Presentation is loading. Please wait.

Presentation is loading. Please wait.

Analysis of a SuperSEAD Aaron Staple Mukund Sundararajan.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Analysis of a SuperSEAD Aaron Staple Mukund Sundararajan."— Presentation transcript:

1 Analysis of a SuperSEAD Aaron Staple Mukund Sundararajan

2 Mobile Ad-hoc Networks Changing topology Relatively Low Power :No Asymmetric Crypto Low Physical Security Broadcast physical medium Group of people with laptops in a room

3 Routing Protocol: DSDV Distance Vector Routing = Distributed Bellman- Ford Sequence Numbers prevent Routing Loops Routing Table: Contains ID,Metric, SequenceNo, NextHop Periodic Updates: Sequence Numbers Higher Sequence Numbers, Lower Metrics take precedence

4 Contextual assumptions Wireless Links are Bidirectional Physical Layer attacks are beyond the scope of the Protocol – Jamming, DOS Number of Nodes is known and no new nodes can be added to the network. Routing information is distributed via broadcasts

5 Attacker Actions Failing to Advertise Routes Ignoring existing routes Modifying routing updates :Black holes Replaying information Wormhole Attack

6 Assumptions regarding Attacker Power Attacker nodes have the same capabilities as other nodes Cannot schedule arbitrary inter-leavings Can talk to nodes in its vicinitae Cant disrupt other nodes messages Compromised Nodes Compromised Key material Collusion Dolev-Yao attackers.

7 What SuperSEAD attempts to accomplish. “SEAD performs well over the range of scenarios we tested,and is robust against multiple uncoordinated attackers creating incorrect routing state in any other node,even in spite of any active attackers or compromised nodes in the network.” Secure Efficient Ad Hoc Distance Vector Routing

8 SuperSEAD Protocol Hash Tree Chains to Authenticate the lower bound on the metric and an upper bound on the sequence number Neighbor Authentication: Origin of the message N^2 Symmetric keys Hash Chain Anchors and Symmetric Keys are distributed using an external mechanism Packet Leashes :Temporal Avoid replays.

9 Hash Chains 321321 0123401234 Metric SequenceNOSequenceNO

10 Hash Trees

11 Hash Tree Chains

12 Hash Trees Chains Contd..

13 Analysis Method :Equivalence Based Impact on network topology achieved in the presence of a few attacker nodes Compare states achievable in the presence of attacker to an attacker-free model We consider only steady states Essentially simulating the hash chains and the neighbor authentication, assuming that they operate correctly

14 Security Properties Correct Routing state at all good nodes about all the other good nodes Review of Attacker capabilities: Cant interfere with any messages Cant advertise different information to two different neighbors. Cant perform arbitrary inter-leavings of messages Cannot determine all the events that take place in the network

15 Murphi Transition Scheduling We DO NOT consider all possible schedulings of routing updates Attackers can’t control the scheduling Murphi State Space would be extremely large We randomly generate permutations that determine order of broadcast updates All attacker actions are enumerated

16 Project Flow Generate sequence of topologies All-pairs Shortest Paths Generate Murphi Code Simulate/Verify Model Analyze resulting steady states Generate Message Trace for Offending states

17 ruleset change: boolean do ruleset new_seq_no: 0..MaxSequenceNumber do ruleset new_distance: 1..(MaxDistance-1) do rule 300 "A bad node performs a broadcast update about a single other node" (turn_list[turn] > NumGoodNodes) ==> begin for j: 1..TotalNodes do if ((topology[top_id][turn_list[turn]][j] = true) & ((routing_tables[turn_list[turn]][badAbout].sequence_no > new_seq_no) | ((routing_tables[turn_list[turn]][badAbout].sequence_no = new_seq_no) & (routing_tables[turn_list[turn]][badAbout].distance + 1 <= new_distance))) & ((routing_tables[j][badAbout].sequence_no < new_seq_no) | ((routing_tables[j][badAbout].sequence_no = new_seq_no) & (routing_tables[j][badAbout].distance > new_distance)))) then routing_tables[j][badAbout].sequence_no := new_seq_no; routing_tables[j][badAbout].distance := new_distance; printout := 1; end; end; if (badAbout = TotalNodes) then turn := (turn % TotalNodes) + 1; change_top := change; end; badAbout := (badAbout % TotalNodes) + 1; end; end; end; end;

18 Attacks that we focused on Run the protocol without SEAD present and see the attack Run it with SEAD present and if an attacker node cannot advertise different information to different neighbors, show that found no attack. In the presence of collusion,tunneling there is a wormhole attack. Node placement attack. K (>1) consecutive attacker nodes on a path can shorten path by k-1. Attacks in the absence of neighbor authentication and packet leashes

19 Issues that we faced Inconsistently specified Murphi Syntax [Some things that could have been wrong were wrong at the worst possible time] Difficult to model a more representative subset of all possible routing update inter-leavings. No Protocol Specification, Only Prose Had to modify poorly documented Murphi Code.

20 Conclusions Tool Related Simulate certain moves but verify other moves Should scale to verifying larger collections of nodes Connectivity is orthogonal to the protocol and it is useful to be able to specify separately Print out all states that satisfy certain conditions SEAD Related New nodes cannot join the network Simple collusion attacks Need for reputation mechanisms Lot of assumptions at the physical layer Attacker power

21 References 1. SEAD:secure efficient distance vector routing for mobile wireless ad hoc networks Yih-Chun Hu,David B.Johnson,Adrian Perrig 2. Y.-C.Hu,A.Perrig,D.B.Johnson,Packet leashes:a defense against wormhole attacks in wireless ad hoc networks,in:Proceedings of IEEE Infocomm 2003,April 2003. 3. Efficient Security Mechanisms for Routing Protocols Yih-Chun Hu,Adrian Perrig,David B. Johnson 4. Secure Routing in Wireless Sensor Networks:Attacks and Countermeasures Chris Karlof David Wagner 5. The TESLA Broadcast Authentication Protocol Adrian Perrig Ran Canetti J. D. Tygar Dawn Song

Download ppt "Analysis of a SuperSEAD Aaron Staple Mukund Sundararajan."

Similar presentations

Chris Karlof and David Wagner

Chris Karlof and David Wagner
Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)

Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
Denial of Service in Sensor Networks Szymon Olesiak.

Denial of Service in Sensor Networks Szymon Olesiak.
Maximum Battery Life Routing to Support Ubiquitous Mobile Computing in Wireless Ad Hoc Networks By C. K. Toh.

Maximum Battery Life Routing to Support Ubiquitous Mobile Computing in Wireless Ad Hoc Networks By C. K. Toh.
A Distributed Security Framework for Heterogeneous Wireless Sensor Networks Presented by Drew Wichmann Paper by Himali Saxena, Chunyu Ai, Marco Valero,

A Distributed Security Framework for Heterogeneous Wireless Sensor Networks Presented by Drew Wichmann Paper by Himali Saxena, Chunyu Ai, Marco Valero,
A Survey of Secure Wireless Ad Hoc Routing

A Survey of Secure Wireless Ad Hoc Routing
David B. Johnson Rice University Department of Computer Science DSR Status Update Monarch Project 55th.

David B. Johnson Rice University Department of Computer Science DSR Status Update Monarch Project 55th.
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1

Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1
SIA: Secure Information Aggregation in Sensor Networks Bartosz Przydatek, Dawn Song, Adrian Perrig Carnegie Mellon University Carl Hartung CSCI 7143: Secure.

SIA: Secure Information Aggregation in Sensor Networks Bartosz Przydatek, Dawn Song, Adrian Perrig Carnegie Mellon University Carl Hartung CSCI 7143: Secure.
1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.

1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.
Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.

Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.
Secure Data Communication in Mobile Ad Hoc Networks Authors: Panagiotis Papadimitratos and Zygmunt J Haas Presented by Sarah Casey Authors: Panagiotis.

Secure Data Communication in Mobile Ad Hoc Networks Authors: Panagiotis Papadimitratos and Zygmunt J Haas Presented by Sarah Casey Authors: Panagiotis.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.

Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.
KUASAR An efficient and light-weight protocol for routing and data dissemination in ad hoc wireless sensor networks David Andrews Aditya Mandapaka Joe.

KUASAR An efficient and light-weight protocol for routing and data dissemination in ad hoc wireless sensor networks David Andrews Aditya Mandapaka Joe.
Packet Leashes: A Defense against Wormhole Attacks in Wireless Networks Yih-Chun Hu (Carnegie Mellon University) Adrian Perrig (Carnegie Mellon University)

Packet Leashes: A Defense against Wormhole Attacks in Wireless Networks Yih-Chun Hu (Carnegie Mellon University) Adrian Perrig (Carnegie Mellon University)
SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.

SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.
Yih-Chun Hu Carnegie Mellon University

Yih-Chun Hu Carnegie Mellon University
Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.

Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.

Similar presentations

Ads by Google