Document Sample

Detecting MAC Layer Back-off Timer Violations in Mobile Ad Hoc Networks Venkata Nishanth Lolla, Lap Kong Law, Srikanth V. Krishnamurthy, Chinya Ravishankar, and Dharmaiah Manjunath Dept. of Computer Science & Engineering, UC Riverside Dept. of Electrical Engineering, Indian Institute of Technology - Mumbai ICDCS 2006 Problem • Malicious nodes can cause a denial of service attack by simply manipulating the back-off timers prior to a transmission. – By not adhering to the IEEE 802.11 standard. – By choosing a small/constant back-off interval prior to a transmission. • Consequences: – Misbehaving nodes can gain an unfair advantage by acquiring the wireless channel more often. – Causing bandwidth starvation of the well-behaved nodes. Motivation • The lack of centralized arbiter (such as an access point) makes it hard to detect timer violations. • Can we design a distributed framework to – discourage such attacks and, – detect such attacks and identify the misbehaving attackers? Contributions • We propose a combination of deterministic and statistical methods that facilitate our objectives. • Only involve minor changes to the 802.11 standard. • Our performance evaluations shows that with our methods, it is possible to detect a malicious node with a probability close to one. • Furthermore, the probability of false alarms (wrongly classifying a node as a misbehaving node) is lower than 1%. Roadmap • The System Model • Our Proposed Framework • Simulation Results • Conclusions System Model • Using Verifiable Back-off timers – Use a deterministic/known sequence of back-off values that each node has to follow. – Each node announces the state of its pseudo-random sequence generator in the RTS messages. • Each node is aware of the back-off timers used by its neighbors. • Making Sense of the Uncertainty in System State – Due to the interference effects, a node may not be able to deterministically ascertain the legitimacy of the back-off patterns of a neighbor. – Therefore, it estimates the probability of the neighbor’s misbehavior statistically based on observed patterns. Estimating the system state of neighbors • Goal: To allow a monitoring node to estimate the back-off timers used by its neighbors. • Example: Let’s node R be monitoring node S – R wants to determine if S is misbehaving -- how? – R will estimate the system state of S and compare it with the value announced by S. • System state: The number of idle (I) / busy (B) slots of the monitored node (i.e., node S) in a period of N observed slots. • R can approximately estimate the number of idle (Iest) and busy (Best) slots observed by S: Prob(S senses idle | R senses idle) Prob(S senses idle | R senses busy) Determining PI/I and PI/B analytically Node R is monitoring node S n nodes Sx: sensing range of node x Tx: transmission range of node x k nodes • Assumptions: – Only the interference effects within a two-hop neighborhood are considered. – Nodes are uniformly distributed. – The steady state load experienced by all nodes within the two hops radius are identical. (Due to the fairly large interference radius) – Node is aware of the position of its neighbors. • The areas of A2, A3, A4 and A5 can be easily computed. • The area A1 can be estimated by assuming a minimum overlap between SS and SR. Determining PI/I • Deriving PB/I : Prob(S senses busy | R senses idle) – For R to sense idle n nodes • No transmission can occur in A3, A4 and A5 • However, transmissions can occur in A1 A2 k nodes – For S to sense busy • Transmissions can only occur in A2 Probability that the transmission occurs in A2. Probability that at least one node transmits in A1 A2. Determining PI/B • Deriving PI/B: Prob(S senses idle | R senses busy) – For S to sense idle n nodes • No transmission can occur in A2, A3 and A4 • However, transmissions can occur in A1 and A5 k nodes – For R to sense busy • Transmissions can only occur in A5 Probability that transmissions occur in A5. Probability that S senses the channel to be idle. Our proposed framework Let us call the node being monitored the tagged node. Overview of the approach: • The monitoring node obtains the pseudo-random sequence generator announced by the tagged node. • The monitoring node can compare the expected back-off times of the tagged node and the announced back-off times. • In some cases, the monitoring node cannot deterministically determine if the tagged node is misbehaving (due to interference). • Therefore, the monitoring node uses a hypothesis test (Wilcoxon rank sum test) based on the estimation of PI/I and PI/B, to determine if the tagged node is misbehaving. Details of the proposed framework • The seed of the pseudo-random number generator (PRNG) – The MAC address of the node. • Simple modification to the RTS message – SeqOff#: The offset to the PRNG. Increment by one upon each transmission. – Attempt#: The number of retransmission attempts. – MD: The message digest of the DATA packet. To prevent nodes from cheating on the Attempt#. • The wilcoxon rank sum test – Two populations: “x” be the sequential population of the dictated sequence of the back-off timers; “y” be the sequential population of the estimated sequence of the back-off timers. – Use the rank sum test to compute the significance probability p of the two populations. – If p is small, the tagged node is likely to be malicious. Simulation Set up • NS-2 simulator with extension of our framework. • Shadow channel fading model is considered. • Poisson and CBR traffic. • Grid and Random topologies. • Static and Mobility scenarios. • Parameters of interest: – Traffic intensity – Percentage of Misbehavior (PM) • Metrics of interest: – Probability of correct diagnosis. Analysis v.s. Simulation: on PI/B and PB/I • Two scenarios: – Grid topology with Poisson traffic – Random topology with CBR traffic • Monitoring and tagged nodes are one-hop away and are placed at the center Poisson traffic, Grid topology of the simulation area. • All nodes are well behaved. • The analysis results match with the simulation results. – Justify the assumptions that we made earlier CBR traffic, Random topology Probability of correct diagnosis Static grid topology With mobility • Percentage of misbehavior (PM) of m% means a malicious node transmits a packet after counting down to (100-m)% of the dictated back-off value. • The probability of detecting misbehavior is close to one when the PM is large and the sample size is large. • In scenario with mobility, a larger number samples is required for convergence as compared to the case with no mobility. Probability of misdiagnosis Static grid scenario Mobility scenario, Load=0.6 • The misdiagnosis probability is very low (<0.01) even when the sample size is 10. • The misdiagnosis probability decreases drastically when the sample size is increased. • With smaller load, the misdiagnosis probability is usually higher. This is because a longer time is needed to detect misbehavior. Conclusions • In this work, we focus on the problem of detecting back- off timer violations with the IEEE 802.11 MAC. • We propose a framework that is based on a combination of deterministic and statistical methods to discern timer violations by neighboring nodes. • Our extensive simulations show that our protocol can provide accurate assessments of the node misbehavior within short periods and with extremely low probability of false alarms.

DOCUMENT INFO

Shared By:

Categories:

Tags:
PowerPoint Presentation, Study Region, the meeting, how to, draft proposal, Stakeholder Group, the Committee, North Central, Central Coast, Master Plan

Stats:

views: | 4 |

posted: | 7/15/2011 |

language: | English |

pages: | 17 |

OTHER DOCS BY wulinqing

How are you planning on using Docstoc?
BUSINESS
PERSONAL

By registering with docstoc.com you agree to our
privacy policy and
terms of service, and to receive content and offer notifications.

Docstoc is the premier online destination to start and grow small businesses. It hosts the best quality and widest selection of professional documents (over 20 million) and resources including expert videos, articles and productivity tools to make every small business better.

Search or Browse for any specific document or resource you need for your business. Or explore our curated resources for Starting a Business, Growing a Business or for Professional Development.

Feel free to Contact Us with any questions you might have.