Declaration of Authorship
Abstract
Résumé
Acknowledgements
Dedication
List of Figures
List of Tables
Acronyms
1 Introduction
1.1 Background and motivations
1.2 Dissertation organization
1.3 Summary of our contributions
2 Security Threats in Wireless Multi-hop Networks
2.1 Network security requirements
2.2 Wireless Multi-hop Networks: an overview
2.2.1 Mobile Ad Hoc Networks (MANETs)
2.2.2 Wireless Mesh Networks (WMNs)
2.2.3 Vehicular Ad Hoc Networks (VANETs)
2.3 Attacks targeting Wireless Multi-hop Networks
2.3.1 Attacks at network layer
2.3.1.1 Black hole attack
2.3.1.2 Wormhole attack
2.3.1.3 Sybil attack
2.3.2 Attacks at MAC layer
2.3.2.1 IEEE 802.11 MAC protocol overview
2.3.2.2 MAC layer misbehavior in DCF mode
2.4 Conclusion
I The Black Hole Attack
3 Studying Black Hole Attack in MANETs
3.1 Introduction
3.2 Root causes of packet dropping in MANETs
3.3 Black hole attack in MANETs
3.3.1 Routing protocol-specific attack
3.3.1.1 Black hole attack in AODV
3.3.1.2 Black hole attack in OLSR
3.3.2 Inter-layer attack
3.4 Secure MANETs against Black hole attack
3.4.1 Overview of the cryptographic primitives
3.4.2 Taxonomy of the proposed solutions in the literature
3.4.2.1 First defense line schemes
3.4.2.2 Second defense line schemes
3.4.2.3 Third defense line schemes
B.1. ACK-based schemes in reactive protocols
B.2. ACK-based schemes in proactive protocols
B.3. Requirements of ACK-based schemes
3.4.2.4 Other schemes
3.4.3 Discussion
3.5 Challenges
3.6 Conclusion
4 Coping with Black Hole Attack In MANETs
4.1 Introduction
4.2 OLSR and its vulnerabilities
4.3 Mono layer black hole attack
4.3.1 The single black hole problem
4.3.2 Colluding Black hole attack model
4.3.3 Our proposed solution
4.3.3.1 Discussion
4.3.3.2 Timeout for acknowledgement reception
4.3.3.3 The 3 hop ACK scheme operations
4.3.3.4 Security analysis of 3 hop ACK scheme
4.3.4 Simulation model and results
4.3.4.1 Colluding Black hole attack simulation
4.3.4.2 Performance evaluation
4.3.4.3 Overhead evaluation
4.4 Cross layer black hole attack
4.4.1 Attack description
4.4.2 The proposed solution
4.4.3 Simulation
4.4.4 Conclusion
II MAC Layer Misbehavior
5 Greedy Behavior in Wireless Mesh Networks
5.1 Introduction
5.2 The adaptive cheating technique at MAC layer
5.3 Motivations
5.4 Related work
5.4.1 Backoff algorithm modification based schemes
5.4.2 Monitoring based schemes
5.4.3 Game theory based schemes
5.5 Fuzzy Logic based scheme to Struggle against Adaptive Cheaters (FLSAC)
5.5.1 Scheme description
5.5.1.1 Main idea
5.5.1.2 Fuzzy controller description
Inputs
Backoff DEViation (BDEV)
ReTransmission Rate (RTR)
Frames sent after Short DIFS (S-DIFS)
Fuzzification
The membership function
Rule-based decision
Defuzzification
5.5.1.3 Punishment scheme and additional issues
5.5.2 Simulation results
5.5.2.1 Simulation environment
5.5.2.2 Discussion of simulation results
5.6 Enhanced FLSAC using Bayesian model
5.6.1 key idea
5.6.2 Model description
Computation of the cheating probability
Filter evaluation methodology
Integration of the bayesian model with FLSAC
5.6.3 Simulation settings and results
5.6.4 Conclusion
6 Greedy Behavior in MANETs
6.1 New strategy of the greedy behavior in MANETs
6.1.1 Introduction
6.1.2 Greedy nodes’ classification
6.1.3 Greedy behavior impact on network performance: WLAN versus MANETs
6.1.4 Our greedy strategy description
6.1.4.1 Main Assumptions
6.1.4.2 Conflict graph construction
6.1.4.3 Bandwidth fair-share estimation
6.1.4.4 Misbehaving Threshold Computation
6.1.4.5 How to launch our greedy strategy?
6.1.5 Energy constraints
6.1.6 Experimental study
6.1.6.1 Propagation of greedy behavior impact
6.1.6.2 Advantages of the proposed greedy behavior strategy
6.1.6.3 Impact of the mobility and network density on the efficiency of our greedy strategy
6.2 Thwarting backoff rules violation in MANETs
6.2.1 Introduction
6.2.2 The proposed scheme
6.2.2.1 Our Backoff computation scheme
6.2.2.2 Detection of protocol rules violation
6.2.2.3 Cheater identity dissemination (Reaction)
6.2.2.4 Detection of collusive nodes
6.2.3 Experimental study
6.3 Conclusion
7 Conclusion and Future Work
Publications List
Bibliography
I, Soufiene Djahel, declare that this document titled, ‘Securing Communications in Wireless Multi-hop Net- works: An in Depth Study of Routing and MAC Layers Misbehaviors’ and the work presented in it are my own. I confirm that:
- Where I have consulted the published work of others, this is always clearly attributed.
- Where I have quoted from the work of others, the source is always given. With the exception of such quotations, the work presented in this document is entirely my own work.
- I have acknowledged all main sources of help.
Signed:
illustration not visible in this excerpt
Date:
illustration not visible in this excerpt
While the rapid proliferation of mobile devices along with the tremendous growth of various applications us- ing wireless multi-hop networks have significantly facilitate our human life, securing and ensuring high quality services of these networks are still a primary concern. In particular, anomalous protocol operation in wireless multi-hop networks has recently received considerable attention in the research community. These relevant se- curity issues are fundamentally different from those of wireline networks due to the special characteristics of wireless multi-hop networks, such as the limited energy resources and the lack of centralized control. These issues are extremely hard to cope with due to the absence of trust relationships between the nodes.
To enhance security in wireless multi-hop networks, this dissertation addresses both MAC and routing layers misbehaviors issues, with main focuses on thwarting black hole attack in proactive routing protocols like OLSR, and greedy behavior in IEEE 802.11 MAC protocol. Our contributions are briefly summarized as follows.
As for black hole attack, we analyze two types of attack scenarios: one is launched at routing layer, and the other is cross layer. We then provide comprehensive analysis on the consequences of this attack and propose effective countermeasures.
As for MAC layer misbehavior, we particularly study the adaptive greedy behavior in the context of Wireless Mesh Networks (WMNs) and propose FLSAC (Fuzzy Logic based scheme to Struggle against Adaptive Cheaters) to cope with it. A new characterization of the greedy behavior in Mobile Ad Hoc Networks (MANETs) is also introduced. Finally, we design a new backoff scheme to quickly detect the greedy nodes that do not comply with IEEE 802.11 MAC protocol, together with a reaction scheme that encourages the greedy nodes to become honest rather than punishing them.
Keywords: Wireless Multi-hop Networks, MANETs, WMNs, Black hole attack, MAC layer misbehavior, Greedy behavior, Routing protocols security, OLSR
Récemment, les comportements malveillants dans les réseaux sans fil multi-sauts ont attiré l’attention de la communauté scientifique. La prolifération rapide du nombre de dispositifs sans fil ainsi que la diversification des applications basées sur ces réseaux ont grandement contribué à l’amélioration de la qualité de vie ainsi que la modernisation de la société. Cependant, la nécessité de sécuriser ces réseaux et de garantir la robustesse de leurs services est devenue une préoccupation majeure. En effet, les caractéristiques spécifiques de ces réseaux, telles que l’absence d’infrastructure et l’absence d’une entité centrale de confiance, font que les réponses à leurs problèmes de sécurité sont tout à fait différentes de celles des réseaux filaires. De plus, le manque de confiance entre les nœuds rend ces problèmes encore plus critiques.
L’objectif de cette thèse vise à contribuer au renforcement de la sécurité dans les réseaux sans fil multi-sauts. Elle se focalise sur l’étude des comportements malveillants au niveau des couches MAC et réseau. Nous nous intéressons au développement de nouvelles solutions pour faire face à l’attaque du trou noir ”Black hole” dans le contexte du protocole OLSR, ainsi qu’analyser le comportement des nœuds cupides ”Greedy” au niveau de la couche MAC, dans toutes ses versions.
Une attaque de trou noir peut être menée suivant deux scénarios. Le premier scénario consiste à lancer l’attaque, exclusivement, au niveau de la couche réseau. Le second scénario consiste en une attaque multi-couches. Dans le cadre de cette thèse, nous analysons l’impact de ces deux types d’attaques et proposons des contre-mesures appropriées.
Au niveau de la couche MAC, nous étudions particulièrement le comportement cupide adaptatif dans le cadre des réseaux sans fil maillés et nous proposons une solution originale baptisée, FLSAC, afin de prévenir ce type de menace. Dans le cadre des réseaux mobiles ad hoc (MANETs), nous définissons un nouveau modèle de comporte- ment des nœuds cupides. Nous développons aussi un nouvel algorithme de backoff, dont l’avantage principal est d’assurer une détection rapide des nœuds cupides non conformes aux spécifications du protocole IEEE802.11. Cet algorithme offre un mécanisme de réaction qui incite un nœud cupide à se comporter correctement en lui donnant la chance de se repentir après détection.
Mots clés: Réseaux sans fil multi-sauts, MANETs, WMNs, Attaque de trou noir, Comportement cupide adaptatif, Sécurité des protocoles de routage, OLSR
First of all, I would like to express my sincere gratitude and appreciation to my advisor Professor Farid Naït- Abdesselam for his valuable guidance throughout my research work. I am inspired by his insight, and I have learned a lot from him. I would like to thank him for his encouragement and support throughout my Ph.D study.
I would also like to thank, Prof. Abdelmadjid Bouabdallah, Prof. Pascal Urien, Prof. Ashfaq Khokhar, Prof Jean-Luc Dekeyser and Dr. Mohammed Achemlal for agreeing to serve on my committee. I particularly thank them for their valuable comments and remarks that will help to improve my future work.
I am in particular indebted to Dr. Zonghua Zhang for his encouragement and insightful comments and advices during my PhD studies. Many thanks to my current and former colleagues, namely Yassine, Dalil and Intessab, for their help in reading earlier versions of my papers and their valuable comments. I would also like to thank Dr. Youcef Begriche for his collaboration in modeling the problem of greedy behavior in Wireless Mesh Networks.
Finally, I would like to thank with all my heart my family for their infinite love and support throughout my life. Their love gave me strength to go on during the most difficult moments of my life and the least I can do is to dedicate this thesis to them.
To my parents, for their unconditional love and support throughout my whole life. To my uncle Chemam Mokhtar, allah yarhamou, who passed away in last september.
2.1 Example of applications of Mobile Ad Hoc Networks
2.2 Wireless Mesh Network Architecture
2.3 An example of VANETs application
2.4 IEEE 802.11 DCF protocol functioning
2.5 Cheater node gains access to the medium ahead of schedule because it starts decreasing its backoff before the well-behaved nodes
2.6 Consequences of NAV inflation misbehavior
2.7 Scrambling MAC frames (CTS, DATA and ACK)
3.1 Route discovery in AODV
3.2 Black hole attack in AODV
3.3 The MPR set of node T before launching the attack
3.4 The new MPR set of node T after the spoofing link attack is launched
3.5 The network topology held by the nodes B and C before the attack, where they are able to com- municate with the T’s MPR selectors nodes
3.6 The network topology held by the nodes B and C after the attack, where the nodes A 1, A 2 and A are unknown for them
3.7 Fake symmetric link created between nodes T 1 and T
3.8 Inter-layer attack description
3.9 The principle of passive feedback
3.10 TWO hop ACK threshold for minimum timeout
3.11 A holistic perspective on the defense lines against packet dropping attack
4.1 Shortcoming of the overhearing technique
4.2 Colluding black hole attack model
4.3 Multiple attackers around the victim node
4.4 Colluding black hole attack description
4.5 Topology perceived by nodes C 2, C 4 and C 5 after attack
4.6 New format of the TC message
4.7 Topology perceived by nodes C 1 and C 2 when the condition c is not satisfied
4.8 The 3 hop ACK scheme functioning
4.9 Delivery ratio vs. average vehicle velocity
4.10 Comparison of the average number of TC messages received
4.11 Detection rate vs. average vehicles velocity
4.12 Number of false alarm vs. timeout value
4.13 Routing overhead of 3hop ACK scheme vs vehicle velocity
4.14 Impact of power control employment on the transmission range of node A, A’s transmission range reduces from R 1 to R
4.15 Attack description at both routing and MAC layers
4.16 The format of RTS+ frame (32 bytes)
4.17 The format of CTS+ frame (24 bytes)
4.18 Flowchart describing the functioning of our solution
4.19 Network topology illustrating an example of the studied cross layer attack
4.20 Data packets delivery ratio under VLINK attack solely
4.21 Data packets delivery ratio under the cross layer attack
4.22 Data packets forwarded by node B
4.23 The proposed solution efficiency in terms of data packets delivery ratio under various nodes speed
4.24 Variation of the overhead added by RTS+ and CTS+ frames versus nodes speed and pause time
5.1 Wireless Mesh Networks model
5.2 The switching scheme used by the adaptive cheater to switch over the cheating strategies
5.3 Example of the membership function for BDEV
5.4 Example of the membership function for RTR
5.5 Example of the membership function for SDIFS
5.6 The overall functioning of our scheme
5.7 The main components of FLSAC
5.8 Impact of backoff manipulation on throughput
5.9 Impact of DIFS value reduction on throughput
5.10 Impact of the proportion of scrambled CTS packets on throughput
5.11 Impact of the NAV value inflation on throughput
5.12 Impact of the adaptive cheater on throughput
5.13 FLSAC’s performance
5.14 The integration of the Bayesian model with FLSAC
5.15 Detection rate versus the variation of the MC: scenario
5.16 Detection rate versus the variation of the MC: scenario
5.17 Detection rate versus the variation of the MC: scenario
5.18 Detection rate versus the variation of the MC: scenario
5.19 Detection accuracy in different scenarios
6.1 Classification of the greedy nodes’s behaviors
6.2 Greedy behavior: WLAN versus MANETs
6.3 Propagation of greedy behavior’s impact in MANETs
6.4 The connectivity graph
6.5 Example of bandwidth share among the greedy node, its next hop and the other neighbors nodes in the case where this greedy node is applying full greedy strategy (similar to WLAN case) in order to monopolize the medium
6.6 Conflict graph of the contending transmissions. (a) case of Rcs = Rcs 1; (b) case of Rcs = Rcs
6.7 The set of maximal cliques. (a) Rcs = Rcs 1, 3 maximal cliques whose sizes are 4, 4 and 5 respec- tively; (b) Rcs = Rcs 2, 2 maximal cliques of 6 vertices each. Note that the dashed edges represent the new links created due to increase in Rcs Rcs 1 to Rcs
6.8 Propagation of greedy behavior’s impact according to CWm variation in MANETs, measured in terms of the acquired throughput
6.9 End-to-end delay of the greedy node’s flow versus CWm size
6.10 Variation of the packet delivery ratio of the greedy node’s flow versus the chosen CWm value
6.11 Topology used for evaluation of our proposed greedy behavior strategy
6.12 Variation of the traffic flows sources’ throughput with the different cheating strategies adopted by the greedy node G
6.13 The topology perceived by the node G in the worst case, where the dashed lines denotes the extra links which are not acquired from Hello and TC message
6.14 Multiple traffic flows issued from the greedy node G and forwarded either through one or several next hops
6.15 Variation of the effectiveness factor in different scenarios: case of greedy node sending multiple flows through only one next hop node
6.16 Variation of the effectiveness factor in different scenarios: case of greedy node sending multiple flows through several next hops
6.17 The new format of RTS frame
6.18 Scenario describing a case of false accusation of a legitimate node
6.19 Impact of the number of senders on the fairness index and the normalized throughput: case of random topology
6.20 Impact of the offered bandwidth and MC on the fairness index: case of ring topology of 21 nodes
6.21 Detection ratio versus the percentage of the cheater nodes: case of random topology
6.22 Impact of the MC, network size and topology on the percentage of the false alarms
List of Tables
2.1 The key difference between MANETs, WMNs and VANETs
3.1 The values of the different fields of RREQ and RREP packets sent or forwarded by both legitimate and malicious nodes: (i) the nodes A 1 and A 2 forward correctly the RREQ and RREP packets (ii) the node C spoofs the destination node’s address (D) and augments illegitimately the Dst-Seq-Num
3.2 Example of Hello message sent by node M
3.3 Cryptographic primitives comparison
3.4 Characteristics of the surveyed schemes
3.5 A comparison on the different approaches: assumptions and drawbacks
4.1 Example of HELLO rep message sent by node X...
4.2 Simulation settings
4.3 The MPR sets of nodes A and B
4.4 Routing table of node N2 before the attack
4.5 Routing table of node N2 after the attack
5.1 The key difference between FLSAC and the existing schemes
5.2 Fuzzy rules of the formula : RES 1 = (BDEV ∧ RTR)
5.3 Fuzzy rules of the formula : RES 2 = ( BDEV ∧ RTR) ∧ S-DIFS)
5.4 The final fuzzy decision of FLSAC : FDEC = (RES 2 ∧ Last decision)
5.5 Simulation settings
5.6 Simulation settings
5.7 Scenarios setting
6.1 Simulation settings
6.2 End-to-end delay and packet delivery ratio of flow f 1 under various greedy behavior strategies
6.3 Scenarios setting
6.4 The monitoring table
6.5 Simulation settings
illustration not visible in this excerpt
At the turn of the twenty first century, we have all witnessed a steadily growth of deployment of wireless and mobile communications networks. Initially, this new paradigm of communication was aiming to provide commu- nication services in some situations where infrastructures are no longer available, such as in battlefield, emergency and rescue operations. Then, due to the advances in mobile computing devices’ technology (e.g., laptops, hand- held digital devices, PDAs and wearable computers) and their increasing use in our daily life, the applications that use such networks have shown a tremendous growth. Therefore, wireless networks deployment in cities, inside building and to interconnect cars has become a prerequisite. To this end, several network architectures have been proposed and standardized such as, WLAN, MANETs, Wireless Mesh Networks (WMNs) and VANETs. To sat- isfy the users’ requirements, these architectures need to provide a robust and secure service. Robust service means ensuring a high performance for the running applications by offering a Quality of Service (QoS) guarantees. In another hand, network security revolves around the three key principles of confidentiality, integrity and availability of service.
Security in wireless ad hoc networks is a vital element for basic network functions like packets forwarding and routing. Network operation can be easily jeopardized if effective countermeasures are not embedded into basic network functions at the beginning of their design. Unlike networks using dedicated nodes to support their critical functions, in ad hoc environment those functions are carried out by every node in the network. This difference constitutes the main cause of the security problems that are specific to such environment. As opposed to the dedicated nodes in traditional networks, the nodes in an ad hoc network cannot be trusted to ensure correct execution of critical network functions.
When tamper-proof hardware and strong authentication infrastructure are not available, for example, in an open environment where a common authority that regulates the network does not exist, any node of an ad hoc network can endanger network operations. To ensure reliable functioning of the network, each node must correctly execute critical network functions, as well as perform fair share of its resources. This means that it devotes the same efforts and resources for processing and transmitting its own packets as well as for those of its neighbors. This latter requirement seems to be a strong limitation for wireless mobile nodes where power saving is a major concern. The threats considered in MANETs scenario are, therefore, not limited to maliciousness; a new type of misbehavior called selfishness should also be taken into account. The maliciousness and selfishness behaviors may target both MAC and routing layers leading to sharp collapse of network performance. These misbehaviors are logic consequence of the specific characteristics of wireless ad hoc networks. The stringent energetic resources push the nodes to abstain from relaying neighbors’ packets to save their energy and thus extend their lifetime. Likewise, these nodes tend also to decline the proper use of MAC protocol rules to increase their bandwidth, because the availability of this resource is limited. Furthermore, these vulnerabilities in different layers highlight the growing need for conducting an in-depth investigation on routing and MAC protocols to identify the potential source of threats in their functioning and design, which can be exploited by a foe to compromise their security. Therefore, the design of effective defense mechanisms remains a compulsory task for preventing/detecting these misbehaviors or, at least, alleviate their impact.
The above discussed misbehaviors motivate us to pursue the research work presented in this dissertation. The problem we want to solve is the following. How can we detect misbehaving nodes that refuse to forward the routing packets, even though they launch the attack intelligently (i.e. through cross layer collusion)? How can we prevent greedy nodes from misusing the MAC protocol rules? and how can we detect them if they overcome the prevention scheme?. The answers to these questions will be provided throughout the subsequent chapters.
In order to make our dissertation easier to read and understand, we organize it in the following way.
This dissertation is mainly composed of two parts; in the first part we address the black hole attack whereas the second part is devoted to MAC layer misbehaviors. Prior to these two parts, Chapter 2 provides some basic definitions of security requirements in wireless multi-hop networks, their specific characteristics and presents the attacks that targets both routing and MAC protocols. This chapter helps the reader for better understanding the contributions presented in parts 1 and 2.
The part1, in its turn, is divided into two chapters 3 and 4, respectively. Chapter 3 analyzes and deeply investigates the black hole attack in MANETs. It, first, explains how an attacker or a group of attackers can mount such attack in both reactive and proactive routing protocols. Then, a classification of the existing solutions is given along with a critical discussion of each of them by outlining its advantages and drawbacks. Last, we highlight the challenges need to be tackled in order to design robust routing protocols.
Chapter 4 presents two solutions to struggle against single and colluding black hole attack in OLSR. The former solution uses an authenticated three hops acknowledgment to detect the malicious MPR nodes that refuse to forward TC messages. On the other hand, the latter solution uses hash functions and modifies the format of MAC frames to prevent a cross layer scenario of black hole attack.
In the second part, MAC layer misbehavior issues are addressed in both WMNs and MANETs. The first chapter in this part (Chapter 5) focuses particularly on the adaptive greedy behavior in WMNs. As the existing schemes are unable to deal with such misbehavior, we propose in this chapter our FLSAC scheme that exploits the strength of fuzzy logic to distinguish the adaptive cheater nodes from the well-behaving ones. Afterwards, to enhance its accuracy a Bayesian technique is developed and then integrated with it.
The second chapter of part2 (Chapter 6) is consecrated to investigate the greedy behavior in MANETs. This investigation aims to define new characterization of such misbehavior, which is more advantageous for the greedy node as compared to that adopted in many existing works. Additionally, we present robust scheme that allows prevention and fast detection of greedy nodes.
Finally, Chapter 7 concludes our dissertation and gives some future research directions.
The major contributions of our dissertation lie in both of routing and MAC layers misbehaviors. More specifically, we propose a bunch of schemes to prevent these misbehaviors or at least alleviate their devastating impact on network performance. Those contributions are summarized in the following.
Three hops acknowledgement based scheme to cope with single and colluding black hole attack in OLSR It is worth noting that the black hole attack, targeting routing protocol’s control packets, is one of the most devas- tating attacks in wireless multi-hop networks. The goal of this attack is to force the well-behaving nodes to choose the hostile nodes as relays to disseminate the topological information, thereby they exploit the functionality of the routing protocol to retain/drop control packets. In particular, in optimized link state routing (OLSR) protocol, if a single or collusive black hole attack is launched during the propagation of the topology control (TC) packets, the topology information will not reach the whole network, which disrupts the routing operation (i.e. the route estab- lishment). In this contribution, a three hops acknowledgment based scheme is proposed to deal with this attack. This scheme adds two extra packets to OLSR, Hello-rep packet which is a slight modification to Hello message and a small acknowledgment packet. The main idea of this scheme can be described as follows. Each MPR node M needs to learn the list of its 3-hop neighbors reached through a distinct pairs of two MPR nodes (M1, M2), where M2 is the MPR node of M1 and this latter is the MPR of the node M. Then, the node M selects one node, from this list, for which authenticated acknowledgment is requested. This acknowledgement is the unique proof that the TC packet has not been dropped during relay. Notice that the authentication function is performed using a pre-established secret key between node M and the requested node. When the number of missed acknowledge- ments overtakes a predefined threshold, then the MPR nodes M1 and M2, relaying M with the requested node, are deemed as misbehaving and consequently they will never be selected as MPRs.
Lightweight solution to cope with cross layer black hole attack in OLSR
It is well known that security attacks in MANETs are becoming a serious problem that may lead to harmful consequences on network performance. Despite that, many routing protocols still unable to cope with these attacks. Moreover, the vulnerability of MAC layer protocols to misbehaviors exacerbates the damage caused by the attacks at higher layers. Therefore, cooperation between layers becomes a must to face such attacks. In this work, we address one of the attacks targeting neighbor discovery operations in OLSR. This attack is launched at routing layer by carrying out a virtual link attack leading to establishment of fake symmetric link between the victim nodes, which are currently connected through an asymmetric link. So, an incorrect Multi-Point Relay (MPR) set may be elected by the victim nodes as well as by their neighbors, which leads to choose broken routes to forward data packets. Subsequently, the collaborator of the previous attacker carries out a false validation attack at MAC layer in order to reinforce the former attack and make it more destructive. To face this cross-layer attack, we propose a cross-layer scheme which requires that the routing layer gets a confirmation from MAC layer regarding the status of a specific link before advertising it to the network. In order to check the symmetry of a link, the Request to Send (RTS) and Clear to Send (CTS) frames formats are modified by replacing the destination address field by the hash value of a combination of the shared secret key between the sender and receiver nodes and RTS sequence number. Thus, the attacker node acting at MAC layer cannot validate the reception of the RTS and DATA frames being transmitted by one of the victim nodes since it cannot generate the correct value of the destination address field. Therefore, this cross-layer attack can never be launched successfully unless the secret key is divulged.
Fuzzy Logic based scheme to Struggle against Adaptive Cheaters (FLSAC)
The growing popularity of Wireless Mesh Networks has opened the door to a bunch of attacks that may target their core functioning, which leads to sharp collapse of their performance. Hence, the need of robust and fast detection of these attacks became a major concern in order to guarantee an efficient and fair share of network resources among the nodes. One of these devastating attacks is the greedy behavior which leads to severe decrease of the bandwidth acquired by the neighbors of the attacker. In this study, we focus on such misbehavior and particularly on the adaptive greedy behavior, wherein the greedy node prefers to frequently switch between several cheating strategies rather than always applying one technique; thereby it avoids detection by the deployed schemes. To cope with such misbehavior, we propose a fuzzy logic based detection scheme, dubbed FLSAC. FLSAC is implemented in the mesh router/gateway to monitor the behavior of the attached wireless mesh clients. It then carries out a global assessment of all observed MAC parameters by applying fuzzy rules issued from IEEE 802.11 specification to identify any deviation from the proper protocol rules. The combined deviation of these parameters will be further used to classify a node into greedy or honest set following the membership function. According to the simulation results, FLSAC shows robustness and strong ability to quickly identifying the adaptive greedy nodes. Nevertheless, its performance didn’t fulfil our goals. To enhance its detection accuracy, we integrate it with a bayesian probabilistic model that we have developed. The resulted scheme from this integration illustrates better detection rate and accuracy as compared to FLSAC.
Novel strategy for greedy behavior in MANETs
The strategy used in many research works to describe the greedy behavior in MANETs is assumed to be similar to that in WLAN. However, this assumption is neither realistic nor sustainable, since the greedy node that tries to monopolize the wireless medium, as it did in WLAN, will disrupt its own traffic flows due to the specific constraints and characteristics of MANETs. Therefore, in order to have a more beneficial greedy behavior strategy in MANETs, a node must adopt a different approach that allows it to achieve better performance for its own traffic flow as well as for the crossing flows of interest. To this end, we propose a novel strategy that uses conflict graphs and takes into account nodes’ density and collision rate in the neighborhood of the greedy node to adjust the greediness parameters used by this latter to achieve its goals. Besides, our strategy is hard to be detected since the continuous adjustment of the cheating parameters will hide the greediness of the node from the monitor. Thus, it is suitable to be applied in MANETs. New backoff scheme for IEEE 802.11 MAC protocol This work designs new backoff scheme that ensures fast detection of the greedy nodes which either fabricates small backoff value or refuse to increase its contention window (CW) after an unsuccessful transmission. This scheme uses one way function to generate the backoff values with respect to the CW, and modifies the RTS frame format by piggybacking the data packet’s CRC value along with the number of retransmission attempts. So any cheating attempt will be detected by the receiver node as well as by the other neighbors of the cheater, as long as the monitoring conditions are held. Furthermore, this scheme is robust against sender-receiver collusion and provides a novel reaction mechanism that gives the detected cheaters a chance to repent and comply again with the protocol rules through the use of special warning message. The performance evaluation has confirmed the efficiency of this scheme and shown that it achieves a fairness index comparable to that of BEB algorithm, in several scenarios.
In this chapter, we give a snapshot of three emergent classes of wireless multi-hop networks and explore the security threats related to each of them. We particularly describe the specific characteristics of Mobile Ad Hoc Networks (MANETs), Wireless Mesh Networks (WMNs) and Vehicular Ad Hoc Networks (VANETs), and show that these characteristics make those networks more vulnerable to security attacks. Moreover, we address some examples of attacks that target routing and MAC layers.
In this section, we discuss the security requirements usually expected to be met by a secure system. The security services of wireless multi-hop networks are not altogether different from those of other systems. The purpose of these requirements is to protect the exchanged information and nodes’ resources from any misuse. The main requirements that effective security architecture must ensure are explained in the following;
Authentication is needed in order to be sure about the identity of the sender or receiver of a packet. It also ensures that communication from one node to another is genuine. In other words, it prevents an attacker from impersonating a trusted node.
Confidentiality protects the content of a message and ensures that it cannot be understood by anyone other than its (their) desired receiver(s). Data confidentiality is typically enabled by applying symmetric or asymmetric data encryption. This property is particularly important in wireless networks since the broadcast nature of the medium facilitates eavesdropping.
Integrity ensures that the transmitted messages are not illegitimately altered during transmission. This alteration includes changing the content, status, deleting, delaying or replaying of the transmitted messages by the intermediate nodes.
Availability ensures that the services are usable when needed, in spite of the presence of attacks. In wireless multi- hop networks of potentially low powered devices, sleep deprivation or incorrect forwarding of messages are effective threats that lead to denial of service (DoS). So, to guarantee the availability property, it is required to develop robust mechanisms that struggle against all types of DoS attacks.
Non Repudiation in computer networks, non-repudiation property means that a node cannot repudiate having sent or received a message. A typical attack is masquerading that may be prevented by using digital signa- ture.
In general, wireless networks refer to the use of radio frequency signals to share information and resources between devices. Due to the fundamental differences found in their physical layer, wireless networks and devices show distinct characteristics from their wire line counterparts, specifically,
- higher interference due to the broadcast nature of transmission.
- limited bandwidth and much lower transmission rates, typically much slower speed compared to the wired networks, which leads to severe degradation of QoS, including jitter and delays.
- Eavesdropping: the unreliable wireless links facilitate eavesdropping. By using an antenna which is placed at an appropriate location, any node can overhear the packets sent by its neighbors.
- The lack of protected wired link makes it easier for an attacker to impersonate a legitimate user.
- To be mobile the wireless device must be small, which means that it has limited storage, computing capabil- ities, and energy resources. The energy issue is the most significant since technological progress on batteries is much slower than on electronics. To solve this problem, the number of computational operations to be
performed by the mobile devices should be reduced. Therefore, it is required that security protocols do not generate high computational overhead, which may significantly reduce their efficiency.
- multiple paths are likely to be available due to sufficient node density. Therefore, multiple copies of a packet or parts of it can be routed through several paths to increase the probability of a packet being delivered successfully to its destination.
- weaker security: as the wireless channel is accessible to everyone, network security is more difficult to implement, as attackers can interface more easily.
In what follows, we provide a brief description of the most promising models or classes of wireless multi-hop networks, namely MANETs, WMNs and VANETs.
MANETs 1 are wireless multi-hop networks dynamically constructed by mobile nodes without the aid of any established infrastructure. This new paradigm of wireless communications aims to make communication possible in some situations where the services offered by both wired networks and WLAN are unavailable. MANETs are mainly useful in military and other tactical applications such as emergency rescues. Moreover, we can set up an ad hoc network at a conference to distribute files and discuss talks without using any wireless infrastructure that would have to be paid. Figure 2.1 illustrates some examples of MANETs applications. In this network, nodes should collaborate with each other to support the network functions. However, due to the self-organized nature and insufficient resources, some of them may misbehave to fulfill their individual interests (e.g., drop or mis-route packets). Hence, countering such misbehavior is a critical issue that we will tackle throughout the next chapters.
illustration not visible in this excerpt
FIGURE 2.1: Example of applications of Mobile Ad Hoc Networks
WMNs are particular wireless multi-hop networks, which consists of three entities: mesh routers (MRs), gateways (GWs) and mesh clients (MCLs), as shown in Figure 2.2. The gateways are usually equipped with multiple interfaces (wired and wireless) and serve as internet access points to the MCLs. These gateways can be either stationary or mobile (e.g, airplane, buses/subway). In WMNs, a large number of MRs is required in order to provide reliable service. Each MR has at least one wireless interface and acts as a repeater to transmit data from nearby routers/clients to the remote peers. In such networks, the MCLs are the only sources/destinations of data traffic flows. The connection to the mesh network is provided through the wireless MRs (or directly through the GWs). In what follows, we summarize the main advantages of WMNs as compared to MANETs 2 ;
- WMNs provide support for ad hoc networking with capability of self-forming, self-healing and selforganization, along with significant enhancements in the network performance and ease of deployment.
- As opposed to MANETs, WMNs provide larger coverage, connectivity and robustness due to redundancy.
- WMNs can integrate with several types of networks, including Internet, WiMAX3, Wireless Sensor networks (WSNs)4, etc., using gateways technologies.
- Mesh connectivity significantly enhances network performance, such as fault tolerance, load balancing, throughput and protocol efficiency.
As a consequence of these characteristics, WMNs are widely used in many applications. Consequently, WMNs should provide high resistance to various abuses and security attacks.
VANETs are composed by vehicles equipped with wireless network devices that are able to spontaneously inter- connect each other without the aid of any infrastructure. VANETs are a cornerstone of the envisioned Intelligent Transportation Systems (ITS)5. Vehicles communicate with each other via Inter Vehicle Communication (IVC)
illustration not visible in this excerpt
FIGURE 2.2: Wireless Mesh Network Architecture
as well as with roadside base stations via Vehicle-To-Infrastructures Communication (V2I). The main goal of IVC and V2I technologies is to provide each vehicle with timely information about its surrounding and road conditions in order to assist the driver avoiding potential dangers.
VANETs represent a particularly challenging class of MANETs and one of their concrete applications, char- acterized by relatively high mobile nodes with speeds varying from 0 to 30 m/s. Moreover, unlike many other MANETs environments, where node’s movement occurs in an open field (such as conference rooms and cafes), vehicles are constrained to predefined streets often separated by buildings, trees or other obstacles, thereby in- creasing the average distance between vehicles and, in most cases, reducing the overall signal strength received at each vehicle.
Recently, a number of attractive applications of VANETs have emerged. These applications can be classified into three main categories as follows6:
- Information and warning functions: its main role is the dissemination of road information, such as car accidents, traffic density, surface condition, etc., to vehicles far away from the subjected site. These warning messages are exchanged between nearby vehicles as well as between vehicles and road side infrastructure to ensure a large spreading of information and enhance the road safety, as shown in Figure 2.3.
- Communication-based longitudinal control: exploiting the ”look-through” capability of IVC technology to help avoiding accidents and platooning vehicles to improve road capacity.
- Cooperative assistance systems: it aims to coordinate vehicles at critical points such as blind crossings (a crossing without light control) and highway entries.
To enable the deployment of IVC system, a set of security mechanisms must be designed to ensure its safety; otherwise, the efficiency of the transportation systems, as well as the physical safety of vehicles, drivers, and passengers could be jeopardized. In addition, VANETs are particularly challenging to secure due to the tight
illustration not visible in this excerpt
FIGURE 2.3: An example of VANETs application
illustration not visible in this excerpt
TABLE 2.1: The key difference between MANETs, WMNs and VANETs
coupling between applications and the networking material, as well as additional societal, legal, and economical considerations, which raise an unique combination of operational and security requirements.
Wireless multi-hop networks are exposed to a bunch of attacks at different layers. In this dissertation, we focus on the security attacks targeting both network and MAC layers. This choice is justified by the fact that those two layers constitute the foundation stone of the network functions since MAC layer is managing the access to the wireless medium and network layer establishes routes towards distant nodes. Therefore, any fail at these layers will affect the functioning of the rest of the upper layers and jeopardize the network performance.
We distinguish two types of attacks at this layer; attacks targeting routing function and those targeting the forwarding function, as described below.
Attacks on routing: in this type, the attacker node misbehaves when it generates the control packets that transport routing information; it may for example
- advertise false information for distance vector routing approach.
- change the path for source routing approach.
- advertise false links set or state information for link state routing approach.
Attacks on forwarding: these attacks occur at the forwarding phase where the intermediate nodes misuse the received packets rather than forwarding them correctly. The following are some of these misuses
- dropping data or control packets.
- altering their content.
- intercepting and redirecting packets.
- eavesdropping.
Based on the above analysis, we now describe some examples of these attacks.
In this attack, a misbehaving node exploits the vulnerabilities of routing protocols in order to get involved in different routes, and thereby it drops all the data or control packets passing through it. This attack will be deeply studied in next chapter.
[...]
[1] S. Corson and J. Macker. Mobile ad hoc networking (manet): Routing protocol performance issues and evaluation considerations. RFC 2501, Jan. 1999.
[2] I. F. Akyildiz and X. Wang. A survey on wireless mesh networks. IEEE Communications Magazine, 43(9), Sep. 2005.
[3] Ieee standard 802.16-2004, ieee standard for local and metropolitan area networkspart 16: Air interface for fixed broadband wireless access systems. IEEE, 2004.
[4] I. F. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayici. A survey on sensor networks. IEEE Communications Magazine, 40(8):102–114, Aug. 2002.
[5] T. Monahan. war rooms of the street: Surveillance practices in transportation control centers. The Communication Review, 10(4):367–389, Oct. 2007.
[6] D. Reichardt, M. Miglietta, L. Moretti, P. Morsink, andW. Schulz. Cartalk 2000 safe and comfortable driving based upon inter-vehicle-communication. IEEE Intelligent Vehicle Symposium (IEEE IVS), 2002.
