K n ) and publishes the keys in reverse order from generation The sender picks K i which will still be secret at the time the receiver receives the packet When a receiver receives a packet, it first verifies K i is still secret, then it buffers the packet and waits for the sender to publish key K i Need time synchronization

02/24/200429Network layer security of Manets SEAD Based on Destination-Sequence Distance Vector Protocol (DSDV) Uses one-way hash chain (h 0,h 1,…h i,…h n ) Use a hash value corresponding to the sequence number and metric in a routing update Attacker can never forge better sequence number or better metric

02/24/200430Network layer security of Manets Cope with wormhole attack Geographic leash Ensures that the recipient of the packet is within a certain distance from the sender Temporal leash Ensures that the packet has an upper bound on its lifetime

02/24/200431Network layer security of Manets Cooperation enforcement Introduction Solutions Currency based Local monitoring

02/24/200432Network layer security of Manets Cooperation enforcement Currency based Nuglets Sprite Local monitoring Watchdog and path rater Confidant CORE Token-based

02/24/200433Network layer security of Manets Nuglets Nuglets ---- a virtual currency Packet purse model Sender pay nuglets in advance Intermediate node takes nuglets for forwarding service Packet trade mode Intermediate nodes “buys” the packet from the previous one and “sells” it to the next one

02/24/200434Network layer security of Manets Nuglets AdvantageDisadvantage Packet purse model deters nodes from sending useless data and overloading the network difficult to estimate the number of nuglets that are required Packet trade mode source does not have to know in advance the number of nuglets required can not prevent nodes from overloading the network

02/24/200435Network layer security of Manets Sprite Uses credit to provide incentive to selfish nodes Nodes keep receipt to get payments from the Credit Clearance Service (CCS) Credit that a node receives depends on whether its forwarding is successful or not

02/24/200436Network layer security of Manets Watchdog and path rater A node's watchdog Listens promiscuously to the next node's transmissions If a node does not forward, it is misbehaving The path rater choose the best path from watchdog ratings SABCD : Connected : Connected through multi-hops : Forwarding : Listening

02/24/200437Network layer security of Manets Confidant Consists of: Monitor Reputation System Path Manager Trust Manager

02/24/200438Network layer security of Manets Confidant Detects malicious nodes by means of observation or reports about several types of attacks Allows nodes to route around misbehaved nodes to isolate misbehaved nodes from the network

02/24/200439Network layer security of Manets CORE Basic components: Reputation table stored in each node the reputation value of each node Watchdog mechanism detect misbehavior nodes

02/24/200440Network layer security of Manets Token-based Each node has to have a token Local neighbors monitor The token is renewed via multiple neighbors The period of validity of a node’s token is dependent on how long it has stayed and how well it has behaved

02/24/200441Network layer security of Manets Token-based Composed of: Neighbor verification Neighbor monitoring Intrusion reaction Security enhanced routing protocol

02/24/200442Network layer security of Manets Summary Introduction Secure routing Existing routing protocols Security attacks Defenses Node cooperation Currency based Local monitoring

Thank you!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.