MISPAR: Mitigating stealthy packet dropping in locally-monitored multi-hop wireless ad hoc networks

Issa Khalil, Saurabh Bagchi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

14 Citations (Scopus)

Abstract

Local monitoring has been demonstrated as a powerful technique for mitigating security attacks in multi-hop ad-hoc networks. In local monitoring, nodes overhear partial neighborhood communication to detect misbehavior such as packet drop or delay. However, local monitoring as presented in the literature is vulnerable to a class of attacks that we introduce here called stealthy packet dropping. Stealthy packet dropping disrupts the packet from reaching the destination by malicious behavior at an intermediate node. However, the malicious node gives the impression to its neighbors that it performed the legitimate forwarding action. Moreover, a legitimate node comes under suspicion. We introduce four ways of achieving stealthy packet dropping, none of which is currently detectable. We provide a protocol called MISPAR based on local monitoring to remedy each attack. It presents two techniques - having the neighbors maintain additional information about the routing path, and adding some checking responsibility to each neighbor. We show through analysis and simulation that the basic local monitoring fails to mitigate any of the presented attacks while MISPAR successfully mitigates them.

Original languageEnglish
Title of host publicationProceedings of the 4th International Conference on Security and Privacy in Communication Networks, SecureComm'08
DOIs
Publication statusPublished - 1 Dec 2008
Externally publishedYes
Event4th International Conference on Security and Privacy in Communication Networks, SecureComm'08 - Istanbul, Turkey
Duration: 22 Sep 200825 Sep 2008

Other

Other4th International Conference on Security and Privacy in Communication Networks, SecureComm'08
CountryTurkey
CityIstanbul
Period22/9/0825/9/08

Fingerprint

Wireless ad hoc networks
Monitoring
Ad hoc networks
Network protocols
Communication

Keywords

  • Local monitoring
  • Misrouting
  • Multi-hop wireless networks
  • Packet dropping
  • Transmission power control

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software

Cite this

Khalil, I., & Bagchi, S. (2008). MISPAR: Mitigating stealthy packet dropping in locally-monitored multi-hop wireless ad hoc networks. In Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, SecureComm'08 [28] https://doi.org/10.1145/1460877.1460913

MISPAR : Mitigating stealthy packet dropping in locally-monitored multi-hop wireless ad hoc networks. / Khalil, Issa; Bagchi, Saurabh.

Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, SecureComm'08. 2008. 28.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Khalil, I & Bagchi, S 2008, MISPAR: Mitigating stealthy packet dropping in locally-monitored multi-hop wireless ad hoc networks. in Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, SecureComm'08., 28, 4th International Conference on Security and Privacy in Communication Networks, SecureComm'08, Istanbul, Turkey, 22/9/08. https://doi.org/10.1145/1460877.1460913
Khalil I, Bagchi S. MISPAR: Mitigating stealthy packet dropping in locally-monitored multi-hop wireless ad hoc networks. In Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, SecureComm'08. 2008. 28 https://doi.org/10.1145/1460877.1460913
Khalil, Issa ; Bagchi, Saurabh. / MISPAR : Mitigating stealthy packet dropping in locally-monitored multi-hop wireless ad hoc networks. Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, SecureComm'08. 2008.
@inproceedings{c91d87a1e0e34a0e811aa1634dcd9978,
title = "MISPAR: Mitigating stealthy packet dropping in locally-monitored multi-hop wireless ad hoc networks",
abstract = "Local monitoring has been demonstrated as a powerful technique for mitigating security attacks in multi-hop ad-hoc networks. In local monitoring, nodes overhear partial neighborhood communication to detect misbehavior such as packet drop or delay. However, local monitoring as presented in the literature is vulnerable to a class of attacks that we introduce here called stealthy packet dropping. Stealthy packet dropping disrupts the packet from reaching the destination by malicious behavior at an intermediate node. However, the malicious node gives the impression to its neighbors that it performed the legitimate forwarding action. Moreover, a legitimate node comes under suspicion. We introduce four ways of achieving stealthy packet dropping, none of which is currently detectable. We provide a protocol called MISPAR based on local monitoring to remedy each attack. It presents two techniques - having the neighbors maintain additional information about the routing path, and adding some checking responsibility to each neighbor. We show through analysis and simulation that the basic local monitoring fails to mitigate any of the presented attacks while MISPAR successfully mitigates them.",
keywords = "Local monitoring, Misrouting, Multi-hop wireless networks, Packet dropping, Transmission power control",
author = "Issa Khalil and Saurabh Bagchi",
year = "2008",
month = "12",
day = "1",
doi = "10.1145/1460877.1460913",
language = "English",
isbn = "9781605582412",
booktitle = "Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, SecureComm'08",

}

TY - GEN

T1 - MISPAR

T2 - Mitigating stealthy packet dropping in locally-monitored multi-hop wireless ad hoc networks

AU - Khalil, Issa

AU - Bagchi, Saurabh

PY - 2008/12/1

Y1 - 2008/12/1

N2 - Local monitoring has been demonstrated as a powerful technique for mitigating security attacks in multi-hop ad-hoc networks. In local monitoring, nodes overhear partial neighborhood communication to detect misbehavior such as packet drop or delay. However, local monitoring as presented in the literature is vulnerable to a class of attacks that we introduce here called stealthy packet dropping. Stealthy packet dropping disrupts the packet from reaching the destination by malicious behavior at an intermediate node. However, the malicious node gives the impression to its neighbors that it performed the legitimate forwarding action. Moreover, a legitimate node comes under suspicion. We introduce four ways of achieving stealthy packet dropping, none of which is currently detectable. We provide a protocol called MISPAR based on local monitoring to remedy each attack. It presents two techniques - having the neighbors maintain additional information about the routing path, and adding some checking responsibility to each neighbor. We show through analysis and simulation that the basic local monitoring fails to mitigate any of the presented attacks while MISPAR successfully mitigates them.

AB - Local monitoring has been demonstrated as a powerful technique for mitigating security attacks in multi-hop ad-hoc networks. In local monitoring, nodes overhear partial neighborhood communication to detect misbehavior such as packet drop or delay. However, local monitoring as presented in the literature is vulnerable to a class of attacks that we introduce here called stealthy packet dropping. Stealthy packet dropping disrupts the packet from reaching the destination by malicious behavior at an intermediate node. However, the malicious node gives the impression to its neighbors that it performed the legitimate forwarding action. Moreover, a legitimate node comes under suspicion. We introduce four ways of achieving stealthy packet dropping, none of which is currently detectable. We provide a protocol called MISPAR based on local monitoring to remedy each attack. It presents two techniques - having the neighbors maintain additional information about the routing path, and adding some checking responsibility to each neighbor. We show through analysis and simulation that the basic local monitoring fails to mitigate any of the presented attacks while MISPAR successfully mitigates them.

KW - Local monitoring

KW - Misrouting

KW - Multi-hop wireless networks

KW - Packet dropping

KW - Transmission power control

UR - http://www.scopus.com/inward/record.url?scp=70249120421&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=70249120421&partnerID=8YFLogxK

U2 - 10.1145/1460877.1460913

DO - 10.1145/1460877.1460913

M3 - Conference contribution

AN - SCOPUS:70249120421

SN - 9781605582412

BT - Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, SecureComm'08

ER -