Presentation is loading. Please wait.

Presentation is loading. Please wait.

Safeguarding Wireless Service Access Panos Papadimitratos Electrical and Computer Engineering Virginia Tech.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Safeguarding Wireless Service Access Panos Papadimitratos Electrical and Computer Engineering Virginia Tech."— Presentation transcript:

1 Safeguarding Wireless Service Access Panos Papadimitratos Electrical and Computer Engineering Virginia Tech

2 Wireless Service Access Users Service Access Points

3 Wireless Service Access (cont’d)  Ad Hoc Networking  No fixed infrastructure  Collaborative support of the network operation  Peer-to-peer interaction  Transient associations  No administrative boundaries

4 Wireless Service Access (cont’d)  Stringent service level requirements  Shared and limited network resources  ‘Quality’ of the communication paths becomes important  Data rate  Delay  Path reliability  Route discovery protocols that convey path attributes are necessary

5 Problem and Challenges  Seemingly legitimate users, with access privileges, can get high-quality service access while systematically depriving other users from their sought service level  Adversaries can mislead other nodes that the discovered routes are better or worse than they actually are  Authentication cannot solve the problem

6 Problem and Challenges (cont’d)  The ad hoc networking environment introduces vulnerabilities  Each and every node can disrupt the network operation  No central authority and monitoring facility  Difficult or impossible to distinguish between benign and malicious faults  Frequent network changes

7 Solution  Secure Discovery of Route Attributes  Secure Routing Protocol for QoS-aware routing (SRP-QoS) between a pair of communicating end nodes  Accurate quantitative description of the discovered path attributes  Wide range of route selection and traffic handling schemes is enabled to configure communication

8 Network Model  Network node  Unique identity, V  Public/private keys E V, D V  Networking protocols module  Wireless communication module  Primitives: Send L (V,m), Bcast L (m), Receive L (m)  Links: Up, Down

9 Network Model (cont’d)  Each end node knows the identity and the public key of its peer end node  All nodes know the identities and the public keys of their neighbors  Benign nodes comply with the protocol rules  Adversaries deviate or actively disrupt the network operation

10 Network Model (cont’d)  Definition 1: Independent adversaries are network nodes that can modify, forge, or replay routing or data packets, but ignore received traffic that does not comply with the operation of the networking protocols  Definition 2: Arbitrary adversaries deviate from the protocol execution in an arbitrary (Byzantine) manner

11 Secure Route Discovery Specification  N: set of nodes  E: set of unordered pairs of distinct nodes, i.e., links or edges  Route: sequence of nodes V i  N and edges e i,i+1 =(V i, V i+1 )  E  is function that assigns labels to edges, denoted as link metrics m i,i+1  Route metric:  Actual metric:

12 Secure Route Discovery Specification (cont’d)  Let t 1 and t 2 >t 1 two points in time  t 2 is the point in time at which the routing protocol discovers a route Secure Routing Protocol S, T  N (S,T) - route and a sequence of labels

13 Secure Route Discovery Specification (cont’d)  Loop-freedom: an (S,T)-route is loop-free when it has no repetitions of nodes  Freshness: an (S,T)-route is fresh with respect to the (t 1,t 2 ) interval if each of the route’s constituent links is up at some point during the (t 1,t 2 )  Accuracy: an (S,T) route is accurate with respect to a route metric g and a constant Δ good >0 if:

14 SRP-QoS Operation  Nodes estimate metrics for their incident links  For link (V i,V i+1 ), V i calculates and V i+1 calculates  For some  >0,   is a protocol-selectable and metric-specific threshold that allows for metric calculation inaccuracies  is the maximum metric calculation error by a correct node

15 SRP-QoS Operation (cont’d) S V1V1 V3V3 V2V2 T 1234 Route Request (RREQ): S, T, Q SEQ, Q ID, MAC(K S,T, S, T, Q SEQ, Q ID ) 1.S broadcasts RREQ; 2.V 1 broadcasts RREQ, {V 1 }, { }; 3.V 2 broadcasts RREQ, {V 1,V 2 },{ }; 4.V 3 broadcasts RREQ, {V 1, V 2, V 3 },{ };

16 SRP-QoS Operation (cont’d)  RREQ processing  PreviouslySeen(RREQ) routine  For each relayed RREQ, V i initializes a ForwardList  V i adds a neighbor V i+1 to ForwardList iff V i+1 is overheard relaying RREQ with NodeList={NodeList, V i+1 } and MetricList={MetricList, } and  Temporarily stores m S,i

17 SRP-QoS Operation (cont’d) S V1V1 V3V3 V2V2 T 1234 8765 Route Reply (RREP): Q ID, {T, V 3, V 2, V 1, S}, { }, MAC (K S,T, Q SEQ, Q ID, T, V 3, …, V 1, S, ) 5. T → V 3 : RREP; 6. V 3 → V 2 : RREP; 7. V 2 → V 1 : RREP; 8. V 1 → S : RREP;

18 SRP-QoS Operation (cont’d)  RREP processing  If V i is T’s predecessor, check  V i checks if, where is the aggregate of the links metric values reported in the RREP for links (V k,V k+1 ), k<i

19 SRP-QoS Properties  Metric types ,  If, can be written as where

20 SRP-QoS Properties (cont’d)  Metric types ,

21 SRP-QoS Properties (cont’d)

22 Conclusions  Wireless ad hoc networking domains are a double-edged sword  SRP-QoS enables a general QoS-based route selection even in the presence of adversaries  More information: papadp@vt.edu

Download ppt "Safeguarding Wireless Service Access Panos Papadimitratos Electrical and Computer Engineering Virginia Tech."

Similar presentations

Chris Karlof and David Wagner

Chris Karlof and David Wagner
1 A Review of Current Routing Protocols for Ad-Hoc Mobile Wireless Networks By Lei Chen.

1 A Review of Current Routing Protocols for Ad-Hoc Mobile Wireless Networks By Lei Chen.
Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,

Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,
1 Intrusion Monitoring of Malicious Routing Behavior Poornima Balasubramanyam Karl Levitt Computer Security Laboratory Department of Computer Science UCDavis.

1 Intrusion Monitoring of Malicious Routing Behavior Poornima Balasubramanyam Karl Levitt Computer Security Laboratory Department of Computer Science UCDavis.
BY PAYEL BANDYOPADYAY WHAT AM I GOING TO DEAL ABOUT? WHAT IS AN AD-HOC NETWORK? That doesn't depend on any infrastructure (eg. Access points, routers)

BY PAYEL BANDYOPADYAY WHAT AM I GOING TO DEAL ABOUT? WHAT IS AN AD-HOC NETWORK? That doesn't depend on any infrastructure (eg. Access points, routers)
TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.

TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.
A Survey of Secure Wireless Ad Hoc Routing

A Survey of Secure Wireless Ad Hoc Routing
Mitigating Routing Misbehavior in Mobile Ad Hoc Networks By Sergio Marti, T.J. Giuli, Kevin Lai, & Mary Baker Department of Computer Science Stanford University.

Mitigating Routing Misbehavior in Mobile Ad Hoc Networks By Sergio Marti, T.J. Giuli, Kevin Lai, & Mary Baker Department of Computer Science Stanford University.
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
Ranveer Chandra , Kenneth P. Birman Department of Computer Science

Ranveer Chandra , Kenneth P. Birman Department of Computer Science
MANETs Routing Dr. Raad S. Al-Qassas Department of Computer Science PSUT

MANETs Routing Dr. Raad S. Al-Qassas Department of Computer Science PSUT
Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.

Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.
1 Spring Semester 2007, Dept. of Computer Science, Technion Internet Networking recitation #4 Mobile Ad-Hoc Networks AODV Routing.

1 Spring Semester 2007, Dept. of Computer Science, Technion Internet Networking recitation #4 Mobile Ad-Hoc Networks AODV Routing.
Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.

Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.
Securing Vehicular Commuinications – Assumptions, Requirements, and Principles P. Papadimitratos, EPFL, Lausanne, Switzerland V. Gligor, University of.

Securing Vehicular Commuinications – Assumptions, Requirements, and Principles P. Papadimitratos, EPFL, Lausanne, Switzerland V. Gligor, University of.
Secure Data Communication in Mobile Ad Hoc Networks Authors: Panagiotis Papadimitratos and Zygmunt J Haas Presented by Sarah Casey Authors: Panagiotis.

Secure Data Communication in Mobile Ad Hoc Networks Authors: Panagiotis Papadimitratos and Zygmunt J Haas Presented by Sarah Casey Authors: Panagiotis.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.

SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
CS541 Advanced Networking 1 Dynamic Channel Assignment and Routing in Multi-Radio Wireless Mesh Networks Neil Tang 3/10/2009.

CS541 Advanced Networking 1 Dynamic Channel Assignment and Routing in Multi-Radio Wireless Mesh Networks Neil Tang 3/10/2009.

Similar presentations

Ads by Google