Secure High-Throughput Multicast Routing in Wireless Mesh Networks

Recent work in multicast routing for wireless mesh networks has focused on metrics that estimate link quality to maximize throughput. Nodes must collaborate in order to compute the path metric and forward data. The assumption that all nodes are honest and behave correctly during metric computation, propagation, and aggregation, as well as during data forwarding, leads to unexpected consequences in adversarial networks where compromised nodes act maliciously. In this work, we identify novel attacks against high-throughput multicast protocols in wireless mesh networks. The attacks exploit the local estimation and global aggregation of the metric to allow attackers to attract a large amount of traffic. We show that these attacks are very effective against multicast protocols based on high-throughput metrics. We conclude that aggressive path selection is a double-edged sword: While it maximizes throughput, it also increases attack effectiveness in the absence of defense mechanisms. Our approach to defend against the identified attacks combines measurement-based detection and accusation-based reaction techniques. The solution accommodates transient network variations and is resilient against attempts to exploit the defense mechanism itself. A detailed security analysis of our defense scheme establishes bounds on the impact of attacks. We demonstrate both the attacks and our defense using ODMRP, a representative multicast protocol for wireless mesh networks, and SPP, an adaptation of the well-known ETX unicast metric to the multicast setting.

[1]  Reza Curtmola,et al.  On the Pitfalls of Using High-Throughput Multicast Metrics in Adversarial Wireless Mesh Networks , 2007 .

[2]  Nitin H. Vaidya,et al.  Flooding-Based Geocasting Protocols for Mobile Ad Hoc Networks , 2002, Mob. Networks Appl..

[3]  Jitendra Padhye,et al.  Routing in multi-radio, multi-hop wireless mesh networks , 2004, MobiCom '04.

[4]  Yih-Chun Hu Packet Leashes : A Defense against Wormhole Attacks in Wireless Ad Hoc Networks , 2001 .

[5]  Z.J. Haas,et al.  Secure route discovery for QoS-aware routing in ad hoc networks , 2005, IEEE/Sarnoff Symposium on Advances in Wired and Wireless Communication, 2005..

[6]  Nitin H. Vaidya,et al.  GeoTORA: a protocol for geocasting in mobile ad hoc networks , 2000, Proceedings 2000 International Conference on Network Protocols.

[7]  Reza Curtmola,et al.  On the Pitfalls of High-Throughput Multicast Metrics in Adversarial Wireless Mesh Networks , 2008, 2008 5th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[8]  Baruch Awerbuch,et al.  An on-demand secure routing protocol resilient to byzantine failures , 2002, WiSE '02.

[9]  Levente Buttyán,et al.  Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks , 2003, Mob. Networks Appl..

[10]  Jitendra Padhye,et al.  Comparison of routing metrics for static multi-hop wireless networks , 2004, SIGCOMM '04.

[11]  Prasun Sinha,et al.  HIMAC: High Throughput MAC Layer Multicasting in Wireless Networks , 2006, 2006 IEEE International Conference on Mobile Ad Hoc and Sensor Systems.

[12]  Dimitrios Koutsonikolas,et al.  High-Throughput Multicast Routing Metrics in Wireless Mesh Networks , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[13]  Panagiotis Papadimitratos,et al.  Secure neighbor discovery in wireless networks: formal investigation of possibility , 2008, ASIACCS '08.

[14]  Sushil Jajodia,et al.  Securing MAODV: attacks and countermeasures , 2005, 2005 Second Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2005. IEEE SECON 2005..

[15]  Donal O'Mahony,et al.  Secure routing for mobile ad hoc networks , 2005, IEEE Communications Surveys & Tutorials.

[16]  Robert Tappan Morris,et al.  a high-throughput path metric for multi-hop wireless routing , 2003, MobiCom '03.

[17]  Charles E. Perkins,et al.  Multicast Ad hoc On-Demand Distance Vector (MAODV) Routing , 2000 .

[18]  Elizabeth M. Belding-Royer,et al.  A secure routing protocol for ad hoc networks , 2002, 10th IEEE International Conference on Network Protocols, 2002. Proceedings..

[19]  A. Perrig,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[20]  Panagiotis Papadimitratos,et al.  Secure link state routing for mobile ad hoc networks , 2003, 2003 Symposium on Applications and the Internet Workshops, 2003. Proceedings..

[21]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[22]  Panagiotis Papadimitratos,et al.  Secure data transmission in mobile ad hoc networks , 2003, WiSe '03.

[23]  Reza Curtmola,et al.  BSMR: Byzantine-Resilient Secure Multicast Routing in Multi-hop Wireless Networks , 2009, 2007 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[24]  Reza Curtmola,et al.  ODSBR: An on-demand secure Byzantine resilient routing protocol for wireless ad hoc networks , 2008, TSEC.

[25]  Sheng Zhong,et al.  On designing incentive-compatible routing and forwarding protocols in wireless ad-hoc networks: an integrated approach using game theoretical and cryptographic techniques , 2005, MobiCom '05.

[26]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[27]  Robin Kravets,et al.  Contention-aware admission control for ad hoc networks , 2005, IEEE Transactions on Mobile Computing.

[28]  Ting Zhu,et al.  A Dynamic Secure QoS Routing Protocol for Wireless Ad Hoc Networks , 2006, 2006 IEEE Sarnoff Symposium.

[29]  H. J. Arnold Introduction to the Practice of Statistics , 1990 .

[30]  Jorjeta G. Jetcheva,et al.  Adaptive demand-driven multicast routing in multi-hop wireless ad hoc networks , 2001, MobiHoc '01.

[31]  L. B. Milstein,et al.  Theory of Spread-Spectrum Communications - A Tutorial , 1982, IEEE Transactions on Communications.

[32]  Brian Neil Levine,et al.  Detecting the Sybil Attack in Mobile Ad hoc Networks , 2006, 2006 Securecomm and Workshops.

[33]  Yih-Chun Hu,et al.  Rushing attacks and defense in wireless ad hoc network routing protocols , 2003, WiSe '03.

[34]  Ranveer Chandra,et al.  Anonymous Gossip: improving multicast reliability in mobile ad-hoc networks , 2001, Proceedings 21st International Conference on Distributed Computing Systems.

[35]  Yih-Chun Hu,et al.  SEAD: secure efficient distance vector routing for mobile wireless ad hoc networks , 2002, Proceedings Fourth IEEE Workshop on Mobile Computing Systems and Applications.

[36]  Michalis Faloutsos,et al.  TrueLink: A Practical Countermeasure to the Wormhole Attack in Wireless Networks , 2006, Proceedings of the 2006 IEEE International Conference on Network Protocols.

[37]  Alec Wolman,et al.  A multi-radio unification protocol for IEEE 802.11 wireless networks , 2004, First International Conference on Broadband Networks.

[38]  Ran Canetti,et al.  Efficient and Secure Source Authentication for Multicast , 2001, NDSS.

[39]  Norman M. Abramson,et al.  THE ALOHA SYSTEM: another alternative for computer communications , 1899, AFIPS '70 (Fall).

[40]  J. J. Garcia-Luna-Aceves,et al.  Scalable Multicasting: The Core-Assisted Mesh Protocol , 2001, Mob. Networks Appl..

[41]  Baruch Awerbuch,et al.  The Medium Time Metric: High Throughput Route Selection in Multi-rate Ad Hoc Wireless Networks , 2006, Mob. Networks Appl..

[42]  Srinivasan Keshav,et al.  A control-theoretic approach to flow control , 1991, SIGCOMM '91.

[43]  Reza Curtmola,et al.  On the Survivability of Routing Protocols in Ad Hoc Wireless Networks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[44]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2002, MobiCom '02.

[45]  Stefan Schlott,et al.  Securing ad hoc routing protocols , 2004, Proceedings. 30th Euromicro Conference, 2004..

[46]  Christian F. Tschudin,et al.  Coping with communication gray zones in IEEE 802.11b based ad hoc networks , 2002, WOWMOM '02.

[47]  David Evans,et al.  Using Directional Antennas to Prevent Wormhole Attacks , 2004, NDSS.