Advertisement

Resisting Malicious Packet Dropping in Wireless Ad Hoc Networks

  • Mike Just
  • Evangelos Kranakis
  • Tao Wan
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2865)

Abstract

Most of the routing protocols in wireless ad hoc networks, such as DSR, assume nodes are trustworthy and cooperative. This assumption renders wireless ad hoc networks vulnerable to various types of Denial of Service (DoS) attacks. We present a distributed probing technique to detect and mitigate one type of DoS attacks, namely malicious packet dropping, in wireless ad hoc networks. A malicious node can promise to forward packets but in fact fails to do so. In our distributed probing technique, every node in the network will probe the other nodes periodically to detect if any of them fail to perform the forwarding function. Subsequently, node state information can be utilized by the routing protocol to bypass those malicious nodes. Our experiments show that in a moderately changing network, the probing technique can detect most of the malicious nodes with a relatively low false positive rate. The packet delivery rate in the network can also be increased accordingly.

Keywords

Security Denial of Service (DoS) Wireless Ad Hoc Networks Distributed Probing Secure Routing Protocols 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    ANSI/IEEE std 802.11. Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specification (1999)Google Scholar
  2. 2.
    Awerbuch, B., Holmer, D., Nita-Rotaru, C., Rubens, H.: An On-Demand Secure Routing Protocol Resilient to Byzantine Failures. In: ACM Workshop on Wireless Security (WiSe) (September 2002)Google Scholar
  3. 3.
    Bellovin, S.M., Leech, M., Taylor, T.: ICMP Traceback Messages. Internet draft: draftietf- itrace-03.txt (January 2003)Google Scholar
  4. 4.
    Bradley, K.A., Cheung, S., Puketza, N., Mukherjee, B., Olsson, R.A.: Detecting Disruptive Routers: A Distributed Network Monitoring Approach. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, May 1998, pp. 115–124 (1998)Google Scholar
  5. 5.
    Buchegger, S., Le Boudec, J.Y.: Performance Analysis of the CONFIDANT Protocol (Cooperation Of Nodes - Fairness In Dynamic Ad-hoc NeTworks). In: Proceedings of the Third ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc 2002) (June 2002)Google Scholar
  6. 6.
    Burch, H., Cheswich, H.: Tracing anonymous packets to their approximate source. In: Proceedings of USENIX LISA, New Orleans, LA, December 2002, pp. 319–327 (2002)Google Scholar
  7. 7.
    Cheung, S.: An Efficient Message Authentication Scheme for Link State Routing. In: Proceedings of the 13th Annual Computer Security Applications Conference, San Diego, California, USA (December 1997)Google Scholar
  8. 8.
    Cheung, S., Levitt, K.: Protecting routing infrastructure from denial of service using cooperative intrusion detection. In: Proceedings of New Security Paradigms Workshop, Great Langdale, Cumbria, UK (September 1997)Google Scholar
  9. 9.
    Crow, B.P., Widjaja, I.K., Jeong, G., Sakai, P.T.: IEEE 802.11 Wireless Local Area Networks. IEEE Communications Magazine 35(9), 116–126 (1997)CrossRefGoogle Scholar
  10. 10.
    Habib, A., Hefeeda, M., Bhargava, B.: Detecting Service Violations and DoS Attacks. In: Proceedings of 2003 Internet Society Symposium on Network and Distributed System Security (NDSS 2003), San Diego, California, USA (February 2003)Google Scholar
  11. 11.
    Hu, Y.C., Johnson, D.B.: Caching Strategies in On-Demand Routing Protocols for Wireless Ad Hoc Networks. In: Proceedings of the Sixth Annual IEEE/ACM International Conference on Mobile Computing and Networking (MobiCom 2000), August 2000, pp. 231–242 (2000)Google Scholar
  12. 12.
    Hu, Y.C., Perrig, A., Johnson, D.B.: Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks. In: Proceedings of the Eighth ACM International Conference on Mobile Computing and Networking (MobiCom 2002), September 23-28 (2002)Google Scholar
  13. 13.
    Hu, Y.C., Johnson, D.B., Perrig, A.: Secure Efficient Distance Vector Routing Protocol in Mobile wireless Ad Hoc Networks. In: Proceedings of the Fourth IEEE Workshop on Mobile Computing Systems and Applications (WMCSA 2002) (June 2002)Google Scholar
  14. 14.
    Hu, Y.C., Perrig, A., Johnson, D.B.: Efficient Security Mechanisms for Routing Protocols. In: Proceedings of 2003 Internet Society Symposium on Network and Distributed System Security (NDSS 2003), San Diego, California, USA (February 2003)Google Scholar
  15. 15.
    Johnson, D., Maltz, D.A.: Dynamic Source Routing in Ad Hoc Wireless Networks. In: Mobile Computing,  ch. 5, pp. 153–181. Kluwer Academic Publishers, Dordrecht (1996)CrossRefGoogle Scholar
  16. 16.
    Johnson, D., Maltz, D.A., Hu, Y.C., Jetcheva, J.G.: The Dynamic Source Routing Protocol for Mobile Ad Hoc Networks (Internet-Draft). Mobile Ad-hoc Network (MANET) Working Group, IETF (February 2002)Google Scholar
  17. 17.
    Jones, G.M.: The Case for Network Infrastructure Security. logon: The Magazine of USENIX and SAGE 27(6), 25–29 (2002)Google Scholar
  18. 18.
    Fall, K., Varadhan, K. (eds.): The ns Manual (formerly ns Notes and Documentation), April 14 (2002), http://www.isi.edu/nsnam/ns/doc/index.html
  19. 19.
    Marti, S., Giuli, T.J., Lai, K., Baker, M.: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks. In: Proceedings of the Sixth Annual ACM/IEEE International Conference on Mobile Computing and Networking (MOBICOM 2000) (August 2000)Google Scholar
  20. 20.
    Padmanabhan, V.N., Simon, D.R.: Secure Traceroute to Detect Faulty or Malicious Routing. In: ACM SIGCOMM Workshop on Hot Topic in Networks (HotNets-I) (October 2002)Google Scholar
  21. 21.
    Perkins, C.E., Royer, E.M., Das, S.R.: Ad Hoc On Demand Distance Vector (AODV) Routing (Internet-Draft) (June 2002)Google Scholar
  22. 22.
    Perlman, R.: Network Layer Protocols with Byzantine Robustness. PhD thesis, Massachusetts Institute of Technology (August 1988)Google Scholar
  23. 23.
    Roughgarden, T.: Selfish Routing. PhD thesis, Cornell University (May 2002)Google Scholar
  24. 24.
    Smith, B.R., Garcia-Luna-Aceves, J.J.: Securing the Border Gateway Routing Protocol. In: Proceedings of Global Internet 1996, London, UK (November 1996)Google Scholar
  25. 25.
    Smith, B.R., Murthy, S., Garcia-Luna-Aceves, J.J.: Securing Distance-Vector Routing Protocols. In: Proceedings of 1997 Internet Society Symposium on Network and Distributed System Security (NDSS 1997), San Diego, California, USA (February 1997)Google Scholar
  26. 26.
    Zapata, M.G., Asokan, N.: Securing Ad Hoc Routing Protocols. In: Proceedings of the ACM Workshop on Wireless Security (WiSe 2002) (September 2002)Google Scholar
  27. 27.
    Zhang, K.: Efficient Protocols for Signing Routing Messages. In: Proceedings of 1997 Internet Society Symposium on Network and Distributed System Security (NDSS 1998), San Diego, California, USA (March 1998)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Mike Just
    • 1
  • Evangelos Kranakis
    • 2
  • Tao Wan
    • 2
  1. 1.Treasury Board of Canada, SecretariatOttawaCanada
  2. 2.School of Computer ScienceCarleton UniversityOttawaCanada

Personalised recommendations