Computer Science Using Directional Antennas to Prevent Wormhole Attacks Stephen Thomas Acknowledgement: Portions of this presentation have been donated.

Slides:

Advertisements

Similar presentations

1 Security for Ad Hoc Network Routing. 2 Ad Hoc Networks Properties Mobile Wireless communication Medium to high bandwidth High variability of connection.

Advertisements

Chris Karlof and David Wagner

Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,

Secure Location Verification with Hidden and Mobile Base Stations -TMC Apr, 2008 Srdjan Capkun, Kasper Bonne Rasmussen, Mario Cagalj, Mani Srivastava.

Collaborative Attacks on Routing Protocols in Ad hoc Networks Neelima Gupta University of Delhi India.

A Survey of Secure Wireless Ad Hoc Routing

DSR The Dynamic Source Routing Protocol Students: Mirko Gilioli Mohammed El Allali.

Secure Routing in Wireless Sensor Network Soumyajit Manna Kent State University 5/11/2015Kent State University1.

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Transmission Time-based Mechanism to Detect Wormhole in Ad-hoc Networks Tran Van Phuong U-Security Group RTMM Lab, Kyung Hee Uni, Korea

Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.

Using Directional Antennas to Prevent Wormhole Attacks Lingxuan Hu, David Evans Jason Buckingham CSCI 7143: Secure Sensor Networks November 2, 2004.

Securing OLSR Using Node Locations Daniele Raffo Cédric Adjih Thomas Clausen Paul Mühlethaler 11 th European Wireless Conference 2005 (EW 2005) April

1/14 Ad Hoc Networking, Eli M. Gafni and Dimitri P. Bertsekas Distributed Algorithm for Generating Loop-free Routes in Networks With Frequently.

An Analysis of the Optimum Node Density for Ad hoc Mobile Networks Elizabeth M. Royer, P. Michael Melliar-Smith and Louise E. Moser Presented by Aki Happonen.

Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.

Packet Leashes: A Defense against Wormhole Attacks in Wireless Networks Yih-Chun Hu (Carnegie Mellon University) Adrian Perrig (Carnegie Mellon University)

SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.

Yih-Chun Hu Carnegie Mellon University

1 Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols Yih-Chun Hu, Adrian Perrig, and David B. Johnson Presenter: Sandeep Mapakshi.

Secure Localization using Dynamic Verifiers Nashad A. Safa Joint Work With S. Sarkar, R. Safavi-Naini and M.Ghaderi.

ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.

1 Sustaining Cooperation in Multi-Hop Wireless Networks Ratul Mahajan, Maya Rodrig, David Wetherall and John Zahorjan University of Washington Presented.

Key Distribution in Sensor Networks (work in progress report) Adrian Perrig UC Berkeley.

Routing Security in Ad Hoc Networks

© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 6: Securing neighbor discovery.

Performance Comparison of Existing Leader Election Algorithms for Dynamic Networks Mobile Ad Hoc (Dynamic) Networks: Collection of potentially mobile computing.

A Lightweight Hop-by-Hop Authentication Protocol For Ad- Hoc Networks Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date:2005/01/20.

Wireless Sensor Networks Security Lindsey McGrath and Christine Weiss.

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures ProtocolRelevant Attacks TinyOS beaconingBogus routing information, selective forwarding,

Computer Science Detecting Malicious Beacon Nodes for Secure Location Discovery in Wireless Sensor Networks Presented by Akshay Lal.

Network Topologies.

Monte Carlo Techniques for Secure Localization ARO Workshop on Localization in Wireless Sensor Networks 14 June David.

1 BANAID: A Sensor Network Test-Bed for Wormhole Attack Hani Alzaid Suhail AbanmiSalil KanhereChun Tung Chou BANAID.

Security of Routing Protocols in Ad Hoc Wireless Networks presented by Reza Curtmola – Advanced Topics in Wireless Networks.

Secure Aggregation for Wireless Networks Lingxuan Hu David Evans [lingxuan, Department of Computer.

How Does Topology Affect Security in Wireless Ad Hoc Networks? Ioannis Broustis CS 260 – Seminar on Network Topology.

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner.

Secure Cell Relay Routing Protocol for Sensor Networks Xiaojiang Du, Fengiing Lin Department of Computer Science North Dakota State University 24th IEEE.

GZ06 : Mobile and Adaptive Systems A Secure On-Demand Routing Protocol for Ad Hoc Networks Allan HUNT Wandao PUNYAPORN Yong CHENG Tingting OUYANG.

Using Directional Antennas to Prevent Wormhole Attacks Lingxuan HuDavid Evans Department of Computer Science University of Virginia.

A survey of Routing Attacks in Mobile Ad Hoc Networks Bounpadith Kannhavong, Hidehisa Nakayama, Yoshiaki Nemoto, Nei Kato, and Abbas Jamalipour Presented.

Dynamic Source Routing (DSR) Sandeep Gupta M.Tech - WCC.

Authors: Yih-Chun Hu, Adrian Perrig, David B. Johnson

Secure routing in wireless sensor network: attacks and countermeasures Presenter: Haiou Xiang Author: Chris Karlof, David Wagner Appeared at the First.

1 Detecting and Evading Wormholes in Mobile Ad-hoc Wireless Networks Asad Amir Pirzada and Chris McDonald.

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner (modified by Sarjana Singh)

Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.

Security in Ad Hoc Networks. What is an Ad hoc network? “…a collection of wireless mobile hosts forming a temporary network without the aid of any established.

CCSP 8 Dec Securing Wireless Sensor Networks CCSP Seminar 8 December 2003 David Evans

BLACK HOLE ATTACK AND ITS COUNTER MEASURES IN AODV ROUTING PROTOCOL Varsha Patidar, Rakesh Verma Mengfei Peng.

1 Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols Yih-Chun Hu, Adrian Perrig, and David B. Johnson Presented By: Nitin Subramanian.

Dynamic Routing in Mobile Ad Hoc Network 報告者：呂佐鴻指導教授：李鴻璋.

SRL: A Bidirectional Abstraction for Unidirectional Ad Hoc Networks. Venugopalan Ramasubramanian Ranveer Chandra Daniel Mosse.

Computer Science 1 Using Directional Antennas to Prevent Wormhole Attacks Presented by: Juan Du Nov 16, 2005.

Wireless Security in the Real World: Using Physical Properties to Mitigate Wormhole Attacks SIGNET Seminar University of Delaware 15 September 2004 David.

KAIS T SIGF : A Family of Configurable, Secure Routing Protocols for WSNs Sep. 20, 2007 Presented by Kim, Chano Brian Blum, Tian He, Sang Son, Jack Stankovic.

Wireless Security in the Real World: Using Physical Properties to Mitigate Wormhole Attacks SIGNET Seminar University of Delaware 15 September 2004 David.

Shambhu Upadhyaya 1 Sensor Networks – Hop- by-Hop Authentication Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 22)

Security in Wireless Networks Mike Swift CSE b Summer 2003.

NDSS 2004Hu and Evans, UVa1 Using Directional Antennas to Prevent Wormhole Attacks Lingxuan Hu and David Evans [lingxuan, Department.

1 An Interleaved Hop-by-Hop Authentication Scheme for Filtering of Injected False Data in Sensor Networks Sencun Zhu, Sanjeev Setia, Sushil Jajodia, Peng.

Slide 1/29 DCSL: Dependable Computing Systems Lab L ITE W ORP : A Lightweight Countermeasure for the Wormhole Attack in Multihop Wireless Networks Issa.

1 Routing security against Threat models CSCI 5931 Wireless & Sensor Networks CSCI 5931 Wireless & Sensor Networks Darshan Chipade.

On Mobile Sink Node for Target Tracking in Wireless Sensor Networks Thanh Hai Trinh and Hee Yong Youn Pervasive Computing and Communications Workshops(PerComW'07)

No Matter Where You Go, There You Are: Secure Localization Techniques for Mobile Wireless Networks Seminar on Applications of Mathematics UVa Institute.

Packet Leashes: Defense Against Wormhole Attacks

任課教授：陳朝鈞教授學生：王志嘉、馬敏修

Presentation transcript:

Computer Science Using Directional Antennas to Prevent Wormhole Attacks Stephen Thomas Acknowledgement: Portions of this presentation have been donated by Dr. David Evans

Computer Science Situation: Ad Hoc Beacon Routing Nodes select parents based on minimum hops to base station

Computer Science Wormhole Attack S D A B C Attacker needs a transceivers at two locations in the network, connected by a low latency link Attacker replays (selectively) packets heard at one location at the other location X Y

Computer Science Wormhole Attack on Beacon Routing X Y Wormhole attack disrupts network without needing to break any cryptography!

Computer Science Possible Solutions Packet Leashes [Hu, Perrig, Johnson 2003] –Requires tightly synchronized clocks (temporal leashes) or precise location information (geographic leashes) –Signal is transmitted at speed of light –Calculate if packet could travel distance between nodes in packet lifetime Packet Arrival Direction

Computer Science Directional Antennas General benefits: power saving, less collisions North Aligned to magnetic North, so zone 1 always faces East Omnidirectional Transmission Directional Transmission from Zone 4

Computer Science Assumptions Legitimate nodes can establish secure node-node links –All critical messages are encrypted Network is fairly dense Nodes are stationary Most links are bidirectional (unidirectional links cannot be established) Transmissions are perfect wedges Nodes are aligned perfectly (relaxed in paper)

Computer Science Directional Neighbor Discovery A 1. A  RegionHELLO | ID A Sent by all antenna elements (sweeping) 2. B  AID B | E KBA (ID A | R | zone (B, A)) Sent by zone (B, A) element, R is nonce 3.A  BR Checks zone is opposite, sent by zone (A, B) B zone (B, A) = 4 is the antenna zone in which B hears A

Computer Science A B zone (B, A[Y]) = 4 zone (A, B [X]) = 1 Undetected False Neighbor: zone (A, B) = opposite of zone (B, A) Not Detecting False Neighbors X Y Directional neighbor discovery prevents 1/6 of false direct links…but doesn’t prevent disruption

Computer Science V Verified Neighbor Discovery 1. A  RegionAnnouncement, done through sequential sweeping 2. B  AInclude nonce and zone information in the message 3. A  BCheck zone information and send back the nonce A B 4. INQUIRY | ID B | ID A | zone (B, A) 5. ID V | E KBV (ID A | zone (V, B)) Same as before 4. B  RegionRequest for verifier to validate A 5. V  BIf V is a valid verifier, sends confirmation 6. B  AAccept A as its neighbor and notify A

Computer Science Verifier Analysis v B A Region 1 Region 2 X Y Wormhole cannot trick a valid verifier: zone (V, A [Y]) = 5 zone (A, V [X]) = 1 Not opposites: verification fails

Computer Science Worawannotai Attack v B A Region 1 Region 2 X V hears A and B directly A and B hear V directly But, A and B hear each other only through repeated X

Computer Science Preventing Attack 1. zone (B, A)  zone (B, V) 2. zone (B, A)  zone (V, A) 3. zone (B, V) cannot be both adjacent to zone (B, A) and adjacent to zone (V, A)

Computer Science Connectivity and Routing Average Path Length Omnidirectional Node Density Strict Protocol Trust All Verified Protocol Network with density = 10 Verified protocol: 0.5% links are lost no nodes disconnected Strict protocol: 40% links are lost 0.03% nodes disconnected 20% path increase from verified

Computer Science Vulnerabilities Attacker with multiple wormhole endpoints –Can create packets coming from different directions to appear neighborly Magnet Attacks –Protocol depends on compass alignment of nodes Antenna, orientation inaccuracies –Real transmissions are not perfect wedges

Computer Science Conclusion An attacker with few resources and no crypto keys can substantially disrupt a network with a wormhole attack If you know your neighbors, can detect wormhole Need to cooperate with your neighbors to know who your legitimate neighbors are

Computer Science Future Work Analysis of protocol vulnerabilities to other attacks –Magnet for disruption (not pertaining to wormhole attacks) –Flipping nodes to disorient north from south Expand protocol to handle dynamic ad hoc networks

Computer Science Thank you! Questions?