TY - GEN
T1 - MISPAR
T2 - 4th International Conference on Security and Privacy in Communication Networks, SecureComm'08
AU - Khalil, Issa
AU - Bagchi, Saurabh
PY - 2008
Y1 - 2008
N2 - Local monitoring has been demonstrated as a powerful technique for mitigating security attacks in multi-hop ad-hoc networks. In local monitoring, nodes overhear partial neighborhood communication to detect misbehavior such as packet drop or delay. However, local monitoring as presented in the literature is vulnerable to a class of attacks that we introduce here called stealthy packet dropping. Stealthy packet dropping disrupts the packet from reaching the destination by malicious behavior at an intermediate node. However, the malicious node gives the impression to its neighbors that it performed the legitimate forwarding action. Moreover, a legitimate node comes under suspicion. We introduce four ways of achieving stealthy packet dropping, none of which is currently detectable. We provide a protocol called MISPAR based on local monitoring to remedy each attack. It presents two techniques - having the neighbors maintain additional information about the routing path, and adding some checking responsibility to each neighbor. We show through analysis and simulation that the basic local monitoring fails to mitigate any of the presented attacks while MISPAR successfully mitigates them.
AB - Local monitoring has been demonstrated as a powerful technique for mitigating security attacks in multi-hop ad-hoc networks. In local monitoring, nodes overhear partial neighborhood communication to detect misbehavior such as packet drop or delay. However, local monitoring as presented in the literature is vulnerable to a class of attacks that we introduce here called stealthy packet dropping. Stealthy packet dropping disrupts the packet from reaching the destination by malicious behavior at an intermediate node. However, the malicious node gives the impression to its neighbors that it performed the legitimate forwarding action. Moreover, a legitimate node comes under suspicion. We introduce four ways of achieving stealthy packet dropping, none of which is currently detectable. We provide a protocol called MISPAR based on local monitoring to remedy each attack. It presents two techniques - having the neighbors maintain additional information about the routing path, and adding some checking responsibility to each neighbor. We show through analysis and simulation that the basic local monitoring fails to mitigate any of the presented attacks while MISPAR successfully mitigates them.
KW - Local monitoring
KW - Misrouting
KW - Multi-hop wireless networks
KW - Packet dropping
KW - Transmission power control
UR - http://www.scopus.com/inward/record.url?scp=70249120421&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=70249120421&partnerID=8YFLogxK
U2 - 10.1145/1460877.1460913
DO - 10.1145/1460877.1460913
M3 - Conference contribution
AN - SCOPUS:70249120421
SN - 9781605582412
T3 - Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, SecureComm'08
BT - Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, SecureComm'08
Y2 - 22 September 2008 through 25 September 2008
ER -