How to misuse AODV: a case study of insider attacks against mobile ad-hoc routing protocols

This paper presents a systematic analysis of insider attacks against mobile ad-hoc routing protocols, using the Ad-hoc On-Demand Distance Vector (AODV) protocol as an example. It identifies a number of attack goals, and then studies how to achieve these goals through misuses of the routing messages. To facilitate the analysis, it classifies insider attacks into two categories: atomic misuses and compound misuses. Atomic misuses are performed by manipulating a single routing message, which cannot be further divided; compound misuses are composed of combinations of atomic misuses and possibly normal uses of the routing protocol. The analysis results in this paper reveal several classes of insider attacks, including route disruption, route invasion, node isolation, and resource consumption. Finally, this paper presents simulation results that validate and demonstrate the impact of these attacks.

[1]  P. Hoffman Internet Draft , 1998 .

[2]  Cynthia A. Phillips,et al.  Computer-attack graph generation tool , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[3]  Robin Kravets,et al.  Security-aware ad hoc routing for wireless networks , 2001, MobiHoc '01.

[4]  Gary Carpenter 동적 사용자를 위한 Scalable 인증 그룹 키 교환 프로토콜 , 2005 .

[5]  Elizabeth M. Belding-Royer,et al.  A secure routing protocol for ad hoc networks , 2002, 10th IEEE International Conference on Network Protocols, 2002. Proceedings..

[6]  Yih-Chun Hu,et al.  SEAD: secure efficient distance vector routing for mobile wireless ad hoc networks , 2002, Proceedings Fourth IEEE Workshop on Mobile Computing Systems and Applications.

[7]  Cynthia A. Phillips,et al.  A graph-based system for network-vulnerability analysis , 1998, NSPW '98.

[8]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[9]  Charles E. Perkins,et al.  Ad hoc On-Demand Distance Vector (AODV) Routing , 2001, RFC.

[10]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[11]  Stefano Basagni,et al.  Secure pebblenets , 2001, MobiHoc '01.

[12]  Nitin H. Vaidya,et al.  Location-aided routing (LAR) in mobile ad hoc networks , 1998, MobiCom '98.

[13]  Donal O'Mahony,et al.  Secure routing for mobile ad hoc networks , 2005, IEEE Communications Surveys & Tutorials.

[14]  Wenke Lee,et al.  Intrusion detection in wireless ad-hoc networks , 2000, MobiCom '00.

[15]  Jean-Yves Le Boudec,et al.  Performance Analysis of the CONFIDANT Protocol: Cooperation Of Nodes - Fairness In Dynamic Ad-hoc NeTworks , 2002 .

[16]  Yih-Chun Hu Efficient Security Mechanisms for Routing Protocols , 2003 .

[17]  Seung Yi,et al.  A Security-Aware Routing Protocol for Wireless Ad Hoc Networks , 2002 .

[18]  Yih-Chun Hu,et al.  Efficient Security Mechanisms for Routing Protocolsa , 2003, NDSS.

[19]  Peng Ning,et al.  How to misuse AODV: a case study of insider attacks against mobile ad-hoc routing protocols , 2003, IEEE Systems, Man and Cybernetics SocietyInformation Assurance Workshop, 2003..

[20]  Jean-Pierre Hubaux,et al.  The quest for security in mobile ad hoc networks , 2001, MobiHoc '01.

[21]  Duminda Wijesekera,et al.  Scalable, graph-based network vulnerability analysis , 2002, CCS '02.

[22]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[23]  David A. Wagner,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Ad Hoc Networks.

[24]  Charles E. Perkins,et al.  Highly dynamic Destination-Sequenced Distance-Vector routing (DSDV) for mobile computers , 1994, SIGCOMM.

[25]  Yih-Chun Hu Packet Leashes : A Defense against Wormhole Attacks in Wireless Ad Hoc Networks , 2001 .

[26]  Zygmunt J. Haas,et al.  Securing ad hoc networks , 1999, IEEE Netw..

[27]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2002, MobiCom '02.

[28]  Somesh Jha,et al.  Two formal analyses of attack graphs , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[29]  Stephen T. Kent,et al.  IP Authentication Header , 1995, RFC.

[30]  Jean-Yves Le Boudec,et al.  Performance analysis of the CONFIDANT protocol , 2002, MobiHoc '02.