Secure Mobile Ad hoc Network (SMANET) A midterm report submitted to Network Information and Space Security Center (NISSC) for Summer 2003 C. Edward Chow Paul J. Fong 1. Project Goal This study will investigate and develop methods of creating a Secure Mobile Ad hoc Network (SMANET) by protecting it from the most ostensible forms of attack. These security methods will include: Erecting a wireless firewall Detecting wireless intrusion attempts Authenticating routing updates and Responding with group rekeying measures designed to isolate the attacker. 2 Project Status The first objective of the SMANET project has been accomplished. A Linux iptable-based wireless firewall has been created for a mobile ad hoc network (MANET) that allows only hosts with specified Media Access Control (MAC) addresses to join the mobile ad hoc network. We have developed two separate firewalls: one for the typical ad hoc node and one for the gateway node which has an additional Internet connection. Details of the firewall rules and preliminary performance for our SMANET testbed are included in a full report at http://cs.uccs.edu/~smanet/. A MANET without a firewall or authentication provisions provide an attacker with an opportunity to join the wireless network. At best, the attacker may passively listen to the network traffic and potentially compromise confidential information. At worst, the attacker may disrupt the network communication. This project will continue to develop the remainder of the MANET security provisions in accordance with our stated project objectives. The Ad Hoc On-Demand Distance Vector (SAODV) Routing Internet Draft [Zapata2001, Zapata2002] has been carefully studied to prepare for development of a routing update authentication scheme for the SMANET. This authentication method will employ digital signatures or certificates to verify routing updates. An intrusion detection system (IDS) is being developed. The IDS will be based on the A2D2 project [Cearns2002] and will be integrated into the firewall. We have obtained a copy of the Keystone group rekeying system and corrected its cryptolibrary code to obtain true randomness in the new Redhat Linux environment. The Keystone system is now running on both Solaris and Linux systems. We have obtained a license for the Antigone Secure Groupware from University of Michigan and have downloaded the licensed software. An implementation of the IDIP protocol [IDIP] was developed by Sarah Jelinek for her master project and will be integrated into the SMANET system. 1 3. References [AODV] Ad-hoc On-demand Distance Vector Protocol. http://w3.antd.nist.gov/wctg/aodv_kernel/. [Antigone] Antigone Secure Groupware http://antigone.citi.umich.edu/content/antigone-2.0.11/docs/html/alpha.html [Andreasson] Andreasson, Oskar. “Iptables Tutorial 1.1.19.” http://iptables-tutorial.frozentux.net/iptables-tutorial.html [Cearns2002] Cearns, Angela. “Design of an Autonomous Anti-DDoS network (A2D2).” Masters thesis. [IDIP] Network Associates Labs & Boeing. “IDIP Architecture.” http://zen.ece.ohiou.edu/~inbounds/DOCS/reldocs/IDIP_Architecture.doc, 2002. [McDaniel2001] McDaniel, Patrick D. (2001), “Policy Management in Secure Group Communication.” PhD dissertation. University of Michigan. [PBD2002] Charles E. Perkins, Elizabeth M. Belding-Royer, and Samir Das. "Ad Hoc On Demand Distance Vector (AODV) Routing." IETF Internet draft, draft-ietf-manet-aodv-11.txt, June 2002 (Work in Progress). [Snort] Snort version 2.0, the open source network intrusion detection system. http://www.snort.org/. [Zapata2002] M.G. Zapata & N. Asokan, “Securing Ad hoc Routing Protocols,” 2002, ACM 1-58113585-8/02/0009. [Zapata2001] Zapata, M.G. “Secure Ad Hoc On-Demand Distance Vector (SAODV) Routing.” http://www.ietf.org/internet-drafts/draft-guerrero-manet-saodv-00.txt, Internet Draft, October 2001. [ZLL2003] X. Brian Zhang, Simon S. Lam, and D-Y Lee, “Group Rekeying with Limited Unicast Recovery,” Technical Report, TR-02-36 Revised February 2003. http://www.cs.utexas.edu/users/lam/Vita/Misc/rekey_TR.pdf 2