Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Science 1 Using Directional Antennas to Prevent Wormhole Attacks Presented by: Juan Du Nov 16, 2005.

Published byErnest Dean Modified over 9 years ago

Similar presentations

Presentation on theme: "Computer Science 1 Using Directional Antennas to Prevent Wormhole Attacks Presented by: Juan Du Nov 16, 2005."— Presentation transcript:

1 Computer Science 1 Using Directional Antennas to Prevent Wormhole Attacks Presented by: Juan Du Nov 16, 2005

2 Computer Science 2 Outline Wormhole attacks Related works Three neighbor discovery protocols –Directional Neighbor Discovery –Verified Neighbor Discovery –Strict Neighbor Discovery Conclusion and future work

3 Computer Science 3 Wormhole Attacks A, B, C: nodes in wireless networks X, Y: transceivers connected by a high quality, low-latency link Attacker replays packets received by X at Y, and vice versa Makes A and B believe they are neighbors Selectively drop data messages to disrupt communications

4 Computer Science 4 Wormhole Impact Cost –Limited resources needed –No cryptographic material needed Damage to routing –Impact beyond the endpoints’ neighborhoods! –Endpoints placed strategically Worst case: disrupts nearly all network routes

5 Computer Science 5 Related Works Secure routing protocols such as SRP, SEAD, Ariadne, ARRIVE, … –Still vulnerable to wormhole attacks Location based routing protocols –Have the potential –Have drawbacks Localization systems become attack target Need synchronized clocks and precise location knowledge

6 Computer Science 6 Protocol Idea Wormhole attack depends on a node that is not nearby convincing another node it is Solution: –Verify neighbors are really neighbors –Only accept messages from verified neighbors

7 Computer Science 7 The Technique: Directional Antennas Divide transmission range into N zones clockwise starting with zone 1 facing east. All nodes have the same orientation. A node can get approximate direction information based on received signals

8 Computer Science 8 Notations A, B, C... Legitimate nodes X, Y Wormhole endpoints R Nonce E KAB (M) Message encrypted by key shared between nodes A and B zone The directional element, which ranges from 1–6 as shown in figure ^zone The opposite directional element. For example, if zone=1 then ^zone=4. zone (A, B) Zone in which node A hears node B neighbors (A, zone) Nodes within one (directional distance) hop in direction zone of node A.

9 Computer Science 9 Directional Neighbor Discovery 1. A  RegionHELLO | ID A Sent in every direction 2. N  AID N | E KNA (ID A | R | zone (N, A)) Sent in zone (N, A) 3. A  NR Checks zone is opposite, sent in zone (A, N) A N 1 23 4 56

10 Computer Science 10 Directional Neighbor Discovery (Cont.) The protocol itself is vulnerable to wormhole attacks Attack’s effectiveness is reduced –Only node pairs that are in opposite directions relative to the wormhole in each region will accept each other as neighbors (e.g. A and C) –How about A and B?

11 Computer Science 11 Verified Neighbor Discovery Observation: Cooperate! –Wormhole can only trick nodes in particular locations –Verify neighbors using other nodes –Need receive confirmation from a verifier node before accepting a new neighbor –Need prevent verifiers from acting through the wormhole A valid verifier V for the link A B must satisfy: –zone (B, A) ≠ zone (B, V) B hears V in a different zone from node A –zone (B, A) ≠ zone (V, A) B and V hear node A from different directions

12 Computer Science 12 Verified Neighbor Discovery (Cont.) 1. A  Region HELLO | ID A 2. N  A ID N | E KNA (ID A | R | zone (N, A)) 3. A  N R 4. N  Region INQUIRY | ID N | ID A | zone (N, A) Sent in directions except zone (N, A) and ^zone (N, A) 5. V  N ID V | E KNV (ID A | zone (V, N)) V satisfies verifier properties and completed 1-3 6. N  A ID N | E KAN (ID A | ACCEPT) N must receive at least one verifier response Same as before

13 Computer Science 13 Effect of Verified Neighbor Discovery D as the verifier –zone (D, A) = 3‚ zone (A, D) = 1 –wormhole cannot convince D and A to accept each other as neighbors –B will not be able to verify A as a neighbor through D Secure against wormhole attacks that involve two distant endpoints

14 Computer Science 14 Strict Neighbor Discovery Worawannotai attack –B and A are unable to communicate directly, but close enough to have a verifier that can hear both A and B

15 Computer Science 15 Analysis Advantage –Low overhead –Directional antennas Energy conservative Better spatial reuse of bandwidth Disadvantage –May prevent legitimate links from being established because of no potential verifier node –For network density of 10 neighbors, less than 0.5% (or 40%) of links are lost and no (or 0.03%) nodes are disconnected in verified (or strict) neighbor discovery protocol

16 Computer Science 16 Conclusion and Future Work Conclusion –Wormhole attacks are a powerful attack which depend on a node misrepresenting its location –Directional antennas offer a promising approach Future work –Multiple wormhole endpoint attacks –Robustness

17 Computer Science 17 Questions? Thank you!

Download ppt "Computer Science 1 Using Directional Antennas to Prevent Wormhole Attacks Presented by: Juan Du Nov 16, 2005."

Similar presentations

Chris Karlof and David Wagner

Chris Karlof and David Wagner
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Secure Location Verification with Hidden and Mobile Base Stations -TMC Apr, 2008 Srdjan Capkun, Kasper Bonne Rasmussen, Mario Cagalj, Mani Srivastava.

Secure Location Verification with Hidden and Mobile Base Stations -TMC Apr, 2008 Srdjan Capkun, Kasper Bonne Rasmussen, Mario Cagalj, Mani Srivastava.
Wide Area Wi-Fi Sam Bhoot. Wide Area Wi-Fi  Definition: Wi-Fi (Wireless Fidelity) n. – popular term for high frequency wireless local area networks operating.

Wide Area Wi-Fi Sam Bhoot. Wide Area Wi-Fi  Definition: Wi-Fi (Wireless Fidelity) n. – popular term for high frequency wireless local area networks operating.
Collaborative Attacks on Routing Protocols in Ad hoc Networks Neelima Gupta University of Delhi India.

Collaborative Attacks on Routing Protocols in Ad hoc Networks Neelima Gupta University of Delhi India.
A Survey of Secure Wireless Ad Hoc Routing

A Survey of Secure Wireless Ad Hoc Routing
Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks Mingyan Li, Iordanis Koutsopoulos, Radha Poovendran (InfoComm ’07) Presented.

Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks Mingyan Li, Iordanis Koutsopoulos, Radha Poovendran (InfoComm ’07) Presented.
Geo – Routing in ad hoc nets References: Brad Karp and H.T. Kung “GPSR: Greedy Perimeter Stateless Routing for Wireless Networks”, Mobicom 2000 M. Zorzi,

Geo – Routing in ad hoc nets References: Brad Karp and H.T. Kung “GPSR: Greedy Perimeter Stateless Routing for Wireless Networks”, Mobicom 2000 M. Zorzi,
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
Ranveer Chandra , Kenneth P. Birman Department of Computer Science

Ranveer Chandra , Kenneth P. Birman Department of Computer Science
Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL 6788 11.

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL
Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.

Introduction to Sensor Networks Rabie A. Ramadan, PhD Cairo University 4.
Using Directional Antennas to Prevent Wormhole Attacks Lingxuan Hu, David Evans Jason Buckingham CSCI 7143: Secure Sensor Networks November 2, 2004.

Using Directional Antennas to Prevent Wormhole Attacks Lingxuan Hu, David Evans Jason Buckingham CSCI 7143: Secure Sensor Networks November 2, 2004.
Secure Data Communication in Mobile Ad Hoc Networks Authors: Panagiotis Papadimitratos and Zygmunt J Haas Presented by Sarah Casey Authors: Panagiotis.

Secure Data Communication in Mobile Ad Hoc Networks Authors: Panagiotis Papadimitratos and Zygmunt J Haas Presented by Sarah Casey Authors: Panagiotis.
Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.

Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.
SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.

SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.
Challenge: Securing Routing Protocols Adrian Perrig

Challenge: Securing Routing Protocols Adrian Perrig
Security & Efficiency in Ad- Hoc Routing Protocol with emphasis on Distance Vector and Link State. Ayo Fakolujo Wichita State University.

Security & Efficiency in Ad- Hoc Routing Protocol with emphasis on Distance Vector and Link State. Ayo Fakolujo Wichita State University.
© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 6: Securing neighbor discovery.

© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 6: Securing neighbor discovery.

Similar presentations

Ads by Google