CRVad: Confidential Reasoning and Verification Towards Secure Routing in Ad Hoc Networks
Routing security plays an important role in the security of the entire Mobile Ad hoc Network (MANET). In this paper we discuss the issue of private-preserving verification and detection of active attack and passive attack among the peers in MANET. Due to the variability of MANET, attack detection is difficult and usually needs to expose some private data from each node. Attackers can attempt to rewrite, discard the packets or tamper their own log against the expected security requirement to confidentially forwarding the messages. The routers can be easily attacked because of the lack of checking on the message transmission. In this paper, we present CRVad, a method detecting both active and passive attacks in ad hoc network while preserving the privacy of each node. Without introducing any third party to assist this approach, CRVad can be conducted using the information we already know in the MANET and it can detect attacks of multi-hops. CRVad consists of two phases, a reasoning phase with the known confidential information to infer the expected log information of the peers, and a verification phase using Merkle Hash Tree to verify the derived information without revealing any private information of the router. To show our approach can be used to detect the attacks, we conduct our experiment in NS3, and we report the experimental results on the correctness, and efficiency of our approach.
KeywordsAd hoc networks Private preserving Attack detection Routing security Confidential verification
This work was supported by the Key Program of NSFC-Guangdong Union Foundation (No. U1135002), The Key Program of NSFC (No. U1405255), the National High Technology Research and Development Program (863 Program) of China (No. 2015AA011102, 2015AA011704), the National Natural Science Foundation of China (No. 61303033), and the Aviation Science Foundation of China (No. 2013ZC31003, 20141931001).
- 2.Pirzada, A.A., McDonald, C.: Establishing trust in pure ad-hoc networks. In: Proceedings of the 27th Australasian Conference on Computer Science, vol. 26, pp. 47–54. Australian Computer Society, Inc. (2004)Google Scholar
- 3.Papadimitriou, A., Zhao, M., Haeberlen, A.: Towards privacy-preserving fault detection. In: Proceedings of the 9th Workshop on Hot Topics in Dependable Systems, Article no. 6. ACM (2013)Google Scholar
- 4.Haeberlen, A., Kouznetsov, P., Druschel, P.: Peerreview: practical accountability for distributed systems. In: ACM SIGOPS Operating Systems Review, vol. 41, pp. 175–188. ACM (2007)Google Scholar
- 7.Perkins, C., Belding-Royer, E., Das, S.: Ad hoc on-demand distance vector (AODV) routing. Technical report (2003)Google Scholar
- 8.Johnson, D.B., Maltz, D.A., Hu, Y.C., Jetcheva, J.: The dynamic source routing (DSR) protocol for mobile ad hoc networks. IETF Draft, draft-ietf-manet-dsr-009. txt (2003)Google Scholar
- 9.Yi, S., Naldurg, P., Kravets, R.: Security-aware ad hoc routing for wireless networks. In: Proceedings of the 2nd ACM International Symposium on Mobile Ad Hoc Networking and Computing, pp. 299–302. ACM (2001)Google Scholar
- 11.Haeberlen, A., Avramopoulos, I.C., Rexford, J., Druschel, P.: Netreview: detecting when interdomain routing goes wrong. In: NSDI, pp. 437–452 (2009)Google Scholar
- 12.Zhao, M., Zhou, W., Gurney, A.J., Haeberlen, A., Sherr, M., Loo, B.T.: Private and verifiable interdomain routing decisions. In: Proceedings of the ACM SIGCOMM 2012 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, pp. 383–394. ACM (2012)Google Scholar
- 14.Merkle, R.C.: Protocols for public key cryptosystems. In: null, p. 122. IEEE (1980)Google Scholar