Security and Misbehavior Handling in Wireless Ad Hoc NetworksNotesOutlineMobile Ad Hoc Networks (MANET)Mobile Ad Hoc NetworksSlide 6Slide 7Why Ad Hoc Networks ?Many ApplicationsMany VariationsSlide 11Slide 12ChallengesHidden Terminal ProblemResearch on Mobile Ad Hoc NetworksThe Holy GrailSlide 17Unicast Routing in Mobile Ad Hoc NetworksWhy is Routing in MANET different ?Unicast Routing ProtocolsRouting ProtocolsTrade-OffReactive Routing ProtocolsSlide 24Flooding for Data DeliverySlide 26Slide 27Slide 28Slide 29Slide 30Slide 31Slide 32Slide 33Flooding for Data Delivery: AdvantagesFlooding for Data Delivery: DisadvantagesFlooding of Control PacketsDynamic Source Routing (DSR) [Johnson96]Route Discovery in DSRSlide 39Slide 40Slide 41Slide 42Slide 43Slide 44Route Reply in DSRSlide 46Dynamic Source Routing (DSR)Data Delivery in DSRWhen to Perform a Route DiscoveryRoute Error (RERR)Slide 51Slide 52Medium Access Control ProtocolsMedium Access ControlMAC: A Simple ClassificationSlide 56MACA Solution for Hidden Terminal Problem [Karn90]ReliabilityA Simple Solution to Improve ReliabilityIEEE 802.11 Wireless MACIEEE 802.11 DCFCollision AvoidanceIEEE 802.11Slide 64Slide 65Slide 66Slide 67Slide 68Slide 69Backoff IntervalIEEE 802.11 DCF ExampleBackoff IntervalSlide 73Binary Exponential Backoff in DCFSecurity and MisbehaviorIssuesTransport Layer (End-to-End Communication)Network LayerMAC LayerScope of this TutorialSlide 81Key ManagementSlide 83Certification AuthorityDistributed Certification Authority [Zhou99]Slide 86Self-Organized Public Key Management [Capkun03]Slide 88Self-Organized Public Key ManagementSlide 90Slide 91TESLA Broadcast Authentication [Perrig]TESLASlide 94Slide 95Slide 96Slide 97Slide 98Secure CommunicationSlide 100Slide 101Traffic AnalysisMix Nodes [Chaum]Mix NodesSlide 105Slide 106Slide 107Slide 108Alternative Mix NodesMix Node SelectionTraffic Mode DetectionSlide 112Slide 113Slide 114Slide 115Slide 116Slide 117Slide 118Misbehavior at the MAC LayerMAC Layer MisbehaviorExampleSome Possible MisbehaviorsPossible Misbehaviors: “Impatient” Transmitters“Impatient” TransmittersImpatient TransmittersGoals [Kyasanur03]Potential ApproachesPassive Observation [Kyasanur03] (Conceptually Simplest Solution)Passive ObservationSlide 130Slide 131Slide 132Slide 133Potential Solution: Use long-term statistics [Kyasanur]An Alternative ApproachSlide 136Modifications to 802.11Protocol stepsSlide 139Detecting deviationsPenalizing MisbehaviorPenalty Scheme issuesDiagnosing MisbehaviorSummary of Performance ResultsVariations – Multiple ObserversOther ApproachesMAC Selfishness: Game-Theoretic ApproachMAC: SelfishnessIncentive-Based Mechanisms [Zhong02]Slide 150Network Layer MisbehaviorSlide 152Drop/Corrupt/MisrouteWatchdog Approach [Marti]Slide 155Watchdog Approach: Buffering & Failure DetectionImpact of CollisionsReliability of Reception Not KnownChannel Variations May Cause False DetectionMalicious ReportingCollusionMisdirection of PacketsDirectional TransmissionsWatchdog + Pathrater [Marti]Watchdog: SummaryHosts Bearing Grudges: CONFIDANT Protocol [Buchegger]Hosts Bearing GrudgesHosts Bearing Grudges: IssuesHosts Bearing Grudges: SummaryExploiting Path Redundancy [Xue04]Exploiting Path RedundancySlide 172Best-Effort Fault Tolerant Routing (BFTR) – Modified DSR [Xue04]BFTR: IssuesInformation Dispersal [Rabin89]Information DispersalSlide 177Information Dispersal to Tolerate Misbehavior [Papadimitratos03]Route Tampering AttackNode InsertionNode DeletionSlide 182Ariadne [Hu]: Detecting Route TamperingSlide 184AriadneSlide 186Slide 187Ariadne: IssuesWormhole Attack [Hu]Slide 190Slide 191Slide 192Slide 193Wormhole Attack: IssuesSlide 195Slide 196Slide 197Timing IssueDetected AttackOther Detection Mechanisms: Geographical LeashesGeographical Leashes [Hu]Temporal LeashesWormhole Attack: SummarySlide 204Anomaly DetectionSlide 206Anomaly Detection in Ad Hoc Networks [Zhang00]Slide 208ConclusionsConclusionSlide 211Some Relevant Conferences/WorkshopsThanks!ReferencesSlide 215Slide 216Slide 2171Security and Misbehavior Handling inWireless Ad Hoc NetworksNitin H. VaidyaUniversity of Illinois at [email protected]://www.crhc.uiuc.edu/~nhv© 2005 Nitin Vaidya2NotesCoverage not exhaustive. Only a few example schemes discussedOnly selected features of various schemes are typically discussed. Not possible to cover all details in this tutorialSome protocol specs have changed over time, and the slides may not reflect the most current specificationsJargon used to discuss a scheme may occasionally differ from that used in the original papersNames in brackets, as in [Xyz00], refer to a document in the list of referencesAbbreviation MAC used to mean either Medium Access Control or Message Authentication Code – implied meaning should be clear from context3OutlineIntroduction to ad hoc networksSelected routing and MAC protocols Key management in wireless ad hoc networks Secure communication in ad hoc networks Misbehavior at the MAC layer Misbehavior at the network layer Anomaly detection4Mobile Ad Hoc Networks (MANET)5Mobile Ad Hoc NetworksFormed by wireless hosts which may be mobileWithout (necessarily) using a pre-existing infrastructureRoutes between nodes may potentially contain multiple hops6Mobile Ad Hoc NetworksMay need to traverse multiple links to reach a destinationABC D7Mobile Ad Hoc Networks (MANET)Mobility causes route changesABC D8Why Ad Hoc Networks ?Ease of deploymentSpeed of deploymentDecreased dependence on infrastructure9Many ApplicationsPersonal area networkingcell phone, laptop, ear phone, wrist watchMilitary environmentssoldiers, tanks, planesCivilian environmentstaxi cab networkmeeting roomssports stadiumsboats, small aircraftEmergency operationssearch-and-rescuepolicing and fire fighting10Many VariationsFully Symmetric Environmentall nodes have identical capabilities and responsibilitiesAsymmetric Capabilitiestransmission ranges and radios may differ battery life at different nodes may differprocessing capacity may be different at different nodesspeed of movementAsymmetric Responsibilitiesonly some nodes may route packets some nodes may act as leaders of nearby nodes (e.g., cluster head)11Many VariationsTraffic characteristics may differ in different ad hoc networksbit ratetimeliness constraintsreliability requirementsunicast /