Post on 22-Jan-2016
description
transcript
Security in Mobile Ad Hoc Security in Mobile Ad Hoc Networks Networks
(MANETs)(MANETs)
Group :►NS. Farid Zafar Sheikh
►NS. Muhammad Zulkifl Khalid
►NS. Muhammad Ali Akbar
►NS. Wasif Mehmood Awan
Department Of Electrical Engg. College Of E&ME (NUST) ,Rwp.
INTRODUCTIONINTRODUCTION
MMobile obile AAdhoc dhoc NETNETwork (MANETs)work (MANETs) AAdhoc dhoc OOn-demand n-demand DDistance istance VVector ector
(AODV)(AODV) Security Threats to existing protocolsSecurity Threats to existing protocols SSecure – ecure – AODVAODV (SAODV) (SAODV) Security analysis Security analysis ConclusionConclusion
MANETsMANETs
One of the most prevalent areas of One of the most prevalent areas of research in the recent years research in the recent years
Communication via wireless means Communication via wireless means without need of infrastructurewithout need of infrastructure
Nodes can perform the roles of both Nodes can perform the roles of both hosts and routers hosts and routers
No centralized controller and No centralized controller and infrastructureinfrastructure
Dynamic network topologyDynamic network topology
Advantages Of MANETsAdvantages Of MANETs
Can access information and services Can access information and services regardless of geographic positionregardless of geographic position
Can set up computer networks at any Can set up computer networks at any place and time place and time
No need of dedicated infrastructure, No need of dedicated infrastructure, hence cost-effective.hence cost-effective.
Can cope with Dynamic Topologies.Can cope with Dynamic Topologies. With improved algorithms, becoming With improved algorithms, becoming
more scalable.more scalable.
Disadvantages Of MANETsDisadvantages Of MANETs
Limited resourcesLimited resources Limited physical securityLimited physical security Limited Bandwidth, high error rateLimited Bandwidth, high error rate Mutual trust vulnerable to attacksMutual trust vulnerable to attacks Security protocols for wired networks Security protocols for wired networks
cannot work well for ad hoc networkscannot work well for ad hoc networks
MANETsMANETs
Classification based on routing table Classification based on routing table maintenance.maintenance.Table Driven : Also called Proactive Table Driven : Also called Proactive
routing protocols. Maintain routes with routing protocols. Maintain routes with every host at all time.every host at all time.
On-Demand : Also called Reactive On-Demand : Also called Reactive routing protocols. Create routes to routing protocols. Create routes to remote hosts on-demand.remote hosts on-demand.
MANETsMANETs Available ad hoc routing protocolsAvailable ad hoc routing protocols
Proactive (table driven) approachesProactive (table driven) approaches DSDV (Destination Sequenced Distance DSDV (Destination Sequenced Distance
Vector)Vector) OLSR (Optimized Link State Routing)OLSR (Optimized Link State Routing)
Reactive (on demand) approachesReactive (on demand) approaches DSRDSR (Dynamic Source Routing) (Dynamic Source Routing) AODVAODV (Ad-hoc On-demand Distance Vector) (Ad-hoc On-demand Distance Vector)
Ad hoc On-demand Distance Ad hoc On-demand Distance Vector (AODV)Vector (AODV)
Uses routing tables, with one route Uses routing tables, with one route entry per destination entry per destination Each entry stores next hop towards Each entry stores next hop towards
destinationdestination
AODVAODVRoute Discovery ProcessRoute Discovery Process
Broadcasting route request (RREQ) packets Broadcasting route request (RREQ) packets Each RREQ is uniquely identified by the Each RREQ is uniquely identified by the
sender address, destination address and sender address, destination address and request idrequest id
If the node is either the destination node or If the node is either the destination node or has a route to the destination nodehas a route to the destination node Returns a route reply (RREP) containing the Returns a route reply (RREP) containing the
route, to senderroute, to sender
AODV AODV Route Discovery ProcessRoute Discovery Process
5
1
4
2
3
6
7
8
Source
Destination
Propagation of a Route Request (RREQ) Packet
AODVAODVRoute Discovery ProcessRoute Discovery Process
5
1
4
2
3
6
7
8
Source
Destination
Path Taken By the Route Reply (RREP) Packet
AODVAODVRoute Discovery ProcessRoute Discovery Process
Maintaining “fresh-enough” routesMaintaining “fresh-enough” routesUses sequence numbers Uses sequence numbers Node compares the destination Node compares the destination
sequence number of the RREQ with that sequence number of the RREQ with that of its route table entryof its route table entry
Either responds with its own route if Either responds with its own route if entry is fresh, or rebroadcasts the RREQ entry is fresh, or rebroadcasts the RREQ to its neighborsto its neighbors
AODVAODVRoute Discovery ProcessRoute Discovery Process
Loop preventionLoop preventionBefore forwarding route request, check Before forwarding route request, check
broadcast_id of RREQbroadcast_id of RREQDropped those that were already Dropped those that were already
processedprocessedRouting table consists of ‘precursor’ & Routing table consists of ‘precursor’ &
‘outgoing’ lists‘outgoing’ lists Precursor list of nodes that use node for Precursor list of nodes that use node for
forwarding packetsforwarding packets Outgoing list of nodes which act asOutgoing list of nodes which act as ‘next ‘next
hops’ in a routehops’ in a route
AODVAODVRoute MaintenanceRoute Maintenance
A routing table entry is “expired” if it is not A routing table entry is “expired” if it is not used recently.used recently.
A set of predecessor nodes is maintained A set of predecessor nodes is maintained per routing table entryper routing table entry
These nodes are notified with a RERR if These nodes are notified with a RERR if entry expiresentry expires
If a link break occurs while the route is If a link break occurs while the route is active, the node upstream of the break active, the node upstream of the break propagates a RERR message to the source propagates a RERR message to the source nodenode
Attacks Possible On Attacks Possible On Existing ProtocolsExisting Protocols
Attacks using modification Attacks using modification Attacks using impersonation Attacks using impersonation Other forms of attacks Other forms of attacks
Attacks Using ModificationAttacks Using Modification
Cause redirection of network traffic Cause redirection of network traffic and Denial of Service (DoS) attacks and Denial of Service (DoS) attacks by by Altering the protocol fields in routing Altering the protocol fields in routing
messages messages Injecting routing messages into the Injecting routing messages into the
network with falsified values in these network with falsified values in these fields. fields.
Sn = 99
Sn = 10Sn = 99
Redirection with modified route sequence numbers
A B X
M
Source Destination
RREQARREQB
RREQB
Attacks using ModificationAttacks using Modification
Source Destination
Hop count = 0
Hop count = 0
Hop count = 2
Redirection with modified hop counts
A B X
M
Source Destination
RREQA RREQB
RREQB
Attacks using ModificationAttacks using Modification
A
M D
C XSource Destination
<M,C,D,X> <M,C,X>
Denial of service with modified source routes
RERR
RERR
Attacks using ModificationAttacks using Modification
Attacks Using ImpersonationAttacks Using Impersonation
By impersonating another node By impersonating another node (spoofing), a malicious node can (spoofing), a malicious node can launch many attacks in a network launch many attacks in a network
Traffic belonging to impersonated Traffic belonging to impersonated node redirected to malicious node node redirected to malicious node (eavesdropping). (eavesdropping).
Spoofing is readily combined with Spoofing is readily combined with modification attacks to create loops modification attacks to create loops in routesin routes
Attacks Using ImpersonationAttacks Using Impersonation
Malicious nodes don’t need to Malicious nodes don’t need to impersonate a single node of impersonate a single node of networknetwork
It can take up identity of multiple It can take up identity of multiple nodes of a network (Sybil Attack)nodes of a network (Sybil Attack)
Data belonging to multiple nodes can Data belonging to multiple nodes can be compromisedbe compromised
Attacks Using ImpersonationAttacks Using Impersonation
By generating false RERR messagesBy generating false RERR messages Routes passing through targeted Routes passing through targeted
node would be disruptednode would be disrupted
I am C!!I am C!!
A
B D
C XSource Destination
MRERR: D is broken
RERR: D is broken
Routing entries for X
Routing entries for X
Falsifying route error messages in AODV and DSR
Attacks using ImpersonationAttacks using Impersonation
Other Forms of AttacksOther Forms of Attacks
Wormhole attackWormhole attack Two attacker nodes A and BTwo attacker nodes A and B linkedlinked via a via a
private network connectionprivate network connection AA forwards every packet received forwards every packet received
through the wormhole to Bthrough the wormhole to B for for broadcasting, and converselybroadcasting, and conversely
Potentially disrupts routing by short Potentially disrupts routing by short circuiting the normal flow of routing circuiting the normal flow of routing packetspackets
SAODVSAODV
An extension of the AODV routing An extension of the AODV routing protocol protocol
Providing security features like integrity Providing security features like integrity and authentication.and authentication.
Each node has a signature key pair from a Each node has a signature key pair from a suitable asymmetric cryptosystem suitable asymmetric cryptosystem (OpenSSL)(OpenSSL)
Each node is capable of securely verifying Each node is capable of securely verifying the association between the address of a the association between the address of a given ad hoc node and the public key of given ad hoc node and the public key of that nodethat node
SAODVSAODVDigital SignaturesDigital Signatures
Used to protect the integrity of the non Used to protect the integrity of the non mutable data in RREQ and RREP messagesmutable data in RREQ and RREP messages
Sign everything but the Hop Count Sign everything but the Hop Count (mutable) of the AODV message and the (mutable) of the AODV message and the Hash from the SAODV extensionHash from the SAODV extension
When a node receives a routing message, When a node receives a routing message, it will verify the signature before any other it will verify the signature before any other actionaction
SAODVSAODVHash ChainsHash Chains
Used to authenticate the hop count Used to authenticate the hop count of RREQ and RREP messages of RREQ and RREP messages
Ensures that the hop count has not Ensures that the hop count has not been altered by an attackerbeen altered by an attacker
Is formed by applying a one-way Is formed by applying a one-way hash function repeatedly to a seed hash function repeatedly to a seed
SAODVSAODVHash ChainsHash Chains
Calculating Top hashCalculating Top hash Generates a random number as the “seed”Generates a random number as the “seed” Set the Max_Hop_Count field in the message to Set the Max_Hop_Count field in the message to
the TTL value of the packet.the TTL value of the packet. Determine the Hash function and use it to Determine the Hash function and use it to
calculate the Top Hash which is obtained by calculate the Top Hash which is obtained by hashing the seed Max_Hop_Count times. hashing the seed Max_Hop_Count times.
Top Hash = hTop Hash = hMax Hop CountMax Hop Count (seed) (seed)Where:Where: – – h is a hash function.h is a hash function.
All this information is stored in the messageAll this information is stored in the message
RREQ / RREP ExtensionRREQ / RREP Extension
SAODVSAODVHash ChainsHash Chains
Verification of hop CountVerification of hop Count When a node receives a RREQ or a RREP messageWhen a node receives a RREQ or a RREP message
Applies the hash function Maximum Hop Count minus Applies the hash function Maximum Hop Count minus Hop Count times to the value in the Hash field,Hop Count times to the value in the Hash field,
Top Hash = hTop Hash = hMax Hop Count – Hop_CountMax Hop Count – Hop_Count (seed) (seed) Verifies that the resultant value is equal to the value Verifies that the resultant value is equal to the value
contained in the Top Hash field.contained in the Top Hash field. If it is a valid message,If it is a valid message,
The node applies the hash function to the Hash value The node applies the hash function to the Hash value before forwarding itbefore forwarding it
All the fields mentioned above except the Hash All the fields mentioned above except the Hash field are protected by digital signatures in order field are protected by digital signatures in order to protect their integrityto protect their integrity
SAODVSAODVRoute ErrorsRoute Errors
RERR corruption may cause route RERR corruption may cause route destructiondestruction
Every node uses digital signatures to Every node uses digital signatures to sign the whole message sign the whole message
Any neighbour that receives it Any neighbour that receives it verifies the signatureverifies the signature
Destination Sequence no. never Destination Sequence no. never updated from RERRupdated from RERR
SAODVSAODVSecurity AnalysisSecurity Analysis
The digital signature serves as proof The digital signature serves as proof of validity of the information of validity of the information contained in the routing message contained in the routing message
Thus, formation of loops by malicious Thus, formation of loops by malicious nodes through spoofing is prevented nodes through spoofing is prevented Able to detect that the malicious nodes Able to detect that the malicious nodes
are sending out false messages. are sending out false messages.
SAODVSAODVSecurity AnalysisSecurity Analysis
A node attempting to transmit false A node attempting to transmit false RERR messages will not succeedRERR messages will not succeedDigital signature will reveal that it is not Digital signature will reveal that it is not
on the route and hence is not supposed on the route and hence is not supposed to send a RERR.to send a RERR.
Sequence number in the RREQs and Sequence number in the RREQs and RREPs also protected by the digital RREPs also protected by the digital signature. signature. Any modifications to the sequence Any modifications to the sequence
number will invalidate the messagenumber will invalidate the message
SAODVSAODVSecurity AnalysisSecurity Analysis
The hop authentication implemented The hop authentication implemented using hash chains counters the using hash chains counters the ability of a malicious node for ability of a malicious node for mounting an attack by modifying the mounting an attack by modifying the hop counthop count
SAODVSAODVSecurity AnalysisSecurity Analysis
SAODV is able to handle all attacks SAODV is able to handle all attacks using either modification or using either modification or impersonation impersonation
However, it is unable to cope with However, it is unable to cope with wormhole attacks.wormhole attacks.
SAODVSAODVKey Management & DistributionKey Management & Distribution
One approach can be that nodes are One approach can be that nodes are assigned keys on boot-up by a assigned keys on boot-up by a central authoritycentral authority
Assumption is that:Assumption is that:key distribution is already donekey distribution is already doneEvery node has list of shared keys of Every node has list of shared keys of
networknetwork
ConclusionConclusion MANET’s are among the fastest evolving network designsMANET’s are among the fastest evolving network designs No need for infrastructure, hence installation costs are No need for infrastructure, hence installation costs are
minimum.minimum. Provided limited bandwidth and security threats are a BIG Provided limited bandwidth and security threats are a BIG
issue.issue. Security needs greater than for fixed topology networks Security needs greater than for fixed topology networks
due to ad hoc nature.due to ad hoc nature. Security features can be incorporated using various Security features can be incorporated using various
cryptographic schemescryptographic schemes Security increases packet overhead, further reducing Security increases packet overhead, further reducing
bandwidth.bandwidth. No protocol yet designed which exhibits complete security No protocol yet designed which exhibits complete security
features.features. Hence, secure routing on Mobile Adhoc Networks still in an Hence, secure routing on Mobile Adhoc Networks still in an
evolutionary phase. evolutionary phase.
We thank you for your patience!We thank you for your patience!
open for questions , if any…open for questions , if any…