Rushing Attacks and Defense

in Wireless Ad Hoc Network Routing Protocols

Yih-Chun Hu, Adrian Perrig, and David B. Johnson

Presenter: Sandeep Mapakshi

CS 6910-ACIS Project 6
Instructor: Prof. Leszek T. Lilien, Fall 2006
Department of Computer Science
Western Michigan University

Outline
On-Demand

Routing Protocols
Rushing Attacks
Rushing Attack Prevention
Evaluation
Conclusion

Introduction
Wireless

Ad hoc network

a collection of mobile computers (or nodes) cooperate

to forward packets
dynamic topology
self-organization

Introduction (cont.)
Routing

Transport Subsystem
Neighbor State Maintenance
Database Maintenance

Ad

protocol

hoc network routing protocols

Run in untrusted environments

Provide resilience against misconfigured nodes
4

Routing Protocols
Proactive

Table-Driven routing protocol

Reactive

routing protocol

routing protocol

Source-Initiated On-Demand routing protocol

Forward ROUTE REQUEST packets when needed

Comparison between Table-Driven

Routing and On-Demand Routing
Table-driven Routing On-demand Routing
Availability of
Routing information
Route updates
Routing overhead

Immediately from
Route Table

Periodic advertisements

Proportional to size of
network regardless of
network traffic

After Route discovery

When requested

Proportional to number of
communication nodes and
increase with increased node
mobility

On-Demand Route Discovery

B

A-B-D-G

A-B-D-G

A-B-D-G
A-B

A
source

A-B-D

Destination

A-C-E
A

A-C

H
A-C-E
A-C-E
F
7

The Rushing Attack

On-demand routing protocols use duplicate suppression at each node: first

ROUTE REQUEST that reaches a node is considered legitimate, next are
discarded (all have the same identifier, higher identifiers denote new
requests)

Attacker scatters RREQ quickly throughout the network suppressing any

later legitimate RREQ

Initiator will be unable to discover any usable routes containing at least

two hops

An effective denial-of-service attack

8

Why is the Attack Possible?

An attacker can send faster, by avoiding the delays that are part of the
design of both routing and MAC (802.11b) protocols.

Why Delay in ROUTE REQUEST forwarding ?

In a MAC protocols using time division
On-demand protocols generally specify a delay
Remove these delays at both the MAC and routing layers?
- more collisions

Attacker can send at a higher wireless transmission level

An attacker can take advantage of a wormhole, to create flood rushing

attacks, use the wormhole to rush the packets ahead of the normal flow
9

Rushing Attack

D
S

Slide courtesy: [2]

10

Rushing Attack Example

A sends a ROUTE REQUEST

11

Rushing Attack Example

A sends a ROUTE REQUEST
B forwards the REQUEST without checking the signature, or
otherwise
rushes the REQUEST

12

Rushing Attack Example

A sends a ROUTE REQUEST
B forwards the REQUEST without checking the signature, or otherwise
rushes the REQUEST
C correctly processes the REQUEST, and forwards it later as a result

13

Rushing Attack Example

A sends a ROUTE REQUEST
B forwards the REQUEST without checking the signature, or otherwise
rushes the REQUEST
C correctly processes the REQUEST, and forwards it later as a result
Since D has already heard a REQUEST from this discovery, D discards the
REQUEST

14

Rushing Attack Example

B rushes the REQUEST
C forwards it later
Since D has already heard a REQUEST from this discovery, D discards
the
REQUEST
A discovers a path through B because B rushed the REQUEST

15

Rushing Attack Example

Route discovery process under no attack
RouteBQuery

Route
A Query
Route Query

E
Route Reply

D
16

Rushing Attack Example

Route discovery process under attack
Attacker

Attacker

RouteBQuery

Route Reply
E

Route
A Query
Route Query

D
17

Wormhole Attack

Attacker records a packet at one location in the network,

tunnels the packet to another location.
Packets may be replayed from the far end of the wormhole.
Puts attacker in a powerful position.
Its a replay so authentication does not help

Applications of the Wormhole Attack

Denial-of-Service
Routing Disruptions
Unauthorized Access
18

Routing Tree

Adapted from Chris Karlof

and David Wagner's
WSNPA slides
19

Routing

Adapted from Chris Karlof

and David Wagner's
WSNPA slides
20

Wormhole Attack

Tunnel packets received in

one place of the network
and replay them in another
place

The attacker can have no

key material. All it requires
is two transceivers and one
high quality out-of-band
channel

Adapted from Chris Karlof

and David Wagner's
WSNPA slides
21

Disrupted Routing

Most packets will be routed

to the wormhole

The wormhole can drop

packets or selectively
forward packets to avoid
detection

Adapted from Chris Karlof

and David Wagner's
WSNPA slides
22

What Protocols Are Vulnerable?

On-demand unsecure (AODV, DSR) and secure (ARAN,

Ariadne, etc) protocols
Result: when under attack, the routing protocol will not be
able to discover paths longer than 2 hops

23

Network Assumption

Network links are bidirectional

Ignore unidirectional links

Ignore jamming attack

Requires additional hardware
Easier to detect

Disregard attacks on MAC protocol

MAC (Medium Access Control)
ALOHA and Slotted ALOHA

Medium-sized
50 500 nodes
Clustering
24

Security Assumptions And Key Setup

Fast authentication protocol

Instantly-verifiable broadcast authentication

Keys setup
Broadcast authentication key are distributed in
advance

Powerful attacker
Coordinated attacker
25

Secure Routing Requirements And Protocol

Secure Neighbor Detection

Secure route delegation
Randomized ROUTE REQUEST forwarding

yes

Single-Hop?

no

Gather n
REQUESTS;
Randomly
Choose 1

Secure Neighbor
Detection

Original Routing
Protocol

26

Secure Neighbor Detection

Neighbor Detection

Two nodes detect a bidirectional link between themselves

In Proactive routing protocol
In Reactive routing protocol

Requirements

Sender-receiver can check that the other is within the normal

communication range
Node needs to hear Neighbor Request

27

Secure Neighbor Detection

Three-round mutual authentication protocol

S broadcasts a Neighbor Request packet

R return a Neighbor Reply packet to S
S sends a Neighbor Verification to B

Short delay timing

Within a maximum communication range

sender
neighbor Request

receiver
broadcast
neighbor reply

neighbor verfication
28

Notation
A or B denote communicat ing nodes
A : R 0,1
denotes that node A randmoly selects an bit long nonce

A B : M, H A
means that node A sends B the message M and
the hash of A' s idnetifier concatenat ed with the nonce
A : M, M
means that node A broadcasts message M with its signature M
29

Secure Neighbor Detection (cont.)

S:

1 R

0,1

M1 Neighbor Solicitation, S,1

M1 Sign H M1

S :

R:

Nonces 1, 2

M1, M1

2 R

0,1

<M32,
,M >
<M
>
23

M 2 Neighbor Reply, S, R,1, 2

M2 Sign H M 2

R S:
S:

freshness

M 2 , M2

R1

<M1,M >
1

R2

M 3 Neighbor Verificat ion, S, R,1, 2

M3 Sign H M 3

S R:

M3 , M3

30

Secure Neighbor Detection (cont.)

Integration

with an On-Demand Protocol

A : REQUEST || Neighbor RequestA

BA:

Neighbor ReplyBA || Neighbor RequestB

AB:

Neighbor VerificationAB || Neighbor ReplyAB

B : REQUEST || Neighbor VerificationAB

|| Neighbor VerificationBA

31

Secure Route Delegation

Delegate neighbor to forward the Route Request packet

To verify that both nodes of each adjacent node pair indeed
believes to be a neighbor

A received ROUTE REQUESTSR || id

MA
MA
AB:

=<Route Delegation,A,B,S,R,id>
=Sign(H(MA))
<MA>

32

Randomized Message Forwarding

To minimize the chance that a rushing adversary can dominate all returned
routes

Randomized message forwarding

Collects a number of REQUESTs
Selects a REQUEST at random to forward

The number of REQUEST packets collected

The more the better?

The algorithm by which timeouts are chosen

Topology closer
Geographically closer
Randomly
33

Secure Route Discovery

To secure any protocol using an on-demand Route Discovery protocol

Secure Neighbor Detection

Secure route delegation

Randomized ROUTE REQUEST forwarding

To limit the number of REQUESTs that traverse an attacker

The nodes that dont have n distinct path to the source of the REQUEST

Choose a random timeout

Two addition security optimizations

Each REQUEST signed

Use location information

34

Evaluation

Simulation Evaluation

Underlying protocol: Adriane

HORS as broadcast signature
100 nodes
1000 m x 1000 m
Random waypoint model
Pause Time: 0, 30, 60, 120, 300, 600, 900
Workload: 5 flows

4 packets per second

64-byte packets
35

Packet Delivery Ratio

% of Offered traffic

DSR
99.8% to 100%
Ariadne
95% to 100%
RAP
7.6% to 47.7%
MAC-layer congestion
Slide courtesy: [2]

36

Median Latency

DSR and Ariadne

zero mean latency

RAP

Congestion
Waiting to forward a
REQUEST

Slide courtesy: [2]

37

Packet Overhead

5 flows has 5x as much

overhead
Reduces usefulness
Overhead should reduce
when congestion not an
issue

Slide courtesy: [2]

38

Overall

Evaluation

RAP adds significant costs

Higher costs due to congestion at lower bit rates.
RAP is designed to be used only when necessary
Only when underlying protocol is unable to discover a
working route

Security Analysis

Attacker needs to propagate ROUTE REQUEST from each

ROUTE DISCOVERY from many locations.
Wouldnt do it if they considered due to intrusion detection
39

Conclusion

Described the Rushing attack

Presented RAP (Rushing Attack Prevention)

RAP incurs higher overhead, but it can find usable

routes when other protocols cannot work

40

References

[1] Yih-Chun Hu,Adrian Perrig, David B.Johnson ,

Rushing attacks and defense in wireless ad hoc network routing protocols,
Proceedings of the 2003 ACM workshop on Wireless security, San Diego, CA,
USA. Available at:
http://www.ece.cmu.edu/~adrian/projects/secure-routing/wise2003.pdf

[2] Rushing Attacks and Defense in Wireless Ad Hoc Network Routing

Protocols Yih-Chun Hu, Adrian Perrig, and David B. Johnson
Presenter: Tammy Nguyen. Available at:
http://www.eecs.wsu.edu/~smedidi/teaching/Spring05/rushing1.ppt

41