Hotspot-based traceback for mobile ad hoc networks

Traceback schemes are useful to identify the source of an attack. Existing traceback systems are not suitable for Mobile Ad Hoc Networks (MANET) because they rely on assumptions such as trustworthy routers and static route topology that do not hold in the ad hoc platform. In this paper, we propose a single-packet traceback solution that is extended from the hash-based traceback scheme [19] but not relying on these assumptions. In particular, our solution is fully distributed and resilient in the face of arbitrary number of collaborative adversaries.In this paper, we develop a new technique, namely Tagged Bloom Filters, as an efficient means to store additional information associated with each incoming packet. The additional information can be used to accurately recover the attack path when an attack packet is queried in a traceback session. Based on this technique, we propose several distributed schemes, collectively called Hotspot-Based Traceback schemes, to defeat attacks under different security requirements. We present the protocol design, study possible security caveats and propose the corresponding countermeasures.We present both theoretical and experimental results using ns-2 [8] simulations to show the effectiveness and efficiency of our approach.

[1]  Craig Partridge,et al.  Hash-based IP traceback , 2001, SIGCOMM.

[2]  Li Fan,et al.  Summary cache: a scalable wide-area web cache sharing protocol , 2000, TNET.

[3]  Wenke Lee,et al.  Attack Analysis and Detection for Ad Hoc Routing Protocols , 2004, RAID.

[4]  Jean-Pierre Hubaux,et al.  The quest for security in mobile ad hoc networks , 2001, MobiHoc '01.

[5]  Karl N. Levitt,et al.  Protecting routing infrastructures from denial of service using cooperative intrusion detection , 1998, NSPW '97.

[6]  Anna R. Karlin,et al.  Network support for IP traceback , 2001, TNET.

[7]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[8]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[9]  Nitin H. Vaidya,et al.  Weak duplicate address detection in mobile ad hoc networks , 2002, MobiHoc '02.

[10]  Dawn Xiaodong Song,et al.  FIT: fast Internet traceback , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[11]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[12]  Wenke Lee,et al.  A cooperative intrusion detection system for ad hoc networks , 2003, SASN '03.

[13]  Srdjan Capkun,et al.  Mobility helps security in ad hoc networks , 2003, MobiHoc '03.

[14]  Steven M. Bellovin,et al.  ICMP Traceback Messages , 2003 .

[15]  Dawn Xiaodong Song,et al.  Advanced and authenticated marking schemes for IP traceback , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[16]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[17]  Donggang Liu,et al.  Multilevel μTESLA: Broadcast authentication for distributed sensor networks , 2004, TECS.

[18]  Kevin R. Fall,et al.  The NS Manual (Formerly NS Notes and Documentation , 2002 .

[19]  J. V. D. Merwe,et al.  Self-Organized Public Key Management for Mobile Ad Hoc Networks , 2002 .

[20]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2005, Wirel. Networks.

[21]  Douglas S. Reeves,et al.  Sleepy Watermark Tracing: An Active Network-Based Intrusion Response Framework , 2001, SEC.

[22]  Bill Cheswick,et al.  Tracing Anonymous Packets to Their Approximate Source , 2000, LISA.

[23]  Charles E. Perkins,et al.  Ad hoc On-Demand Distance Vector (AODV) Routing , 2001, RFC.

[24]  Hugo Krawczyk,et al.  UMAC: Fast and Secure Message Authentication , 1999, CRYPTO.