A High Throughput Covert Overlay Network within a MANET

We present a method of establishing an obfuscated overlay network on an existing mobile ad hoc network (MANET). This overlay network is created and operated covertly, makes use of the AODV routing protocol, and utilizes a wide-band side-channel. The side-channel is manipulated so that its traffic appears as errors to the primary network, which uses the OLSR routing protocol. Only nodes privy to the knowledge that side-channel frames have been intentionally corrupted will refrain from dropping the frames as errors and are capable of processing their content. Because the overlay network uses a different routing protocol, it frequently establishes different routes than the primary network, effectively implementing dispersity routing. We then demonstrate that the obfuscated traffic of the overlay network cannot be readily discovered despite using a powerful detection method. We introduce a detection method that assumes the existence of an 'oracle' to perform traffic analysis and extract side-channel signatures in both time and frequency domains. The oracular traffic analysis assumes a priori knowledge of all covert traffic. Using signatures produced by an oracular detector, a non-oracular observer can attempt to detect the covert-channel. To evade this form of detection, we reduce the efficacy of the signatures by a traffic shaping technique that adds random delays to the scheduled transmission time of the side-traffic. We show that the signature reduction is most effective when the delays are statistically similar to the packet arrival time of the background traffic. With our proposed traffic shaping technique we reduce the potential discovery of the overlay network.

[1]  Ramiro Liscano,et al.  Challenges in the Implementation and Simulation for Wireless Side-Channel based on Intentionally Corrupted FCS , 2011, ANT/MobiWIS.

[2]  Peter C. Mason,et al.  A frame handler module for a side-channel in mobile ad hoc networks , 2009, 2009 IEEE 34th Conference on Local Computer Networks.

[3]  Charles E. Perkins,et al.  Ad hoc On-Demand Distance Vector (AODV) Routing , 2001, RFC.

[4]  Mahesh K. Marina,et al.  On-demand multipath distance vector routing in ad hoc networks , 2001, Proceedings Ninth International Conference on Network Protocols. ICNP 2001.

[5]  Ming Li,et al.  Enabling secure and reliable policy-based routing in MANETs , 2012, MILCOM 2012 - 2012 IEEE Military Communications Conference.

[6]  Ming Li,et al.  On the efficiency of establishing and maintaining security associations in tactical MANETs in group formation , 2011, 2011 - MILCOM 2011 Military Communications Conference.

[7]  A.O. Fapojuwo,et al.  Scalable Team Oriented Reliable Multicast routing protocol for tactical mobile ad hoc networks , 2008, MILCOM 2008 - 2008 IEEE Military Communications Conference.

[8]  Philippe Jacquet,et al.  Optimized Link State Routing Protocol (OLSR) , 2003, RFC.

[9]  Peter C. Mason,et al.  A realistic implementation for simulating side-channel in mobile ad hoc networks , 2013, ANSS 2013.

[10]  Raheem A. Beyah,et al.  Authentication in 802.11 LANs Using a Covert Side Channel , 2009, 2009 IEEE International Conference on Communications.

[11]  N. F. Maxemchuk Dispersity Routing: Past and Present , 2007, MILCOM 2007 - IEEE Military Communications Conference.

[12]  Mahesh K. Marina,et al.  Ad hoc on-demand multipath distance vector routing , 2006, Wirel. Commun. Mob. Comput..

[13]  Song Li,et al.  A network layer covert channel in ad-hoc wireless networks , 2004, 2004 First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2004. IEEE SECON 2004..

[14]  Z. Trabelsi,et al.  Implementation of a Covert Channel in the 802.11 Header , 2008, 2008 International Wireless Communications and Mobile Computing Conference.

[15]  Helen Tang,et al.  Lightweight Integrated Authentication for Tactical MANETs , 2008, 2008 The 9th International Conference for Young Computer Scientists.