1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute...
-
date post
20-Dec-2015 -
Category
Documents
-
view
218 -
download
4
Transcript of 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute...
![Page 1: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/1.jpg)
1
Anonymity in MANETs Threats and Mitigations
Roy Friedman, Neer RoggelTechnion, Israel Institute of Technology
Computer Science Department{roy,nroggel}@cs.technion.ac.il
![Page 2: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/2.jpg)
2
Outline
• What are MANETs?
• Anonymity scenarios
• Attackers and threats
• Our approach: IP hopping
• Limitations and future work
• Open discussion
![Page 3: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/3.jpg)
3
What is a MANET?
![Page 4: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/4.jpg)
4
![Page 5: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/5.jpg)
5
![Page 6: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/6.jpg)
6
What are MANETs?
![Page 7: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/7.jpg)
7
What are MANETs?
![Page 8: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/8.jpg)
8
Anonymity Scenarios
• Battlefield– Units in motion– Sensor network
• Content sharing– Oppressive regime– Rights protected content
![Page 9: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/9.jpg)
9
Attacker Capabilities
• Eavesdropping• Geolocating a node• Device fingerprinting• Generating traffic• Man in the middle• Node compromise• Worm holes
![Page 10: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/10.jpg)
10
Threats to Anonymity
• Irrefutably implicating a node• Distorting route construction• “Chattering laptops”• Attacks on timing• Traffic analysis
![Page 11: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/11.jpg)
11
Traffic Analysis
![Page 12: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/12.jpg)
12
Traffic Analysis Example
A B M D E
K
P
O
L
AB
D
EK
O
P
L
IP1IP2
IP3
IP4IP5
IP7
IP8
IP6
![Page 13: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/13.jpg)
13
Our Approach
![Page 14: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/14.jpg)
14
Simple Example
A
BM
D
E
K
PO
L
( ) ( )iX K KIP E X E i
IP1IP2
IP3
IP4IP5
IP7
IP8
IP6
![Page 15: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/15.jpg)
15
IP Hopping
• Step 1: agree on shared information
A B M D E
Axg A Bx xg A B Mx x xg A B M Dx x x xg
E D M B A
Exg E Dx xg E D Mx x xg E D M Bx x x xg
![Page 16: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/16.jpg)
16
IP Hopping
• Step 2: derive temporary addresses
A B M D E E D M B Ax x x x x x x x x xg K g
(2 )iA KIP E i (2 1)i
E KIP E i
![Page 17: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/17.jpg)
17
IP Hopping
• Step 3: use temporary addresses
A
B
M
D
E
[Ai,B,M,D,Ei]
[Ai,B,M,D,Ei]
[Ai,B,M,D,Ei]
[Ai,B,M,D,Ei]
![Page 18: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/18.jpg)
18
Traffic Analysis Revisited
A B M D E
K
P
O
L
IP1IP2
IP3
IP4IP5
IP7
IP8
IP6
![Page 19: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/19.jpg)
19
Limitations
• Routing efficiency– Discovery, maintenance
• In-band agreement
• Network services– Authentication, service discovery, address
binding, address assignment
![Page 20: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/20.jpg)
20
Future Research Directions
• More IP information leaks
• Better routing mechanisms
• TCP stream information leaks
![Page 21: 1 Anonymity in MANETs Threats and Mitigations Roy Friedman, Neer Roggel Technion, Israel Institute of Technology Computer Science Department {roy,nroggel}@cs.technion.ac.il.](https://reader036.fdocuments.us/reader036/viewer/2022062516/56649d435503460f94a1f477/html5/thumbnails/21.jpg)
21
Discussion
• How can we tell the network to help us find someone we are looking for without telling the network who it is we are looking for?
• Once the route is known, how do we ensure that all nodes along the way are capable of receiving the packet and forwarding it?