An Intrusion Prevention Scheme for Wormhole Attacks in Mobile Ad Hoc Networks 劉邦正、曹偉駿
E-mail: [email protected]
ABSTRACT
In recent years, wireless ad hoc networks is an increasingly popular topic. It is a node-to-node transmission model. The nodes communicate with each other via wireless ad hoc networks technology, and thus form wireless local area networks. Nowadays, some literature points out that this kind of framework encounters lots of security threats, such as location disclosure, routing table
poisoning, wormhole attack and so on. However, the wormhole attack is a more serious threat among them because most secure route mechanisms can not effectively avoid it. This kind of attack gets better transmission parameters than normal route does by quicker transmission through two malicious nodes. And then it controls the route operation under some sections of environment in order to devastate or steal confidential information. Although at present many scholars proposed that wormhole attacks can be detected by intrusion detection systems, most detection mechanisms still rely on special hardware, consume enormous system resources or need to make propose some assumptions which are not under wireless conditions. Consequently, in this thesis, we design an intrusion prevention scheme which needs only low system resources in mobile ad hoc networks to avoid the wormhole attack effectively.
Keywords : wormhole attack ; mobile ad hoc networks ; intrusion prevention ; network security Table of Contents
中文摘要 ..................... iii 英文摘要 .....................
iv 誌謝辭 ...................... v 內容目錄 ...................
.. vi 表目錄 ...................... viii 圖目錄 ................
...... ix 第一章 緒論.................... 1 第一節 研究背景.......
......... 1 第二節 研究動機與目的............. 2 第三節 研究流程....
............ 3 第四節 論文架構................ 4 第二章 文獻探討...
.............. 6 第一節 現行無線區域網路通訊架構....... 6 第二節 MANETs 路由協定........... 8 第三節 MANETs環境下所遭遇的安全威脅.... 9 第四節 現行偵 測MANETs蟲洞攻擊行為之相關研究.................. 14 第三章 低系統資源需求的行動隨意 網路之蟲洞攻擊 入侵預防機制............... 22 第一節 機制架構............
... 22 第二節 路由搜尋階段............. 24 第三節 基於輪盤選擇法之路由選擇階段
..... 31 第四節 路由建立與維護階段.......... 34 第四章 模擬與分析.........
......... 36 第一節 軟硬體規格................ 36 第二節 模擬測試工具
............... 37 第三節 模擬環境與結果.............. 38 第五章 成果 討論.................. 42 第六章 結論與未來發展方向............ 45 第一 節 結論................. 45 第二節 未來發展方向............. 45 參考 文獻 ..................... 46
REFERENCES
一、中文部份 曹偉駿,白浩廷(2007),行動隨意網路之安全路由現況與趨勢,電信國家型科技計畫簡訊,國家科學委員會,20-25。 任 上鳴,賴溪松(2007),無線隨意網路之蟲洞攻擊研究與防禦,第六屆離島資訊技術與應用研討會,132-140。 二、英文部份 Aad, I., Hubaux, J. P., & Knightly E. W. (2004). Denial of Service Resilience in Ad Hoc Networks. Proceedings of the 10th Annual International
Conference on Mobile Computing and Networking (pp. 202-215). USA: Philadelphia. Argyroudis, P. G., & O'Mahony, D. (2005). Secure Routing for Mobile Ad Hoc Networks. IEEE Communications Surveys & Tutorials, 7(3), 2-21. Banerjee, N., & Das, S. K. (2001). Fast Determination of QoS-Based Multicast Routes in Wireless Networks Using Genetic Algorithm. Proceedings of Computing and Communications Conference (pp.
2588-2592). Finland: Helsinki. Buttyfin, L., & Hubaux, J. P. (2003). Report on a Working Session on Security in Wireless Ad Hoc Networks.
Mobile Computing and Communications Review, 7(1), 74-94. Clausen, T., Jacquet, P., & Viennot, L. (2002). Comparative Study of Routing Protocols for Mobile Ad-Hoc Networks. Proceedings of the First Annual Mediterranean Ad Hoc Networking Workshop (pp. 10-18). Italy:
Sardegna. Corson, S., & Macker, J. (1999). In Internet RFC2501 Draft: Mobile Ad Hoc Networking (MANET): Routing Protocol Performance Issues and Evaluation Considerations [Online]. Available: http://www.faqs.org/ftp/rfc/pdf/rfc2501.txt.pdf [2008, March 11]. Deng, H., Li, W.,
& Agrawal, D. P. (2002). Routing Security in Ad Hoc Networks. IEEE Communications Magazine, 40(10), 70-75. Djenouri, D., Khelladi, L., &
Badache, N. (2005). A Survey of Security Issues in Mobile Ad Hoc and Sensor Networks. IEEE Communications Surveys & Tutorials, 7(4), 2-28.
Gupta, V., Krishnamurthy, S., & Faloutsos, M. (2002). Denial-of-Service Attacks at the MAC Layer in Wireless Ad Hoc Networks. Proceedings of IEEE 2002 MILCOM (pp. 1118-1123). USA: Anaheim of California. Hu, L., & Evans, D. (2004). Using Directional Antennas to Prevent Wormhole Attacks. In Network and Distributed System Security Symposium (NDSS). USA: San Diego of California. Hu, Y. C., Perrig, A., &
Johnson, D. B. (2003). Packet Leashes: a Defense Against Wormhole Attacks in Wireless Networks. Twenty-Second Annual Joint Conference of the IEEE Computer and Communication Societies (pp. 1976-1986). USA: San Francisco. Hu, Y. C., Perrig, A., & Johnson, D. B. (2006). Wormhole Attacks in Wireless Networks. IEEE Journal on Selected Areas in Communications, 24(2), 370-380. Johnson, D. B., Maltz, D. A., Hu, Y., &
Jetcheva, J. G. (2002). IETF Internet Draft: The Dynamic Source Routing Protocol for Mobile Ad Hoc Networks (DSR) [Online]. Available:
http://www.ietf.org/internet-drafts/draft-ietf-manet-dsr-07.txt[2008, March 11]. Kahn, R. E. (2003). The Organization of Computer Resources into a Packet Radio Network. IEEE Transactions on Communications, 25(1), 169-178. Khalil, I., Bagchi, S., & Shroff, N. B. (2007). LITEWORP:
Detection and Isolation of the Wormhole Attack in Static Multihop Wireless Networks. Computer Networks, 51(13), 3750-3772. Lazos, L., Poovendran, R., Meadows, C., Syverson, P., & Chang, L. W. (2005). Preventing Wormhole Attacks on Wireless Ad Hoc Networks: A Graph Theoretic Approach, Proceedings of 2005 IEEE Wireless Communications and Networking Conference (pp. 1193-1199). USA: Louisiana. Macker, J., & Corson, S. (1998). Mobile Ad Hoc Networking and the IEFE. ACM Mobile Computing and Communication Review, 2(1), 9-14. McCanne, S., & Floyd, S. (1997). NS-2 Network Simulator [Online]. Available: http://www.isi.edu/nsnam/ns [2008, February 11]. Mishra, A., Nadkarni, K., & Patcha, A. (2004). Intrusion Detection in Wireless Ad Hoc Networks. IEEE Transactions on Wireless Communications, 11(1), 48-60.
Murphy, S. (2002). IETF Internet Draft: Routing Protocol Threat Analysis [Online]. Available: http://www.ietf.org/ internet- drafts / draft-murphy-threat-00.txt [2007, January 11]. Perkins, C. E., & Bhagwat, P. (1994). Highly Dynamic Destination-Sequenced Distance-Vector Routing (DSDV) for Mobile Computers. Proceedings of the SIGCOMM’94 Conference on Communications Architecture Protocols and Applications (pp. 234-244). UK: London. Perkins, C. E., & Royer, E. M. (2003). IETF Internet RFC 3561 Draft: Ad Hoc On-Demand Distance Vector (AODV) Routing [Online]. Available: http://www.ietf.org/rfc/rfc3561.txt [2008, May 26]. PSPad. (2008). PSPad-Text and Code Editor [Online]. Available: http://www.pspad.com/ [2008, February 11]. Qian, L., Song, N., & Li, X. (2007). Detection of Wormhole Attacks in Multi-path Routed Wireless Ad Hoc Networks: A Statistical Analysis Approach. Journal of Network and Computer Applications, 30(1), 308-330.
Raymond, J. F. (2000). Traffic Analysis: Protocols, Attacks, Design Issues and Open Problems. Proceedings on Workshop Design Privacy Enhancing Technologies: Issues in Anonymity and Unobservability (pp. 7-26). USA: California. Roy, A., Banedee, N., & Das, S. K. (2002). An Efficient Multi-Objective QoS-Routing Algorithm for Wireless Multicasting. Proceedings of Vehicular Technology Conference (pp. 1160-1164).
UK: Birmingham. Royer, E. M., & Toh, C. K. (1999). A Review of Current Routing Protocols for Ad Hoc Mobile Wireless Networks. IEEE Wireless Communications, 6(2), 46-55. Song, N., Qian, L., & Li, X. (2005). Wormhole Attacks Detection in Wireless Ad Hoc Networks: A
Statistical Analysis Approach. Proceedings on 19th IEEE International Parallel and Distributed Processing Symposium (pp. 289-298). USA: Denver of Colorado. Stajano, F., & Anderson, R. (1999). The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks. Proceedings of 7th International Workshop in Computer Science (pp. 172-182). USA: Anderson. Toh, C. K. (2002). Ad Hoc Mobile Wireless Networks: Protocols and Systems. Prentic-Hall. Tran1, P. V., Hung, L. X., Lee, Y. K., Lee, S., & Lee, H. (2007). TTM:An Efficient Mechanism to Detect Wormhole Attacks in Wireless Ad-hoc Networks. Proceedings of the 4th IEEE Consumer Communications and Networking Conference (pp. 593-598). USA:
Las Vegas. Tsaur, W. J., & Pai, H. T. (2007). A New Security Scheme for On-Demand Source Routing in Mobile Ad Hoc Networks. Proceedings of the 2007 International Conference on Wireless Communications and Mobile Computing (pp. 577-582). USA: Hawaii. Wang, S., Tao, R., Wang, Y., & Zhang, J. (2003). WLAN and It's Security Problems. Proceedings of the Fourth International Conference on Parallel and Distributed Computing (pp. 241-244). China: Chengdu. Wang, W., & Bhargava, B. (2004). Visualization of Wormholes in Sensor Networks. Proceedings of the 3rd ACM Workshop on Wireless Security (pp. 51-60). USA: Philadelphia. Weichao, W., Bhara, B., Lu, Y., & Wu, X. (2006). Defending Against Wormhole Attacks in Mobile Ad Hoc Networks. Wiley Journal on Wireless Communications and Mobile Computing, 6(4), 483-503. Weile, D. S.,
& Michielssen, E. (1997). Genetic Algorithm Optimization Applied to Electromagnetics: A Review. IEEE Transactions on Antennas and Propagation, 45(3), 343-353. Wu, J., & Stojmenovic, I. (2004). Ad Hoc Networks. Computer, 37(2), 29-31. Yang, H., Luo, H., Ye, F., Lu, S., &
Zhang, L. (2004). Security in Mobile Ad Hoc Networks: Challenges and Solutions. IEEE Transactions on Wireless Communications, 11(1), 38-47.
Yen, Y. S, Chan, Y. K., Chao, H. C., & Park, J. H. (2008). A Genetic Algorithm for Energy-Efficient Based Multicast Routing on MANETs.
Journal of Computer Communications, 31(10), 2632-2641. Zhang, Y., & Lee, W. (2000). Intrusion Detection in Wireless Ad Hoc Networks.
Proceedings of 6th International Conference on Mobile Computing and Networks (pp. 275-283). USA: Boston of Massachusetts. Zhen, J., &
Srinivas, S. (2003). Preventing Replay Attacks for Secure Routing in Ad Hoc Networks. Proceedings of 2nd Ad Hoc Networks & Wireless (pp.
140-150). Canada: Montreal.
