Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks
Uploaded by Kamal Dubey

Attacks using broadcasting falsifying route errors

advertisement 
Fabrication Attacks
Fabrication attacks can be classified into three main categories. Detection is very difficult in
all of these three cases.
Routing table poisoning
Routing protocols maintain tables which hold information regarding routes of the network. In
routing table poisoning attacks the malicious nodes generate and send fabricated signaling
traffic, or modify legitimate messages from other nodes, in order to create false entries in the
tables of the participating nodes. For example, an attacker can send routing updates that do
not correspond to actual changes in the topology of the ad hoc network. Routing table
poisoning attacks can result in selection of non-optimal routes, creation of routing loops and
bottlenecks.
Route Cache Poisoning
This type of attack falls in the category of passive attacks that can occur especially in DSR [6]
due to the promiscuous mode of updating routing tables. This type of situation arises when
information stored in routing tables is deleted, altered or injected with false information. A
node overhearing any packet may add the routing information contained in that packet’s
header to its own route cache, even if that node is not on the path from source to destination.
The vulnerability of this system is that an attacker could easily exploit this method of learning
routes and poison route caches by broadcast a message with a spoofed IP address to other
nodes. When they receive this message, the nodes would add this new route to their cache
and would now communicate using the route to reach the malicious node.
Rote Error Messages fabrication
This attack is very common in AODV and DSR, because when nodes move these two
protocols use path maintenance to recover the optimum path. The weakness of this
architecture is that whenever a node moves, the closest node sends an error message to the
other nodes so as to inform them that a route is no longer accessible. If an attacker can cause
a DoS attack by spoofing any node and sending error messages to the all other nodes. As a
result malicious node can separate any node quite easily.
Eavesdropping
Eavesdropping is another kind of attack that usually happens in the mobile ad hoc networks.
The goal of eavesdropping is to obtain some confidential information that should be kept
secret during the communication. This information may include the location, public key, private
key or even passwords of the nodes. Because such data are very important to the security
state of the nodes, they should be kept away from the unauthorized access.
Secure Ad hoc Routing Protocols
Many solutions have been proposed for secure routing in ad hoc networks, in order to offer
protection against the attacks discussed earlier. These proposed solutions are either
completely new stand-alone protocols, or in some cases incorporations of security
mechanisms into existing ones
In order to analyze the proposed solutions and how they are still vulnerable to attacks we
classified them into two main categories based on asymmetric cryptography and symmetric
cryptography.
Asymmetric Cryptographic Solution
Protocols that use asymmetric cryptography to secure routing in mobile ad hoc networks
require the existence of a universally trusted third party. This trusted third party can be either
online or offline. The trusted third party issues certificates that bind a node’s public key with a
node’s persistent identifier. Authenticated Routing for Ad hoc Networks ARAN falls in this
category of secure Ad hoc routing protocols; many of the other protocols presented in other
categories that use asymmetric cryptography operate in a similar manner and have similar
requirements.
Authenticated Routing for Ad hoc Networks ARAN
The Authenticated Routing for Ad hoc Networks (ARAN) proposed in is a standalone solution
for secure routing in ad hoc networking environments. ARAN use digital certificates and can
successfully operate in the managed open scenario where no infrastructure is pre-deployed.
The basic mechanism used in ARAN is certification that is achieved through the existence of
a trusted certification authority (CA). All nodes are supposed to know their public key from the
certification authority and also the public key of server. Prior to entering into the network, each
node has to apply for a certificate that is signed by the certificate server. ARAN accomplishes
the discovery of routes by a broadcast message from source node which is replied in a unicast
manner. This route discovery of the ARAN protocol begins with a node broadcasting to its
neighbors a route discovery packet (RDP). The RDP includes the certificate of the initiating
node, a nonce, a timestamp and the address of the destination node. Furthermore, the
initiating node signs the RDP. Each node validates the signature with the certificate, updates
its routing table with the neighbor from which it received the RDP, signs it, and forwards it to
its neighbors after removing the certificate and the signature of the previous node (but not the
initiator’s signature and certificate). The signature prevents malicious nodes from injecting
arbitrary route discovery packets that alter routes or form loops. The destination node
eventually receives the RDP and replies with a reply packet (REP). The REP contains the
address of the source node, the destination’s certificate, a nonce, and the associated
timestamp. The destination node signs the REP before transmitting it. The REP is forwarded
back to the initiating node by a process similar to the one described for the route discovery,
except that the REP is unicasted along the reverse path. The source node is able to verify
that the destination node sent the REP by checking the nonce and the signature. Figure 2
illustrates the process of route discovery in ARAN. All messages are authenticated at each
hop from source to destination as well as on the reverse path. Due to heavy computation
involved with the certificates, ARAN is vulnerable to many attacks e.g. DOS attacks. In
situation when there are no malicious nodes in the network the load involved in the routing
process force the legitimate nodes to drop the packets in order to save their resources.
Symmetric Cryptography Solutions
Symmetric cryptographic solutions rely solely on symmetric cryptography to secure the
function of routing in wireless ad hoc networks. The mechanisms utilized is hash functions
and hash chains. A one-way hash function is a function that takes an input of arbitrary length
and returns an output of fixed length. As hash functions are especially lightweight when
compared to other symmetric and asymmetric cryptographic operations, they have been
extensively used in the context of securing ad hoc routing.
Related documents
MODULE 1 LESSON 2 ACTIVITY
MODULE 1 LESSON 2 ACTIVITY
Download
advertisement