skip to main content
research-article

Practical defenses against pollution attacks in wireless network coding

Published:06 June 2011Publication History
Skip Abstract Section

Abstract

Recent studies have shown that network coding can provide significant benefits to network protocols, such as increased throughput, reduced network congestion, higher reliability, and lower power consumption. The core principle of network coding is that intermediate nodes actively mix input packets to produce output packets. This mixing subjects network coding systems to a severe security threat, known as a pollution attack, where attacker nodes inject corrupted packets into the network. Corrupted packets propagate in an epidemic manner, depleting network resources and significantly decreasing throughput. Pollution attacks are particularly dangerous in wireless networks, where attackers can easily inject packets or compromise devices due to the increased network vulnerability.

In this article, we address pollution attacks against network coding systems in wireless mesh networks. We demonstrate that previous solutions are impractical in wireless networks, incurring an unacceptable high degradation of throughput. We propose a lightweight scheme, DART, that uses time-based authentication in combination with random linear transformations to defend against pollution attacks. We further improve system performance and propose EDART, which enhances DART with an optimistic forwarding scheme. We also propose efficient attacker identification schemes for both DART and EDART that enable quick attacker isolation and the selection of attacker-free paths, achieving additional performance improvement. A detailed security analysis shows that the probability of a polluted packet passing our verification procedure is very low (less than 0.002% in typical settings). Performance results using the well-known MORE protocol and realistic link quality measurements from the Roofnet experimental testbed show that our schemes improve system performance over 20 times compared with previous solutions.

References

  1. Agrawal, S. and Boneh, D. 2009. Homomorphic Macs: Mac-based integrity for network coding. In Proceedings of the International Conference on Applied Cryptography and Network Security. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Aguayo, D., Bicket, J., Biswas, S., Judd, G., and Morris, R. 2004. Link-level measurements from an 802.11b mesh network. SIGCOMM Comp. Comm. Rev. 34, 4, 121--132. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Ahlswede, R., Cai, N., Li, S.-Y., and Yeung, R. 2000. Network information flow. IEEE Trans. Inform. Theor. 46, 4, 1204--1216. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Awerbuch, B., Curtmola, R., Holmer, D., Nita-Rotaru, C., and Rubens, H. 2008. ODSBR: An on-demand secure Byzantine resilient routing protocol for wireless ad hoc networks. In ACM Trans. Info. Syst. Sec. 10, 4, Article 6. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Bicket, J., Aguayo, D., Biswas, S., and Morris, R. 2005. Architecture and evaluation of an unplanned 802.11b mesh network. In Proceedings of the ACM International Conference on Mobile Computing Networking. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Biswas, S. and Morris, R. 2004. Opportunistic routing in multi-hop wireless networks. SIGCOMM Comp. Comm. Rev. 34, 1, 69--74. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Boneh, D., Freeman, D., Katz, J., and Waters, B. 2009. Signing a linear subspace: Signature schemes for network coding. In Proceedings of the International Conference on Public Key Cryptography. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Chachulski, S., Jennings, M., Katti, S., and Katabi, D. 2007. Trading structure for randomness in wireless opportunistic routing. In Proceedings of the ACM SIGCOMM Data Communications Festival. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Charles, D., Jain, K., and Lauter, K. 2006. Signatures for network coding. In Proceedings of the Annual Conference on Information Sciences and Systems.Google ScholarGoogle Scholar
  10. Chou, P. and Wu, Y. 2007. Network coding for the Internet and wireless networks. IEEE Signal Process Mag. 24, 77--85.Google ScholarGoogle ScholarCross RefCross Ref
  11. Chou, Y. W. P. A. and Kung, S.-Y. 2005. Minimum-energy multicast in mobile ad hoc networks using network coding. IEEE Trans. Comm. 53, 11, 1906--1918.Google ScholarGoogle ScholarCross RefCross Ref
  12. Couto, D. S. J. D., Aguayo, D., Bicket, J., and Morris, R. 2003. A high-throughput path metric for multi-hop wireless routing. In Proceedings of the ACM Annual Conference on Mobile Computing and Networking. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Cui, T., Chen, L., and Ho, T. 2008. Energy efficient opportunistic network coding for wireless networks. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communications Societies.Google ScholarGoogle Scholar
  14. Dana, A. F., Gowaikar, R., Palanki, R., Hassibi, B., and Effros, M. 2006. Capacity of wireless erasure networks. IEEE Trans. Inform. Theor. 52, 3, 789--804. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Deb, S. and Medard, M. 2006. Algebraic gossip: A network coding approach to optimal multiple rumor mongering. IEEE Trans. Inform. Theor. 52, 6, 2486--2507. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Dimakis, A. G., Godfrey, P. B., Wainwright, M. J., and Ramchandran, K. 2007. The benefits of network coding for peer-to-peer storage systems. In Proceedings of the Workshop on Network Coding, Theory, and Applications.Google ScholarGoogle Scholar
  17. Dong, J., Curtmola, R., and Nita-Rotaru, C. 2009. Practical defenses against pollution attacks in intra-flow network coding for wireless mesh networks. In Proceedings of the 2nd ACM Conference on Wireless Network Security. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Dong, J., Curtmola, R., Sethi, R., and Nita-Rotaru, C. 2008. Toward secure network coding in wireless networks: Threats and challenges. In Proceedings of the Fourth Workshop on Secure Network Protocols.Google ScholarGoogle Scholar
  19. Effros, M., Ho, T., and Kim, S. 2006. A tiling approach to network code design for wireless networks. In Proceedings of the IEEE Information Theory Workshop.Google ScholarGoogle Scholar
  20. Fragouli, C. and Markopoulou, A. 2005. A network coding approach to overlay network monitoring. In Proceedings of the Annual Allerton Conference on Communication Control and Computing.Google ScholarGoogle Scholar
  21. Fragouli, C. and Markopoulou, A. 2006. Network coding techniques for network monitoring: A brief introduction. In Proceedings of the International Zurich Seminar on Communications. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Fragouli, C., Widmer, J., and Le Boudec, J.-Y. 2006. A network coding approach to energy efficient broadcasting: From theory to practice. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communications Societies.Google ScholarGoogle ScholarCross RefCross Ref
  23. Gkantsidis, C. and Rodriguez, P. 2005. Network coding for large scale content distribution. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communications Societies.Google ScholarGoogle Scholar
  24. Gkantsidis, C. and Rodriguez, P. 2006. Cooperative security for network coding file distribution. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communications Societies.Google ScholarGoogle Scholar
  25. Guerrero Zapata, M. and Asokan, N. 2002. Securing Ad hoc Routing Protocols. In Proceedings of the ACM Workshop on Wireless Security (WiSe02). 1--10. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Ho, T. 2006. On constructive network coding for multiple unicasts. In Proceedings of the Annual Allrton Conference on Communication Control and Computing.Google ScholarGoogle Scholar
  27. Ho, T., Leong, B., Chang, Y.-H., Wen, Y., and Koetter, R. 2005. Network monitoring in multicast networks using network coding. In Proceedings of the IEEE International Symposium on Information Theory.Google ScholarGoogle Scholar
  28. Ho, T., Leong, B., Koetter, R., Medard, M., Effros, M., and Karger, D. 2004. Byzantine modification detection in multicast networks using randomized network coding. In Proceedings of the IEEE International Symposium on Information Theory.Google ScholarGoogle Scholar
  29. Hou, I.-H., Tsai, Y.-E., Abdelzaher, T., and Gupta, I. 2008. Adapcode: Adaptive network coding for code updates in wireless sensor networks. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communications Societies.Google ScholarGoogle Scholar
  30. Hu, Y.-C., Perrig, A., and Johnson, D. B. 2002. Ariadne: A secure on-demand routing protocol for ad hoc networks. In Proceedings of the ACM Annual International Conference on Mobile Computing Networking. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Jaggi, S., Langberg, M., Katti, S., Ho, T., Katabi, D., and Medard, M. 2007. Resilient network coding in the presence of byzantine adversaries. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communications Societies.Google ScholarGoogle Scholar
  32. Jain, K. 2005. On the power (saving) of network coding. In Proceedings of the Annual Allerton Conference on Communication Control and Computing.Google ScholarGoogle Scholar
  33. Jin, J., Ho, T., and Viswanathan, H. 2006. Comparison of network coding and non-network coding schemes for multi-hop wireless networks. In Proceedings of the IEEE International Symposium on Information Theory.Google ScholarGoogle Scholar
  34. Katti, S., Kabati, D., Hu, W., Rahul, H., and Medard, M. 2005. The importance of being opportunistic: Practical network coding for wireless environments. In Proceedings of the Annual Allerton Conference on Communication Control and Computing.Google ScholarGoogle Scholar
  35. Katti, S., Rahul, H., Hu, W., Katabi, D., Médard, M., and Crowcroft, J. 2006. Xors in the air: practical wireless network coding. SIGCOMM Comp. Comm. Rev. 36, 4, 243--254. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Kehdi, E. and Li, B. 2009. Null keys: Limiting malicious attacks via null space properties of network coding. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communications Societies.Google ScholarGoogle Scholar
  37. Krohn, M., Freedman, M., and Mazieres, D. 2004. On-the-fly verification of rateless erasure codes for efficient content distribution. In Proceedings of the IEEE Symposium on Security and Privacy.Google ScholarGoogle Scholar
  38. Li, L., Ramjee, R., Buddhikot, M., and Miller, S. 2007. Network coding-based broadcast in mobile ad-hoc networks. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communications Societies.Google ScholarGoogle Scholar
  39. Li, Q., Chiu, D.-M., and Lui, J. Nov. 2006. On the practical and security issues of batch content distribution via network coding. In Proceedings of the IEEE International Conference on Network Protocols. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Lin, Y., Li, B., and Liang, B. 2008. Efficient network coded data transmissions in disruption tolerant networks. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communications Societies.Google ScholarGoogle Scholar
  41. Lun, D. S., Médard, M., Koetter, R., and Effros, M. 2005a. Further results on coding for reliable communication over packet networks. In Proceedings of the IEEE International Symposium on Information Theory.Google ScholarGoogle Scholar
  42. Lun, D. S., Ratnakar, N., Koetter, R., edard, M. M., Ahmed, E., and Lee, H. 2005b. Achieving minimum cost multicast: A decentralized approach based on network coding. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communications Societies.Google ScholarGoogle Scholar
  43. Médard, M., Effros, M., Ho, T., and Karger, D. R. 2003. On coding for non-multicast networks. In Proceedings of the Annual Allerton Conference on Communication Control and Computing.Google ScholarGoogle Scholar
  44. Park, J.-S., Gerla, M., Lun, D. S., Yi, Y., and Medard, M. 2006. Codecast: A network-coding-based ad hoc multicast protocol. IEEE Wireless Comm. 13, 5, 76--81. Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. Perrig, A., Canetti, R., Tygar, J. D., and Song, D. 2002a. The TESLA broadcast authentication protocol. RSA CryptoBytes 5, 2, 2--13.Google ScholarGoogle Scholar
  46. Perrig, A., Szewczyk, R., Tygar, J. D., Wen, V., and Culler, D. E. 2002b. Spins: security protocols for sensor networks. Wireless Netw. 8, 5. Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. Radunovic, B., Gkantsidis, C., P. Key, S. G., Hu, W., and Rodriguez, P. March 2007. Multipath code casting for wireless mesh networks. Tech. rep. MSR-TR-2007-68. Microsoft Research, Redmond, WA.Google ScholarGoogle Scholar
  48. Sun, K., Ning, P., and Wang, C. 2006a. Secure and resilient clock synchronization in wireless sensor networks. IEEE J. Select. Areas. Comm. 24, 2. Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. Sun, K., Ning, P., and Wang, C. 2006b. Tinysersync: secure and resilient time synchronization in wireless sensor networks. In Proceedings of the ACM Conference on Computer and Communcations Security. Google ScholarGoogle ScholarDigital LibraryDigital Library
  50. Traskov, D., Ratnakar, N., Lun, D. S., Koetter, R., and Médard, M. 2006. Network coding for multiple unicasts: An approach based on linear optimization. In Proceedings of the IEEE International Symposium on Information Theory.Google ScholarGoogle Scholar
  51. Wang, D., Silva, D., and Kschischang, F. R. 2007. Constricting the adversary: A broadcast transformation for network coding. In Proceedings of the Annual Allerton Conference on Communication Control and Computing.Google ScholarGoogle Scholar
  52. Widmer, J. and Boudec, J.-Y. L. 2005. Network coding for efficient communication in extreme networks. In Proceedings of the ACM SIGCOMM Workshops on Delay-Tolerent Networking. Google ScholarGoogle ScholarDigital LibraryDigital Library
  53. Widmer, J., Fragouli, C., and Boudec, J.-Y. L. 2005. Energy-efficient broadcasting in wireless ad-hoc networks. In Proceedings of the IEEE International Sympossium on Network Coding.Google ScholarGoogle Scholar
  54. Yu, Z., Wei, Y., Ramkumar, B., and Guan, Y. 2008. An efficient signature-based scheme for securing network coding against pollution attacks. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communications Societies.Google ScholarGoogle Scholar
  55. Zhao, F., Kalker, T., Medard, M., and Han, K. 2007. Signatures for content distribution with network coding. In Proceedings of the IEEE Internation Symposium on International Theory.Google ScholarGoogle Scholar

Index Terms

  1. Practical defenses against pollution attacks in wireless network coding

          Recommendations

          Comments

          Login options

          Check if you have access through your login credentials or your institution to get full access on this article.

          Sign in

          Full Access

          PDF Format

          View or Download as a PDF file.

          PDF

          eReader

          View online with eReader.

          eReader
          About Cookies On This Site

          We use cookies to ensure that we give you the best experience on our website.

          Learn more

          Got it!