Scribd
Upload
46 views

Final Review

We considered the security implications of using high throughput metrics in multicast protocols in wireless mesh networks. In particular, we identified metric manipulation attacks that can significantly damage the network. Our novel defense scheme combines measurement-based attack detection and accusation-based reactions to overcome these challenges. We demonstrate the defense is effective against identified attacks, resilient to exploitation, and imposes small overhead.

Uploaded by

Sailaja Naidu
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
46 views

Final Review

We considered the security implications of using high throughput metrics in multicast protocols in wireless mesh networks. In particular, we identified metric manipulation attacks that can significantly damage the network. Our novel defense scheme combines measurement-based attack detection and accusation-based reactions to overcome these challenges. We demonstrate the defense is effective against identified attacks, resilient to exploitation, and imposes small overhead.

Uploaded by

Sailaja Naidu
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 34

Presented By

Multicast routing for wireless mesh networks has focused on metrics that estimate link quality to maximize throughput. Nodes must collaborate in order to compute the path metric and forward data.

The assumption that all nodes are honest and


behave correctly during metric computation,

propagation, and aggregation, as well as during data forwarding, leads to unexpected consequences in adversarial networks where compromised nodes act maliciously.

Wireless mesh networks (WMNs) emerged as a promising


technology that offers low-cost high-bandwidth community wireless services. A WMN consists of a set of stationary wireless routers that

form a multi-hop backbone, and a set of mobile clients that


communicate via the wireless backbone. Numerous applications envisioned to be deployed in WMNs, such as webcast, distance learning, online games, video conferencing, and multimedia broadcasting, follow a pattern where one or more sources disseminate data to a group of

Path selection is based on the greedy approach of selecting path with best metric . An estimation of the target performance derived from the path metric. Previous work showed vulnerabilities of unicast routing protocols that use hop count as a metric. There exists an efficient metric refreshment protocol that allows nodes to obtain correct metrics for attack recovery. metric can be

Such metric refreshment can be easily achieved by flooding of


a new metric establishment message.

Our approach to defend against the identified attacks


combines measurement-based detection and accusation-based
reaction techniques. We proposed to provide multicast services for multi-hop wireless networks. Initially, these protocols were proposed for mobile ad hoc networks , focusing primarily on network connectivity and using the number of hops between the source and receivers as the route selection metric. We propose a defense scheme that combines measurement based detection and accusation-based reaction techniques.

Operating System

Windows XP

Software
Tool User Interface

:
: :

Java (JDK 1.5 and above)


Eclipse Swings

Processor RAM Hard Disk : :

: 512MB 40GB

Intel Pentium

Client-server computing or networking is a distributed


application architecture that partitions tasks or workloads
between service providers (servers) and service requesters, called clients. A server machine is a high-performance host that is running one or more server programs. A client also shares any of its resources Clients therefore initiate communication sessions with servers which await incoming requests.

The RSA algorithm is named after Ron Rivest, Adi Shamir and Len Adleman, who invented it in 1977. The RSA cryptosystem is the most widely-used public key cryptography algorithm in the world. It can be used to encrypt a message without the need to exchange a secret key separately. The RSA algorithm can be used for both public key encryption and digital signatures. Its security is based on the difficulty of factoring large integers.

Generate two large prime numbers, p and q Let n = pq Let m = (p-1)(q-1) Choose a small number e, coprime to m Find d, such that de % m = 1

Encryption C = Pe % n Decryption P = Cd % n

Publish e and n as the public key.


Keep d and n as the secret key.

Digital signatures employ a type of asymmetric cryptography. Digital signatures are equivalent to traditional handwritten signatures in many respects; properly implemented digital

signatures are more difficult to forge than the handwritten type.


Digital signatures can also provide non-repudiation, meaning

that the signer cannot successfully claim they did not sign a
message, while also claiming their private key remains secret.

Signature verification may be performed by any party (i.e., the signatory, the intended recipient or any other party) using the signatorys public key. A signatory may wish to verify that the computed signature is correct, perhaps before sending the signed message to the intended recipient.

The intended recipient (or any other party) verifies the signature to
determine its authenticity. Prior to verifying the signature of a signed message, the domain parameters, and the claimed signatorys public key and identity shall be made available to the verifier in an authenticated manner.

Router

Server

Router signal for server connect

Client A

Router signal for Client A connect

Server signal for Client A connect

Generating keys

Router sending packets to Client A

Client A receiving file from server via

File Transmission status in server

All clients connected to server

All clients connected to server and transferring data

Router sending packets to all clients at a time

Data sent to all clients

We considered the security implication of using high throughput metrics in multicast protocols in wireless mesh networks. In particular, we identified metric manipulation attacks that can inflict significant damage on the network. The attack snot only have a direct impact on the multicast service, but also raise additional challenges in defending against them due to

their metric poisoning effect. We overcome the challenges with our novel
defense scheme that combines measurement-based attack detection and accusation-based reaction. Our defense also copes with transient network variations and malicious attempts to attack the network indirectly by exploiting the defense itself. We demonstrate through experiments that our defense is effective against the identified attacks, resilient to malicious exploitations, and imposes a small overhead.

J. Dong, R. Curtmola, and C. Nita-Rotaru, On the pitfalls of using

high throughput multicast metrics in adversarial wireless mesh


networks, in Proc. of IEEE SECON 08, 2008. http://computer.howstuffworks.com/how-wireless-meshnetworks-work.htm http://www.di-mgt.com.au/rsa_alg.html http://pajhome.org.uk/crypt/rsa/rsa.html OReilly Books Series - Java Swing S. J. Lee, W. Su, and M. Gerla, On-demand multicast routing protocol in multihop wireless mobile networks, Mob. Netw. Appl., 2002.

You might also like