Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

Ad-hoc Network Security: Attacks and Solutions, Study notes of Mobile Computing

Various attacks on ad-hoc networks, including modification attacks using redirection and hop count manipulation, denial of service attacks, impersonation attacks using mac address spoofing, and fabrication attacks using falsified route error messages and routing table overflow. The document also covers solutions to these problems, such as protocol enhancements, secure protocols, and mobile environment types.

Typology: Study notes

2010/2011

Uploaded on 09/04/2011

amit-mohta
amit-mohta 🇮🇳

4.2

(152)

89 documents

1 / 28

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
1
Attacks using modification
Idea:
Malicious node announces better routes
than the other nodes in order to be inserted
in the ad-hoc network
How ?
- Redirection by changing the route
sequence number
- Redirection with modified hop count
- Denial Of Service (DOS) attacks
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c

Partial preview of the text

Download Ad-hoc Network Security: Attacks and Solutions and more Study notes Mobile Computing in PDF only on Docsity!

Attacks using modification

  • (^) Idea:
  • (^) Malicious node announces better routes

than the other nodes in order to be inserted

in the ad-hoc network

  • (^) How?
  • (^) - Redirection by changing the route

sequence number

  • (^) - Redirection with modified hop count
  • (^) - Denial Of Service (DOS) attacks

Attacks using modification

  • (^) Redirection by changing the route sequence number:
    • A wants to communicate with D.
  • Node A will broadcast a message asking the better path to reach the node D.
  • The best path is chosen depending on the metric of the different routes
  • If an intruder replies with the shortest path, it inserts itself in the network Node A Node B Node C Node D

Attacks using modification

  • Redirection with modified hop count:
    • The node C announces to B a path with a metric value of one
    • The intruder announces to B a path with a metric value of one too
    • B decides which path is the best by looking into the hop count value of each route Figure 3. Node A Node B Node C Node D Intruder Metric 1 and 3 hops Metric 1 and 1 hop

Attacks using modification

  • The path with the malicious node is chosen according to the hop count value.
  • The new figure is illustrated below: Node A Node B Node C Node D Intruder

Attacks using modification

  • The following figure illustrates DOS attacks: Node A Node B Intruder I Node C Node D Intruder I decapsulates packets, change the header: A-B-I-C-E Node A sends packets with header: (route cache to reach node E) A-B-I-C-D-E Node C has no direct route with E, also the packets are dropped Node E

Attacks using

impersonation

• Idea :

  • (^) - Usurpates the identity of another node to perform changes
  • (^) How?

• - Spoofing MAC address of other nodes

Attacks using impersonation

  • (^) Forming loops by spoofing MAC address:
  • (^) - Node B changes its path to reach X
  • (^) - Packets will be sent first to node A
  • (^) - Node M moves closer to node D than node B is, and stays out of range of node B
  • (^) - Node M announces node D a shorter path to reach X than the node E gives
  • A B C D E X M

Attacks using

impersonation

  • (^) Forming loops by spoofing MAC address:
  • (^) - Node D changes its path to reach X
  • (^) - Packets will be sent first to node B
  • - X is now unreachable because of the loop formed A B C D E X M

Attacks using fabrication

  • (^) Falsifying route error messages:
  • (^) When a node moves, the closest node sends

“error” message to the others

  • (^) A malicious node can usurp the identity of another node (e.g. By using spoofing) and sends error messages to the others
  • (^) The other nodes update their routing tables with these bad information
  • (^) The “victim” node is isolated

Attacks using fabrication

  • (^) Corrupting routing state:
    • (^) In DSR, routes can be learned from promiscuously received packets
    • (^) A node should add the routing information contained in each packet’s header it overhears
    • (^) A hacker can easily broadcast a message with a spoofed IP address such as the other nodes add this new route to reach a special node S
    • (^) It’s the malicious node which will receive the packets intended to S.

Attacks using fabrication

  • (^) Replay attack:
    • (^) A hacker sends old advertisements to a node
    • (^) The node updates its routing table with stale routes
  • (^) Black hole attack:
    • (^) A hacker advertises a zero metric route for all destinations
    • (^) All the nodes around it will route packets towards it

Solutions to problems in ad-hoc Solutions to problems in ad-hoc routing routing

1. Mobile environment types A) Open

  • (^) No static infrastructure
  • (^) Nodes of various types
  • (^) Completely unknown structure
  • (^) Key issue: network throughput B) Managed open
  • (^) Can use existing infrastructure certificate servers, access points etc.
  • (^) Key issue: various depending on system accessed
  • (^) Increasing in usage as mobile devices become more popular C) Managed hostile
  • (^) Classic ad-hoc networks
  • (^) Key issue: confidentiality and security
  • (^) War/disaster areas

SAR overview

  • (^) Symmetric key encryption
  • (^) Only use routing paths having required trust level
  • (^) Shared symmetric keys for each trust level – use existing infrastructure for CA and key distribution
  • (^) Requires managed open environment SAR evaluation
  • (^) Pros: Secure as long as CA not compromised Network infrastructure not exposed (all packets encrypted)
  • (^) Cons: Excessive power consumption (enc/dec) Misbehaving nodes not prevented

SRP

Overview

  • (^) Based on a security association (SA) between the

destination and source node (set up during key

exchange)

  • (^) Public key encryption
  • (^) Routing path sent unencrypted with each packet
  • (^) Requires existing CA – managed open

environment

SRP evaluation

  • (^) Pros:

Secure as far as confidentiality goes

Less processing overhead than SAR (only at endpoints)

  • (^) Cons:

Exposes network infrastructure (unenc. routing path)

Susceptible to “Invisible Node” attack