Rushing Attacks and Defense
in Wireless Ad Hoc Network Routing Protocols
Yih-Chun Hu, Adrian Perrig, and David B. Johnson
Presenter: Sandeep Mapakshi
CS 6910-ACIS Project 6
Instructor: Prof. Leszek T. Lilien, Fall 2006
Department of Computer Science
Western Michigan University
�Outline
On-Demand
Routing Protocols
Rushing Attacks
Rushing Attack Prevention
Evaluation
Conclusion
�Introduction
Wireless
Ad hoc network
a collection of mobile computers (or nodes) cooperate
to forward packets
dynamic topology
self-organization
�Introduction (cont.)
Routing
Transport Subsystem
Neighbor State Maintenance
Database Maintenance
Ad
protocol
hoc network routing protocols
Run in untrusted environments
Provide resilience against misconfigured nodes
4
�Routing Protocols
Proactive
Table-Driven routing protocol
Reactive
routing protocol
routing protocol
Source-Initiated On-Demand routing protocol
Forward ROUTE REQUEST packets when needed
�Comparison between Table-Driven
Routing and On-Demand Routing
Table-driven Routing On-demand Routing
Availability of
Routing information
Route updates
Routing overhead
Immediately from
Route Table
Periodic advertisements
Proportional to size of
network regardless of
network traffic
After Route discovery
When requested
Proportional to number of
communication nodes and
increase with increased node
mobility
�On-Demand Route Discovery
B
A-B-D-G
A-B-D-G
A-B-D-G
A-B
A
source
A-B-D
Destination
A-C-E
A
A-C
H
A-C-E
A-C-E
F
7
�The Rushing Attack
On-demand routing protocols use duplicate suppression at each node: first
ROUTE REQUEST that reaches a node is considered legitimate, next are
discarded (all have the same identifier, higher identifiers denote new
requests)
Attacker scatters RREQ quickly throughout the network suppressing any
later legitimate RREQ
Initiator will be unable to discover any usable routes containing at least
two hops
An effective denial-of-service attack
8
�Why is the Attack Possible?
An attacker can send faster, by avoiding the delays that are part of the
design of both routing and MAC (802.11b) protocols.
Why Delay in ROUTE REQUEST forwarding ?
In a MAC protocols using time division
On-demand protocols generally specify a delay
Remove these delays at both the MAC and routing layers?
- more collisions
Attacker can send at a higher wireless transmission level
An attacker can take advantage of a wormhole, to create flood rushing
attacks, use the wormhole to rush the packets ahead of the normal flow
9
�Rushing Attack
D
S
Slide courtesy: [2]
10
�Rushing Attack Example
A sends a ROUTE REQUEST
11
�Rushing Attack Example
A sends a ROUTE REQUEST
B forwards the REQUEST without checking the signature, or
otherwise
rushes the REQUEST
12
�Rushing Attack Example
A sends a ROUTE REQUEST
B forwards the REQUEST without checking the signature, or otherwise
rushes the REQUEST
C correctly processes the REQUEST, and forwards it later as a result
13
�Rushing Attack Example
A sends a ROUTE REQUEST
B forwards the REQUEST without checking the signature, or otherwise
rushes the REQUEST
C correctly processes the REQUEST, and forwards it later as a result
Since D has already heard a REQUEST from this discovery, D discards the
REQUEST
14
�Rushing Attack Example
B rushes the REQUEST
C forwards it later
Since D has already heard a REQUEST from this discovery, D discards
the
REQUEST
A discovers a path through B because B rushed the REQUEST
15
�Rushing Attack Example
Route discovery process under no attack
RouteBQuery
Route
A Query
Route Query
E
Route Reply
D
16
�Rushing Attack Example
Route discovery process under attack
Attacker
Attacker
RouteBQuery
Route Reply
E
Route
A Query
Route Query
D
17
�Wormhole Attack
Attacker records a packet at one location in the network,
tunnels the packet to another location.
Packets may be replayed from the far end of the wormhole.
Puts attacker in a powerful position.
Its a replay so authentication does not help
Applications of the Wormhole Attack
Denial-of-Service
Routing Disruptions
Unauthorized Access
18
�Routing Tree
Adapted from Chris Karlof
and David Wagner's
WSNPA slides
19
�Routing
Adapted from Chris Karlof
and David Wagner's
WSNPA slides
20
�Wormhole Attack
Tunnel packets received in
one place of the network
and replay them in another
place
The attacker can have no
key material. All it requires
is two transceivers and one
high quality out-of-band
channel
Adapted from Chris Karlof
and David Wagner's
WSNPA slides
21
�Disrupted Routing
Most packets will be routed
to the wormhole
The wormhole can drop
packets or selectively
forward packets to avoid
detection
Adapted from Chris Karlof
and David Wagner's
WSNPA slides
22
�What Protocols Are Vulnerable?
On-demand unsecure (AODV, DSR) and secure (ARAN,
Ariadne, etc) protocols
Result: when under attack, the routing protocol will not be
able to discover paths longer than 2 hops
23
�Network Assumption
Network links are bidirectional
Ignore unidirectional links
Ignore jamming attack
Requires additional hardware
Easier to detect
Disregard attacks on MAC protocol
MAC (Medium Access Control)
ALOHA and Slotted ALOHA
Medium-sized
50 500 nodes
Clustering
24
�Security Assumptions And Key Setup
Fast authentication protocol
Instantly-verifiable broadcast authentication
Keys setup
Broadcast authentication key are distributed in
advance
Powerful attacker
Coordinated attacker
25
�Secure Routing Requirements And Protocol
Secure Neighbor Detection
Secure route delegation
Randomized ROUTE REQUEST forwarding
yes
Single-Hop?
no
Gather n
REQUESTS;
Randomly
Choose 1
Secure Neighbor
Detection
Original Routing
Protocol
26
�Secure Neighbor Detection
Neighbor Detection
Two nodes detect a bidirectional link between themselves
In Proactive routing protocol
In Reactive routing protocol
Requirements
Sender-receiver can check that the other is within the normal
communication range
Node needs to hear Neighbor Request
27
�Secure Neighbor Detection
Three-round mutual authentication protocol
S broadcasts a Neighbor Request packet
R return a Neighbor Reply packet to S
S sends a Neighbor Verification to B
Short delay timing
Within a maximum communication range
sender
neighbor Request
receiver
broadcast
neighbor reply
neighbor verfication
28
�Notation
A or B denote communicat ing nodes
A : R 0,1
denotes that node A randmoly selects an bit long nonce
A B : M, H A
means that node A sends B the message M and
the hash of A' s idnetifier concatenat ed with the nonce
A : M, M
means that node A broadcasts message M with its signature M
29
�Secure Neighbor Detection (cont.)
S:
1 R
0,1
M1 Neighbor Solicitation, S,1
M1 Sign H M1
S :
R:
Nonces 1, 2
M1, M1
2 R
0,1
<M32,
,M >
<M
>
23
M 2 Neighbor Reply, S, R,1, 2
M2 Sign H M 2
R S:
S:
freshness
M 2 , M2
R1
<M1,M >
1
R2
M 3 Neighbor Verificat ion, S, R,1, 2
M3 Sign H M 3
S R:
M3 , M3
30
�Secure Neighbor Detection (cont.)
Integration
with an On-Demand Protocol
A : REQUEST || Neighbor RequestA
BA:
Neighbor ReplyBA || Neighbor RequestB
AB:
Neighbor VerificationAB || Neighbor ReplyAB
B : REQUEST || Neighbor VerificationAB
|| Neighbor VerificationBA
31
�Secure Route Delegation
Delegate neighbor to forward the Route Request packet
To verify that both nodes of each adjacent node pair indeed
believes to be a neighbor
A received ROUTE REQUESTSR || id
MA
MA
AB:
=<Route Delegation,A,B,S,R,id>
=Sign(H(MA))
<MA>
32
�Randomized Message Forwarding
To minimize the chance that a rushing adversary can dominate all returned
routes
Randomized message forwarding
Collects a number of REQUESTs
Selects a REQUEST at random to forward
The number of REQUEST packets collected
The more the better?
The algorithm by which timeouts are chosen
Topology closer
Geographically closer
Randomly
33
�Secure Route Discovery
To secure any protocol using an on-demand Route Discovery protocol
Secure Neighbor Detection
Secure route delegation
Randomized ROUTE REQUEST forwarding
To limit the number of REQUESTs that traverse an attacker
The nodes that dont have n distinct path to the source of the REQUEST
Choose a random timeout
Two addition security optimizations
Each REQUEST signed
Use location information
34
�Evaluation
Simulation Evaluation
Underlying protocol: Adriane
HORS as broadcast signature
100 nodes
1000 m x 1000 m
Random waypoint model
Pause Time: 0, 30, 60, 120, 300, 600, 900
Workload: 5 flows
4 packets per second
64-byte packets
35
�Packet Delivery Ratio
% of Offered traffic
DSR
99.8% to 100%
Ariadne
95% to 100%
RAP
7.6% to 47.7%
MAC-layer congestion
Slide courtesy: [2]
36
�Median Latency
DSR and Ariadne
zero mean latency
RAP
Congestion
Waiting to forward a
REQUEST
Slide courtesy: [2]
37
�Packet Overhead
5 flows has 5x as much
overhead
Reduces usefulness
Overhead should reduce
when congestion not an
issue
Slide courtesy: [2]
38
�Overall
Evaluation
RAP adds significant costs
Higher costs due to congestion at lower bit rates.
RAP is designed to be used only when necessary
Only when underlying protocol is unable to discover a
working route
Security Analysis
Attacker needs to propagate ROUTE REQUEST from each
ROUTE DISCOVERY from many locations.
Wouldnt do it if they considered due to intrusion detection
39
�Conclusion
Described the Rushing attack
Presented RAP (Rushing Attack Prevention)
RAP incurs higher overhead, but it can find usable
routes when other protocols cannot work
40
�References
[1] Yih-Chun Hu,Adrian Perrig, David B.Johnson ,
Rushing attacks and defense in wireless ad hoc network routing protocols,
Proceedings of the 2003 ACM workshop on Wireless security, San Diego, CA,
USA. Available at:
http://www.ece.cmu.edu/~adrian/projects/secure-routing/wise2003.pdf
[2] Rushing Attacks and Defense in Wireless Ad Hoc Network Routing
Protocols Yih-Chun Hu, Adrian Perrig, and David B. Johnson
Presenter: Tammy Nguyen. Available at:
http://www.eecs.wsu.edu/~smedidi/teaching/Spring05/rushing1.ppt
41
