watchdog.ppt
TRANSCRIPT
-
8/12/2019 Watchdog.ppt
1/50
GUIDE : Ms . NEELAVATHY PARI
-
8/12/2019 Watchdog.ppt
2/50
WHEN WATCHDOG MEETS CODING
-
8/12/2019 Watchdog.ppt
3/50
MISBEHAVIOR DETECTION IN WIRELESS NETWORKS Multi-hop nature makes wireless networks subject to tampering
attack: a compromised/misbehaving node can easily ruin datacommunication by dropping or corrupting packets it is supposed toforward.
Two approaches to mitigate misbehavior:1. End to End misbehavior detection using error detection coding.
Shortcomings : 1. Throughput of network is reduced even if there
is no misbehaving node.2. In this scheme , the source and the destination
has no knowledge about the location of misbehaving node.
-
8/12/2019 Watchdog.ppt
4/50
APPROACHES TO MITIGATE MISBEHAVIOR
2.A commonly adopted approach is to exploit thebroadcast nature of the wireless medium , where nodesmonitor their downstream neighbors locally using
overheard messages . Such nodes are called Watchdogs.
Main Challenges : 1. channel fading
2.collision with other transmissions3.interference
So watchdog may not be able to overhear every transmission.
-
8/12/2019 Watchdog.ppt
5/50
GOALS TO BE ACHIEVED BY WATCHDOG MECHANISM
1. Malicious behavior in the network should be detectedwith high probability despite adverse channel conditionsand interference.
2. The throughput with the detection mechanism should becomparable to the throughput without detection in theabsence of any attack.
Intuitively , these two goals are conflicting.
-
8/12/2019 Watchdog.ppt
6/50
HOW BOTH THE GOALS CAN BE ACHIEVED ? These goals can be achieved by introducing error detection
coding to the watchdog mechanism.
In this paper , its shown that by choosing the errordetection code properly , a misbehaving node can bedetected with high probability while the throughputapproaches optimal.
A simple protocol is proposed , that identifies themisbehaving node exactly two watchdog nodes perunreliable relay node.
-
8/12/2019 Watchdog.ppt
7/50
MAIN IDEA OF WATCHDOG
The main idea of watchdog is promiscuous monitoring .Once a node is deemed to be misbehaving, the source
would choose a new route free of misbehaving node with
the aid of Path rater
Such watchdog mechanisms do not do not perform well inthe presence of adverse channel conditions and
interference allowing the misbehaving node to corrupt asingle packet while being undetected with high probability.
-
8/12/2019 Watchdog.ppt
8/50
VARIANT OF WATCHDOG Here , the next-hops behavior is measured with the local
evaluation record , defined as 2 tuple : byte ratio andpacket ratio , forwarded by the next hop neighbor.
Local evaluation records are broadcast to all the neighbors.
Trust level of the of a node is the combination of its local
observation and the broadcasted information.
Trust level is inserted to the RREQ .Route is selected insimilar way to AODV.
-
8/12/2019 Watchdog.ppt
9/50
DETECTING MISBEHAVIOR
This paper is focused on multi hop wireless networks inwhich data packets are transmitted from source todestination through multiple relay nodes.
Assumption: Relay nodes do not perform any coding andthe data packets are forwarded as they are received at therelay nodes.
Focus is on single node adversary model . i.e. the adversarycan compromise at most one node in the network.
-
8/12/2019 Watchdog.ppt
10/50
Continued..
In such a network , a node W can be assigned as awatchdog for a relay node R if W can overhear bothincoming/outgoing transmissions to/from R.
More specifically , a node W that can overhear the datapackets from being transmitted by R and by Rs upstreamneighbor can compare the two copies of the packet and
report an attack to the source or destination if there is amismatch.
-
8/12/2019 Watchdog.ppt
11/50
WHO CAN MISBEHAVE ?
There are two possibilities here.
The relay node can misbehave which is detected by thewatchdog node W.
The watchdog node may misbehave by accusing a relaynode of forwarding corrupted data even though the relaynode is well-behaving.
-
8/12/2019 Watchdog.ppt
12/50
OMNISCIENT ADVERSARY MODEL
Omniscient adversary model is considered , where theadversary is computationally unbounded and has completeknowledge of the misbehavior detection scheme being
employed in the network.
Since the watchdog node may only be able to overhear afraction of transmissions to/from the node it is monitoring,
an adversary may be able to avoid being detected by thewatchdog with high probability by keeping the fraction ofpackets it tampers lower than a certain threshold u.
-
8/12/2019 Watchdog.ppt
13/50
HOW TO OVERCOME THIS DRAWBACK ? In order to overcome this drawback of watchdog
mechanisms , source error detection coding is integratedwith watchdogs.
By applying error detecting codes , the destination candetect an attack during the decoding process with highprobability if the fraction of packets tampered by theadversary is lower than a certain threshold c.
If w
-
8/12/2019 Watchdog.ppt
14/50
A. DETECTION IN SINGLE FLOW CASE :
-
8/12/2019 Watchdog.ppt
15/50
DETECTION MECHANISM IN SINGLE FLOW CASE :
Here , the source node S encodes every K data packets intoa block of ncoded packets with an ( n ,k ) MaximumDistance Separable (MDS) code.
An attack will always be detected at the decoder ar long asno more than n-k packets are altered.
As a result , R has to alter at least n-k+1 packets in a blockin order to avoid being detected by the decoder.
-
8/12/2019 Watchdog.ppt
16/50
DETECTION MECHANISM (continued) However , the more packets R tampers , the more likely it
will be caught by W.
Hence , in order to remain undetected by both thewatchdog W and the destinations decoder , it is of Rsinterest to just attack the minimum number of packets perblock : n-k+1.
Assumption : All transmissions along the path S-R-D arereliable while W can only overhear both transmission of apacket with probability q , called observe probability.
-
8/12/2019 Watchdog.ppt
17/50
Probability of relay node R not being caught :
-
8/12/2019 Watchdog.ppt
18/50
We can then choose the function f ( n ,q )appropriately so that we can make P miss arbitrarilyclose to optimal.
For example , by making f (n , q ) = ln n for anypositive constant , the probability of relay node R
not being caught is ,
-
8/12/2019 Watchdog.ppt
19/50
-
8/12/2019 Watchdog.ppt
20/50
-
8/12/2019 Watchdog.ppt
21/50
By making n large , the coding/decoding complexityincreases .
The source node can scramble coded packets of multiple (n , k ) encoded blocks and transmit these packets inrandom order .
By doing so , the attacker will have to corrupt more packetsin order to destroy a particular block , which makes it easierto be detected by the watchdog.
-
8/12/2019 Watchdog.ppt
22/50
B . DETECTION MECHANISM IN TWO FLOWS CASE : Here , multiple data flows are there in the network and
distributed random access MAC protocol is assumed.
Lets consider the network in Fig. with two flows : S1-R1-D1and S2-R2-D2 .
The flows are far enough and there is no inter-flowinterference , but the watchdog W is between the two flowsand can overhear transmissions on all the four links.
-
8/12/2019 Watchdog.ppt
23/50
A TWO FLOW NETWORK :
-
8/12/2019 Watchdog.ppt
24/50
So , even though a transmission is successful along its path,
it may collide with packets from the other f low received atW.
A slotted aloha access protocol is assumed with accessprobability .
-
8/12/2019 Watchdog.ppt
25/50
-
8/12/2019 Watchdog.ppt
26/50
-
8/12/2019 Watchdog.ppt
27/50
IDENTIFYING THE MISBEHAVIOR NODE When misbehavior detection is essential , its important to
identify the misbehaving node to avoid that node in futuretransmissions.
A simple protocol is proposed that identifies themisbehaving node with just a single extra watchdog ,including the cases when the watchdog is misbehaving.
If watchdog misbehaves , the protocol locates themisbehaving node deterministically. If relay nodemisbehaves, the protocol is guaranteed to locate the node
with a probability that approaches to unity.
-
8/12/2019 Watchdog.ppt
28/50
SINGLE FLOW NETWORK WITH TWO WATCHDOGS
-
8/12/2019 Watchdog.ppt
29/50
A. THE PROTOCOL Here , the relay node R is observed by two watchdogs W1
and W2 and relays the information from a source node S tothe destination node D.
Each packet contains a unique generation number thatidentifies the generation to which a particular packetbelongs to.
Each watchdog in the network decides whether or not therelay node is misbehaving based on all the overheardpackets that belong to the current generation.
-
8/12/2019 Watchdog.ppt
30/50
The watchdog transmits a decision bit 1 to the judge node(source node or destination node or both ) .else ittransmits a decision bit 0 to the judge node.
It is assumed that if the watchdog is misbehaving , it maytransmit a 0 or 1 for any particular relay node (same
watchdog may transmit different decisions for different
relay nodes )
Let the bits received from W1 and W2 be w1 and w2.
-
8/12/2019 Watchdog.ppt
31/50
-
8/12/2019 Watchdog.ppt
32/50
HOW THE PROTOCOL DECIDES MISBEHAVING NODE : Case 1 : w1w2 = 11 .then , the relay node is misbehaving.
Case 2 : w1w2 =00 . Then none of the nodes is under attack
Case 3 : w1 w2=01 or 10 . Then assuming that each node canbe misbehaving with equal probability and the miss detection probability for W1 and W2 are both P miss.probability of a particular node misbehaving can becalculated , given w1w2 = 01 as :
-
8/12/2019 Watchdog.ppt
33/50
-
8/12/2019 Watchdog.ppt
34/50
The protocol decides that the watchdog sending a decisionbit 1 is misbehaving , which is precisely the maximumlikelihood decision since P W2|01 > P R|01
Let P L|N denote the probability of correctly locating themisbehaving node in the network.
P F|N denote the probability that the node other than N is
accused to be misbehaving P U|N denote the probability when the adversary at node N
operates undetected.
-
8/12/2019 Watchdog.ppt
35/50
B . PERFORMANCE
SINGLE FLOW CASE For a single flow case , only one extra watchdog is required
to locate the adversary in the network .
The protocol discussed above is employed at thedestination node D.
The following lemmas characterize the protocol :
Lemma 1: In single flow case , if any of the watchdogs ismisbehaving , it will be located.
-
8/12/2019 Watchdog.ppt
36/50
-
8/12/2019 Watchdog.ppt
37/50
-
8/12/2019 Watchdog.ppt
38/50
Lemma 2: In single flow network , if R is misbehaving ,then R goes undetected if and only if w1w2=00. i.e. whenboth the watchdogs miss all the packets corrupted by the
attacker.
On the other hand , R will be detected if and only if noneof the watchdogs miss any of the packets corrupted by R.i.e. w1w2 = 11
Assumption: Both the watchdogs have the sameprobability P miss.
-
8/12/2019 Watchdog.ppt
39/50
-
8/12/2019 Watchdog.ppt
40/50
C . PERFORMANCE
TWO FLOWS CASE Here , the destination node may collaborate among
themselves to locate the misbehaving node .
If D1 and D2 both receive 1 from W2 they willcollaboratively decide that W2 is the misbehaving node.
On the other hand , if R1(R2) is misbehaving , W2 sends a 1to D1(D2) , which will certainly imply that thecorresponding relay node is under attack.
-
8/12/2019 Watchdog.ppt
41/50
-
8/12/2019 Watchdog.ppt
42/50
-
8/12/2019 Watchdog.ppt
43/50
If the destination nodes do not collaborate , then thedecision made by any of the destination nodes say D1 ,isdependent only on the decision bits of the watchdogs
observing the relay node.
Lemma 3: In the two flow case , the protocoldeterministically locates the attacker if it attacks at any of
the watchdogs . collaboration of destination nodes doesnot play a role here.
-
8/12/2019 Watchdog.ppt
44/50
-
8/12/2019 Watchdog.ppt
45/50
-
8/12/2019 Watchdog.ppt
46/50
MULTIHOP ROUTING
-
8/12/2019 Watchdog.ppt
47/50
LOCATING MISBEHAVIOR IN MULTIHOP ROUTING : Without any loss of generality , lets assume that R2 is
compromised by the adversary and assume that there is noother watchdog other than R1 and R2. There are 3 ways the
adversary can attack the data communication :
1. R2 corrupts the packet and claims that R3 is misbehaving.
2. R2 only corrupts the packets.
3. R2 claims that R3 is misbehaving.
-
8/12/2019 Watchdog.ppt
48/50
Since at most one node can be misbehaving , whenevertwo nodes claim their next hop is misbehaving , the judgecan always correctly identify the misbehaving node to theone with a larger index.
However , if only one node declares an attack , there is noway for the judge to differentiate last two cases.
Hence , the strategy adopted by the misbehaving node inmulti hop flows is either to corrupt the packets or claimthat the node its watching is misbehaving.
-
8/12/2019 Watchdog.ppt
49/50
FINAL REMARKS Studied the problem of misbehavior detection in wireless
networks.
Lightweight misbehavior detection scheme is proposed ,which integrates the idea of watchdogs and error detectioncoding.
A simple protocol , by using just one extra watchdog perrelay node , locates the misbehaving node with probabilityapproaching to unity.
-
8/12/2019 Watchdog.ppt
50/50
Reference Guanfeng Liang , Rachit Agarwal and Nitin Vaidya When
Watchdog Meets Coding .IEEE INFOCOM 2010proceedings.