Muhammad Mahmudul Islam Ronald Pose Carlo Kopp School of Computer Science & Software Engineering Monash University Australia.

Slides:

Advertisements

Similar presentations

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

Advertisements

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

Raphael Frank 20 October 2007 Authentication & Intrusion Prevention for Multi-Link Wireless Networks.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Multiple Directional Antennas in Suburban Ad-Hoc Networks Ronald Pose Muhammad Mahmudul Islam Carlo Kopp School of Computer Science & Software Engineering.

1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID

Security Issues In Sensor Networks By Priya Palanivelu.

Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Muhammad Mahmudul Islam Ronald Pose Carlo Kopp School of Computer Science & Software Engineering Monash University, Australia.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.

Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.

Key Distribution in Sensor Networks (work in progress report) Adrian Perrig UC Berkeley.

Secure Routing in Ad Hoc Wireless Networks

Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.

Security Risks for Ad Hoc Networks and how they can be alleviated By: Jones Olaiya Ogunduyilemi Supervisor: Jens Christian Godskesen © Dec

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

TinySec: Link Layer Security Chris Karlof, Naveen Sastry, David Wagner University of California, Berkeley Presenter: Todd Fielder.

SPINS: Security Protocols for Sensor Networks Adrian Perrig Robert Szewczyk Victor Wen David Culler Doug TygarUC Berkeley.

Effects of Directional Antennas on e Muhammad Mahmudul Islam Ronald Pose Carlo Kopp School of Computer Science & Software Engineering Monash University.

ITIS 6010/8010: Wireless Network Security Weichao Wang.

Chapter 20: Network Security Business Data Communications, 4e.

Mobile IP: Introduction Reference: “Mobile networking through Mobile IP”; Perkins, C.E.; IEEE Internet Computing, Volume: 2 Issue: 1, Jan.- Feb. 1998;

A Vehicular Ad Hoc Networks Intrusion Detection System Based on BUSNet.

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

Wireless Network Security. What is a Wireless Network Wireless networks serve as the transport mechanism between devices and among devices and the traditional.

Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.

An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.

Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

SECURITY-AWARE AD-HOC ROUTING FOR WIRELESS NETWORKS Seung Yi, Prasad Naldurg, Robin Kravets Department of Computer Science University of Illinois at Urbana-Champaign.

Security for the Optimized Link- State Routing Protocol for Wireless Ad Hoc Networks Stephen Asherson Computer Science MSc Student DNA Lab 1.

A Security-Aware Routing Protocol for Wireless Ad Hoc Networks

UNIVERSITY OF PATRAS Department of Electrical & Computer Engineering Wireless Telecommunications Laboratory M. Tsagkaropoulos “Securing.

KAIS T Security architecture in a multi-hop mesh network Conference in France, Presented by JooBeom Yun.

Network Security Lecture 20 Presented by: Dr. Munam Ali Shah.

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering Secure Authentication System for Public WLAN Roaming Ana Sanz Merino, Yasuhiko.

Chapter 9 Networking & Distributed Security. csci5233 computer security & integrity (Chap. 9) 2 Outline Overview of Networking Threats Wiretapping, impersonation,

Muhammad Mahmudul Islam Ronald Pose Carlo Kopp School of Computer Science & Software Engineering Monash University, Australia.

Doc.: IEEE /495r1 Submission July 2001 Jon Edney, NokiaSlide 1 Ad-Hoc Group Requirements Report Group met twice - total 5 hours Group size ranged.

Security in Ad Hoc Networks. What is an Ad hoc network? “…a collection of wireless mobile hosts forming a temporary network without the aid of any established.

11 SECURING NETWORK COMMUNICATION Chapter 9. Chapter 9: SECURING NETWORK COMMUNICATION2 OVERVIEW  List the major threats to network communications. 

Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.

Applied cryptography Project 2. 2CSE539 Applied Cryptography A demo Chat server registration Please enter a login name : > Alice Please enter the.

Security in Mobile Ad Hoc Networks: Challenges and Solutions (IEEE Wireless Communications 2004) Hao Yang, et al. October 10 th, 2006 Jinkyu Lee.

Lecture 24 Wireless Network Security

Ad Hoc Network.

Shambhu Upadhyaya 1 Ad Hoc Networks – Network Access Control Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 20)

Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.

802.11b Security CSEP 590 TU Osama Mazahir. Introduction Packets are sent out into the air for anyone to receive Eavesdropping is a much larger concern.

1 Routing security against Threat models CSCI 5931 Wireless & Sensor Networks CSCI 5931 Wireless & Sensor Networks Darshan Chipade.

Network Security Celia Li Computer Science and Engineering York University.

KAIS T Comparative studies on authentication and key exchange methods for wireless LAN Jun Lei, Xiaoming Fu, Dieter Hogrefe, Jianrong Tan Computers.

Computer Science and Engineering Computer System Security CSE 5339/7339 Session 27 November 23, 2004.

@Yuan Xue CS 285 Network Security Placement of Security Function and Security Service Yuan Xue Fall 2013.

 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.

A Security Framework for ROLL draft-tsao-roll-security-framework-00.txt T. Tsao R. Alexander M. Dohler V. Daza A. Lozano.

SPINS: Security Protocols for Sensor Networks

Security Of Wireless Sensor Networks

SPINS: Security Protocols for Sensor Networks

Security of Wireless Sensor Networks

Presentation transcript:

Muhammad Mahmudul Islam Ronald Pose Carlo Kopp School of Computer Science & Software Engineering Monash University Australia

 Problem statement  Limitations of WEP and i  Features of Link Layer Security Protocol (LLSP)  Overview of LLSP  Security analysis of LLSP  Overhead of LLSP  Future work  Questions

What is Security  Authentications, verifies the authenticity of the sender  Encryption, hides information  Integrity, prevents unauthorized modification Security in ad-hoc networks above link layer  Secure route discovery and route maintenance (e.g. SAR, ARIADNE, ARAN etc)  Secure communication on end-to-end basis (e.g. IPSec)  Monitor traffic pattern and take necessary steps to minimize malicious/selfish behaviors (e.g. Watchdog, Pathrater, CONFIDANT etc) Common assumption of these solutions  A secured layer has already been deployed that securely distributes various keys, certificates and update information Link Layer Security Protocol (LLSP) is a solution for the underlying secured layer

WEP  Lacks dynamic key management  One way handshaking, reusing keys and the weaknesses of RC4 make WEP vulnerable to MITM attacks  Vulnerable to DoS attacks since association and dissociation messages are not authenticated  Not designed for multi-hop ad-hoc networks i  Requires a trusted third party authentication server (RADIUS) for authenticating new nodes  Uses symmetric keys for authenticating new nodes and exchanging session keys  Not designed for multi-hop ad-hoc networks

 Uses capability to flexibly represent the access right and the identification of each link  Authenticate and encrypt every packet for each link  Guarantee the integrity of information.  Dynamic key management  Reduces replay, MITM and DoS attacks  Not dependent on any trusted third party authentication server  Does not require any MAC-IP binding  Does not need synchronized clocks  Independent of any routing protocol  No network wide flooding of any information  Scales properly with changes in network topology  Does not suffer from initial setup delay for each session  Specially designed for SAHN-like networks

 Multi-hop ad-hoc network  Ideal for cooperative nodes, e.g. connecting houses and business  Topology is quasi-static  Uses wireless technology  Multi-hop QoS routing  Decentralized  Multi Mbps broadband service  No charges for SAHN traffic  Can run alongside TCP/IP  Conceived by Ronald Pose & Carlo Kopp in 1997 at Monash University, Australia

Security Services Provided by LLSP  Type 1: Authenticates a new node  Type 2: Updates the capability (CAP) of a link  Type 3: Updates the shared key (SHK) of a link  Type 4: Authenticates received packets and  Type 5: Encrypts payload of MAC layer

Authenticate a New Node

Update SHK

Update CAP

Secure and Authenticate Data packets

Various Packet Formats of LLSP

 CAP of a link as a certificate  Encrypting CAP & SIG ensure the authenticity of each packet  SIG ensures integrity  Encrypting SIG and SEQ reduces replay attacks  Updating keys and CAP regularly makes guessing or recomputing difficult by unauthorized nodes  DoS attacks by flooding is not propagated, i.e. kept confined within the neighborhood of the malicious node

Authentication Type Transmission Rate (Mbps) Total Duration (ms) Type Type 2, Type Type 4, Type 5 Any In real-time using AES HW Duration of authentication processes with b and HW supported AES

Communication Overhead for single pair of node (1/2)

Communication Overhead for single pair of node (2/2)

Communication Overhead for 35 pairs of node (1/2)

Communication Overhead for 35 pairs of node (2/2)

Enhance the effectiveness and robustness of LLSP by integrating a monitoring system that can detect malicious/selfish activities of other nodes Integrate LLSP with channel access mechanisms of other wireless technologies (e.g. IEEE e, ) and measure performance