Security in Ad Hoc Networks: A Location Based Impersonation Detection

Method

Md. Mashud Rana, Khandakar Entenam Unayes Ahmed, Nazmur Rowshan Sumel, Md. Shamsul Alam, Liton Sarkar

Department of Computer Science & Engineering, Shahjalal University of Science & Technology, Sylhet, Bangladesh. E-mail: masudcse@yahoo.com, tanvir-cse@sust.edu, n1a2z3m4@yahoo.com, shamsul_1616@yahoo.com,

litu_32@yahoo.com

Abstract— Ad-hoc networks have a promising future in network area. It is highly demandable for its sudden and emergency utility. Ever changing topology adorned it with high flexibility. Due to its characteristics it is vulnerable to the various attacks, which are not known in wired networks. Out of these threats, impersonation attack is the most terrific and unavoidable, that can collapse the entire network. In this paper, we proposed a location based impersonation detection model that can uniquely locate the transmitter’s position. Specifically we consider signal direction and self-positioning of the nodes to determine the transmitter’s location. We use these pieces of information with some postulates to identify the impersonation. This greatly reduces the security threats in ad hoc network.

Keywords-Impersonation, Security Threats, Transmitter’s Location, Dynamic Topology, Malicious Node

I. INTRODUCTION Ad-hoc network is a new paradigm of wireless

communication for mobile hosts [1]. It is a collection of nodes that do not rely on a predefined infrastructure [2]. Nodes communicate each other directly within the radio range. Node mobility causes frequent changes in network topology. Employees of a company moving within a large campus with PDAs, laptops or moving soldiers with wearable computers may be some excellent instances of Ad-hoc networks [3].

The lack of any centralized infrastructure in ad hoc networks raises many security issues. Thus communication in mobile ad hoc networks functions properly only if the participating nodes are cooperating. However, some of the nodes may be malicious by launching security attacks. Out of these security threats, impersonation attack is the most terrific one. In this paper we propose a very efficient method that can uniquely identify the impersonation attack. In our proposed model we first determine the location of the transmitter and, finally on the basis of such information we identify the impersonation later on, based on two postulates.

This paper is organized as follows. In section 2 we described the characteristics of ad hoc network that make it different from traditional infrastructure based network. The need for impersonation detection is discussed in Section 3. A brief description of works done in the related field is provided in section 4. Section 5 elaborates our proposed ‘Location based impersonation detection method’. Comparative view of our proposed method is provided in section 6. Finally section 7 contains the concluding remarks.

II. CHARACTERISTICS OF AD HOC NETWORKS

Ad hoc network has certain characteristics that make it not only different from typical wired network, but also prone to new security threats. The premise of forming an ad hoc network is to provide wireless communication between heterogeneous devices, anytime and anywhere, with least or no infrastructure [14], [15], [16], [17]. Security of ad hoc networks is questioned due to its unique characteristics such as infrastructure less network, wireless communication, dynamic topology, and lack of self-stabilization property. External vulnerabilities like eavesdropping and dynamic network and internal constraints like limited computational and storage capabilities pose challenges in implementing a secure ad hoc network. Hence, basic security requirements of MANET are availability, authentication, integrity, confidentiality, authorization, and trust management [14], [15], [16], [17],[18].

Infrastructure less: Unlike traditional networks there is no pre-deployed infrastructure in ad hoc network. The nodes themselves are responsible for where and when to be placed. Mobile nodes in direct radio range of one another can communicate directly.

Frequent changes in network topology: Ad-hoc networks contain nodes that may frequently change their locations. Hence the topology in these networks is highly dynamic. As a result traditional security mechanism & routing protocols can no longer be used in such an

2009 International Conference on Computer Engineering and Technology

978-0-7695-3521-0/09 $25.00 © 2009 IEEE

DOI 10.1109/ICCET.2009.220

380

environment. This mandates the new dynamic model that can handle the demand of the situation .

Effects of wireless communication: As the communication is through wireless medium, it is possible for any intruder to trap the communication easily. An intruder such as an impersonator can collapse the entire network pretending any node of the network.

Lack of self-stabilization property: Routing protocols should be able to recover from an attack in finite time. An intruder should not be able to permanently disable a network by injecting a smaller number of mal-informed routing packets.

III. NEED FOR IMPERSONATION DETECTION

The use of wireless links renders an ad-hoc network vulnerable to malicious attacks, ranging from passive eavesdropping to active interference. In wired networks however the attacker needs to gain access to the physical media e.g: network wires etc or pass through a plethora of firewalls and gateways. In ad hoc networks the scenario is much different, there are no firewalls and gateways in place hence attacks can take place from all directions. Every node in the ad-hoc network must be prepared for encounter with the adversary.

Each mobile node in ad-hoc network is an autonomous unit and free to move independently. This means a node do not have adequate physical protection and is very much susceptible to being captured or impersonated. It is difficult to track down a single compromised node in a large network; attacks stemming from a compromised node are far more detrimental and much harder to detect. Ad-hoc networks have a decentralized architecture, and many ad-hoc network algorithms rely on cooperative participation of the member nodes. Adversaries can exploit this lack of centralized decision making architecture to launch new types of attacks aimed at breaking the cooperative algorithms.

Furthermore, Ad-hoc routing presents more vulnerabilities than one can imagine, since most routing protocols for ad-hoc networks are cooperative by nature. The adversary who compromises a ad-hoc node could succeed in bringing down the whole network by disseminating false routing information and this could culminate into all nodes feeding data to the compromised node.

Intrusion prevention techniques like encryption and authentication can reduce the risks of intrusion but cannot completely eliminate them eg: encryption and authentication cannot defend against impersonated or compromised nodes.

IV. RELATED WORKS

Despite the fact that security of ad-hoc network is causing a major roadblock in commercial application of this technology, only a limited work has been done in this area. Such efforts have mostly concentrated on the aspect of data forwarding, disregarding the aspect of topology discovery. On the other hand, solutions that target route discovery have

been based on approaches for fixed-infrastructure networks, defying the particular ad-hoc network challenges. Dahill et al. [4] proposed ARAN. It assumes managed open environment, where there is a possibility for pre-deployment of infrastructure. It consists of two distinct stages. The first is the certification and end-to-end authentication stage. Here the source gets a certificate from the trusted certification server, and then using this certificate, signs the request packet. Each intermediate node in turn signs the request with its certificate. The destination then verifies each of the certificates, thus the source gets authenticated and so do the intermediate nodes. The destination node then sends the reply along the route reverse to the one in the request, reply signed using the certificate of the destination. The second stage is a non-mandatory stage used to discover the shortest path to the destination, but this stage is computationally expensive. It is prone to reply attacks using error messages unless the nodes have time synchronization. Papadimitratos and Haas [5] proposed a protocol (SRP) that can be applied to several existing routing protocols. This protocol assumes a security association between source and destination nodes. Intermediate nodes do not need to cryptographically validate the control traffic. It adds an SRP header to the base routing protocol (DSR or AODV) request packet. SRP header has three important fields––QSEQ which helps prevent replay of old outdated requests, QID and random number which helps prevent fabrication of requests, and an SRP MAC which ensures integrity of the packets in transit. SRP requires that, for every route discovery, source and destination must have a security association between them. Furthermore, the paper does not even mention route error messages. Therefore, they are not protected, and any malicious node can just forge error messages with other nodes as source. ARIADNE [6] is based on DSR [7] and TESLA [8] (on which its authentication mechanism is based). ARIADNE prevents attackers/compromised nodes from disrupting uncompromised routes comprising benign nodes. It uses highly efficient symmetric key cryptography. ARIADNE does not guard against passive attackers eavesdropping on the network traffic. It does not prevent an attacker from inserting data packets. It is vulnerable to active-1-1 attacker that lies along the discovered route, which does not forward packets and does not generate ERROR if it encounters a broken link. It also requires clock synchronization, which we consider to be an unrealistic requirement for ad-hoc networks. Perlman proposed a link state routing protocol [9] that achieves Byzantine robustness. Although the protocol is highly robust, it requires a very high overhead associated with public key encryption. In their paper on securing ad-hoc networks, Zhou and Haas [10] primarily discuss key management. They devote a section to secure routing, but essentially conclude that “nodes can protect routing information in the same way they protect data traffic”. They also observe that denial-of-service attacks against routing will be treated as damage and routed around. Some work has been done to secure ad-hoc networks by using misbehavior detection schemes [11, 12]. This approach has two main problems: first, it is quite likely that it will be not feasible to detect several kinds of misbehaving; and second has no real

381

means to guarantee the integrity and authentication of the routing messages.

In a trusted environment, signal strength alone can be used as a reliable metric for determining how far away a transmitter T is from a receiver R [13]. As long as R knows at what signal strength T is transmitting and what reduced strength the signal is received, R can compute how far away T is from R. The node A (receiver) is also assumed to have at least two trusted peers B and C that also receive T’s transmitted signals. All these nodes are then assumed to have been the capability to determine the reduced received signal strength.

According to [10]; to locate the position of transmitter, every node needs at least two trusted nodes, which is a little bit inefficient. Furthermore signal strength is not always received very properly or uniquely by the receivers. All these obstacles make the glory of this model blurred.

Looking at the work that has been done in this area previously, it seems that the security needs for ad-hoc networks have not been yet satisfied. Also, ad-hoc networks services are provisional and batteries are a limited resource.

V. PROPOSED LOCATION BASED IMPERSONATION DETECTION METHOD

A. Determining The Exact Location of Transmitter The location of one node relative another node can be

expressed as a vector, i.e. a direction and magnitude. It can be done by the following steps mentioned below.

1. The direction of a Signal received from a transmitter ( T ), can be determined by direction seeking antennas located at the receiver or verifying Node(VN). Each Verifying node(VN) must has a directional antenna that can detect the direction of a received signal.

2. The VN has to know its own location in order to compute distance between two nodes. Self positioning can be accomplished by equipping each node in the ad hoc network with GPS devices.

3. The VN has at least one trusted peer that also receives the signal intended for the Verifying node/receiver from the transmitter. This trusted peer also must be able to determine direction of the signal received from the transmitter through its own direction seeking antenna.

Let node A is the receiver and B is the trusted pair of A. If the node A only knows its own position by the help of a GPS device equipped with it, and the direction of received signal by the direction seeking antenna, then A can not determine the position of the transmitter ( T )because in that direction many several position of the transmitter ( T ) is possible as shown in figure-1. The receiver or VN must need to know the distance of the transmitter in addition with the angle, so that the exact position of T can be identified.

Let the transmitting node ( T ) in figure – 2 sends a

signal that is received by both the receiver and its trusted peer B. The node A knows the angle θ1 and its trusted peer B knows the angle θ2 by the help of direction seeking antenna. It is known that the summation of the three angle of a triangle is 180 degree. From this point of view we can simply say that for the triangle ATB, θ3 = 180 – (θ1+ θ2). Now consider the perpendicular TE upon AB and perpendicular AF upon BT.

Sin θ1 = TE/AT or, TE = AT * Sin θ1 In triangle TBE, Sin θ2 = TE/BT or, TE = BT * Sinθ2 Hence, AT *Sin θ1 = BT*Sin θ2 or, AT/Sin θ2 = BT/Sin θ1 -------------(1) Again in triangle ATF, Sin θ3 = AF/AT or, AF = AT * Sin θ3

382

In triangle ABF, Sin θ2 = AF/AB or, AF = AB* Sin θ2 Hence, AT * Sin θ3= AB * Sin θ2 or, AT/Sin θ2 = AB/ Sin θ3 ----------(2) Comparing equation (1) and (2), AT/Sin θ2 = BT/Sin θ1 = AB/Sin θ3 Hence, AT / Sin θ2 = AB/Sin θ3 or, AT = AB * Sin θ2 / Sin θ3 Hence, both the direction θ1 and distance of the

transmitter AT from the receiver are known; Now the position of the transmitter can be located easily.

B. How Location Identifies Impersonation

This paper is interested in the identification and authentication of the transmitter by associating it with a location. This location can be determined by using the physical properties of the received signal as described in section 5.1. In order to identify the impersonation, this method takes into account of two postulates of Hygenberg which are as follows:

(1) Two objects can not occupy the same space at the same time

(2) One object can occupy only one space at a given time.

It has been found through the analysis that, there are four cases that encircles all possible situation an malicious node can attempt impersonation in ad hoc networks.

Case -1: T : m1 , t1 , L1 M : m2 , t1 , L1 If a transmitter( T ) sends a message at time t1 from

location L1 and a malicious peer ( M ) sends a message m2 at time t1 from location L1 , then two messages have come from two different nodes at the same time and place. Assuming the time is correct, according to the postulates one of these two nodes is not at location L1 . As a consequence, it can be said that impersonation has occurred.

Case -2: T : m1 , t1 , L1 T (M) : m2 , t1 , L2 Here, Transmitter (T) sends a message m1 at the time t1

from location L1. Again a malicious node M pretending to be T , sends a message m2 at time t1 from location L2. It is not possible for a node to be present at two positions L1 and L2 at the same time t1. From this discrepancy it can be said that impersonation has been occurred.

Case-3 : T : m1, t1, L1 T (M) : m2 , t2 , L2 If a transmitter T sends a message m1 at time t1

from location L1 and a malicious peer M masquerading as T sends a message m2 at time t2 from location L2, then

the VN has the opportunity to unveil M’s attempt because L2 cannot be T’s location after ( t2-t1 ) time. After the time (t2-t1), T must be conferred a single position because in a specific moment of time T can not be in two locations i.e. it is not possible for T to be in L2 because in true sense it is the position of the malicious node. If impersonation is occurred , two positions of T will be exposed. If impersonation is not occurred, position of T will be unique.

C. Formation of Trusted Peer In the proposed method, any node can form a trusted

peer by the existing Password authenticated Diffie - Hellman key exchange Diffie-Hellman key exchange system.[1] In the elementary DH protocol, two parties A and B agree on a prime p and a generator g of the multiplicative group Zp* (i.e. the set {1, 2, …, p-1}). A and B choose random secrets SA and SB such that 1 <= SA, SB <= p-1.

1. A computes gSA, encrypts it with the shared secret password P and sends it to B.

A --> B : A, P(gSA). 2. B extracts gSA from the message computes gSB and also

computes the session key K = (gSA)SB. B then chooses a random challenge CB and encrypts it using the key K. B encrypts SB using P. It then sends the two quantities to A.

B --> A : P(SB), K(CB). 3. A extracts SB from P(SB) and computes the key K =

(gSA)SB. It then extracts CB by decrypting K(CB). A then generates challenge (random) CA, encrypts both CA and CB with K and sends it to B.

A --> B : K(CA, CB). 4. This message(3) convinces B that A was able to

decrypt the message in (2) correctly. B then encrypts CA using K and sends it to A.

B --> A : K(CA). A decrypts the message to see if the plaintext is indeed

CA. This would convince A that B knew K. This would in turn convince A that B knew P.

VI. COMPARATIVE VIEW There are not much works done to identify impersonation

in ad hoc network. So far, Signal Strength Based Intrusion Detection [13] as suggested by Yian Huang & Wenke Lee is considered as capable one to identify impersonation but it is not so efficient method to uniquely identify the threat. We can compare our proposed location based method with [13] with respect to the three parameters: Number of trusted peer Needs, Strength of the received signal, and Reliability. Firstly, in our proposed method the receiving node only needs one trusted peer as explained in section 5.1, whereas, existing Signal strength based Intrusion Detection [13] needs at least two trusted pair of receiver. Secondly, [13] imposes a minimum level of the received signal strength to identify impersonation. if the strength of the signal fall below that specific level, it fails to detect the intrusion. On the Other hand , our proposed scheme never imposes any requirements on the strength of received signal, which increased its reliability and scalability.

383

VII. CONCLUSION

This paper is concerned with identifying the impersonation in ad-hoc network. It has been shown that, how signal direction can be used with peer collaboration to provide valuable information about a transmitter’s location which can then be applied to determine the impersonation. . However, having a reference for location does require the nodes to store more data tables with the location information. Storing more data requires more memory but the fact is that memory is relatively cheap. We have designed our model in direct radio range which indicates smaller vicinity. We are sanguine of designing our method out of the radio range farther. We hope that will bring a milestone in the security in ad-hoc network.

VIII. REFERENCES

[1] Arun Kumar Bayya, Siddhartha Gupte, Yogesh Kumar Shukla Anil Garikapati .‘‘Security in Ad-hoc network’’. University of Kentucky.

[2] Zygmunt J. Haas, Jing Deng, Ben Liang, Panagiotis Papadimitratos, and S. Sajama. “Wireless Ad Hoc Networks”. Cornell University .

[3] A. Kush, R. Kumar And P. Gupta . “Secured power aware virtual node routing scheme for ad hoc networks”. Indian Institute of Technology Kanpur, Kanpur 208 016 , India .

[4] B. Dahill, B. N. Levine, E. Royer, and C. Shields, A secure routing protocol for ad-hoc networks, Technical Report UM-CS-2001-037, Department of Computer Science, University of Massachusetts (2001).

[5] P. Papadimitratos, and Z. J. Haas, Secure routing for mobile ad-hoc networks, SCS Communication Networks and Distributed Systems Modeling and Simulation Conf. (CNDS 2002)

[6] Y. C. Hu, A. Perrig, and D. Johnson, ARIADNE: A secure on-demand routing protocol for ad-hoc networks, Technical Report TR01-383, Rice University (2001).

[7] D. B. Johnson et al., The dynamic source routing protocol for mobile ad-hoc networks (DSR),Internet draft, MANET Working Group (2002).

[8] A. Perrig, R. Canetti, D. Song, and D. Tygar, Efficient and secure source authentication for multicast, In Network and Distributed System Security Symposium (NDSS’01) (2001).

[9] R. Perlman, Fault-tolerant broadcast of routing information, Computer Networks, 7, 395–405 1983).

[10] L. Zhou, and Z. J. Haas, Securing ad-hoc networks, IEEE Network Mag., 13, 24–30 (1999).

[11] S. Marti, T. J. Giuli, K. Lai, and M. Baker, Mitigating routing misbehavior in mobile ad-hoc networks, In Proc. Sixth Annual Int. Conf. Mobile Computing and Networking, pp. 255–265 (2000).

[12] William Stallings, Cryptography and network security: Principles and practice, Second edition, pp. 3–12, Prentice Hall (2001).

[13] Yian Huang, Wenke Lee, Signal Strength Based Intrusion Detection in Ad-hoc Network. College of Computing, Georgia Institute of Technology.

[14] A. Mishra and K. M. Nadkarni, “Security in wireless ad hoc networks – A Survey”, in The Handbook of Ad Hoc Wireless Networks, M. Ilyas, Ed. Boca Raton: CRC Press, 2002, pp. 30.1- 30.51.

[15] P. Papadimitratos and Z. Hass, “Securing Mobile Ad Hoc Networks”, in The Handbook of Ad Hoc Wireless Networks, M. Ilyas, Ed. Boca Raton: CRC Press, 2002, pp. 31.1-31.17.

[16] H. Yang, H. Luo, F. Ye, S. Lu, and U. Zhang, “Security in Mobile Ad Hoc Networks: Challenges and Solutions”, IEEE Wireless Communications, vol. 11, no. 1, Feb. 2004, pp. 38-47.

[17] K. Lauter, “The advantages of Elliptic Curve Cryptography For Wireless Security”, IEEE Wireless Communications, vol. 11, no. 1, Feb. 2004, pp. 62-67.

[18] W. A. Arbaugh, “Wireless Security is Different”, IEEE Computer, vol. 36, no. 8, Aug. 2003, pp. 99-101.

384