1
Some Security Challenges for Mesh Networks
Jean-Pierre Hubaux
EPFL
Switzerland
Joint work with Imad Aad, Naouel Ben Salem, Levente Buttyan, Srdjan Capkun, Markus Jakobsson, and Maxim Raya
Funded by the MICS/Terminodes project, www.mics.org
2
Some Security Challenges for Mesh Networks
Outline
1. Preventing greedy behavior at the MAC layer
2. Secure positioning
3. Cooperation between nodes
9
Solution 1
Detection and handling of MAC layer misbehavior in
wireless networks (Kyasanur and Vaidya, DSN 2003)
Idea: the receiver assigns backoff values to the sender
Detection: compares expected and observed backoffs
Correction: assigns penalty to the cheater
10
Solution 2 DOMINO (Raya, Hubaux, and Aad, MobiSys 2004)
Idea: monitor the traffic and detect deviations by comparing average values of observed users
Detection tests: number of retransmissions, backoff, …
Features:
• Full standard compliance
• Needs to be implemented only at the Access Point
• Applicable to all CSMA/CA-based protocols
• Simple and efficient
The operator decides the amount of evidence required before taking action (in order e.g. to prevent false positives)
http://domino.epfl.ch
Game-theoretic study:M. Cagalj, S. Ganeriwal, I. Aad and J.-P. Hubaux"On Cheating in CSMA/CA Networks" Technical report No. IC/2004/27, February 2004
11
Components of DOMINO
Consecutive backoff
Actual backoff
Maximum backoff: the maximum
should be close to CWmin - 1
Backoff manipulation
Comparison of the idle time after the
last ACK with DIFSTransmission before DIFS
Comparison of the declared and actual
NAV valuesOversized NAV
Number of retransmissionsFrame scrambling
Detection testCheating method
12
DOMINO performance (ns-2 simulation)
Setting: uplink UDP traffic; 7 well-behaved stations + 1 cheating station;each point corresponds to 100 simulations of 10s each; confidence int: 95%
13
2. Secure positioningBeing able to securely verify positions of devices can enable:
- Location-based access control- Detection of displacement of valuables- Detection of stealing- Monitoring and enforcement of policies (e.g., traffic monitoring)- Location-based charging - …
In multi-hop networks- Secure routing- Secure positioning- Secure data harvesting (sensor networks)- …
14
Distance measurement by Time of Flight (ToF)
- Based on the speed of light (RF, Ir)
ts
A B(A and B are synchronized - ToF)
tr dABm=(tr-ts)c
ts
- Based on the speed of sound (Ultrasound)
(A and B are NOT synchronized – Round trip ToF)
tr dABm=(tr-ts-tprocB)c/2
ts
A B
tr(RF)
dABm=(tr(RF)-tr(US))s
ts
tstr(US)
15
Attacks on RF and US ToF-based techniques
- Dishonest device: cheat on the time of sending (ts) or
time of reception (tr)
ts1. Overhear and jam
2. Replay with a delay Δt
A B(A and B are assumed
to be synchronised)
tr dABm=(tr-ts)c
ts
ts
B
tr+Δt
dABm=(tr+Δt-ts)cts+Δt
M
=> dABm>dAB
- Malicious attacker: 2 steps:
M
16
Summary of possible attacks on distance measurement
Malicious attackers
RSS (Received Signal Strength)
Distance enlargement and
reduction
Distance enlargement and
reduction
Ultrasound Time of Flight
Distance enlargement and
reduction
Distance enlargement and
reduction
Radio Time of Flight
Distance enlargement and
reduction
Distance enlargement only
Dishonest nodes
17
Secure positioning
- Goals:
- preventing a dishonest node from cheating about its own position
- preventing a malicious attacker from spoofing the position of an
honest node
- Our proposal: Verifiable Multilateration
18
Distance Bounding (RF)
ts
BS A
NBS
tr
- Introduced in 1993 by Brands and Chaum to prevent the Mafia fraud attack
ABS NN εt procA
dreal ≤ db = (tr-ts)c/2 (db=distance bound)
19
Distance bounding characteristics
RSSDistance enlargement
and reduction Distance enlargement
and reduction
US ToFDistance enlargement
and reduction
Distance enlargement and
reduction
RF ToFDistance enlargement
and reductionDistance enlargement
only
RF Distance BoundingDistance enlargement
onlyDistance enlargement
only
US Distance BoundingDistance enlargement
onlyDistance enlargement
and reduction
Malicious attackersDishonest nodes- RF distance bounding:
- nanosecond precision required, 1ns ~ 30cm
- UWB enables clock precision up to 2ns and 1m
positioning indoor and outdoor (up to 2km) with RF ToF
- US distance bounding:
- millisecond precision required,1ms ~ 35cm
- distance bounding can be enabled with 802.11 and US
20
Verifiable Multilateration (Trilateration)
x
y
(x,y)
BS1
BS2
BS3
Verification triangle
Distancebounding
A
21
Verifiable Multilateration (properties 1/2)
- a malicious attacker cannot spoof the position of a node such that it seems that the node is at a position different from its real position within the triangle
- a node located within the triangle cannot prove to be at another position within the triangle except at its true position.
- a node located outside the triangle formed by the verifiers cannot prove to be at any position within the triangle
- a malicious attacker cannot spoof the position of a node such that it seems that it is located at a position within the triangle, if the node is outside the triangle
22
Verifiable Multilateration (properties 2/2)
- a node can show (by distance enlargement) that it is positioned outside the triangle
- an attacker can always show that the node is positioned outside the triangle
• Srdjan Capkun and Jean-Pierre HubauxSecuring position and distance verification in wireless networks Technical report EPFL/IC/2004-43, May 2004
• Srdjan Capkun and Jean-Pierre HubauxSecure Positioning in Sensor Networks Technical report EPFL/IC/2004-44, May 2004
The same holds in 3-D, with a triangular pyramid instead of a triangleThe same holds in 3-D, with a triangular pyramid instead of a triangle
23
• Multi-hop mesh networks represent a new and promising paradigm, but …
• No incentive the network does not work :V. Srinivasan, P. Nuggehalli, C. Chiasserini, and R. Rao, Infocom 2003M. Felegyhazi, L. Buttyan, and J. P. Hubaux, PWC 2003
Why would intermediate nodes bother to relay packets forthe benefit of other nodes?
3. Cooperation between nodes
• Autonomous multi-hop networks
R. Mahajan, M. Rodrig, D. Wetherhall, and J. Zahorjan,“Encouraging Cooperation in Multi-Hop Wireless Networks,” Technical Report CSE-04-06-01, Univ. of Washington, June 2004
24
Incentive techniques: other scenarios
• Multi-hop networks with permanent access to the backbone
• Solution based on lottery tickets:M. Jakobsson, J.-P. Hubaux and L. Buttyan, "A Micro-Payment Scheme Encouraging Collaboration in Multi-HopCellular Networks", Financial Crypto 2003
• Systematic payment:N. Ben Salem, L. Buttyán, J.-P. Hubaux and M. Jakobsson, "A Charging and Rewarding Scheme for Packet Forwarding in Multi-hop Cellular Networks", MobiHoc 2003
• Multi-hop networks with sporadic access to the backbone
S. Zhong, Y. R. Yang, and J. Chen, “Sprite: A Simple, Cheat-Proof, Credit-Based System for Mobile Ad Hoc Networks,” INFOCOM 2003
A i1 BSA Bj1BSB
Initiator
Correspondent
Backbone
25
Conclusion
Mesh networks must be secured prior to any commercial deployment A number of research results from the security of
wireless (ad hoc) networks can be used or adapted, notably: To prevent greedy behavior To secure positioning To stimulate cooperation between nodes
There are more challenges, in particular: Preventing denial of service attacks Stimulation of the network deployment