1. Security of Routing Protocols in Ad Hoc Wireless Networks presented by Reza Curtmola 600.647 – Advanced Topics in Wireless Networks

2. Our focus: MANETs Multi-hop routing: unicast multicast infrastructure access

3. Multi-hop routing: unicast multicast infrastructure access

4. Internet Multi-hop routing: unicast multicast infrastructure access

5. Security of Ad Hoc Wireless Networks Security is essential because: –Lack of physical security makes devices susceptible to theft –All nodes participate in routing, must rely on untrusted nodes –Lack of security leads to degradation of service because medium is shared Difficult to provide because: –Collaborative nature –Less-robust and shared medium –Requires solution for internal adversaries

6. More Basics Transmission range is usually smaller than network span Need for multi-hop routing All nodes can potentially participate in the routing protocol

7. Security concerns Must define adversarial model Effect on network operation –Passive attacks –Active attacks Attackers are authorized to participate in the network operation –Outside attacks –Inside attacks

8. Outside Attacks Attackers do not posses credentials Include: –packet injection –packet modification –impersonation In general preventable using standard cryptographic mechanisms that ensure authentication and data integrity

9. Inside (Byzantine) Attacks Byzantine behavior: Arbitrary action by an authenticated node resulting in disruption of the routing service All nodes participate in routing Authentication and data integrity mechanisms do not provide any guarantees Different than the “selfish node” problem Trivia Byzantine = devious “The History of the Decline and Fall of the Roman Empire”, by Edward Gibbon

10. Attacks against routing Black Hole Attack Flood Rushing Attack Wormhole Attack Overlay Network Attack (super-wormhole) Adversaries can act individually or can collude Traditional & Byzantine

11. Other Attacks Traffic analysis Sybil attacks –A malicious node illegitimately claims multiple identities Node replication –Adversary captures, replicates and inserts duplicated nodes –Difficult to detect without centralized monitoring

12. Routing protocols Routing = act of moving information from source to destination Types of routing protocols –Pro-active – continuously learn network topology routes are available immediately  high updating cost for dynamic topology examples: RIP, OSPF, DSDV, OLSR –Reactive – establish routes when needed less control traffic  additional delay, involve flooding examples: AODV, DSR

13. On-Demand Routing Protocols Route Discovery phase –Based on flooding –RouteRequest – usually flooded –RouteReply – flooded or unicast Route Maintenance Phase S D Ad Hoc Network Req Rep Req Rep

14. Black Hole Attack Adversary selectively drops only data packets, but still participates in the routing protocol correctly The damage is directly related to the likelihood of an adversary being selected as part of the route

15. Black Hole Attack Mitigation Watchdog and Pathrater (S. Marti, T. Giuli, K. Lai, M. Baker, “Mitigating routing misbehavior in mobile ad hoc networks”, MobiCom 2000) A node can overhear its neighboring nodes forwarding packets to other destinations Watchdog and Pathrater Local monitoring can detect: –Packet forge: An outgoing packet that has no corresponding incoming packet –Packet modification: Difference between the incoming and outgoing packet fields –Intentional packet delay: A packet was forwarded after a threshold time instead of immediately –Packet drop: Packets were not forwarded within a maximum acceptable timeout threshold

16. Black Hole Attack Mitigation Watchdog and Pathrater What can go wrong? Missed detection: A malicious event goes undetected at guard G because: –A collision occurs at G when the malicious node S transmits False detection: A normal event is classified by a guard G as a malicious event because: –A collision occurs at G when the sender S transmits a packet –A collision occurs at G when the monitored node D forwards the packet Does not work when power control and multi-rate are used Also vulnerable to attacks from two consecutive colluding adversaries G SD

17. Black Hole Attack Mitigation Secure Data Transmission (SDT) (P. Papadimitratos, Z. Haas, “Secure data transmission in mobile ad hoc networks”, WiSe 2003) Uses end-to-end acknowledgements from DST Disseminates a packet across several node-disjoint paths Good for well connected networks Bad for sparsely connected networks Protection of node-disjoint path discovery is not fully achieved against colluding adversaries Also vulnerable to flood rushing attacks

18. Flood Rushing Attack Majority of on-demand routing protocols use flooding for route discovery Attack takes advantage of the flood suppression mechanism Adversary “rushes” packets through the network, propagating its flood faster than the legitimate flood

19. Flood Rushing Attack Attacker disseminates RREQ, RREP quickly throughout the network suppressing any later legitimate RREQ, RREP –By avoiding the delays that are part of the design of both routing and MAC (802.11b) protocols –By sending at a higher wireless transmission level –By using a wormhole to rush the packets ahead of the normal flow Result: an attacker gets selected on many paths, or no path is established Why is the attack possible: flood suppressing mechanism

20. Flood Rushing Attack Mitigation Rushing Attack Prevention (RAP) (Y.-C. Hu, A. Perrig, D.B. Johnson, “Rushing Attacks and defense in wireless ad hoc network routing protocols”, WiSe 2003) Wait to receive up to k requests (flood re-broadcasts) Randomly selects one to forward Random selection reduces advantage gained by reaching a node first Disadvantages: –Secure neighbor discovery and secure route delegation => multiple rounds of communication => a lot of overhead –Is ineffective if the adversary has compromised k or more nodes

21. Byzantine Wormhole Attack Source Destination Adv1 Adv2 wormhole Attacker (or colluding attackers) records a packet at one location in the network, tunnels the packet to another location, and replays it there. End-points of the virtual link can not be trusted Result: Allows an adversary to get selected on many paths

22. Two types of wormhole Source Destination Adv1 Adv2 wormhole Traditional wormhole: adversaries are outside attackers (non-authenticated) –honest nodes believe there is a direct link between them Byzantine wormhole: adversaries are inside attackers (authenticated) –wormhole link exists between compromised nodes

23. Wormhole Attack Mitigation Packet Leashes (Y.-C. Hu, A. Perrig, D.B. Johnson, “Packet Leashes: A defense against wormhole attacks in wireless ad hoc networks”, Infocom 2003) Prevents wormhole creation by limiting the transmission distance of a link –A temporal leash (extremely tight time synchronization) –A geographical leash (location information) May require additional hardware (very accurate clocks or GPS receivers), but is effective against traditional wormholes Ineffective against Byzantine wormholes

24. Wormhole Attack Mitigation Directional Antenna (L. Hu, D. Evans, “Using directional antennas to prevent wormhole attacks”, NDSS 2004) Uses the angle of arrival information available when using directional antennas Takes advantage of topology distortion that occurs when nodes communicate through a wormhole To verify a link between two nodes, a third node is required Disadvantage: in low density networks, the number of available links is reduced Ineffective against Byzantine wormholes

25. Super-Wormhole a more general (and stronger) variant of the wormhole attack several adversaries collude and form an overlay of Byzantine wormholes for n adversaries, it is equivalent to n 2 wormholes

26. Related Work [Perlman – ’88]: Byzantine robustness for Link State routing protocol in wired networks) Blackhole:[Marti, Giuli, Lai, Baker - ‘00] [Papadimitratos, Haas - ’03] Authentication and integrity:[Zhou, Haas – ’99] [Hubaux, Buttyan, Capkun – ’01] [Dahill, Levine, Shields, Royer – ’02] [Hu, Perrig, Johnson – ‘01, ’02] Flood rushing: [Hu, Perrig, Johnson – ‘03] Wormhole:[Hu, Perrig, Johnson – ’03] [Hu, Evans – ’04] NO PROTOCOL THAT CAN WITHSTAND ALL OF THE CONSIDERED BYZANTINE ATTACKS ODSBR fills this gap! (software-only solution)) [Awerbuch, Holmer, Nita-Rotaru, Rubens – Wise ’02 [Awerbuch, Curtmola, Holmer, Nita-Rotaru, Rubens – SecureComm ’05]