MITRE 7 April 2009 CS 5214 Presenter: Phu-Gui Feng Performance Analysis of Distributed IDS Protocols for Mobile GCS Dr. Jin-Hee Cho, Dr. Ing-Ray Chen MITRE.

Slides:



Advertisements
Similar presentations
Chris Karlof and David Wagner
Advertisements

Security in Mobile Ad Hoc Networks
Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,
Multicasting in Mobile Ad hoc Networks By XIE Jiawei.
1 Performance Char’ of Region- Based Group Key Management --- in Mobile Ad Hoc Networks --- by Ing-Ray Chen, Jin-Hee Cho and Ding-Chau Wang Presented by.
Introduction to Wireless Sensor Networks
Sogang University ICC Lab Using Game Theory to Analyze Wireless Ad Hoc networks.
Distributed Detection Of Node Replication Attacks In Sensor Networks Presenter: Kirtesh Patil Acknowledgement: Slides on Paper originally provided by Bryan.
Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.
NGMAST- WMS workshop17/09/2008, Cardiff, Wales, UK A Simulation Analysis of Routing Misbehaviour in Mobile Ad hoc Networks 2 nd International Conference.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Jorge Hortelano, Juan Carlos Ruiz, Pietro Manzoni
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
1 Key Management in Mobile Ad Hoc Networks Presented by Edith Ngai Spring 2003.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.
Trust Level Based Self-Organized Routing Protocol for Secure Ad Hoc Networks Li Xiaoqi, GiGi 12/3/2002.
MANETs A Mobile Ad Hoc Network (MANET) is a self-configuring network of mobile nodes connected by wireless links. Characteristics include: no fixed infrastructure.
ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
Distributed Token Circulation in Mobile Ad Hoc Networks Navneet Malpani, Intel Corp. Nitin Vaidya, Univ. Illinois Urbana-Champaign Jennifer Welch, Texas.
HARP-Hybrid Ad Hoc Routing Protocol Navid NIKAEIN Christian BONNET Neda NIKAEIN © 2001 Navid Nikaein Eurecom Institute.
1. Introduction Generally Intrusion Detection Systems (IDSs), as special-purpose devices to detect network anomalies and attacks, are using two approaches.
Effect Of Intrusion Detection on Reliability of Mission-Oriented Mobile Group Systems in Mobile Ad Hoc Networks Author: J.H. Cho, I.R. Chen and P.G. Feng.
Effect of Intrusion Detection on Reliability Jin-Hee Cho, Member, IEEE, Ing-Ray Chen, Member, IEEE, and Phu-Gui Feng IEEE TRANSACTIONS ON RELIABILITY,
Integrated Social and Quality of Service Trust Management of Mobile Groups in Ad Hoc Networks Ing-Ray Chen, Jia Guo, Fenye Bao, Jin-Hee Cho Communications.
Reliability of Wireless Sensors with Code Attestation for Intrusion Detection Presented by: Yating Wang.
A Vehicular Ad Hoc Networks Intrusion Detection System Based on BUSNet.
Routing Security in Wireless Ad Hoc Networks Chris Zingraf, Charisse Scott, Eileen Hindmon.
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
1 / 18 Fariba alamshahi Secure Routing and Intrusion Detection in Ad Hoc Networks Supervisor: Mr.zaker Translator: fariba alamshahi.
Trust-based Multi-Objective Optimization for Node-to-Task Assignment in Coalition Networks 1 Jin-Hee Cho, Ing-Ray Chen, Yating Wang, and Kevin S. Chan.
Hierarchical agent-based secure and reliable multicast in wireless mesh networks Yinan LI, Ing-Ray Chen Robert Weikel, Virginia Sistrunk, Hung-Yuan Chung.
Wei Gao1 and Qinghua Li2 1The University of Tennessee, Knoxville
Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,
Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.
Power Save Mechanisms for Multi-Hop Wireless Networks Matthew J. Miller and Nitin H. Vaidya University of Illinois at Urbana-Champaign BROADNETS October.
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai 28 October 2003.
Detecting Targeted Attacks Using Shadow Honeypots Authors: K.G. Anagnostakis, S. Sidiroglou, P. Akritidis, K. Xinidis, E. Markatos, A.D. Keromytis Published:
Designing Routing Protocol For Mobile Ad Hoc Networks Navid NIKAEIN Christian BONNET EURECOM Institute Sophia-Antipolis France.
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures Chris Karlof and David Wagner (modified by Sarjana Singh)
Dual-Region Location Management for Mobile Ad Hoc Networks Yinan Li, Ing-ray Chen, Ding-chau Wang Presented by Youyou Cao.
Security in Mobile Ad Hoc Networks: Challenges and Solutions (IEEE Wireless Communications 2004) Hao Yang, et al. October 10 th, 2006 Jinkyu Lee.
MMAC: A Mobility- Adaptive, Collision-Free MAC Protocol for Wireless Sensor Networks Muneeb Ali, Tashfeen Suleman, and Zartash Afzal Uzmi IEEE Performance,
Ad Hoc Network.
SR: A Cross-Layer Routing in Wireless Ad Hoc Sensor Networks Zhen Jiang Department of Computer Science West Chester University West Chester, PA 19335,
Security in Wireless Ad Hoc Networks. 2 Outline  wireless ad hoc networks  security challenges  research directions  two selected topics – rational.
Optimal Batch Rekeying for Secure Group Communications in Wireless Networks Authors: Jin-Hee Cho, Ing-ray Chen, Mohamed Eltoweissy Presented by Niharika.
Performance of Adaptive Beam Nulling in Multihop Ad Hoc Networks Under Jamming Suman Bhunia, Vahid Behzadan, Paulo Alexandre Regis, Shamik Sengupta.
Routing Security in Wireless Ad Hoc Networks Chris Zingraf, Charisse Scott, Eileen Hindmon.
Cooperative Location- Sensing for Wireless Networks Authors : Haris Fretzagias Maria Papadopouli Presented by cychen IEEE International Conference on Pervasive.
J.-H. Cho, I.-R. Chen, M. Eltoweissy ACM/Springer Wireless Networks, 2007 Presented by: Mwaffaq Otoom CS5214 – Spring © 2007 On optimal batch re-keying.
Sharp Hybrid Adaptive Routing Protocol for Mobile Ad Hoc Networks
Self-stabilizing energy-efficient multicast for MANETs.
1 An Interleaved Hop-by-Hop Authentication Scheme for Filtering of Injected False Data in Sensor Networks Sencun Zhu, Sanjeev Setia, Sushil Jajodia, Peng.
Hierarchical Trust Management for Wireless Sensor Networks and Its Applications to Trust-Based Routing and Intrusion Detection Wenhai Sun & Ruide Zhang.
Reliability of Wireless sensors with code attestation for intrusion detection Ing-Ray Chen, Yating Wang, Ding-Chau Wang Information Processing Letters.
Risk-Aware Mitigation for MANET Routing Attacks Submitted by Sk. Khajavali.
The Cost of Inconsistency in Chord Shelley Zhuang, Ion Stoica, Randy Katz OASIS/i3 Retreat, January 2005.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai Supervised.
Wireless sensor and actor networks: research challenges Ian. F. Akyildiz, Ismail H. Kasimoglu
Ing-Ray Chen, Member, IEEE, Hamid Al-Hamadi Haili Dong Secure and Reliable Multisource Multipath Routing in Clustered Wireless Sensor Networks 1.
On Survivability of Mobile Cyber Physical Systems with Intrusion Detection Authors: Robert Mitchell, Ing-Ray Chen Presented by: Ting Hua.
Recommendation Based Trust Model with an Effective Defense Scheme for ManetS Adeela Huma 02/02/2017.
Mobile ad hoc networking: imperatives and challenges
Authors: Ing-Ray Chen; Yating Wang Present by: Kaiqun Fu
A Secure Ad-hoc Routing Approach using Localized Self-healing Communities MobiHoc, 2005 Presented by An Dong-hyeok CNLAB at KAIST.
Presentation transcript:

MITRE 7 April 2009 CS 5214 Presenter: Phu-Gui Feng Performance Analysis of Distributed IDS Protocols for Mobile GCS Dr. Jin-Hee Cho, Dr. Ing-Ray Chen MITRE

2 Agenda l Introduction l System Description lSecure GCS lDistributed IDS lResulting Metrics l Performance Model (SPN) l Key Parameterization l SRN Calculations l Conclusions

3 MANET Design Challenges Paper Objective: to Design Secure GCS –Mobile Ad Hoc Network (MANET) hosts form secure group communication systems (Secure GCS) –In GCS, mobile nodes join and leave a group dynamically High security vulnerability: –Outsider attacks: 1 st line of defense with key pairs –Insider attacks: IDS is 2 nd line of defense Unique characteristics: –Open medium, Dynamic topology –De-centralized decision and cooperation –Lack of centralized authority –Lack of resources (power, BW, memory) –No clear line of defense [7] The Problem: System Failure Before Mission Completion Our Goal: To Improve High Survivability (MTTSF)

4 Related Work & Application Related Work: –No reactive IDS against changing attacker behaviors –No analysis on detection latency vs performance degradation –No impact of IDS on performance degradation Our Unique Contribution: –The need for Secure GCS in MANET –Trade off between security and performance –Insider attacks and IDS defects –Identify optimal design of adaptive IDS –Develop SRN to describe and analyze IDS & tradeoff –Evaluate Maxed MTTSF and optimal IDS detection interval

5 System Description (1 of 3) Secure GCS: –Shared key to maintain group confidentiality –Group key agreement protocol [9] –Distributed key management protocol– CKA GDH[10] –Dynamic group rekeying to change group key –Forward secrecy: know previous key, not current –Backward secrecy: know current key, not previous –Mission oriented to detect/evict compromised nodes –E.g. Rescue teams in disaster recovery –E.g. Soldiers groups in battle field –Compromised nodes result in compromised system –Accepting leaked info (C1) resulted in loss of system integrity –More than 1/3 member nodes are un-detected & compromised (C2) resulted in loss of system availability –Collusion (Pfn, Pfp) result in detection defects

6 System Description (2 of 3) Distributed IDS: –Host based IDS [15] –Local detection on compromised neighboring nodes –Pre-install host-based IDS –misuse detection, anomaly detection [15] –Voting based IDS –Independent framework –Cooperative detection –Majority voting on sensor networks [2] –Approach: –Host-based IDS collects info –Periodically, a target node evaluated/being voted –m voters are selected Host-based IDSP1=false negative probabilityP2=false positive probability Voting based IDSPfn=false negative probabilityPfp=false positive probability

7 System Description (3 of 3) Security and Performance Metrics: –MTTSF: –Average time before reaching failure absorption state –Lower MTTSF means faster C1 or C2 –Goal: maximize MTTSF –Communication Traffic Cost ( ) –Total traffic per sec: –Group communication, –Status exchange, rekeying, –Intrusion detection, beacon, –Group partition/merge –High cost means high contention, high delay –Goal: to minimize total cost

8 Performance Model

9 Key Parameterization

10 SRN Calculations Expected cumulative reward: MTTSF –Reward assignment: –Operational states, 1 –Failure state, 0

11 Conclusions (1 of 3) Optimal T IDS Sensitivity: higher m  lower Pfp, Pfn  MTTSF increases  Cost is high smaller m  large Pfp, Pfn  MTTSF decreases, 1.Before Topt, T IDS increases so that fewer IDS  less probable false alarms  less probable GF from C2  MTTSF increases 2.After Topt, T IDS increases so that fewer IDS more T_CP  more UCm  more probable GF from C1  MTTSF decreases

12 Conclusions (2 of 3) Optimal T IDS : tradeoff C GC, C IDS higher m  lower Pfp, Pfn  C GC higher higher m  more voters  C IDS higher Sensitive T IDS : higher m  higher Cost saving

13 Conclusions (3 of 3) Secure GCS: –Identify optimal design of adaptive IDS in response to changing attacker strength