Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Risks for Ad Hoc Networks and how they can be alleviated By: Jones Olaiya Ogunduyilemi Supervisor: Jens Christian Godskesen © Dec. 2006.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Security Risks for Ad Hoc Networks and how they can be alleviated By: Jones Olaiya Ogunduyilemi Supervisor: Jens Christian Godskesen © Dec. 2006."— Presentation transcript:

1 Security Risks for Ad Hoc Networks and how they can be alleviated By: Jones Olaiya Ogunduyilemi Supervisor: Jens Christian Godskesen © Dec. 2006

2 Agenda Overview of ad hoc networks (MANET) Characteristics Risks and threats : (Kinds of attacks) Criteria for securing ad hoc network Some possible solutions Suggestion (Securing – ZRP protocol) Corrections & Discussion

3 Overview of ad hoc networks (MANET) Mobile nodes equipped with wireless Interfaces No established Infrastructure Self Organized No Centralized Control Network topology changes dynamically

4 Characteristics May be out of wireless transmitter range of others Need to use other nodes as routers for forwarding Find new routes after movement or change Xteristic It’s characteristics makes it most vulnerable

5 Ad Hoc networks Ad hoc networks depend on honest cooperation: -You forward packets correctly and honestly for me, and: -I’ll forward packets correctly and honestly for you Two general areas of security lapses: -Lack of cooperation -Forging routes and maliciously breaking routes

6 Risks and threats Two sources of threats External attackers -Inserting erroneous routing updates -Replaying old routing information -Changing routing updates Internal Attackers (node) -Malicious node advertises incorrect routing information

7 Two kinds of Attacks Passive attacks - Attempt to discover valuable information by listening to the routing traffic (Eavesdropping of data) Active attacks - Modification and deletion of exchanged data - Spoofing -Routing table overflow

8 Criteria for securing ad hoc network Isolation – Identify misbehaving nodes and make them unable to interfere with routing Lightweight computations. – Confine heavy computing task to the least possible number of nodes (battery power protection) Location privacy – Protect information about the location of nodes in a network and the network structure (location disclosure) Self-stabilization – Automatically recover from any problem in a finite amount of time without human intervention. Certain discovery – Always possible to find the available route (routing table overflow, rushing attack)

9 Some possible solutions Encrypt all Data (confidentiality) - Ensure that all data are encrypted before sending Trusted Route Discovery – Send packets via trusted routes to avoid internal attacks Redundant paths – Increase route robustness by providing more route choices Hierarchical structure or zone-based routing – Provide foundation for authentication and local link state routing

10 Possible Solutions... Attack traffic pattern detection – Validate destination sequence Intrusion detection – Monitor behavior of suspected hosts for intrusion detection Authentication among hosts – Prevent impersonation (spoofing) Encrypt and authenticate all packets with a key

11 Suggestion and Contribution: Protocols Drawback Handling of compromised nodes still a problem Protocols Discussed Proactive (Table Driven): DSDV Reactive (on-demand): DSR, AODV, ARAN Hybrid: ZRP

12 Suggestion and Contribution: Securing – ZRP protocol Diffie-Hellman Key Agreement Alice generates a random private value a and Bob generates a random private value b. Both a and b are drawn from the set of integers. Alice Bob Alice and Bob derive their public values using parameters p and g and their private values Alice's public value is g a mod p Bob's public value is g b mod p Alice and Bob exchange their public values Alice computes g ab = (g b ) a mod p Bob computes g ba = (g a ) b mod p Since g ab = g ba = k, Alice and Bob now have a shared secret key k 1 2 33 4 5 6

13 Secure Diffie-Hellman Key Agreement Obtain a public/private key pair and a certificate for the public key prior to execution The immunity is achieved by allowing Alice and Bob to authenticate themselves to each other by the use of digital signatures and public-key certificates Alice Bob Suggestion and Contribution: Secured – ZRP protocol During the protocol, Alice computes a signature on certain messages, covering the public value g a mod p. Bob proceeds in a similar way covering the public value g b mod p. Man-in-the-middle could still intercept message between the parties BUT cannot forge signatures without Alice's private key and Bob's private key. This enhances the defeats of the man-in-the-middle attack.

14 Conclusion Problems may still persist due to: Dynamic network environment: -Nodes may move at any time (and often) - Nodes may join and leave the network Standard security services such as : Integrity, Authentication, Non-Repudiation None of these satisfy ad hoc network security needs: Reasons... - Can’t force nodes to cooperate or detect all cases when they do not -Can’t protect against a compromised node sending malicious routing packets

15 Difference between AODV and DSR protocols The main difference between both protocols is that in DSR a source routing option is used; i.e. when a node wants to send something to a destination it sets the whole route for that packet, indicating the addresses of the terminals it has to pass through. In this sense all packets have a DSR header included, and it is needed that all nodes within the ad hoc network know the whole network topology. On the other hand, AODV does not perform source routing at all; when a terminal wants to send something to a destination, it checks its routing table, looking for the next hop towards that destination, and sends the packet to it, and so on. In this sense, data packets "travel" through the ad hoc network without any AODV specific information.

Download ppt "Security Risks for Ad Hoc Networks and how they can be alleviated By: Jones Olaiya Ogunduyilemi Supervisor: Jens Christian Godskesen © Dec. 2006."

Similar presentations

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.
Security in Mobile Ad Hoc Networks

Security in Mobile Ad Hoc Networks
Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,

Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,
By Md Emran Mazumder Ottawa University Student no: 6282845.

By Md Emran Mazumder Ottawa University Student no:
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.

TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.
A Survey of Secure Wireless Ad Hoc Routing

A Survey of Secure Wireless Ad Hoc Routing
Security Improvement for Ad Hoc Wireless Network Visal Kith ECE 695 05/05/2006.

Security Improvement for Ad Hoc Wireless Network Visal Kith ECE /05/2006.
Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.

Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.
Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.

Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.
An Assessment of Mobile Ad-Hoc Network (MANET) Issues Jerry Usery CS 526 May 12 th, 2008.

An Assessment of Mobile Ad-Hoc Network (MANET) Issues Jerry Usery CS 526 May 12 th, 2008.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Trust Level Based Self-Organized Routing Protocol for Secure Ad Hoc Networks Li Xiaoqi, GiGi 12/3/2002.

Trust Level Based Self-Organized Routing Protocol for Secure Ad Hoc Networks Li Xiaoqi, GiGi 12/3/2002.
Centre for Wireless Communications University of Oulu, Finland

Centre for Wireless Communications University of Oulu, Finland
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.
ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.

ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.
ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.

ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
1 Survey Presentation Course: 60-564 Fall 2004 Ataul Bari Instructor: Dr. A. K. Aggarwal.

1 Survey Presentation Course: Fall 2004 Ataul Bari Instructor: Dr. A. K. Aggarwal.
Routing Security in Ad Hoc Networks

Routing Security in Ad Hoc Networks

Similar presentations

Ads by Google