60-564 Security & Privacy on the Internet Instructor: Dr. Aggarwal Survey

1. 60-564 Security & Privacy on the InternetInstructor: Dr. AggarwalSurvey New Developments on Ad-hoc Network Security Presenters: Amar B. Patel , Mohammed F. Mokbel & Shushan Zhao November 25th , Fall 2007 School of Computer Science University of Windsor

2. Outline of the Presentation • Introduction to MANET • Survey of routing protocols in MANET • AODV protocol • SAODV protocol • Fuzzy Logic- based Security Level( FLSL) Routing Protocol • Feature of FLSL • Weakness of FLSL • Our Improvement to FLSL • Adding more Factor to Consideration • Weight Moving Average of Security Level • Applying PGP to Build a Self-Adjusted Security Architecture • Self Adjusted Security Architecture for Mobile. • Weakness and Possible Improvements • Discussion and Conclusion

3. Survey of routing protocols in MANET • Mobile ad hoc network (MANET) is a relatively new innovation in the field of wireless technology • Most of research focus on routing and do not concentrate much on other related issues, such as security • Consequently, current mobile ad-hoc networks do not have any strict security policy, this could possibly leadactive attackers to easily exploit or possibly disable the mobile ad-hoc network.

4. Survey of routing protocols in MANET • AODV protocol:Ad hoc On-demand Distance Vector protocol (AODV) AODV is a method of routing messages between mobile nodes. It allows these mobile computers, or nodes, to pass messages through their neighbours to nodes with which they cannot directly communicate. AODV does this by discovering the routes along which messages can be passed. • SAODV protocol: It is an extension of the AODV protocol. SAODV use some new extension message protect the routing messages of the plain AODV protocol. In these extension messages there is a signaturecreated by digesting the AODV packet using the private key of the original sender of the Routing message.

5. Survey of routing protocols in MANET • SAODV protocol also has more procedures/operations in the routing discovering comparing with AODV protocol • When a RREQ is sent, the sender signs the message.Neighbour nodes verify the signature before creating or updating a reverse route to thathost. And only if the signature is fine they store the reverse route • The final destinationnode signs the RREP with its private key. Intermediate and final nodes, again verify the signature before creating or updating a route to that host, also storing the signature with the route entry.

6. Weakness of AODV & SAODV Protocol • In recent time, most of secure routing protocols focus on the key management, authentication and encryption algorithm • These traditional routing protocols such as such as SAODV , SRPand SAR will fail to efficiently adapt to a higher security level routing selection • Since the security level and selection of route are not part of their normal operation. Therefore, special routing protocols are needed for ad-hoc networks.

7. Fuzzy Logic- based Security Level( FLSL) Routing Protocol • FLSL contains the way of determing the security-level of an individual mobile host in MANETs, and the algorithm to decide which route has the best security-level. • FLSL has three kinds of message: Route Request (RREQ), Route Reply (RREP) and Route Error (RERR).

8. MODIFIED FEATURES of FLSL • Message Packet Format • RREQ:The Security Level field is a new inserted field compared with RREQ messages in AODV protocol and SAODV protocol, which indicates the lowest security level of passed-by nodes. The initial Security Level field value of any RREQ message is set by source node and equal with the security level value of source code.

9. MODIFIED FEATURES of FLSL • RREP:The Security Level field is a new inserted field compared with RREP messages in AODV protocol and SAODV protocol, which indicates the security level value of selected route. The initial Security Level field value of any RREP message is set by the node which unicast RREP back to source node.

10. NEW FEATURES of FLSL • Security-Level of Mobile Host • Fuzzy Logic Algorithm:In MANET environment, the security level of individual mobile host is related closely with the difficulty of decrypting its secret key through brute-force attack. It is obvious that the security of secret key relies on the key length and the changing frequency of keys. In other words, the security-level of a mobile host is a function of multiple variables or the Security-Level is affected by many conditions. • Security-Level Based Routing:FLSL protocol discovers and maintains only needed routes unlike traditional proactive protocols which maintain all routes regardless of their usage. • Route Discovery:The security-Level of a route is decided by the node which has the lowest Security-Level in that route. So compared with the lowest Security-Level in other routes, the lowest security level in the highest security level route is higher.

11. Security-Level of Mobile Host • Security-Level parameters • Fuzzy membership function • Secret key length (l):Longer the secret key is, stronger to defend serious brute force attack. • Changing frequency of secret key (f): If mobile host’s secret key is changeable, the difficulty of decryption must be increased and security level of mobile hosts also gets enhanced. • Amount of active neighbour hosts (n): More active neighbour hosts existing will increase the percentage of potential attackers existing. • Security-Level of Mobile Host

12. Security-Level of Mobile Host • Fuzzy logic system rules

13. Security-Level of Mobile Host For each entry in rules table

14. Security-Level of Mobile Host The security level of single host j

15. Security-Level of Route • Security-Level of Route Security-Level of Final Route

16. RREQ Packet Transmission

17. RREP Packet Transmission

18. Simulation in NS2 • RREQ Packet Transmission (18 random nodes) S: Source Node D: Destination NodeStep 1Node 0Node 10Step 2:Node 10Node 15 Node10Node 4 Step 3: Node 4Node 17 (RREQ4 is firstly arrived packet) Step 4: Node 15Node 17 (RREQ15 is secondly arrived packet) Two available routes: 0101517 010417

19. Simulation in NS2 • RREP Packet Transmission (18 random nodes)S: Source Node • D: Destination Node • Step 1: Node 17Node 4 (RREP4 is firstly generated RREP packet) • Step 2: Node 17Node 15 (RREP15 is secondly generated RREP packet) • Step 3: Node 15Node 10 • Step 4: Node 4Node 10 • Step 5: Node 10Node 0 (The RREP15 arrived Node 10 earlier than RREP4, Node 10 dropped RREP4 because RREP15’s DSN is greater than RREP4. Finally Node 10 sends RREP15 to Node 0)

20. Simulation • The author conducted simulation experiment on their work using NS-2. • Simulations show that the FLSL routing protocol can improve security of mobile ad hoc networks. • They state that the simulation indicates that FLSL could reliably select the data transmission route with the highest security level and self-adaptive and dynamically adjust the route updating without delay. • On the other hand, the simulation also shows that FLSL consumes more time for route discovery process. The authors analyse the time compensation and claim it is affordable and reasonable.

21. Our Improvement to FLSL • Adding More Factors to Consideration We think the fuzzy logic parameters considered in this scheme are not thorough and complete. We propose to add more factors to take into account. • Battery Indicator (b): A secure route should also be a reliable route. This requires all the nodes along this route have enough battery power. • Link-quality Indicator (q): In the original scheme, the number of active neighbour hosts is taken into account, but the quality of links to these neighbours is not. We suggest using a link-quality indicator parameter combined with the “number of active neighbours”. • Credibility Indicator (c): In a secured MANET, there should be some on-line monitoring system that monitors the behaviour of each node, and evaluate the credibility of each one. This credibility should be used to evaluated the security level of the node. • etc.

22. Our Improvement to FLSL • Adding More Factors to Consideration • With new parameters, the security level can be represented as: • We can define the fuzzy logic member functions for these new parameters, and calculate the weighted security level using:

23. Our Improvement to FLSL • Weighted Moving Average of Security Level We suggest using weighted moving average of security level instead of a single time point value. • In most systems the security level of a node fluctuates. This may arise from the position change of the moving node, the temporary interferences, and so on. The weighted moving average can filter off sharp fluctuation. • There is always some delay to get the latest value of security level and it is impossible to get the value in the next time point, while the weighted moving average provides a good estimation of the security level value in the future.

24. Our Improvement to FLSL • Weighted Moving Average of Security Level • Each node keeps a series of previous security level values: SLn, SL(n-1) , ……, SL0 . • The old, historical values need to be given lesser weight – or forgotten – in order to be able to estimate the latest value. • For each value , we assign a weighted coefficient: Wi = (r >1). • The weights wi are indexed so that w0 is the weight of the last value, w1 the second last, and so on. • The adjusted security level is:

25. Our Improvement to FLSL • Weighted Moving Average of Security Level • To reduce the memory requirement of the algorithm, we want to allow calculating SL without having to keep all the earlier samples in memory, by using the previous calculated result SL’

26. Our Improvement to FLSL • Weighted Moving Average of Security Level • Choosing an empirical value , we get • This is a simplified equation to calculate the security level of a node that only needs keeping one historical data item

27. Self Adjusted Security Archit. • Merging the clustering and threshold key management techniques. • The dynamicity of MANET topology is reflected into the process of assigning to the nodes a public key. • Divide the net into clusters. • cluster heads (HA) are connected by virtual network. • Share the PK of the CA(Central Authority)

28. MANET Topology: Security… • Certificate-based authentication scheme • Distributed authentication [T] • Resource awareness [T] • Efficient certificate [T] • Heterogeneous certification [T] • Robust pre-authentication mechanism [T]

29. Prposed Security Architectyre • Bootstrapping • Cluster head • Gateway nodes • Warrant nodes • Regular nodes • Key management • Register phase: …Believed to be trustworthy… • CH Retirement

30. Partitioning the Network into clusters • Ad-hoc Net. S.A. Β θγ α Β θγ α Β θγ α Β θγ α Β θγ α Β θγ α Β θγ α Β θγ α Β θγ α Β θγ α α: CH |β:Warrant node |γ: GW |θ: Regular node

31. Performance Evaluation • Availability • Register Time • Packet Overhead * The solution was fully decentralized to operate in a large scale mobile network.

32. Weaknesses & Possible Improvements • The dynamicity of MANET topology creates a real need for security measurements. • It’s not sufficient to generalize this proposed arch. based on NS-2 only • More theoretical than practical • Graph is more complicated than what it seems (lots of additional parameters + conceptual analysis)

33. Cont’. • We propose an efficient mechanism for acquiring/releasing nodes existence by using a hash table • Which contains all the nodes required parameters to indicate their present/initial status. • This Hash Table should not be centralized in any way but partitioned and distributed over different clusters heads (as a special container). • There is only one variable which indicated whether this node does it exist in this cluster or not. • Therefore, this mechanism will just lessen the overhead in distributing the public/private keys over MANET clusters nodes.

34. Cont’. • Using a strong hash function like SHA-1 in the Hash Table is a must to avoid collision. • The HT should be encrypted using public key system • And it has a tree structure like to manage all these nodes with their clusters. • Actually, it is not easy to choose a balanced hash function which takes into account the computation and the time required to do a certain job because, simplicity, speed and strength are not a simple factors to combine them into a leveled scaled algorithm, especially in a MANET Network.

35. Discussions & Conclusion • In this paper, we study some new ideas on MANET security published in last two years. • Although these ideas are novel and promising, there exist some weaknesses and drawbacks in the proposed schemes which hinder the schemes to be applied generally. • We propose some improvement on these ideas: for fuzzy logic security routing, we suggest using more factors to assess the security level of a node, and assessing the security dynamically by taking time weighted moving average; for PGP-based self-adjusted security architecture.

36. Cont’. • we think the existing scheme is too resource-demanding and not scalable to large network; we propose to use some optimized data structure, such as hash table, to lower down the resource requirement. • Due to time limitation, we cannot implement our ideas for proof. However, by theoretical analysis, we believe if our proposals are employed in the original schemes, there would be significant improvement in the schemes.

37. Questions ?

38. References [1] Jing Nie, JiangchuaWen, Ji Luo, Xin He, Zheng Zhou, 2006, An adaptive fuzzy logic based secure routing protocol in mobile ad hoc networks, Fuzzy Sets and Systems [2] Lu Jin, Zhongwei Zhang and Hong Zhou, Deliberation and Implementation of Adaptive Fuzzy Logic Based Security Level Routing Protocol for Mobile Ad Hoc Network, Consumer Communications and Networking Conference, 2007 [3] AZ Ghalwash, AAA Youssif, SM Hashad, R Doss, 2007, Self Adjusted Security Architecture for Mobile Ad Hoc Networks, 6th IEEE/ACIS International Conference on Computer and Information Science (ICIS 2007)   pp. 682-687 [4] P.Zimmermnn , "The Official PGP usrs guide", MIT Press, 1995