Mobility changes anonymity: new passive threats in mobile ad hoc networks

Privacy in mobile ad hoc networks has new semantics in addition to the conventional notions for infrastructure networks. Mobility enabled by wireless communication has significantly changed privacy issues and anonymity research in many ways. In particular, mobility requires ad hoc routing schemes to transmit messages frequently in an open wireless medium. The routing traffic facilitates adversaries in conducting various attacks threatening the network security and privacy. In this work, we focus on passive routing attacks. We present an extensive study on new anonymity threats and classify the corresponding security demands into three new categories: (1) venue anonymity; (2) privacy of ad hoc network topology; and (3) privacy of motion pattern. These new aspects are all introduced by mobility and left unaddressed in fixed infrastructure. This leads us to investigate new design principles. Our study suggests that on-demand routing, identity-free routing, and neighborhood traffic mixing are better design choices to defend against the new anonymity threats in mobile networks. The paper also demonstrates through examples on the visualization of the mobile anonymity attacks and on the quantification of the effectiveness of the attacks. Copyright (c) 2006 John Wiley & Sons, Ltd.

[1]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2005, Wirel. Networks.

[2]  Xiaoyan Hong,et al.  ANODR: anonymous on demand routing with untraceable routes for mobile ad-hoc networks , 2003, MobiHoc '03.

[3]  Andreas Pfitzmann,et al.  Anonymity, Unobservability, and Pseudonymity - A Proposal for Terminology , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[4]  Dogan Kesdogan,et al.  Stop-and-Go-MIXes Providing Probabilistic Anonymity in an Open System , 1998, Information Hiding.

[5]  Marco Gruteser,et al.  USENIX Association , 1992 .

[6]  M. S. Corson,et al.  A highly adaptive distributed routing algorithm for mobile wireless networks , 1997, Proceedings of INFOCOM '97.

[7]  Wade Trappe,et al.  Source-location privacy in energy-constrained sensor network routing , 2004, SASN '04.

[8]  Charles E. Perkins,et al.  Ad-hoc on-demand distance vector routing , 1999, Proceedings WMCSA'99. Second IEEE Workshop on Mobile Computing Systems and Applications.

[9]  Stefano Basagni,et al.  Secure pebblenets , 2001, MobiHoc '01.

[10]  Wenjing Lou,et al.  Anonymous communications in mobile ad hoc networks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[11]  Nitin H. Vaidya,et al.  Location-aided routing (LAR) in mobile ad hoc networks , 1998, MobiCom '98.

[12]  David Chaum,et al.  The dining cryptographers problem: Unconditional sender and recipient untraceability , 1988, Journal of Cryptology.

[13]  Xiaoyan Hong,et al.  Mobility changes anonymity: mobile ad hoc networks need efficient anonymous routing , 2005, 10th IEEE Symposium on Computers and Communications (ISCC'05).

[14]  Shivakant Mishra,et al.  Intrusion tolerance and anti-traffic analysis strategies for wireless sensor networks , 2004, International Conference on Dependable Systems and Networks, 2004.

[15]  Stamatios V. Kartalopoulos Asynchronous Transfer Mode , 1999 .

[16]  Qi He,et al.  The quest for personal control over mobile location privacy , 2004, IEEE Communications Magazine.

[17]  Hannes Federrath,et al.  Project “anonymity and unobservability in the Internet” , 2000, CFP '00.

[18]  Charles E. Perkins,et al.  Highly dynamic Destination-Sequenced Distance-Vector routing (DSDV) for mobile computers , 1994, SIGCOMM.

[19]  Peter Palfrader,et al.  Mixmaster protocol --- version 2 , 2000 .

[20]  Philippe Jacquet,et al.  Optimized Link State Routing Protocol (OLSR) , 2003, RFC.

[21]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[22]  Xiaoyan Hong,et al.  A new set of passive routing attacks in mobile ad hoc networks , 2003, IEEE Military Communications Conference, 2003. MILCOM 2003..

[23]  Birgit Pfitzmann,et al.  ISDN-MIXes: Untraceable Communication with Small Bandwidth Overhead , 1991, Kommunikation in Verteilten Systemen.

[24]  Fred L. Templin,et al.  Topology Dissemination Based on Reverse-Path Forwarding (TBRPF) , 2004, RFC.

[25]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[26]  John Moy,et al.  OSPF Version 2 , 1998, RFC.

[27]  Yih-Chun Hu,et al.  SEAD: secure efficient distance vector routing for mobile wireless ad hoc networks , 2002, Proceedings Fourth IEEE Workshop on Mobile Computing Systems and Applications.

[28]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[29]  David A. Maltz,et al.  Dynamic Source Routing in Ad Hoc Wireless Networks , 1994, Mobidata.

[30]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[31]  Gregory A. Hansen,et al.  The Optimized Link State Routing Protocol , 2003 .

[32]  Charles L. Hedrick,et al.  Routing Information Protocol , 1988, RFC.

[33]  Miodrag Potkonjak,et al.  Exposure in wireless Ad-Hoc sensor networks , 2001, MobiCom '01.

[34]  U Moeller,et al.  Mixmaster Protocol Version 2 , 2004 .

[35]  Yih-Chun Hu,et al.  Rushing attacks and defense in wireless ad hoc network routing protocols , 2003, WiSe '03.

[36]  Hannes Federrath,et al.  Designing Privacy Enhancing Technologies, International Workshop on Design Issues in Anonymity and Unobservability, Berkeley, CA, USA, July 25-26, 2000, Proceedings , 2001, International Workshop on Design Issues in Anonymity and Unobservability.

[37]  George Danezis,et al.  Mixminion: design of a type III anonymous remailer protocol , 2003, 2003 Symposium on Security and Privacy, 2003..

[38]  Frank Stajano,et al.  Location Privacy in Pervasive Computing , 2003, IEEE Pervasive Comput..

[39]  David A. Maltz,et al.  A performance comparison of multi-hop wireless ad hoc network routing protocols , 1998, MobiCom '98.

[40]  Rafail Ostrovsky,et al.  Xor-trees for efficient anonymous multicast and reception , 2000, TSEC.

[41]  Elizabeth M. Belding-Royer,et al.  A secure routing protocol for ad hoc networks , 2002, 10th IEEE International Conference on Network Protocols, 2002. Proceedings..

[42]  Helen J. Wang,et al.  A Framework for Location Privacy in Wireless Networks , 2005 .

[43]  Azzedine Boukerche,et al.  SDAR: a secure distributed anonymous routing protocol for wireless and mobile ad hoc networks , 2004, 29th Annual IEEE International Conference on Local Computer Networks.

[44]  David R. Karger,et al.  A scalable location service for geographic ad hoc routing , 2000, MobiCom '00.

[45]  M. Decina,et al.  Asynchronous transfer mode or synchronous transfer mode or both , 1991, IEEE Communications Magazine.

[46]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[47]  Yakov Rekhter,et al.  A Border Gateway Protocol 4 (BGP-4) , 1994, RFC.