1 無線隨用群播網路安全 (ad-hoc wireless multicasting network security) 主講人 :...
TRANSCRIPT
1
無線隨用群播網路安全 (Ad-Hoc wireless Multicasting Network Security)
主講人 : 賴溪松國立成功大學計算機與網路中心主任
暨電機工程系教授
2004.11.12
2
Outline Introduction of Mobile Ad hoc Networks
(MANET) Challenges and Attacks Solutions From Ad hoc Network to RFID Open problems
3
Introduction of wired and wireless networks (1)
Wired networks Fixed network topology and routing infrastructure Enough network resources High reliability and low packets loss ratio Routing protocols update periodically such as Link-
State (global) and Distance Vector (local) Wireless networks
Access Point Limited bandwidth Median reliability and packets loss ratio Others the same with wired network
4
Introduction of wired and wireless networks (2) Mobile Ad hoc network
Research in the 1970s with DARPA PRNet and the SURAN projects
Formed by the engagement of mobile nodes and without using a pre-existing infrastructure
Routes between nodes may contain multiple hops Dynamic topology and limited resources
Sensor network A type of Ad hoc network A powerful node : clusterhead Other powerless nodes : sensors
5
Mobile Ad Hoc Networks Environment
About 50~100 nodes for ad hoc network, 1000~10000 nodes for sensor network
Transmission range is 250m for a node (sensor 30m) Bandwidth is 2 Mbps
Usually need to traverse multiple links to reach a destination
Mobility causes route changes
6
Why need Ad Hoc Networks ? Ease of deployment Speed of deployment Decreased dependence on infrastructure
7
Many Applications Personal area networking
cell phone, laptop, ear phone, wrist watch Military environments
soldiers, tanks, planes Civilian environments
taxi cab network, meeting rooms, sports stadiums, boats, small aircraft
Emergency operations search-and-rescue, policing and fire fighting
8
Microcosmic Variations Fully Symmetric Environment
all nodes have identical capabilities and responsibilities
Differ Capabilities transmission ranges and radios battery life at different nodes processing capacity speed of movement only some nodes may route packets some nodes may act as leaders of nearby
nodes (e.g., clusterhead)
9
Cosmic Variations Traffic characteristics may differ in different
ad hoc networks bit rate reliability requirements unicast / multicast / geocast
May co-exist (and co-operate) with an infrastructure-based network
10
Unicast, Multicast and Broadcast Unicast
One to one Traditional application
FTP, telnet, http Multicast
One to many, many to many or many to one Difficult to perform security
Join or leave Traditional application
Audio/video conferencing, sharing of text/images Broadcast
One to all Traditional application
Online TV/Radio
11
Ad hoc Routing Protocols Why not use existing protocols ?
Node mobility link failure / repair repeatedly Rate of link failure / repair ∝ movement
New protocol criteria must satisfy route stability despite mobility energy consumption
Flooding based routing Unicast, Multicast routing protocols
12
Flooding Based Routing (1) Broadcasting a control packet
Used to discover routes An example :
S wants to transmits packet P to D
Represents that connected nodes are within each other’s transmission range
B
A
S EF
H
J
D
C
G
IK
Z
Y
M
N
L
13
Flooding Based Routing (2)
B
A
S E
F
H
J
D
C
G
IK
Represents transmission of packet P
Represents a node that receives packet P forthe first time
Z
YBroadcast transmission
M
N
L
14
Flooding Based Routing (3)
B
A
S E
F
H
J
D
C
G
IK
Collision problem 1: receive 2 or more same packets simultaneously, e.g. H,SCollision problem 2: receive a packet that have been received, e.g. S,E,C
Z
Y
M
N
L
15
Flooding Based Routing (4)
B
A
S E
F
H
J
D
C
G
IK
Collision problem : B, C, I
Z
Y
M
N
L
16
Flooding Based Routing (5)
B
A
S E
F
H
J
D
C
G
IK
Z
Y
M
Hidden problem: For example : B, C & H J, K & D
N
L
17
Flooding Based Routing (6)
B
A
S E
F
H
J
D
C
G
IK
Z
Y
Node D does not forward packet P( intended destination )
M
N
L
18
Flooding Based Routing (7)
B
A
S E
F
H
J
D
C
G
IK
• Flooding completed
• Unreachable Nodes: 1. Unlinked nodes: Z, Y 2. Behind Destination node: N
Z
Y
M
N
L
19
Flooding Based Routing (8)
B
A
S E
F
H
J
D
C
G
IK
Characteristic : too many reachable nodes due to dynamic route
Z
Y
M
N
L
20
Challenges Limited wireless transmission range Broadcast nature of the wireless medium
Hidden terminal problem
Packet losses due to transmission errors Mobility-induced route changes and packet losses Battery constraints Potentially frequent network partitions
21
Security Challenges Passive attack : does not disrupt the operation of the
protocol, but tries to discover valuable information by listening to traffic
Eavesdropping Active attacks : injects arbitrary packets and tries to
disrupt the operation of the protocol1. Modification of routing information
a. Redirection by changing the route sequence numberb. Redirection with modified hop countc. Denial of Service (DoS) attacks with modified source routes
2. Impersonation of routing information3. Fabrication routing information4. Dropping routing information5. Denial of Service
22
1. Redirection by changing the route sequence number (1) A wants to communicate with D Node A will broadcast a message asking the better
path to reach the node D The best path is chosen depending on the metric of
the different routes If an intruder replies with the shortest path, it inserts
itself in the network
Node A Node B Node DNode C
23
An intruder listens node C announcing to node B its route metric
The intruder announces to node B a smallest metric to reach D
B deletes its path with node C and replaces it with the intruder path
Figure 3.2
Node A Node B
Node DNode C
Intruder
1. Redirection by changing the route sequence number (2)
24
The node C announces to B a path with a metric value of one The intruder announces to B a path with a metric value of one
too B decides which path is the best by looking into the hop count
value of each route
Node A Node B Node DNode C
Intruder
Metric 1 and 3 hops
Metric 1 and 1 hop
2. Redirection with modified hop count (1)
25
The path with the malicious node is chosen according to the hop count value.
The new figure is illustrated below:
Node A Node B
Node DNode C
Intruder
2. Redirection with modified hop count (2)
26
A malicious node is inserted in the network thanks to one of the previous technique.
The malicious node changes packet headers it receives
The packets will not reach the destination The transmission is aborted The following figure illustrates DoS attacks
3. Denial of Service (DoS) attacks with modified source routes (1)
27
Node A Node B Node DNode CIntruder I
Intruder I decapsulates packets, change the header:
A-B-I-C-E
Node A sends packets with header: (route cache to reach node E)
A-B-I-C-D-E
Node C has no direct route with E, also the packets are dropped
Node E
3. Denial of Service (DoS) attacks with modified source routes (2)
28
Impersonation of routing information (1)
Forming loops by spoofing MAC address Malicious node M can listen all nodes Node M first changes its MAC address to the MAC
address of node A Node M moves closer to node B than node A is, and
stays out of range of node A Node M announces node B a shorter path to reach X
than the node D gives
A
B
C
D E X
M
29
Node B changes its path to reach X Packets will be sent first to node A Node M moves closer to node D than node B is, and
stays out of range of node B Node M announces node D a shorter path to reach X
than the node E gives
A
B
C
D E X
M
Impersonation of routing information (2)
30
Node D changes its path to reach X Packets will be sent first to node B X is now unreachable because of the loop formed
A
B
C
D E X
M
Impersonation of routing information (3)
31
Fabrication of routing information1. Falsifying route error messages
A malicious node can usurp the identity of another node and send error messages to the others to let the victim node be isolated
2. Corrupting routing state An attacker can easily broadcast a message with a
spoofed IP address such as the other nodes add this new route to reach a special node
3. Routing table overflow attack An attacker can send in the network a lot of route to
non-existent nodes until overwhelm the protocol
32
Fabrication of routing information (cont.)4. Replay attack
An attacker sends old advertisements to a node which always update its routing table with stale routes
5. Black hole or worm hole attack Black hole attack
An attacker advertises a zero metric route for all destinations and all the nodes around it will route packets towards it
Worm hole attack An attacker records packets at one location in the network,
and tunnels them to another location
33
Dropping routing information A malicious node just drops a routing packets
that it received The influence on normal networking is less Unless the position of a malicious node is on
single path
34
Security issues summary A lot of different threats for the ad-hoc routing
protocols A new routing protocol should be created
respecting the following rules Focus first on the topology discovery rather than the
data forwarding Able to detect a malicious node and react in
consequence
35
Solutions to problems in ad-hoc routing
Protocol enhancements Secure protocols Intrusion detection for Ad hoc network
36
Protocol enhancements Techniques to enhance security of
existing routing protocols 3 Examples:
Security-Aware ad-hoc Routing, SAR Secure Routing Protocol, SRP The Selfish Node, TSN
37
Secure protocols Instead of extending current protocols,
create new protocols with higher security requirements
Two examples Authenticated Routing for Ad-hoc Networks,
ARAN Secure Position Aided Ad hoc Routing,
SPAAR
38
Intrusion Detection [Zhang00Mobicom]
Detection of abnormal routing table updates Uses “training” data to determine characteristics of normal
routing table updates Efficacy of this approach is not evaluated, and is debatable
Similar abnormal behavior may be detected at other protocol layers For instance, at the Media Access Control (MAC) layer, normal behavior may be characterized for access patterns by various hosts
Abnormal behavior may indicate intrusion Solutions proposed in [Zhang00Mobicom] are
preliminary, not enough detail provided
39
Preventing Traffic Analysis [Jiang00iaas,Jiang00tech]
Even with encryption, an eavesdropper may be able to identify the traffic pattern in the network
Traffic patterns can give away information about the mode of operation Attack versus retreat
Traffic analysis can be prevented by presenting “constant” traffic pattern independent of the underlying operational mode May need insertion of dummy traffic to achieve this
40
From Ad hoc network to RFID In a mall, it is impossible to connect every readers by
wiring. So, the architecture of readers is the same as ad hoc
network. Besides, due to the hardware constraint, we should
sum up the items by back-end system and compare with the value of shopping car.
Because of the architecture, there are also some problems in RFID system.
Modification Impersonation Fabrication Dropping
41
From Ad hoc network to RFID (cont.)
DoS In a mall, an attacker can achieve DoS attack
by interfering the RFID readers which are wireless connected.
Let the item information cannot reach to the back-end system.
Let the back-end system crush by sending readers error messages.
42
From Ad hoc network to RFID (cont.)
Reader
Reader
ReaderBack-end system
Routing path
Tag
Tag
Attacker
RedirctionDropping
A lot of error messages
(DoS)
43
Summary Different environments require different
solutions Different requirements depending on
situation Available infrastructure?
Solutions exist, but all have drawbacks, one has to decide which security aspects are most important
Confidentiality? Availability? Throughput?
44
Security How can I trust you to forward my packets
without tampering? Need to be able to detect tampering
How do I know you are what you claim to be ? Authentication issues Hard to guarantee access to a certification authority
Open Problems (1)
45
Open Problems (2) Other issues received much less attention
Other interesting problems: Address assignment problem Media Access Control (MAC) protocols Improving interaction between protocol layers Distributed algorithms for MANET QoS issues Applications for MANET
46
Q & A
Thanks for your attention !