skip to main content
research-article

ODSBR: An on-demand secure Byzantine resilient routing protocol for wireless ad hoc networks

Published:22 January 2008Publication History
Skip Abstract Section

Abstract

Ah hoc networks offer increased coverage by using multihop communication. This architecture makes services more vulnerable to internal attacks coming from compromised nodes that behave arbitrarily to disrupt the network, also referred to as Byzantine attacks. In this work, we examine the impact of several Byzantine attacks performed by individual or colluding attackers. We propose ODSBR, the first on-demand routing protocol for ad hoc wireless networks that provides resilience to Byzantine attacks caused by individual or colluding nodes. The protocol uses an adaptive probing technique that detects a malicious link after log n faults have occurred, where n is the length of the path. Problematic links are avoided by using a route discovery mechanism that relies on a new metric that captures adversarial behavior. Our protocol never partitions the network and bounds the amount of damage caused by attackers. We demonstrate through simulations ODSBR's effectiveness in mitigating Byzantine attacks. Our analysis of the impact of these attacks versus the adversary's effort gives insights into their relative strengths, their interaction, and their importance when designing multihop wireless routing protocols.

References

  1. The network simulator - ns2. http://www.isi.edu/nsnam/ns/.Google ScholarGoogle Scholar
  2. 1999a. IEEE Std 802.11a-1999. http://standards.ieee.org/.Google ScholarGoogle Scholar
  3. 1999b. IEEE Std 802.11b-1999. http://standards.ieee.org/.Google ScholarGoogle Scholar
  4. AES. 2001. Advanced Encryption Standard. Number FIPS 197. National Institute for Standards and Technology (NIST). http://csrc.nist.gov/encryption/aes/.Google ScholarGoogle Scholar
  5. Awerbuch, B., Holmer, D., and Rubens, H. 2005. The medium time metric: High throughput route selection in multirate ad hoc wireless networks. Kluwer Mobile Networks and Applications (MONET) Journal, Special Issue on Internet Wireless Access: 802.11 and Beyond. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Bradley, K. A., Cheung, S., Puketza, N., Mukherjee, B., and Olsson, R. A. 1998. Detecting disruptive routers: A distributed network monitoring approach. In Proceedings of IEEE Symposium on Security and Privacy.Google ScholarGoogle Scholar
  7. Brown, M., Cheung, D., Hankerson, D., Hernandez, J., Kirkup, M., and Menezes., A. 2000. PGP in constrained wireless devices. In Proceeding of USENIX Security Symposium. USENIX. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Buchegger, S. and Boudec, J.-Y. L. 2002. Performance analysis of the CONFIDANT protocol (cooperation of nodes: Fairness in dynamic ad-hoc networks. In Proc. of MobiHoc. ACM, New York, 226--236. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Buttyan, L. and Hubaux, J.-P. 2003. Stimulating cooperation in self-organizing mobile ad hoc networks. Mob. Netw. Appl. 8, 5, 579--592. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Cheung, S. and Levitt, K. 1997. Protecting routing infrastructures from denial of service using cooperative intrusion detection. In New Security Paradigms Workshop. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. De Couto, D. S. J., Aguayo, D., Bicket, J., and Morris, R. 2003. A high-throughput path metric for multi-hop wireless routing. In Proceedings of ACM Annual International Conference of Mobile Computing (MOBICOM). San Diego, California. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. DSS. 2006. Digital Signature Standard. Number FIPS 186-3. National Institute for Standards and Technology (NIST). http://csrc.nist.gov/publications/drafts/fips_186-3/Draft-FIPS-186-3_March2006.pdf.Google ScholarGoogle Scholar
  13. Eriksson, J., Krishnamurthy, S.-V., and Faloutsos, M. 2006. Truelink: A practical countermeasure to the wormhole attack in wireless networks. Proc. of ICNP'06. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Hauser, R., Przygienda, T., and Tsudik, G. 1997. Reducing the cost of security in link-state routing. In Proceedings of ISOC Symposium of Network and Distributed Systems Security (NDSS). Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. HMAC. 2002. The Keyed-Hash Message Authentication Code. Number FIPS 198. National Institute for Standards and Technology (NIST). http://csrc.nist.gov/publications/fips/index.html.Google ScholarGoogle Scholar
  16. Hu, L. and Evans, D. 2004. Using directional antennas to prevent wormhole attacks. In Proceedings of ISOC Symposium of Network and Distributed Systems Security (NDSS).Google ScholarGoogle Scholar
  17. Hu, Y.-C., Johnson, D. B., and Perrig, A. 2002b. SEAD: Secure efficient distance vector routing for mobile wireless ad hoc networks. In Proceedings of IEEE Workshop on Mobile Computing Systems and Applications (WMCSA). Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Hu, Y.-C., Perrig, A., and Johnson, D. B. 2002b. Ariadne: A secure on-demand routing protocol for ad hoc networks. In Proceedings of ACM Annual International Conference of Mobile Computing (MOBICOM). Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Hu, Y.-C., Perrig, A., and Johnson, D. B. 2003a. Packet leashes: A defense against wormhole attacks in wireless ad hoc networks. In Proceedings of IEEE Conference of the IEEE Communications Society (INFOCOMM).Google ScholarGoogle Scholar
  20. Hu, Y.-C., Perrig, A., and Johnson, D. B. 2003b. Rushing attacks and defense in wireless ad hoc network routing protocols. In Proceedings of ACM Workshop of Wireless Security (WiSe). Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Hubaux, J.-P., Buttyan, L., and Capkun, S. 2001. The quest for security in mobile ad hoc networks. In Proceedings of ACM International Symposium on Mobile Ad Hoc Networking and Computing (MOBIHOC). Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. IEEE. 1999. IEEE Std 802.11, 1999 Edition. http://standards.ieee.org/catalog/olis/lanman.html.Google ScholarGoogle Scholar
  23. Jakobsson, M., Wetzel, S., and Yener, B. 2003. Stealth attacks on ad-hoc wireless networks. In IEEE Vehicular Technology Conference.Google ScholarGoogle Scholar
  24. Johnson, D. B., Maltz, D. A., and Broch, J. 2001. DSR: The Dynamic Source Routing Protocol for Multi-Hop Wireless Ad Hoc Networks. in Ad Hoc Networking. Addison-Wesley, Reading, MA. Chapter 5, 139--172. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Kent, S., Lynn, C., and Seo, K. 2000. Secure border gateway protocol (s-bgp). IEEE Journal on Selected Areas in Communication 18, 4. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Kurose, J. and Ross, K. 2000. Computer Networking, A Top Down Approach Featuring the Internet. Addison-Wesley Longman, Reading, MA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Lamport, L., Shostak, R., and Pease, M. 1982. The byzantine generals problem. ACM Trans. Program. Lang. Syst. 4, 3, 382--401. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Lee, H. I. 2002. Afora: Ad hoc routing in the face of misbehaving nodes. Master's Thesis, MIT.Google ScholarGoogle Scholar
  29. Lundgren, H., Nordström, E., and Tschudin, C. 2002. Coping with communication gray zones in ieee 802.11b based ad hoc networks. In Proceedings of IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WOWMOM). ACM Press, New York, 49--55. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Marti, S., Giuli, T., Lai, K., and Baker, M. 2000. Mitigating routing misbehavior in mobile ad hoc networks. In Proceedings of ACM Annual International Conference of Mobile Computing (MOBICOM). Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Menezes, A., van Oorschot, P., and Vanstone, S. 1996. Handbook of Applied Cryptography. CRC Press, Boca Raton, FL. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Michiardi, P. and Molva, R. 2002. CORE: A collaborative reputation mechanism to enforce node cooperation in mobile ad hoc networks. In Proc. of Sixth IFIP Communications and Multimedia Security Conference. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Mizrak, A., Cheng, Y.-C., Marzullo, K., and Savage, S. 2005. Fatih: Detecting and isolating malicious routers. In Proceedings of International Conference on Dependable Systems and Networks (DSN). Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Papadimitratos, P. and Haas, Z. 2002. Secure routing for mobile ad hoc networks. In SCS Communication Networks and Distributed Systems Modeling and Simulation Conference (CNDS). 27--31.Google ScholarGoogle Scholar
  35. Papadimitratos, P. and Haas, Z. 2003. Secure data transmission in mobile ad hoc networks. In Proceedings of ACM Workshop of Wireless Security (WiSe). Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Perkins, C. E. and Bhagwat, P. 1994. Highly dynamic destination-sequenced distance-vector routing (DSDV) for mobile computers. In Proceedings of SIGCOMM Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication (SIGCOMM). Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Perkins, C. E. and Royer, E. M. 2000. Ad hoc Networking. Addison-Wesley, Reading, MA. Chapter Ad hoc On-Demand Distance Vector Routing.Google ScholarGoogle Scholar
  38. Perlman, R. 1988. Network layer protocols with byzantine robustness. Ph.D. thesis, MIT LCS TR-429.Google ScholarGoogle Scholar
  39. Perlman, R. 2005. Routing with byzantine robustness. Tech. Rep. TR-2005-146, Sun Microsystems. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Perrig, A., Canetti, R., Song, D., and Tygar, D. 2001. Efficient and secure source authentication for multicast. In Proceedings of ISOC Symposium of Network and Distributed Systems Security (NDSS).Google ScholarGoogle Scholar
  41. Rivest, R. L., Shamir, A., and Adleman, L. M. 1978. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21, 2 (Feb.), 120--126. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Sanzgiri, K., Dahill, B., Levine, B. N., Shields, C., and Belding-Royer, E. 2002. A secure routing protocol for ad hoc networks. In Proceedings of IEEE International Conference on Network Protocols (ICNP). Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. Smith, B. R., Murthy, S., and Garcia-Luna-Aceves, J. 1997. Securing distance-vector routing protocols. In Proceedings of ISOC Symposium of Network and Distributed Systems Security (NDSS). Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. Stone, J. and Partridge, C. 2000. When the CRC and TCP checksum disagree. In Proceedings of SIGCOMM Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication (SIGCOMM). Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. Syverson, P. F., Goldschlag, D. M., and Reed, M. G. 1997. Anonymous connections and onion routing. In IEEE Symposium on Security and Privacy. Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. Theodorakopoulos, G. and Baras, J. S. 2004. Trust evaluation in ad-hoc networks. In Proc. of ACM Workshop on Wireless Security (WiSe '04). 1--10. Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. Yoon, J., Liu, M., and Noble, B. D. 2003. Random waypoint considered harmful. In Proceedings of IEEE Conference of the IEEE Communications Society (INFOCOMM). San Francisco, CA.Google ScholarGoogle Scholar
  48. Zhou, L. and Haas, Z. 1999. Securing ad hoc networks. IEEE Network Magazine 13, 6. Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. Zimmermann, P. 1995. The Official PGP User's Guide. MIT Press, Cambridge, MA. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. ODSBR: An on-demand secure Byzantine resilient routing protocol for wireless ad hoc networks

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        • Published in

          cover image ACM Transactions on Information and System Security
          ACM Transactions on Information and System Security  Volume 10, Issue 4
          January 2008
          192 pages
          ISSN:1094-9224
          EISSN:1557-7406
          DOI:10.1145/1284680
          Issue’s Table of Contents

          Copyright © 2008 ACM

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          • Published: 22 January 2008
          • Accepted: 1 November 2007
          • Revised: 1 November 2006
          • Received: 1 August 2005
          Published in tissec Volume 10, Issue 4

          Permissions

          Request permissions about this article.

          Request Permissions

          Check for updates

          Qualifiers

          • research-article
          • Research
          • Refereed

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!