Adaptive Threat Modeling for Secure Ad Hoc Routing Protocols

Secure routing protocols for mobile ad hoc networks provide the required functionality for proper network operation. If the underlying routing protocol cannot be trusted to follow the protocol operations, additional trust layers, such as authentication, cannot be obtained. Threat models drive analysis capabilities, affecting how we evaluate trust. Current attacker threat models limit the results obtained during protocol security analysis over ad hoc routing protocols. Developing a proper threat model to evaluate security properties in mobile ad hoc routing protocols presents a significant challenge. If the attacker strength is too weak, we miss vital security flaws. If the attacker strength is too strong, we cannot identify the minimum required attacker capabilities needed to break the routing protocol. In this paper we present an adaptive threat model to evaluate route discovery attacks against ad hoc routing protocols. Our approach enables us to evaluate trust in the ad hoc routing process and allows us to identify minimum requirements an attacker needs to break a given routing protocol.

[1]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[2]  Donal O'Mahony,et al.  Secure routing for mobile ad hoc networks , 2005, IEEE Communications Surveys & Tutorials.

[3]  Prabha Ramachandran,et al.  Limitations of on demand secure routing protocols , 2004, Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004..

[4]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[5]  Peter Y. A. Ryan,et al.  The modelling and analysis of security protocols: the csp approach , 2000 .

[6]  A. Yasinsac,et al.  The invisible node attack revisited , 2007, Proceedings 2007 IEEE SoutheastCon.

[7]  Elizabeth M. Belding-Royer,et al.  A review of current routing protocols for ad hoc mobile wireless networks , 1999, IEEE Wirel. Commun..

[8]  Alec Yasinsac,et al.  Peer identification in wireless and sensor networks using signal properties , 2005, IEEE International Conference on Mobile Adhoc and Sensor Systems Conference, 2005..

[9]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[10]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2005, Wirel. Networks.

[11]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[12]  A. Yasinsac,et al.  Identifying flaws in the secure routing protocol , 2003, Conference Proceedings of the 2003 IEEE International Performance, Computing, and Communications Conference, 2003..

[13]  Levente Buttyán,et al.  Provably Secure On-Demand Source Routing in Mobile Ad Hoc Networks , 2006, IEEE Transactions on Mobile Computing.

[14]  Levente Buttyán,et al.  Towards provable security for ad hoc routing protocols , 2004, SASN '04.

[15]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2002, MobiCom '02.

[16]  Sadie Creese,et al.  The attacker in ubiquitous computing environments: formalising the threat model , 2003 .

[17]  Sebastian Nanz,et al.  Specification and security analysis of mobile ad-hoc networks , 2006 .

[18]  Michael Goldsmith,et al.  Modelling and analysis of security protocols , 2001 .