Secure multipath communication in mobile ad hoc networks

Burmester, Mike; Le, Tri Van

doi:10.1109/itcc.2004.1286675

Cited by 37 publications

(31 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The work in [4] presents distributed Bound-Control and Lex-Control algorithms, which compute multiple paths, respectively, in such a way that the performance degradation (e.g., throughput loss) is minimized when a single-link attack or a multi-link attack happens, respectively. Other examples of secure deterministic multi-path routing algorithms include SRP [9], SecMR [8], Burmester's approach [3], and AODV-MAP [11].…”

Section: B Simulation Resultsmentioning

confidence: 99%

Secure Data Collection in Wireless Sensor Networks Using Randomized Dispersive Routes

Shu

Krunz

Liu

2010

IEEE Trans. on Mobile Comput.

View full text Add to dashboard Cite

Abstract-Compromised-node and denial-of-service are two key attacks in wireless sensor networks (WSNs). In this paper, we study routing mechanisms that circumvent (bypass) black holes formed by these attacks. We argue that existing multi-path routing approaches are vulnerable to such attacks, mainly due to their deterministic nature. So once an adversary acquires the routing algorithm, it can compute the same routes known to the source, and hence endanger all information sent over these routes. In this paper, we develop mechanisms that generate randomized multipath routes. Under our design, the routes taken by the "shares" of different packets change over time. So even if the routing algorithm becomes known to the adversary, the adversary still cannot pinpoint the routes traversed by each packet. Besides randomness, the routes generated by our mechanisms are also highly dispersive and energy-efficient, making them quite capable of bypassing black holes at low energy cost. Extensive simulations are conducted to verify the validity of our mechanisms. I. INTRODUCTIONOf the various possible security threats that may be experienced by a wireless sensor network (WSN), in this paper we are specifically interested in combating two types of attacks: the compromised-node (CN) attack and the denial-of-service (DOS) attack [12]. The CN attack refers to the situation when an adversary physically compromises a subset of nodes to eavesdrop information, whereas in the DOS attack, the adversary interferes with the normal operation of the WSN by actively disrupting, changing, or even destroying the functionality of a subset of nodes in the system. These two attacks are similar in the sense that they both generate black holes: areas within which the adversary can either passively intercept or actively block information delivery. Due to the unattended nature of WSNs, adversaries can easily produce such black holes [1]. Severe CN and DOS attacks can disrupt normal data delivery between sensor nodes and the sink, or even partition the topology. A conventional cryptography-based security method cannot alone provide satisfactory solutions to these problems. This is because, by definition, once a node is compromised, the adversary can always acquire the encryption/decryption keys of that node, and thus can intercept any information passed through it. At the same time, an adversary can always perform certain form of DOS attack (e.g., jamming) even if it does not have any knowledge of the crypto-system used in the WSN.One remedial solution to these attacks is to exploit the network's routing functionality. Specifically, if the locations of the black holes formed by the compromised (or jammed) nodes are known a priori, then information can be delivered over paths that circumvent (bypass) these holes, whenever possible. In practice, due to the difficulty of acquiring such location information, the above idea is implemented in a probabilistic manner, typically through a two-step process: secret sharing and multi-path routing. First, an infor...

show abstract

Section: B Simulation Resultsmentioning

confidence: 99%

Secure Data Collection in Wireless Sensor Networks Using Randomized Dispersive Routes

Shu

Krunz

Liu

2010

IEEE Trans. on Mobile Comput.

View full text Add to dashboard Cite

show abstract

“…Instead of relying on a cryptographic method for resolving the issue, our work mainly exploits the routing functionality of the network to reduce the chance that a packet can be acquired by the adversary in the first place. Other secure multi-path routing algorithms include SRP [16], SecMR [14], Burmester's approach [3], and AODV-MAP [21]. Among them, SRP uses end-toend symmetric cryptography to protect the integrity of the route discovery; SecMR protects against the denialof-service attack from a bounded number of collaborating malicious nodes; Burmester's method is based on the digital signatures of the intermediate nodes; AODV-MAP is another modification of AODV, which can provide local bypass of the attacked nodes.…”

Section: Related Workmentioning

confidence: 99%

Secure Data Collection in Wireless Sensor Networks Using Randomized Dispersive Routes

2009

View full text Add to dashboard Cite

Abstract-Compromised-node and denial-of-service are two key attacks in wireless sensor networks (WSNs). In this paper, we study data delivery mechanisms that can with high probability circumvent black holes formed by these attacks. We argue that classic multipath routing approaches are vulnerable to such attacks, mainly due to their deterministic nature. So once the adversary acquires the routing algorithm, it can compute the same routes known to the source, hence making all information sent over these routes vulnerable to its attacks. In this paper, we develop mechanisms that generate randomized multi-path routes. Under our designs, the routes taken by the "shares" of different packets change over time. So even if the routing algorithm becomes known to the adversary, the adversary still cannot pinpoint the routes traversed by each packet. Besides randomness, the generated routes are also highly dispersive and energyefficient, making them quite capable of circumventing black holes. We analytically investigate the security and energy performance of the proposed schemes. We also formulate an optimization problem to minimize the end-to-end energy consumption under given security constraints. Extensive simulations are conducted to verify the validity of our mechanisms.Index Terms-Randomized multi-path routing, wireless sensor network, secure data delivery.

show abstract

“…Of particular interest, from a security point of view, are subgraphs G ST with multiple connectivity between S, T . For example, multipaths [32]. Such routes may have sufficient redundancy to guarantee communication, i.e., may contain at least one secure path (with no adversarial nodes).…”

Section: Multipaths and Subgraphsmentioning

confidence: 99%

“…However there are ways to partly mitigate this. For example, the source can select communication paths in G ST on a rotation basis (adaptive multipath routing [32]). Another approach is to use random subgraphs G ST of G that link S, T .…”

Section: Multipaths and Subgraphsmentioning

confidence: 99%

On the Security of Route Discovery in MANETs

Burmester

Medeiros

2009

IEEE Trans. on Mobile Comput.

Self Cite

View full text Add to dashboard Cite

Abstract-Mobile ad hoc networks (MANETs) are collections of wireless mobile devices with restricted broadcast range and resources, and no fixed infrastructure. Communication is achieved by relaying data along appropriate routes, that are dynamically discovered and maintained through collaboration between the nodes. Discovery of such routes is a major task, both from an efficiency and from a security point of view. Recently, a security model tailored to the specific requirements of MANETs was introduced by Acs, Buttyán, and Vajda. Among the novel characteristics of this security model is that it promises security guarantees under concurrent executions, a feature of crucial practical implication for this type of distributed computation. A novel route discovery algorithm called endairA was also proposed, together with a claimed security proof within the same model. In this paper we show that the security proof for the route discovery algorithm endairA is flawed, and that moreover this algorithm is vulnerable to a hidden channel attack. We also analyze the security framework that was used for route discovery, and argue that composability is an essential feature for ubiquitous applications. We conclude by discussing some of the major security challenges for route discovery in MANETs.

show abstract

Secure multipath communication in mobile ad hoc networks

Cited by 37 publications

References 19 publications

Secure Data Collection in Wireless Sensor Networks Using Randomized Dispersive Routes

Secure Data Collection in Wireless Sensor Networks Using Randomized Dispersive Routes

Secure Data Collection in Wireless Sensor Networks Using Randomized Dispersive Routes

On the Security of Route Discovery in MANETs

Contact Info

Product

Resources

About