On the analysis of identity delegation attacks

Issa M. Khalil; Abdallah Khreishah

doi:10.1109/ICCNC.2012.6167574

On the analysis of identity delegation attacks

Issa M. Khalil, Abdallah Khreishah

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

2 Citations (Scopus)

Abstract

Identity delegation is a sever attack that can be easily launched against multihop wireless ad hoc and sensor networks. Its severity lies in its capability to evade detection by even the-state-of-the-art intrusion detection techniques such as the neighbor monitoring based mechanisms. Through identity delegation, an adversary can drop packets, evade detection, and frame innocent nodes of dropping the traffic. In a previous work, we proposed a mechanism called Sadec to mitigate identity delegation attacks. In this paper, we provide a thorough investigation of Sadec and compare it with the state-of-the-art mitigation technique dubbed basic local monitoring (BLM). Our analysis which is validated by ns-2 simulation scenarios show that BLM fails to efficiently mitigate packet drop through identity delegation while Sadec successfully mitigates it in addition to considerably reducing the framing incidents of legitimate nodes.

Original language	English
Title of host publication	2012 International Conference on Computing, Networking and Communications, ICNC'12
Pages	990-994
Number of pages	5
DOIs	https://doi.org/10.1109/ICCNC.2012.6167574
Publication status	Published - Apr 24 2012
Event	2012 International Conference on Computing, Networking and Communications, ICNC'12 - Maui, HI, United States Duration: Jan 30 2012 → Feb 2 2012

Publication series

Name	2012 International Conference on Computing, Networking and Communications, ICNC'12

Other

Other	2012 International Conference on Computing, Networking and Communications, ICNC'12
Country/Territory	United States
City	Maui, HI
Period	1/30/12 → 2/2/12

Keywords

Local monitoring
identity delegation
multi-hop wireless networks
packet dropping

ASJC Scopus subject areas

Computer Networks and Communications
Electrical and Electronic Engineering

Access to Document

10.1109/ICCNC.2012.6167574

Cite this

On the analysis of identity delegation attacks. / Khalil, Issa M.; Khreishah, Abdallah.
2012 International Conference on Computing, Networking and Communications, ICNC'12. 2012. p. 990-994 6167574 (2012 International Conference on Computing, Networking and Communications, ICNC'12).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Khalil, IM & Khreishah, A 2012, On the analysis of identity delegation attacks. in 2012 International Conference on Computing, Networking and Communications, ICNC'12., 6167574, 2012 International Conference on Computing, Networking and Communications, ICNC'12, pp. 990-994, 2012 International Conference on Computing, Networking and Communications, ICNC'12, Maui, HI, United States, 1/30/12. https://doi.org/10.1109/ICCNC.2012.6167574

@inproceedings{8b866347d0fd42908478fabf3f94f753,

title = "On the analysis of identity delegation attacks",

abstract = "Identity delegation is a sever attack that can be easily launched against multihop wireless ad hoc and sensor networks. Its severity lies in its capability to evade detection by even the-state-of-the-art intrusion detection techniques such as the neighbor monitoring based mechanisms. Through identity delegation, an adversary can drop packets, evade detection, and frame innocent nodes of dropping the traffic. In a previous work, we proposed a mechanism called Sadec to mitigate identity delegation attacks. In this paper, we provide a thorough investigation of Sadec and compare it with the state-of-the-art mitigation technique dubbed basic local monitoring (BLM). Our analysis which is validated by ns-2 simulation scenarios show that BLM fails to efficiently mitigate packet drop through identity delegation while Sadec successfully mitigates it in addition to considerably reducing the framing incidents of legitimate nodes.",

keywords = "Local monitoring, identity delegation, multi-hop wireless networks, packet dropping",

author = "Khalil, {Issa M.} and Abdallah Khreishah",

year = "2012",

month = apr,

day = "24",

doi = "10.1109/ICCNC.2012.6167574",

language = "English",

isbn = "9781467300094",

series = "2012 International Conference on Computing, Networking and Communications, ICNC'12",

pages = "990--994",

booktitle = "2012 International Conference on Computing, Networking and Communications, ICNC'12",

note = "2012 International Conference on Computing, Networking and Communications, ICNC'12 ; Conference date: 30-01-2012 Through 02-02-2012",

}

TY - GEN

T1 - On the analysis of identity delegation attacks

AU - Khalil, Issa M.

AU - Khreishah, Abdallah

PY - 2012/4/24

Y1 - 2012/4/24

N2 - Identity delegation is a sever attack that can be easily launched against multihop wireless ad hoc and sensor networks. Its severity lies in its capability to evade detection by even the-state-of-the-art intrusion detection techniques such as the neighbor monitoring based mechanisms. Through identity delegation, an adversary can drop packets, evade detection, and frame innocent nodes of dropping the traffic. In a previous work, we proposed a mechanism called Sadec to mitigate identity delegation attacks. In this paper, we provide a thorough investigation of Sadec and compare it with the state-of-the-art mitigation technique dubbed basic local monitoring (BLM). Our analysis which is validated by ns-2 simulation scenarios show that BLM fails to efficiently mitigate packet drop through identity delegation while Sadec successfully mitigates it in addition to considerably reducing the framing incidents of legitimate nodes.

AB - Identity delegation is a sever attack that can be easily launched against multihop wireless ad hoc and sensor networks. Its severity lies in its capability to evade detection by even the-state-of-the-art intrusion detection techniques such as the neighbor monitoring based mechanisms. Through identity delegation, an adversary can drop packets, evade detection, and frame innocent nodes of dropping the traffic. In a previous work, we proposed a mechanism called Sadec to mitigate identity delegation attacks. In this paper, we provide a thorough investigation of Sadec and compare it with the state-of-the-art mitigation technique dubbed basic local monitoring (BLM). Our analysis which is validated by ns-2 simulation scenarios show that BLM fails to efficiently mitigate packet drop through identity delegation while Sadec successfully mitigates it in addition to considerably reducing the framing incidents of legitimate nodes.

KW - Local monitoring

KW - identity delegation

KW - multi-hop wireless networks

KW - packet dropping

UR - http://www.scopus.com/inward/record.url?scp=84859900775&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84859900775&partnerID=8YFLogxK

U2 - 10.1109/ICCNC.2012.6167574

DO - 10.1109/ICCNC.2012.6167574

M3 - Conference contribution

AN - SCOPUS:84859900775

SN - 9781467300094

T3 - 2012 International Conference on Computing, Networking and Communications, ICNC'12

SP - 990

EP - 994

BT - 2012 International Conference on Computing, Networking and Communications, ICNC'12

T2 - 2012 International Conference on Computing, Networking and Communications, ICNC'12

Y2 - 30 January 2012 through 2 February 2012

ER -

On the analysis of identity delegation attacks

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this