Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

Using Directional Antennas to Prevent Wormhole Attacks Stephen Thomas Computer Science

advertisement 
Computer Science
Using Directional Antennas to Prevent
Wormhole Attacks
Stephen Thomas
Acknowledgement: Portions of this presentation have been donated by
Dr. David Evans
Situation: Ad Hoc Beacon Routing
1
0
2
3
Nodes select parents
based on minimum
hops to base station
Computer Science
4
Wormhole Attack
B
A
C
D
S
Y
X
Attacker needs a transceivers at two locations in the network, connected by a low
latency link
Attacker replays (selectively) packets heard at one location at the other location
Computer Science
Wormhole Attack on Beacon Routing
1
0
2
2
1
0
X
Wormhole attack disrupts
network without needing
to break any cryptography!
Computer Science
Y
Possible Solutions
• Packet Leashes [Hu, Perrig, Johnson 2003]
– Requires tightly synchronized clocks (temporal
leashes) or precise location information
(geographic leashes)
– Signal is transmitted at speed of light
– Calculate if packet could travel distance between
nodes in packet lifetime
• Packet Arrival Direction
Computer Science
Directional Antennas
3
2
4
1
5
Directional
Transmission
from Zone 4
Computer Science
North
6
Aligned to
magnetic North,
so zone 1 always
faces East
Omnidirectional Transmission
General benefits: power saving, less collisions
Assumptions
• Legitimate nodes can establish secure node-node links
– All critical messages are encrypted
• Network is fairly dense
• Nodes are stationary
• Most links are bidirectional (unidirectional links
cannot be established)
• Transmissions are perfect wedges
• Nodes are aligned perfectly (relaxed in paper)
Computer Science
Directional Neighbor Discovery
3
2
B
4
A
5
1. A  Region
2. B  A
3. A  B
1
6
zone (B, A) = 4
is the antenna
zone in which
B hears A
HELLO | IDA
Sent by all antenna elements (sweeping)
IDB | EKBA (IDA | R | zone (B, A))
Sent by zone (B, A) element, R is nonce
R
Checks zone is opposite, sent by zone (A, B)
Computer Science
Not Detecting False Neighbors
3
2
4
1
5
A
X
zone (A, B [X]) = 1
Y
B
zone (B, A[Y]) = 4
Undetected False Neighbor:
zone (A, B) = opposite of zone (B, A)
Directional neighbor discovery prevents 1/6 of
false direct links…but doesn’t prevent disruption
Computer Science
6
Verified Neighbor Discovery
V
A
1. A  Region
2. B A
3. A  B
5. IDV | EKBV (IDA | zone (V, B))
B 4. INQUIRY | IDB | IDA | zone (B, A)
Announcement, done through sequential sweeping
Include nonce and zone information in the message
Check zone information and send back the nonce
4. B  Region
5. V  B
6. B  A
Same as
before
Request for verifier to validate A
If V is a valid verifier, sends confirmation
Accept A as its neighbor and notify A
Computer Science
Verifier Analysis
3
3v
2
1
4
X
A
5
6
Region 1
4
2
B
1
Y
5
6
Region 2
Wormhole cannot trick a valid verifier:
zone (V, A [Y]) = 5
Not opposites: verification fails
zone (A, V [X]) = 1
Computer Science
Worawannotai Attack
v
3
3
2
2
B
4
5
1
X
A
6
Region 1
5
6
Region 2
Computer Science
V hears
A and B directly
A and B hear
V directly
But, A and B
hear each other
only through
repeated X
Preventing Attack
1. zone (B, A)  zone (B, V)
2. zone (B, A)  zone (V, A)
3. zone (B, V) cannot be both adjacent to zone (B, A)
and adjacent to zone (V, A)
Computer Science
Connectivity and Routing
10
Network with density = 10
9
Average Path Length
8
7
Strict Protocol
Verified protocol:
0.5% links are lost
no nodes disconnected
Strict protocol:
40% links are lost
0.03% nodes disconnected
20% path increase from verified
6
Verified Protocol
5
4
Trust All
3
2
1
0
4
6
8
10
12
14
16
Omnidirectional Node Density
Computer Science
18
20
Vulnerabilities
• Attacker with multiple wormhole endpoints
– Can create packets coming from different
directions to appear neighborly
• Magnet Attacks
– Protocol depends on compass alignment of nodes
• Antenna, orientation inaccuracies
– Real transmissions are not perfect wedges
Computer Science
Conclusion
• An attacker with few resources and no crypto
keys can substantially disrupt a network with a
wormhole attack
• If you know your neighbors, can detect
wormhole
• Need to cooperate with your neighbors to
know who your legitimate neighbors are
Computer Science
Future Work
• Analysis of protocol vulnerabilities to other
attacks
– Magnet for disruption (not pertaining to wormhole
attacks)
– Flipping nodes to disorient north from south
• Expand protocol to handle dynamic ad hoc
networks
Computer Science
Thank you!
Questions?
Computer Science
Related documents
Abstract This paper describes the fundamental properties of
Abstract This paper describes the fundamental properties of
Using Directional Antennas to Prevent Wormhole Attacks Presented by: Juan Du
Using Directional Antennas to Prevent Wormhole Attacks Presented by: Juan Du
Civil and Architectural Engineering Nooriya AL Bulushi
Civil and Architectural Engineering Nooriya AL Bulushi
Document13378200 13378200
Document13378200 13378200
Using Directional Antennas to Prevent Wormhole Attacks Lingxuan Hu David Evans
Using Directional Antennas to Prevent Wormhole Attacks Lingxuan Hu David Evans
Some sentences from you Informatics Corpus
Some sentences from you Informatics Corpus
Wormhole attack in w..
Wormhole attack in w..
Sample Paper
Sample Paper
Deepak_Abstract
Deepak_Abstract
Discovery and Verification of Neighbor Positions in Mobile Ad Hoc
Discovery and Verification of Neighbor Positions in Mobile Ad Hoc
Full-Text - IJETR - International Journal of Emerging Technology
Full-Text - IJETR - International Journal of Emerging Technology
Download
advertisement