Computer Science 1 Using Directional Antennas to Prevent Wormhole Attacks Presented by: Juan Du Nov 16, 2005.

Slides:

Advertisements

Similar presentations

Chris Karlof and David Wagner

Advertisements

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Secure Location Verification with Hidden and Mobile Base Stations -TMC Apr, 2008 Srdjan Capkun, Kasper Bonne Rasmussen, Mario Cagalj, Mani Srivastava.

Wide Area Wi-Fi Sam Bhoot. Wide Area Wi-Fi  Definition: Wi-Fi (Wireless Fidelity) n. – popular term for high frequency wireless local area networks operating.

Collaborative Attacks on Routing Protocols in Ad hoc Networks Neelima Gupta University of Delhi India.

A Survey of Secure Wireless Ad Hoc Routing

Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks Mingyan Li, Iordanis Koutsopoulos, Radha Poovendran (InfoComm ’07) Presented.

Geo – Routing in ad hoc nets References: Brad Karp and H.T. Kung “GPSR: Greedy Perimeter Stateless Routing for Wireless Networks”, Mobicom 2000 M. Zorzi,

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Ranveer Chandra , Kenneth P. Birman Department of Computer Science

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL

Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.

Using Directional Antennas to Prevent Wormhole Attacks Lingxuan Hu, David Evans Jason Buckingham CSCI 7143: Secure Sensor Networks November 2, 2004.

Secure Data Communication in Mobile Ad Hoc Networks Authors: Panagiotis Papadimitratos and Zygmunt J Haas Presented by Sarah Casey Authors: Panagiotis.

Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.

SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.

Challenge: Securing Routing Protocols Adrian Perrig

Security & Efficiency in Ad- Hoc Routing Protocol with emphasis on Distance Vector and Link State. Ayo Fakolujo Wichita State University.

© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 6: Securing neighbor discovery.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

TPS: A Time-Based Positioning Scheme for outdoor Wireless Sensor Networks Authors: Xiuzhen Cheng, Andrew Thaeler, Guoliang Xue, Dechang Chen From IEEE.

Establishing Pairwise Keys in Distributed Sensor Networks Donggang Liu, Peng Ning Jason Buckingham CSCI 7143: Secure Sensor Networks October 12, 2004.

ITIS 6010/8010: Wireless Network Security Weichao Wang.

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures ProtocolRelevant Attacks TinyOS beaconingBogus routing information, selective forwarding,

 Structured peer to peer overlay networks are resilient – but not secure.  Even a small fraction of malicious nodes may result in failure of correct.

Computer Science Detecting Malicious Beacon Nodes for Secure Location Discovery in Wireless Sensor Networks Presented by Akshay Lal.

Mitigating DoS Attacks against Broadcast Authentication in Wireless Sensor Networks Peng Ning, An Liu North Carolina State University and Wenliang Du Syracuse.

Mobile IP: Introduction Reference: “Mobile networking through Mobile IP”; Perkins, C.E.; IEEE Internet Computing, Volume: 2 Issue: 1, Jan.- Feb. 1998;

Secure Localization Algorithms for Wireless Sensor Networks proposed by A. Boukerche, H. Oliveira, E. Nakamura, and A. Loureiro (2008) Maria Berenice Carrasco.

Securing Every Bit: Authenticated Broadcast in Wireless Networks Dan Alistarh, Seth Gilbert, Rachid Guerraoui, Zarko Milosevic, and Calvin Newport.

Secure Cell Relay Routing Protocol for Sensor Networks Xiaojiang Du, Fengiing Lin Department of Computer Science North Dakota State University 24th IEEE.

An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.

Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,

Andreas Larsson, Philippas Tsigas SIROCCO Self-stabilizing (k,r)-Clustering in Clock Rate-limited Systems.

Using Directional Antennas to Prevent Wormhole Attacks Lingxuan HuDavid Evans Department of Computer Science University of Virginia.

A survey of Routing Attacks in Mobile Ad Hoc Networks Bounpadith Kannhavong, Hidehisa Nakayama, Yoshiaki Nemoto, Nei Kato, and Abbas Jamalipour Presented.

Computer Science 1 CSC 774 Advanced Network Security Distributed detection of node replication attacks in sensor networks (By Bryan Parno, Adrian Perrig,

Network Security Lecture 23 Presented by: Dr. Munam Ali Shah.

Csci5233 Computer Security1 Bishop: Chapter 11 An Overview of Cipher Techniques (in the context of networks) ( )

Authors: Yih-Chun Hu, Adrian Perrig, David B. Johnson

Secure routing in wireless sensor network: attacks and countermeasures Presenter: Haiou Xiang Author: Chris Karlof, David Wagner Appeared at the First.

Protecting Privacy in WLAN with DoS Resistance using Client Puzzle Team 7 Yanisa Akkarawichai Rohan Shah CSC 774 – Advanced Network Security Prof. Peng.

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner (modified by Sarjana Singh)

Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.

CCSP 8 Dec Securing Wireless Sensor Networks CCSP Seminar 8 December 2003 David Evans

H AZY S IGHTED L INK S TATE R OUTING P ROTOCOL Eleonora Borgia Pervasive Computing & Networking Lab. PerLab IIT – CNR MobileMAN.

Detecting Selective Dropping Attacks in BGP Mooi Chuah Kun Huang November 2006.

Wireless Security in the Real World: Using Physical Properties to Mitigate Wormhole Attacks SIGNET Seminar University of Delaware 15 September 2004 David.

Link State Routing David Holmer Generic Link State Routing  Each node monitors neighbors/local links and advertises them to the network.

KAIS T SIGF : A Family of Configurable, Secure Routing Protocols for WSNs Sep. 20, 2007 Presented by Kim, Chano Brian Blum, Tian He, Sang Son, Jack Stankovic.

Wireless Security in the Real World: Using Physical Properties to Mitigate Wormhole Attacks SIGNET Seminar University of Delaware 15 September 2004 David.

Muhammad Mahmudul Islam Ronald Pose Carlo Kopp School of Computer Science & Software Engineering Monash University Australia.

A Multi-Channel Cooperative MIMO MAC Protocol for Wireless Sensor Networks(MCCMIMO) MASS 2010.

Dynamic Link Labels for Energy Efficient MAC Headers in Wireless Sensor Networks Sheng-Shih Wang Gautam Kulkarni, Curt Schurgers, and Mani Srivastava IEEE.

Computer Science Using Directional Antennas to Prevent Wormhole Attacks Stephen Thomas Acknowledgement: Portions of this presentation have been donated.

NDSS 2004Hu and Evans, UVa1 Using Directional Antennas to Prevent Wormhole Attacks Lingxuan Hu and David Evans [lingxuan, Department.

1 An Interleaved Hop-by-Hop Authentication Scheme for Filtering of Injected False Data in Sensor Networks Sencun Zhu, Sanjeev Setia, Sushil Jajodia, Peng.

1 Routing security against Threat models CSCI 5931 Wireless & Sensor Networks CSCI 5931 Wireless & Sensor Networks Darshan Chipade.

Jinfang Jiang, Guangjie Han, Lei Shu, Han-Chieh Chao, Shojiro Nishio

S E A D Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Networks Yih-Chun Hu,David B.Johnson, Adrian Perrig.

Reliable Mobicast via Face- Aware Routing Qingfeng Huang,Chenyang Lu and Gruia-Catalin Roman Department of Computer Science and Engineering Washington.

Different Types of Attacks on Multicast in Mobile Ad Hoc Networks Reporter : Claudia 12011/12/ /06 $20.00 © 2006 IEEE.

Computer Science Least Privilege and Privilege Deprivation: Towards Tolerating Mobile Sink Compromises in Wireless Sensor Network Presented by Jennifer.

Zone Routing Protocol (ZRP)

Packet Leashes: Defense Against Wormhole Attacks

Presenter: Yawen Wei Author: Loukas Lazos and Radha Poovendran

Net 435: Wireless sensor network (WSN)

Presentation transcript:

Computer Science 1 Using Directional Antennas to Prevent Wormhole Attacks Presented by: Juan Du Nov 16, 2005

Computer Science 2 Outline Wormhole attacks Related works Three neighbor discovery protocols –Directional Neighbor Discovery –Verified Neighbor Discovery –Strict Neighbor Discovery Conclusion and future work

Computer Science 3 Wormhole Attacks A, B, C: nodes in wireless networks X, Y: transceivers connected by a high quality, low-latency link Attacker replays packets received by X at Y, and vice versa Makes A and B believe they are neighbors Selectively drop data messages to disrupt communications

Computer Science 4 Wormhole Impact Cost –Limited resources needed –No cryptographic material needed Damage to routing –Impact beyond the endpoints’ neighborhoods! –Endpoints placed strategically Worst case: disrupts nearly all network routes

Computer Science 5 Related Works Secure routing protocols such as SRP, SEAD, Ariadne, ARRIVE, … –Still vulnerable to wormhole attacks Location based routing protocols –Have the potential –Have drawbacks Localization systems become attack target Need synchronized clocks and precise location knowledge

Computer Science 6 Protocol Idea Wormhole attack depends on a node that is not nearby convincing another node it is Solution: –Verify neighbors are really neighbors –Only accept messages from verified neighbors

Computer Science 7 The Technique: Directional Antennas Divide transmission range into N zones clockwise starting with zone 1 facing east. All nodes have the same orientation. A node can get approximate direction information based on received signals

Computer Science 8 Notations A, B, C... Legitimate nodes X, Y Wormhole endpoints R Nonce E KAB (M) Message encrypted by key shared between nodes A and B zone The directional element, which ranges from 1–6 as shown in figure ^zone The opposite directional element. For example, if zone=1 then ^zone=4. zone (A, B) Zone in which node A hears node B neighbors (A, zone) Nodes within one (directional distance) hop in direction zone of node A.

Computer Science 9 Directional Neighbor Discovery 1. A  RegionHELLO | ID A Sent in every direction 2. N  AID N | E KNA (ID A | R | zone (N, A)) Sent in zone (N, A) 3. A  NR Checks zone is opposite, sent in zone (A, N) A N

Computer Science 10 Directional Neighbor Discovery (Cont.) The protocol itself is vulnerable to wormhole attacks Attack’s effectiveness is reduced –Only node pairs that are in opposite directions relative to the wormhole in each region will accept each other as neighbors (e.g. A and C) –How about A and B?

Computer Science 11 Verified Neighbor Discovery Observation: Cooperate! –Wormhole can only trick nodes in particular locations –Verify neighbors using other nodes –Need receive confirmation from a verifier node before accepting a new neighbor –Need prevent verifiers from acting through the wormhole A valid verifier V for the link A B must satisfy: –zone (B, A) ≠ zone (B, V) B hears V in a different zone from node A –zone (B, A) ≠ zone (V, A) B and V hear node A from different directions

Computer Science 12 Verified Neighbor Discovery (Cont.) 1. A  Region HELLO | ID A 2. N  A ID N | E KNA (ID A | R | zone (N, A)) 3. A  N R 4. N  Region INQUIRY | ID N | ID A | zone (N, A) Sent in directions except zone (N, A) and ^zone (N, A) 5. V  N ID V | E KNV (ID A | zone (V, N)) V satisfies verifier properties and completed N  A ID N | E KAN (ID A | ACCEPT) N must receive at least one verifier response Same as before

Computer Science 13 Effect of Verified Neighbor Discovery D as the verifier –zone (D, A) = 3‚ zone (A, D) = 1 –wormhole cannot convince D and A to accept each other as neighbors –B will not be able to verify A as a neighbor through D Secure against wormhole attacks that involve two distant endpoints

Computer Science 14 Strict Neighbor Discovery Worawannotai attack –B and A are unable to communicate directly, but close enough to have a verifier that can hear both A and B

Computer Science 15 Analysis Advantage –Low overhead –Directional antennas Energy conservative Better spatial reuse of bandwidth Disadvantage –May prevent legitimate links from being established because of no potential verifier node –For network density of 10 neighbors, less than 0.5% (or 40%) of links are lost and no (or 0.03%) nodes are disconnected in verified (or strict) neighbor discovery protocol

Computer Science 16 Conclusion and Future Work Conclusion –Wormhole attacks are a powerful attack which depend on a node misrepresenting its location –Directional antennas offer a promising approach Future work –Multiple wormhole endpoint attacks –Robustness

Computer Science 17 Questions? Thank you!