Secure Routing and Intrusion Detection in Ad -Hoc Network

Document Sample
Secure Routing and Intrusion Detection in Ad -Hoc Network Powered By Docstoc
					Secure communication in cellular
    and ad hoc environments

               Bharat Bhargava
      Department of Computer Sciences,
              Purdue University
This is supported by Motorola Communication
Research Lab & National Science Foundation
Team at Motorola:
      Jeff Bonta
      George Calcev
      Benetido Fouseca
      Trefor Delve

Team at Purdue University:
      X. Wu         Research scientist (receives his
                    PhD from UC-Davis)
      Y. Lu         PhD student
      G. Ding       PhD student
      W. Wang       PhD student
      Problem statement

How to provide secure, continuous,
and efficient connectivity for a
mobile unit in a structured (cellular
based) or unstructured (ad hoc)
network environment?

• Dynamic topology
  – Movement, node failure, etc.
• Heterogeneous and decentralized control
• Limited resources
  – Bandwidth, processing ability, energy
• Unfriendly environment
  – Selfish nodes, malicious attackers

          Research contributions
• Combining advantages of cellular systems and ad
  hoc networks to enable a more secure network
  structure and better performance
• Designing routing protocols for ad hoc networks
  that adapt to both network topology and traffic
• Designing intruder identification protocols in ad
  hoc networks
• Conducting experimental studies in heterogeneous
  wireless environments and evaluating our protocols
         Research directions
• Cellular-aided Mobile Ad Hoc Network
• Adaptive and Heterogeneous Mobile
  Wireless Networks
• Intruder Identification in Ad Hoc Networks

Cellular-aided Mobile Ad
 Hoc Network (CAMA)
         CAMA: Problem Statement
  How to realize commercial peer-to-peer
  applications over mobile wireless ad hoc

  “Integrating Heterogeneous Wireless
  Technologies: Cellular-Aided Mobile Wireless Ad
  hoc Networks (CAMA)”, submitted to ACM Special
  Issues of the Journal on Special Topics in Mobile
  Networking and Applicaitons (MONET).
• Authentication and accounting
  – No fixed membership
• Security concern
  – Open medium without any centralized control
• Real time services
  – Dynamic topology and slow routing
    information distribution

        Current Environment
Cellular network provides:
• Wide coverage
• Multiple services with single cellular ID
• Small packet service in 3G network
• Wireless terminals with different protocols

         CAMA Description
• Integration of cellular network and ad hoc
• CAMA agent works as centralized server
  attached to the cellular network
• CAMA agent provides ad hoc nodes
  information such as authentication, routing
  support, keys through cellular channel
• Data transmission uses ad hoc channel
CAMA Environment

               Major Ideas
• Use signals via cellular network for ad hoc
  routing and security managements
• Centralized CAMA agent provides control
  over distributed ad hoc network

    CAMA vs. ad hoc network
CAMA has advantages over pure ad hoc
networks in:
• Simple network authentication and
• Routing server for more accurate routing
• Certification authority for key distribution
• Central security check point for intrusion
    CAMA vs. cellular/WLAN
CAMA has advantages over cellular/WLAN
integrated network in:
• No extra fixed infrastructure
  – No access point needed
• No ad hoc channel radio coverage limit
  – Multi-hop ad hoc link
• No transmission bottleneck
  – Not all traffic need going through a single node
• Cellular service combined with low-cost,
  high-data-rate wireless service

           Research Questions
• Feasibilities in commercial applications
  – Development of routing algorithm and
    protocols for multimedia service
  – Investigation of CAMA vulnerabilities
  – Development of security protocols for key
    distribution and intrusion detection
  – Evaluation of gain in ad hoc network
  – Evaluation of overhead in cellular network
      Methodology of Research
• Building algorithms and protocols
• Developing bench marks and performance metrics
  on multi-media service
• Conducting experimental studies
   – Using ns-2
   – Using common platform simulator from Motorola Inc.
• Comparing with ad hoc routing protocols
   – Ad hoc on-demand distance vector routing (AODV)
   – Destination source routing (DSR)

 Research of Interest to Motorola
• Evaluating CAMA routing in realistic simulation
   – Radio environment
      • Adaptive data rate determined by signal-noise-ratio (SNR)
   – Node mobility
      • Exponentially distributed speed
   – Node density
      • 400 users/ to 14800 users/
   – Traffic pattern
      • VoIP, TCP, Video
   – Inaccurate position information
      • Error of 5m to 100m

 Research of Interest to Motorola (ctn.)

• Authentication
  – By CAMA agent
  – By mobile nodes
• Accounting
  – Charging rate
  – Award to intermediate nodes

 Research of Interest to Motorola (ctn.)

• Key assignment
  – Group key assignment
    • For entire ad hoc network
    • For nodes along an active route
  – Session key assignment
    • For peer-to-peer communication

 Research of Interest to Motorola (ctn.)

• Intrusion detection
  – Information collection
     • Information for different intrusions
  – Malicious judging rule
     • Quick malicious node elimination vs. probability of
       wrong judgment
     • Detection cost vs. gain

Adaptive and Heterogeneous
 Mobile Wireless Networks
                   Problem statement
   How to provide continuous connectivity for
   a mobile unit to a network in which every
   node is moving?
  “Secure Wireless Network with Movable Base Stations”, being
  revised for IEICE/IEEE Joint Special Issue on Assurance
  Systems and Networks.
  “Study of Distance Vector Routing Protocols for Mobile Ad
  Hoc Networks”, in Proceedings of IEEE International
  Conference on Pervasive Computing and Communications
  (PerCom), 2003.
• Dynamic topology
  – Movement, node failure, energy problem, etc.

• Decentralized control

• Limited bandwidth
  – Congestion is typically the norm rather than the
    exception. [RFC 2501]

       Research contributions
• Routing protocols for mobile ad hoc
  networks that adapt to not only network
  topology, but also traffic and congestion.

• Architecture, design of protocols, and
  experimental evaluation in heterogeneous
  wireless environments

            Broad impacts
• Sensor networks

• Military networks

    Two network environments
• Mobile ad hoc networks
  – No centralized control
• Large scale heterogeneous wireless
  networks with control in base stations
  – Wireless networks with movable base stations

  Research questions in mobile ad
          hoc networks
• Development of ad hoc routing protocols that adapt
  to traffic load and network congestion.
   – Identify the network parameters that impact the
     performance of routing protocols.
   – Determine the appropriateness of on-demand and
     proactive approaches (given specific routing requirements
     and network parameters).
   – Identify features of ad hoc networks that can be used to
     improve routing.

       Related work (routing protocol)
• Destination-Sequenced Distance Vector (DSDV) [Perkins/Bhagwat,
  SigComm’94] (Nokia)
• Ad-hoc On-demand Distance Vector (AODV) [Perkins/Royer/Das,
  WMCSA’99, IETF draft 98-03] (Nokia, UCSB, SUNY-Stony Brook)
• Dynamic Source Routing (DSR) [Johnson/Maltz, Mobile Computing’96,
  IETF draft 03] (Rice Univ., CMU)
• Zone Routing Protocol (ZRP) [Haas/Pearlman/Samar, ICUPC’97, IETF draft
  99-02] (Cornell)
• Adaptive Distance Vector (ADV) [Boppana/Konduru, InfoCom’01] (UT-
  San Antonio)
• Source-Tree Adaptive Routing (STAR) [Garcia-Luna-Aceves/Spohn,
  MONET’01] (UCSC, Nokia)
• Associativity-Based Routing (ABR) [Toh, Wireless Personal
  Communications Journal’97] (Cambridge Univ.)
• Ad-hoc On-demand Multipath Distance Vector (AOMDV) [Marina/Das,
  ICNP’01] (Univ. of Cincinnati)
           Related work (cont’d)
Protocol   Approach    Routing information   Additional
                       uses                  information
DSDV       Proactive   Distance Vector
DSR        On-demand   Source routing
AODV       On-demand   Distance Vector
ZRP        Hybrid      Distance Vector
ADV        Hybrid      Distance Vector
STAR       Proactive   Link State
ABR        On-demand   Distance Vector       Associativity
AOMDV      On-demand   Distance Vector       Multipath
     Related work (performance
• Comparison of DSDV, TORA, AODV and DSR
  MobiCom’98] (CMU)
• Scenario-based performance analysis of DSDV,
  AODV, and DSR
  rk, MobiCom’99] (Ericsson)
• Performance comparison of AODV and DSR
  [Perkins/Royer/Das/Marine, IEEE Personal
     Methodology of research
• Developing benchmarks and performance
  metrics for routing protocols
• Conducting experimental studies
  – Determine guidelines for design
  – Evaluate protocols
• Building algorithms and protocols

          Ongoing research
• Study of proactive and on-demand
• Congestion-aware distance vector routing
• Packet loss study

            Research study
• Investigate the proactive and on-demand approaches
   – Generalize the results obtained from protocols to the
     proactive and on-demand approaches
   – Introduce power consumption as a performance metric
   – Inject heavy traffic load
   – Identify the major causes for packet drop
   – Comprehensively study in various network environments
• Propose a congestion-aware routing protocol

       Simulation experiments
• DSDV and AODV are studied by varying
  network environment parameters
  – Node mobility (maximum moving speed)
  – Traffic load (number of connections)
  – Network size (number of mobile nodes)
• Performance metrics
  –   Packet delivery ratio
  –   Average end-to-end delay
  –   Normalized protocol overhead
  –   Normalized power consumption
               Simulation setup for
Simulator                          ns-2
Examined protocols           DSDV and AODV
Simulation duration            1000 seconds
Simulation area              1000 m x 1000 m
Transmission range                250 m
Movement model               Random waypoint
Maximum speed                   4 – 24 m/s
Traffic type                   CBR (UDP)
Data payload                 512 bytes/packet
Packet rate                    4 packets/sec
Node pause time                 10 seconds
Bandwidth                         1 Mb/s

  Motivation for a new proactive protocol

• The proactive protocols provide better support
  – Applications requiring QoS
     • Timely propagate network conditions
  – Intrusion and anomaly detection
     • Constantly exchange the network topology information
• The proactive approach exhibits better
  scalability with respect to the number of
  mobile nodes and traffic load.
   Proposed protocol: Congestion Aware
        Distance Vector (CADV)
• Problem with the proactive approach
   – Congestion
• Objective:
   – Dynamically detect congestion and route packets through less-
     crowded paths
• Method:
   – Characterize congestion and traffic load by using expected delay.
   – Consider expected delay at the next hop as the secondary metric
     to make routing decisions.
   – Allow a one-hop longer route to be chosen.
   – Use destination sequence number to avoid loop.

                          Design issues

• Use MAC layer callback to detect broken link
   – Quick detection
   – More triggered updates
   – Whether re-queue a packet
• Allowing a one-hop longer route
   – A one-hop shorter route may not replace the current one if it
     introduces significantly more delay.
   – To avoid short-lived loop, do not replace the current route with a
     longer one if they have the same sequence number.
• Deal with fluctuation
   – Use randomness in routing decisions to reduce fluctuation

• Components:
   – Real time traffic monitor
   – Traffic control
   – Route maintenance module
• Route update:
   – When broadcasts an update, every node advertises the expected
     delay of sending a packet as:

                    E[ D ] 
                             D     i
• Route maintenance
   – Apply a function f(E[D], distance) to evaluate the value of a route

        Observations of CADV
• CADV outperforms AODV and DSDV in terms
  of delivery ratio
• The end-to-end delay becomes longer because
  longer routers may be chosen to forward packets
• The protocol overhead of CADV is doubled
  compared with that of DSDV. It is still less than
  that of AODV when the network is loaded
• CADV consumes less power per delivered packet
  than DSDV and AODV do

Characteristics of wireless networks with
         movable base stations
•   Large scale
•   Heterogeneity
•   Autonomous sub-nets
•   Base stations have more resources
•   Base stations take more responsibilities

             Research questions
• How to organize the network?
   – Minimize the effect of motion
   – Minimize the involvement of mobile host
• How to build routing protocol?
   – IP-compliant
   – Cooperate with various intra-subnet routing protocols
• How to secure communications?
   – Authenticate
   – Maintain authentication when a host is roaming

                       Related work
• Integrating ad hoc and cellular
   – Mobile-Assisted Connection-Admission (MACA)
     [Wu/Mukherjee/Chan, GlobeCom’00] (UC-Davis)
   – Integrated Cellular and Ad-hoc Relaying (iCAR)
     [Wu/Qiao/De/Tonguz, JSAC’01] (SUNY-Buffalo)
   – Multihop Cellular Networks (MCN) [Lin/Hsu, InfoCom’00] (Taiwan)
• Mobile base station
   – Distributed, dynamic channel allocation [Nesargi/Prakash, IEEE
     Transactions on Vehicular Technology’02] (UT-Dallas)
• Hierarchical structure
   – Multimedia support for Mobile Wireless Networks (MMWN)
     [Ramanathan/Steenstrup, MONET’98] (BBN Technologies)
   – Clustering scheme for hierarchical control in multi-hop wireless
     networks [Banerjee/Khuller, InfoCom’01] (UMD)

     Methodology of research
• Building architecture, developing
  algorithms and protocols
  – Membership management
  – Inter-subnet routing
  – Intra- and inter-subnet authentication
• Evaluation through experiments

           Research results
• Hierarchical mobile wireless network
  – Hierarchical membership management scheme
  – Segmented membership-based group routing
  – Protection of network infrastructure
  – Secure roaming and fault-tolerant

         Future research plan
• Develop congestion avoidance routing
  protocol for ad hoc networks.
• Conduct experiments to study the effect of
  implementing congestion avoidance at
  different layers.
• Conduct a series of experiments to evaluate