L ’ Hospital : Self-healing Secure Routing for Mobile Ad-hoc Networks

Mobile ad hoc networks (MANETs) are vulnerable to a myriad of attacks. Purely cryptographic countermeasures are effective against outsiders, but not non-cooperative members including selfish and compromised members. Noncryptographic means like intrusion detection must be devised to answer the challenge. However, as recently studied in “jellyfish attack” [1], the effectiveness of wireless intrusion detection systems (IDS) are limited when security attacks can be “cloaked” under protocol-compliant actions. For instance, since packet loss is common in mobile wireless networks, the adversary can exploit this fact by hiding its malicious intents using compliant packet losses that appear to be caused by environmental reasons. In this paper we study two routing disruption attacks that use non-cooperative network members and disguised packet losses to deplete ad hoc network resources and to reduce ad hoc routing performance. These two routing attacks have not been fully studied in previous research. We propose the design of “self-healing community” to counter these two attacks. Our design exploits the redundancy in deployment which is typical of most ad hoc networks; namely, it counters non-cooperative attacks using the probabilistic presence of nearby “good” cooperative network members. To realize the new paradigm, we devise localized simple schemes to maintain self-healing communities. The localized design virtually constructs a “localized hospital” (L’Hospital) to save the (optimal) route discovered by the underlying routing protocol. We develop an analytic model to prove the effectiveness of our design. Then we design and implement our secure ad hoc routing protocols in simulation to verify the cost and overhead incurred by maintaining the communities. Our study confirms that the community-based security is a cost-effective strategy to make off-the-shelf ad hoc routing protocols secure.

[1]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[2]  Noel A Cressie,et al.  Statistics for Spatial Data. , 1992 .

[3]  Samir R Das,et al.  Ad hoc on-demand multipath distance vector routing , 2002, MOCO.

[4]  Paolo Santi,et al.  An analysis of the node spatial distribution of the random waypoint mobility model for ad hoc networks , 2002, POMC '02.

[5]  Shivakant Mishra,et al.  Intrusion tolerance and anti-traffic analysis strategies for wireless sensor networks , 2004, International Conference on Dependable Systems and Networks, 2004.

[6]  Hannes Hartenstein,et al.  Stochastic Properties of the Random Waypoint Mobility Model , 2004, Wirel. Networks.

[7]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[8]  Panagiotis Papadimitratos,et al.  Secure data transmission in mobile ad hoc networks , 2003, WiSe '03.

[9]  N. Asokan,et al.  Securing ad hoc routing protocols , 2002, WiSE '02.

[10]  Charalampos Manifavas,et al.  A new family of authentication protocols , 1998, OPSR.

[11]  Victor C. M. Leung,et al.  Secure Routing for Mobile Ad Hoc Networks , 2006 .

[12]  Charles E. Perkins,et al.  Ad hoc On-Demand Distance Vector (AODV) Routing , 2001, RFC.

[13]  David Chaum,et al.  Distance-Bounding Protocols (Extended Abstract) , 1994, EUROCRYPT.

[14]  Christian Bettstetter,et al.  Mobility modeling in wireless networks: categorization, smooth movement, and border effects , 2001, MOCO.

[15]  Edward W. Knightly,et al.  Denial of service resilience in ad hoc networks , 2004, MobiCom '04.

[16]  Paramvir Bahl,et al.  Wake on wireless: an event driven energy saving strategy for battery operated devices , 2002, MobiCom '02.

[17]  Christian Wagner,et al.  The Spatial Node Distribution of the Random Waypoint Mobility Model , 2002, WMAN.

[18]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2005, Wirel. Networks.

[19]  Baruch Awerbuch,et al.  An on-demand secure routing protocol resilient to byzantine failures , 2002, WiSE '02.

[20]  David A. Maltz,et al.  Dynamic Source Routing in Ad Hoc Wireless Networks , 1994, Mobidata.

[21]  David Evans,et al.  Using Directional Antennas to Prevent Wormhole Attacks , 2004, NDSS.

[22]  David B. Johnson,et al.  The Dynamic Source Routing Protocol for Mobile Ad Hoc Networks , 2003 .

[23]  Elizabeth M. Belding-Royer,et al.  A secure routing protocol for ad hoc networks , 2002, 10th IEEE International Conference on Network Protocols, 2002. Proceedings..

[24]  Martin Nilsson,et al.  Investigating the energy consumption of a wireless network interface in an ad hoc networking environment , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[25]  Robin Kravets,et al.  Bypass routing: An on-demand local recovery protocol for ad hoc networks , 2006, Ad Hoc Networks.

[26]  Dawn Song,et al.  The TESLA Broadcast Authentication Protocol , 2002 .

[27]  Randy H. Katz,et al.  Measuring and Reducing Energy Consumption of Network Interfaces in Hand-Held Devices (Special Issue on Mobile Computing) , 1997 .

[28]  Elizabeth M. Belding-Royer,et al.  Dynamically Adaptive Multipath Routing based on AODV , 2004 .

[29]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[30]  Srdjan Capkun,et al.  SECTOR: secure tracking of node encounters in multi-hop wireless networks , 2003, SASN '03.

[31]  Yih-Chun Hu,et al.  Rushing attacks and defense in wireless ad hoc network routing protocols , 2003, WiSe '03.

[32]  Charles E. Perkins,et al.  Ad-hoc on-demand distance vector routing , 1999, Proceedings WMCSA'99. Second IEEE Workshop on Mobile Computing Systems and Applications.