MISPAR: mitigating stealthy packet dropping in locally-monitored multi-hop wireless ad hoc networks

Local monitoring has been demonstrated as a powerful technique for mitigating security attacks in multi-hop ad-hoc networks. In local monitoring, nodes overhear partial neighborhood communication to detect misbehavior such as packet drop or delay. However, local monitoring as presented in the literature is vulnerable to a class of attacks that we introduce here called stealthy packet dropping. Stealthy packet dropping disrupts the packet from reaching the destination by malicious behavior at an intermediate node. However, the malicious node gives the impression to its neighbors that it performed the legitimate forwarding action. Moreover, a legitimate node comes under suspicion. We introduce four ways of achieving stealthy packet dropping, none of which is currently detectable. We provide a protocol called Mispar based on local monitoring to remedy each attack. It presents two techniques --- having the neighbors maintain additional information about the routing path, and adding some checking responsibility to each neighbor. We show through analysis and simulation that the basic local monitoring fails to mitigate any of the presented attacks while Mispar successfully mitigates them.

[1]  Charles E. Perkins,et al.  Ad-hoc on-demand distance vector routing , 1999, Proceedings WMCSA'99. Second IEEE Workshop on Mobile Computing Systems and Applications.

[2]  Issa M. Khalil,et al.  DICAS: Detection, Diagnosis and Isolation of Control Attacks in Sensor Networks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[3]  David Evans,et al.  Using Directional Antennas to Prevent Wormhole Attacks , 2004, NDSS.

[4]  Yih-Chun Hu,et al.  Rushing attacks and defense in wireless ad hoc network routing protocols , 2003, WiSe '03.

[5]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[6]  Issa M. Khalil,et al.  SLAM: Sleep-Wake Aware Local Monitoring in Sensor Networks , 2007, 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'07).

[7]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.

[8]  Wenke Lee,et al.  A cooperative intrusion detection system for ad hoc networks , 2003, SASN '03.

[9]  Chris McDonald,et al.  Establishing Trust In Pure Ad-hoc Networks , 2004, ACSC.

[10]  Reza Curtmola,et al.  ODSBR: An on-demand secure Byzantine resilient routing protocol for wireless ad hoc networks , 2008, TSEC.

[11]  Jean-Yves Le Boudec,et al.  Performance analysis of the CONFIDANT protocol , 2002, MobiHoc '02.

[12]  Cristina Nita-Rotaru,et al.  JANUS: towards robust and malicious resilient routing in hybrid wireless networks , 2004, WiSe '04.

[13]  Issa M. Khalil,et al.  MOBIWORP: Mitigation of the Wormhole Attack in Mobile Multihop Wireless Networks , 2006, 2006 Securecomm and Workshops.

[14]  Saurabh Bagchi,et al.  Secure Neighbor Discovery in Wireless Sensor Networks , 2007 .

[15]  S. Buchegger,et al.  A Robust Reputation System for P2P and Mobile Ad-hoc Networks , 2004 .

[16]  Sung-Ju Lee,et al.  Split multipath routing with maximally disjoint paths in ad hoc networks , 2001, ICC 2001. IEEE International Conference on Communications. Conference Record (Cat. No.01CH37240).

[17]  Issa M. Khalil,et al.  LITEWORP: a lightweight countermeasure for the wormhole attack in multihop wireless networks , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).

[18]  Lisa Ann Osadciw,et al.  Jamming attack detection and countermeasures in wireless sensor network using ant system , 2006, SPIE Defense + Commercial Sensing.

[19]  Levente Buttyán,et al.  Statistical Wormhole Detection in Sensor Networks , 2005, ESAS.

[20]  Torsten Braun,et al.  A dynamic adaptive acknowledgment strategy for TCP over multihop wireless networks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[21]  Ravishankar K. Iyer,et al.  Neutralization of errors and attacks in wireless ad hoc networks , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).

[22]  David A. Wagner,et al.  Secure verification of location claims , 2003, WiSe '03.

[23]  Peng Ning,et al.  Defending against Sybil attacks in sensor networks , 2005, 25th IEEE International Conference on Distributed Computing Systems Workshops.

[24]  Deborah Estrin,et al.  An Empirical Study of Epidemic Algorithms in Large Scale Multihop Wireless Networks , 2002 .

[25]  David A. Maltz,et al.  DSR: the dynamic source routing protocol for multihop wireless ad hoc networks , 2001 .

[26]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[27]  Hari Balakrishnan,et al.  Harnessing Exposed Terminals in Wireless Networks , 2008, NSDI.

[28]  Charles E. Perkins,et al.  Highly dynamic Destination-Sequenced Distance-Vector routing (DSDV) for mobile computers , 1994, SIGCOMM.