ODSBR: An on-demand secure Byzantine resilient routing protocol for wireless ad hoc networks

Ah hoc networks offer increased coverage by using multihop communication. This architecture makes services more vulnerable to internal attacks coming from compromised nodes that behave arbitrarily to disrupt the network, also referred to as Byzantine attacks. In this work, we examine the impact of several Byzantine attacks performed by individual or colluding attackers. We propose ODSBR, the first on-demand routing protocol for ad hoc wireless networks that provides resilience to Byzantine attacks caused by individual or colluding nodes. The protocol uses an adaptive probing technique that detects a malicious link after log n faults have occurred, where n is the length of the path. Problematic links are avoided by using a route discovery mechanism that relies on a new metric that captures adversarial behavior. Our protocol never partitions the network and bounds the amount of damage caused by attackers. We demonstrate through simulations ODSBR's effectiveness in mitigating Byzantine attacks. Our analysis of the impact of these attacks versus the adversary's effort gives insights into their relative strengths, their interaction, and their importance when designing multihop wireless routing protocols.

[1]  Stefan Savage,et al.  Fatih: detecting and isolating malicious routers , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).

[2]  Panagiotis Papadimitratos,et al.  Secure Routing for Mobile Ad Hoc Networks , 2002 .

[3]  Elizabeth M. Belding-Royer,et al.  A secure routing protocol for ad hoc networks , 2002, 10th IEEE International Conference on Network Protocols, 2002. Proceedings..

[4]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[5]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2005, Wirel. Networks.

[6]  Hu Imm Lee Afora : ad hoc routing in the face of misbehaving nodes , 2002 .

[7]  Robert Tappan Morris,et al.  a high-throughput path metric for multi-hop wireless routing , 2003, MobiCom '03.

[8]  Ravi Sandhu,et al.  ACM Transactions on Information and System Security: Editorial , 2005 .

[9]  Charles E. Perkins,et al.  Highly dynamic Destination-Sequenced Distance-Vector routing (DSDV) for mobile computers , 1994, SIGCOMM.

[10]  Jean-Yves Le Boudec,et al.  Performance analysis of the CONFIDANT protocol , 2002, MobiHoc '02.

[11]  Biswanath Mukherjee,et al.  Detecting disruptive routers: a distributed network monitoring approach , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[12]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1998, IEEE J. Sel. Areas Commun..

[13]  Jean-Yves Le Boudec,et al.  Performance analysis of the CONFIDANT protocol , 2002, MobiHoc '02.

[14]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[15]  David A. Maltz,et al.  DSR: the dynamic source routing protocol for multihop wireless ad hoc networks , 2001 .

[16]  Ran Canetti,et al.  Efficient and Secure Source Authentication for Multicast , 2001, NDSS.

[17]  Donal O'Mahony,et al.  Secure routing for mobile ad hoc networks , 2005, IEEE Communications Surveys & Tutorials.

[18]  Alfred Menezes,et al.  PGP in Constrained Wireless Devices , 2000, USENIX Security Symposium.

[19]  Refik Molva,et al.  Core: a collaborative reputation mechanism to enforce node cooperation in mobile ad hoc networks , 2002, Communications and Multimedia Security.

[20]  Yih-Chun Hu,et al.  SEAD: secure efficient distance vector routing for mobile wireless ad hoc networks , 2002, Proceedings Fourth IEEE Workshop on Mobile Computing Systems and Applications.

[21]  Gene Tsudik,et al.  Reducing the cost of security in link-state routing , 1997, Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security.

[22]  Stephen T. Kent,et al.  Secure Border Gateway Protocol (S-BGP) , 2000, IEEE Journal on Selected Areas in Communications.

[23]  Baruch Awerbuch,et al.  The Medium Time Metric: High Throughput Route Selection in Multi-rate Ad Hoc Wireless Networks , 2006, Mob. Networks Appl..

[24]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[25]  Craig Partridge,et al.  When the CRC and TCP checksum disagree , 2000, SIGCOMM.

[26]  Mingyan Liu,et al.  Random waypoint considered harmful , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[27]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[28]  Jean-Pierre Hubaux,et al.  The quest for security in mobile ad hoc networks , 2001, MobiHoc '01.

[29]  Yih-Chun Hu,et al.  Rushing attacks and defense in wireless ad hoc network routing protocols , 2003, WiSe '03.

[30]  Zygmunt J. Haas,et al.  Securing ad hoc networks , 1999, IEEE Netw..

[31]  J. J. Garcia-Luna-Aceves,et al.  Securing distance-vector routing protocols , 1997, Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security.

[32]  Yih-Chun Hu Packet Leashes : A Defense against Wormhole Attacks in Wireless Ad Hoc Networks , 2001 .

[33]  Panagiotis Papadimitratos,et al.  Secure data transmission in mobile ad hoc networks , 2003, WiSe '03.

[34]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2002, MobiCom '02.

[35]  Michalis Faloutsos,et al.  TrueLink: A Practical Countermeasure to the Wormhole Attack in Wireless Networks , 2006, Proceedings of the 2006 IEEE International Conference on Network Protocols.

[36]  Keith W. Ross,et al.  Computer networking - a top-down approach featuring the internet , 2000 .

[37]  Philip R. Zimmermann,et al.  The official PGP user's guide , 1996 .

[38]  Radia J. Perlman,et al.  Network layer protocols with Byzantine robustness , 1988 .

[39]  John S. Baras,et al.  Trust evaluation in ad-hoc networks , 2004, WiSe '04.

[40]  Karl N. Levitt,et al.  Protecting routing infrastructures from denial of service using cooperative intrusion detection , 1998, NSPW '97.

[41]  Markus Jakobsson,et al.  Stealth attacks on ad-hoc wireless networks , 2003, 2003 IEEE 58th Vehicular Technology Conference. VTC 2003-Fall (IEEE Cat. No.03CH37484).

[42]  David Evans,et al.  Using Directional Antennas to Prevent Wormhole Attacks , 2004, NDSS.

[43]  Levente Buttyán,et al.  Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks , 2003, Mob. Networks Appl..

[44]  Christian F. Tschudin,et al.  Coping with communication gray zones in IEEE 802.11b based ad hoc networks , 2002, WOWMOM '02.

[45]  Frederic P. Miller,et al.  Advanced Encryption Standard , 2009 .

[46]  Radia J. Perlman,et al.  Routing with Byzantine robustness , 2005 .

[47]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[48]  Charles E. Perkins,et al.  Ad-hoc on-demand distance vector routing , 1999, Proceedings WMCSA'99. Second IEEE Workshop on Mobile Computing Systems and Applications.

[49]  Ivan Stojmenovic,et al.  Ad hoc Networking , 2004 .