Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks

advertisement
Mitigating Routing Misbehavior in Mobile
Ad-Hoc Networks
Reference: “Mitigating Routing Misbehavior in Mobile Ad Hoc Networks”, Sergio Marti, T.J.
Giuli, Kevin Lai, and Mary Baker, MobiCom 2000.
Overview



Introduction
Node misbehavior on routing
Proposed approach from the paper




Watchdog
Pathrater
Simulation results
Conclusion & comments
Ad-Hoc Network

A collection of wireless mobile hosts forming a
temporary network without the aid of any
established infrastructure or centralized
administration.




Lack of infrastructure
Distributed peer-to-peer mode of operations
Multi-hop Routing
Applications


Military communication
Rescue missions in times of natural disasters
Vulnerabilities




Vulnerabilities of wireless links
Changing topology
Absence of infrastructure
Nodes may be physically controlled by the
attacker
Research areas in security






Key establishment
Secure routing
Selfishness
Intrusion Detection
Secure sensor networks
Lightweight cryptographic protocols
Node Misbehavior



Ad hoc networks maximize total network
throughput by using all available nodes for
routing and forwarding.
A node may misbehave by agreeing to forward
the packet and then failing to do so due to
overloaded, selfish, malicious or broken
Misbehaving nodes can be a significant problem
Contemporary Solutions

Forward packets only through nodes that share
a prior trust relationship.




Require key distribution
Trust nodes can still be overloaded, broken or
compromised
Untrusted nodes may be well behaved
Isolate the misbehaving from the network.

Would add significant complexity to protocols whose
behavior must be very well defined
Proposed Approach



Install extra facilities in the network to
detect and mitigate routing misbehavior.
Make only minimal changes to the
underlying routing algorithm.
Introduce two extensions to the Dynamic
Source Routing Protocol (DSR)


Watchdog
Pathrater
Definitions & Assumptions

Neighbor


Neighborhood




A node that is within wireless transmission range of
another node
All the nodes that are within wireless transmission
range of a node
Links between the nodes are bi-directional
Nodes are in promiscuous mode operation
Malicious node does not work in group
Dynamic Source Routing (DSR)

“on-demand”



Route Request Message
Route Reply Message



Route paths are discovered at the time a source
sends a packet to a destination for which the source
has no path
Generate when the route request reach the
destination
Or when an intermediate node which contains in its
route cache an unexpired route to the destination
Route Error

Handle link breaks
DSR (Route Request)
2
1
S
1-2
1-2-5
5
D
8
1-3-4
1
1-3-4-7
1-3-4
4
7
1
3
1-3
1-3-4
6
1-3-4-6
DSR (Route Reply)
2
1-2-5-8
S
1-2-5-8
1-2-5-8
5
8
1
4
7
3
6
D
Two extensions on DSR

Watchdog

Detects misbehaving nodes by overhearing
transmission
S

A
B
C
D
Pathrater

Avoids routing packets through misbehavior
nodes
Watchdog




Maintain a buffer of recently sent packets
Compare each overheard packet with the packet
in the buffer to see if there is a match
If a packet remained for longer than timeout,
increments a failure tally for the node
responsible
If the tally exceeds a threshold, the node is
determined to be misbehaving and the source
will be notified
Watchdog

Advantages


Can detect misbehavior at the forwarding
level
Disadvantages

Might not detect in presence of
Ambiguous collisions
 Receiver collisions
 Limited transmission power
 Others

Ambiguous Collisions

The ambiguous problem prevents node A
from overhearing transmission from B
D
S
A
B
Receiver Collision

Node S can only tell this whether node A
sends the packet to node B, but it cannot
tell if B receives it
D
S
A
B
Limited Transmission Power

Misbehaving node can control its
transmission power to circumvent the
watchdog
D
S
A
B
Other disadvantages

False Misbehavior


Collusion


When nodes falsely report other nodes as
misbehaving
Multiple nodes in collusion can mount a more
sophisticated attack
Partial Dropping

A node can circumvent the watchdog by dropping
packets at a lower rate than the threshold
Pathrater




Each node maintains a rating for every other
node it knows about in the network
It calculates a path metric by averaging the node
ratings in the path
The metric gives a comparison of the overall
reliability of different paths
If there are multiple paths to the same
destination, it choose the path with the highest
metric
Methodology





Berkeley’s Network Simulator (ns) with
wireless extensions made by the CMU
Monarch project
Simulate 50 nodes
Moving speed: 0 - 20m/s
Pause time: 0s or 60s
% of compromised node: 0 – 40% in 5%
increments
Metrics of Evaluation

Throughput


Overhead


% of sent data packets actually received by the
intended destinations
Ratio of routing-related transmissions to data
transmissions
False Positive

Impact of watchdog false positive on network
throughput
Simulation

Extensions




Watchdog (WD)
Pathrater (PR)
Route request (SRR)
4 combinations by extensions




WD=ON, PR=ON, SRR=ON
WD=ON, PR=ON, SRR=OFF
WD=OFF, PR=ON, SRR=OFF
WD=OFF, PR=OFF, SRR=OFF
Simulation




Each metric includes two graphs of
simulation results for two separate pause
times (0s, 60s)
Simulate two different node mobility
patterns using 4 different pseudo-random
number generator seeds
Seeds determine which nodes misbehave
Plot the average of the 8 simulations
Network Throughput
(0s pause time)
Network Throughput
(60s pause time)
Routing Overhead
(0s pause time)
Routing Overhead
(60s pause time)
Effects of False Detection
(0s pause time)
Effects of False Detection
(60s pause time)
Conclusion



Ad hoc networks are vulnerable to nodes that
misbehave when routing packets
Proposed two possible extensions to DSR to mitigate
the effects of routing misbehavior
Simulation evaluates that the 2 techniques


increases throughput by 17% in network with moderate
mobility, while increase ratio of overhead to data transmission
from 9% to 17%
increases throughput by 27% in network with extreme
mobility, while increase ratio of overhead to data transmission
from 12% to 24%
Comments



Work does not mention about how the threshold
value is calculated - it is one of the important factor in
detecting malicious nodes.
If malicious nodes work in a group then it is difficult to
identify them
Paper does not address other attacks such as Mac
attack, False route request and reply messages
that bring down throughput in ad-hoc network
Thank you!
Download