Documente Academic
Documente Profesional
Documente Cultură
Outline
On-Demand
Routing Protocols
Rushing Attacks
Rushing Attack Prevention
Evaluation
Conclusion
Introduction
Wireless
Ad hoc network
Introduction (cont.)
Routing
Transport Subsystem
Neighbor State Maintenance
Database Maintenance
Ad
protocol
Routing Protocols
Proactive
Reactive
routing protocol
routing protocol
Immediately from
Route Table
Periodic advertisements
Proportional to size of
network regardless of
network traffic
When requested
Proportional to number of
communication nodes and
increase with increased node
mobility
A-B-D-G
A-B-D-G
A-B-D-G
A-B
A
source
A-B-D
Destination
A-C-E
A
A-C
H
A-C-E
A-C-E
F
7
An attacker can send faster, by avoiding the delays that are part of the
design of both routing and MAC (802.11b) protocols.
Rushing Attack
D
S
10
11
12
13
14
15
Route
A Query
Route Query
E
Route Reply
D
16
Attacker
RouteBQuery
Route Reply
E
Route
A Query
Route Query
D
17
Wormhole Attack
Denial-of-Service
Routing Disruptions
Unauthorized Access
18
Routing Tree
Routing
Wormhole Attack
Disrupted Routing
23
Network Assumption
Medium-sized
50 500 nodes
Clustering
24
Keys setup
Broadcast authentication key are distributed in
advance
Powerful attacker
Coordinated attacker
25
yes
Single-Hop?
no
Gather n
REQUESTS;
Randomly
Choose 1
Secure Neighbor
Detection
Original Routing
Protocol
26
Neighbor Detection
Requirements
27
sender
neighbor Request
receiver
broadcast
neighbor reply
neighbor verfication
28
Notation
A or B denote communicat ing nodes
A : R 0,1
denotes that node A randmoly selects an bit long nonce
A B : M, H A
means that node A sends B the message M and
the hash of A' s idnetifier concatenat ed with the nonce
A : M, M
means that node A broadcasts message M with its signature M
29
1 R
0,1
S :
R:
Nonces 1, 2
M1, M1
2 R
0,1
<M32,
,M >
<M
>
23
R S:
S:
freshness
M 2 , M2
R1
<M1,M >
1
R2
S R:
M3 , M3
30
BA:
AB:
31
MA
MA
AB:
=<Route Delegation,A,B,S,R,id>
=Sign(H(MA))
<MA>
32
To minimize the chance that a rushing adversary can dominate all returned
routes
The nodes that dont have n distinct path to the source of the REQUEST
Evaluation
Simulation Evaluation
% of Offered traffic
DSR
99.8% to 100%
Ariadne
95% to 100%
RAP
7.6% to 47.7%
MAC-layer congestion
Slide courtesy: [2]
36
Median Latency
RAP
Congestion
Waiting to forward a
REQUEST
37
Packet Overhead
38
Overall
Evaluation
Security Analysis
Conclusion
40
References
41