Adaptive Security for Multi-layer Ad-hoc Networks

Secure communication is critical in military environments where the network infrastructure is vulnerable to various attacks and compromises. A conventional centralized solution breaks down when the security servers are destroyed by the enemies. In this paper we design and evaluate a security framework for multi-layer ad-hoc wireless networks with unmanned aerial vehicles (UAVs). In battlefields, the framework adapts to the contingent damages on the network infrastructure. Depending on the availability of the network infrastructure, our design is composed of two modes. In infrastructure mode, security services, specifically the authentication services, are implemented on UAVs that feature low overhead and flexible managements. When the UAVs fail or are destroyed, our system seamlessly switches to infrastructureless mode, a backup mechanism that maintains comparable security services among the surviving units. In the infrastructureless mode, the security services are localized to each node’s vicinity to comply with the ad-hoc communication mechanism in the scenario. We study the instantiation of these two modes and the transitions between them. Our implementation and simulation measurements confirm the effectiveness of our design.

[1]  P. R. Kumar,et al.  Internets in the sky: The capacity of three-dimensional wireless networks , 2001, Commun. Inf. Syst..

[2]  Robert Tappan Morris,et al.  Capacity of Ad Hoc wireless networks , 2001, MobiCom '01.

[3]  Mario Gerla,et al.  Adaptive Clustering for Mobile Wireless Networks , 1997, IEEE J. Sel. Areas Commun..

[4]  A. L. Whiteman Review: Ivan Niven and Herbert S. Zuckerman, An introduction to the theory of numbers , 1961 .

[5]  Xiaoyan Hong,et al.  A group mobility model for ad hoc wireless networks , 1999, MSWiM '99.

[6]  Moti Yung,et al.  Proactive RSA , 1997, CRYPTO.

[7]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[8]  Dan Boneh,et al.  Building intrusion tolerant applications , 1999, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[9]  Bikramjit Singh,et al.  A Multi-Layer IPSEC Protocol , 2000, USENIX Security Symposium.

[10]  Xiaoyan Hong,et al.  C-ICAMA, a centralized intelligent channel assigned multiple access for multi-layer ad-hoc wireless networks with UAVs , 2000, 2000 IEEE Wireless Communications and Networking Conference. Conference Record (Cat. No.00TH8540).

[11]  Charles E. Perkins,et al.  Highly dynamic Destination-Sequenced Distance-Vector routing (DSDV) for mobile computers , 1994, SIGCOMM.

[12]  Berry Schoenmakers,et al.  A Simple Publicly Verifiable Secret Sharing Scheme and Its Application to Electronic , 1999, CRYPTO.

[13]  Bruce Schneier,et al.  Analysis of the SSL 3.0 protocol , 1996 .

[14]  William Stallings,et al.  Cryptography and Network Security: Principles and Practice , 1998 .

[15]  Xiaoyan Hong,et al.  LANMAR: landmark routing for large scale wireless ad hoc networks with group mobility , 2000, 2000 First Annual Workshop on Mobile and Ad Hoc Networking and Computing. MobiHOC (Cat. No.00EX444).

[16]  Zygmunt J. Haas,et al.  Securing ad hoc networks , 1999, IEEE Netw..

[17]  Haiyun Luo,et al.  Ubiquitous and Robust Authentication Services for Ad Hoc Wireless Networks , 2000 .

[18]  I. Niven,et al.  An introduction to the theory of numbers , 1961 .

[19]  Charles E. Perkins,et al.  Performance comparison of two on-demand routing protocols for ad hoc networks , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[20]  Tal Rabin,et al.  A Simplified Approach to Threshold and Proactive RSA , 1998, CRYPTO.

[21]  Hugo Krawczyk,et al.  Proactive Secret Sharing Or: How to Cope With Perpetual Leakage , 1995, CRYPTO.

[22]  Moti Yung,et al.  How to share a function securely , 1994, STOC '94.

[23]  Ran Canetti,et al.  Maintaining Authenticated Communication in the Presence of Break-Ins , 1997, PODC '97.

[24]  Panganamala Ramana Kumar,et al.  RHEINISCH-WESTFÄLISCHE TECHNISCHE HOCHSCHULE AACHEN , 2001 .

[25]  Markus Stadler,et al.  Publicly Verifiable Secret Sharing , 1996, EUROCRYPT.

[26]  Vincent Park,et al.  Temporally-Ordered Routing Algorithm (TORA) Version 1 Functional Specification , 2001 .

[27]  Arjen K. Lenstra,et al.  Selecting Cryptographic Key Sizes , 2000, Journal of Cryptology.

[28]  Moti Yung,et al.  Optimal-resilience proactive public-key cryptosystems , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[29]  Xiaoyan Hong,et al.  LANMAR: landmark routing for large scale wireless ad hoc networks with group mobility , 1988, MobiHoc.

[30]  Robbert van Renesse,et al.  COCA: a secure distributed online certification authority , 2002, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[31]  Armando Fox,et al.  Security on the move: indirect authentication using Kerberos , 1996, MobiCom '96.

[32]  Xiaoyan Hong,et al.  Hierarchical routing for multi-layer ad-hoc wireless networks with UAVs , 2000, MILCOM 2000 Proceedings. 21st Century Military Communications. Architectures and Technologies for Information Superiority (Cat. No.00CH37155).

[33]  Xiaoyan Hong,et al.  UAV aided intelligent routing for ad-hoc wireless network in single-area theater , 2000, 2000 IEEE Wireless Communications and Networking Conference. Conference Record (Cat. No.00TH8540).

[34]  Dan Boneh,et al.  Experimenting with Shared Generation of RSA Keys , 1999, NDSS.

[35]  Yvo Desmedt,et al.  Parallel reliable threshold multisignature , 1992 .

[36]  Xiaoyan Hong,et al.  A wireless hierarchical routing protocol with group mobility , 1999, WCNC. 1999 IEEE Wireless Communications and Networking Conference (Cat. No.99TH8466).

[37]  David A. Maltz,et al.  Dynamic Source Routing in Ad Hoc Wireless Networks , 1994, Mobidata.

[38]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[39]  Victor Shoup,et al.  Practical Threshold Signatures , 2000, EUROCRYPT.

[40]  Moti Yung,et al.  Funkspiel schemes: an alternative to conventional tamper resistance , 2000, CCS.

[41]  Charles E. Perkins,et al.  Ad hoc On-Demand Distance Vector (AODV) Routing , 2001, RFC.

[42]  Jeffrey I. Schiller,et al.  An Authentication Service for Open Network Systems. In , 1998 .

[43]  Matthew K. Franklin,et al.  Efficient generation of shared RSA keys , 2001, JACM.

[44]  Christopher Allen,et al.  The TLS Protocol Version 1.0 , 1999, RFC.

[45]  Xiaoyan Hong,et al.  Landmark routing in large wireless battlefield networks using UAVs , 2001, 2001 MILCOM Proceedings Communications for Network-Centric Operations: Creating the Information Force (Cat. No.01CH37277).

[46]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[47]  Dan Boneh,et al.  TWENTY YEARS OF ATTACKS ON THE RSA CRYPTOSYSTEM , 1999 .