On identifying malicious nodes in ad hoc networks
Pages 254 - 259
Abstract
Route falsification attacks are easy to launch in mobile ad hoc networks with on demand routing protocols that employ network-wide flooding of control packets for route discoveries. To mitigate this attack, we propose a p-hop crosscheck mechanism that requires nodes p, p ≥ 2, hops apart to authenticate and verify route reply packets using pair-wise shared keys. The crosscheck can detect route falsification by non-colluding malicious nodes on-the-fly; furthermore, it can identify a group of at most p+1 nodes that contain the malicious nodes that caused the route falsification. Unlike intrusion detection techniques, which require extensive monitoring and sampling, the proposed crosscheck mechanism is light-weight and fast. Therefore, the proposed crosscheck mechanism can be used to augment the existing secure routing protocols and improve intrusion detection capability. We implemented 2-hop crosscheck for AODV in the Glomosim simulator. Using simulations, we show that 2-hop crosscheck mitigates attacks by multiple malicious nodes with negligible performance impact.
References
[1]
G. Ács, L. Buttyán, and I. Vajda. Provable security of on-demand distance vector routing in wireless ad hoc networks. In Second European Workshop on Security and Privacy in Ad Hoc and Sensor Networks (ESAS), 2005.
[2]
G. Ács, L. Buttyán, and I. Vajda. Provably secure on-demand source routing in mobile ad hoc networks. IEEE Transactions on Mobile Computing, 5(11):1533--1546, 2006.
[3]
R. Bagrodia et al. Glomosim: A scalable network simulation environment, v2.03. Parallel Computing Lab, UC Los Angeles, CA, December 2000.
[4]
R. Blom. An optimal class of symmetric key generation systems. In Advances in Cryptology, EUROCRYPTąŕ'84, LNCS 209, pages 335--338, 1984.
[5]
Jean-Yves Le Boudec and Milan Vojnovic. Perfect simulation and stationarity of a class of mobility models. In Proceedings of IEEE INFOCOM, pages 2743--2754, 2005.
[6]
L. Buttyán and I. Vajda. Towards provable security for ad hoc routing protocols. In Second ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN), 2004.
[7]
W. Du, J. Deng, Y. Han, and P. Varshney. A pairwise key pre-distribution scheme for wireless sensor networks. In Proc. of 10th ACM Conference on Computer and Communications Security (CCS), pages 27--31, 2003.
[8]
M.T. Goodrich. Leap-frog packet linking and diverse key distributions for improved integrity in network broadcasts. In Proceedings of IEEE Symposium on Security and Privacy, pages 196--207, May 2005.
[9]
Yih-Chun Hu, Adrian Perrig, and David B. Johnson. Ariadne: A secure on-demand routing protocol for ad hoc networks. In Proceedings of the Eighth Annual International Conference on Mobile Computing and Networking (MobiCom), pages 12--23, 2002.
[10]
Yih-Chun Hu, Adrian Perrig, and David B. Johnson. Ariadne: A secure on-demand routing protocol for ad hoc networks. Wireless Networks, 11(1--2):21--38, 2005.
[11]
David B Johnson, David A Maltz, and Y.-C. Hu. The dynamic source routing protocol for mobile ad hoc networks (dsr). In Internet Draft, draft-ietf-manet-dsr-09.txt, April 2003.
[12]
F. Kargl, A. Geiβ, S. Schlott, and M. Weber. Secure dynamic source routing. In Proceedings of the 38th Annual Hawaii International Conference on System Sciences (HICSS), January 2005.
[13]
D. Liu and P. Ning. Establishing pairwise keys in distributed sensor networks. In Proc. of 10th ACM Conference on Computer and Communications Security (CCS), 2003.
[14]
P. Papadimitratos and Z. Haas. Secure routing for mobile ad hoc networks. In Proceedings of the SCS Communication Networks and Distributed Systems Modeling and Simulation Conference (CNDS), Jan. 2002.
[15]
C. E. Perkins, E. M. Belding-Royer, and S. R. Das. Ad Hoc On Demand Distance Vector (AODV) Routing. IETF, July 2003. RFC 3561.
[16]
A. Perrig, R. Canetti, D. Song, and J.D. Tygar. Efficient and secure source authentication for multicast. In Network and Distributed System Security Symposium (NDSS), 2001.
[17]
Jean-Francois Raymond. Traffic analysis: Protocols, attacks, design issues, and open problems. In Anonymity 2000, LNCS 2009, pages 10--29, 2001.
[18]
K. Sanzgiri, B. Dahill, B. Levine, and E. Belding-Royer. A secure routing protocol for ad hoc networks. Proceedings of IEEE ICNP, 2002.
[19]
J. Yoon, M. Liu, and B. Noble. Sound mobility models. In Proceedings of ACM MobiCom, 2003.
[20]
M. G. Zapata. Secure ad hoc on-demand distance vector (SAODV) routing. In IETF Internet Draft. http://www.ietf.org/internet-drafts/draft-guerrero-manet-saodv-00.txt, 2001.
[21]
S. Zhu, S. Setia, S. Jajodia, and P. Ning. An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks. In Proceedings of IEEE Symposium on Security and Privacy, 2004.
[22]
S. Zhu, S. Xu, S. Setia, and S. Jajodia. Establishing pair-wise keys for secure communication in ad hoc networks: A probabilistic approach. In Proceedings of IEEE ICNP, 2003.
Index Terms
- On identifying malicious nodes in ad hoc networks
Recommendations
LIP: a lightweight interlayer protocol for preventing packet injection attacks in mobile ad hoc network
Most ad hoc networks do not implement any network access control, leaving these networks vulnerable to packet injection attacks where a malicious node injects packets into the network with the goal of depleting the resources of the nodes relaying the ...
Secure Routing Protocol with Malicious Nodes Detection for Ad Hoc Networks
AINAW '08: Proceedings of the 22nd International Conference on Advanced Information Networking and Applications - WorkshopsAn ad hoc network is a highly dynamic routing network cooperated by a set of wireless mobile nodes without any assistance of centralized access point. ARIADNE is a well-known secure on-demand ad hoc network routing protocol. After finishing the Route ...
Node-disjointness-based multipath routing for mobile ad hoc networks
PE-WASUN '04: Proceedings of the 1st ACM international workshop on Performance evaluation of wireless ad hoc, sensor, and ubiquitous networksMobile ad hoc networks are characterized by the use of wireless links with limited bandwidth, dynamically varying network topology and multi-hop connectivity. AODV and DSR are the two most widely studied on-demand ad hoc routing protocols. Previous work ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
August 2007
716 pages
ISBN:9781595936950
DOI:10.1145/1280940
- General Chairs:
- Mohsen Guizani,
- Hsiao-Hwa Chen,
- Program Chair:
- Xi Zhang
Copyright © 2007 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
- SIGDOC: ACM Special Interest Group on Systems Documentation
- ACM: Association for Computing Machinery
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 12 August 2007
Check for updates
Author Tags
Qualifiers
- Article
Conference
IWCMC07
Sponsor:
- SIGDOC
- ACM
IWCMC07: International Wireless Communications and Mobile Computing Conference
August 12 - 16, 2007
Hawaii, Honolulu, USA
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 629Total Downloads
- Downloads (Last 12 months)2
- Downloads (Last 6 weeks)0
Reflects downloads up to 13 Feb 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in