On the analysis of identity delegation attacks

Issa Khalil, Abdallah Khreishah

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

Identity delegation is a sever attack that can be easily launched against multihop wireless ad hoc and sensor networks. Its severity lies in its capability to evade detection by even the-state-of-the-art intrusion detection techniques such as the neighbor monitoring based mechanisms. Through identity delegation, an adversary can drop packets, evade detection, and frame innocent nodes of dropping the traffic. In a previous work, we proposed a mechanism called Sadec to mitigate identity delegation attacks. In this paper, we provide a thorough investigation of Sadec and compare it with the state-of-the-art mitigation technique dubbed basic local monitoring (BLM). Our analysis which is validated by ns-2 simulation scenarios show that BLM fails to efficiently mitigate packet drop through identity delegation while Sadec successfully mitigates it in addition to considerably reducing the framing incidents of legitimate nodes.

Original languageEnglish
Title of host publication2012 International Conference on Computing, Networking and Communications, ICNC'12
Pages990-994
Number of pages5
DOIs
Publication statusPublished - 24 Apr 2012
Externally publishedYes
Event2012 International Conference on Computing, Networking and Communications, ICNC'12 - Maui, HI, United States
Duration: 30 Jan 20122 Feb 2012

Other

Other2012 International Conference on Computing, Networking and Communications, ICNC'12
CountryUnited States
CityMaui, HI
Period30/1/122/2/12

Fingerprint

Monitoring
Wireless ad hoc networks
Intrusion detection
Sensor networks

Keywords

  • identity delegation
  • Local monitoring
  • multi-hop wireless networks
  • packet dropping

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Cite this

Khalil, I., & Khreishah, A. (2012). On the analysis of identity delegation attacks. In 2012 International Conference on Computing, Networking and Communications, ICNC'12 (pp. 990-994). [6167574] https://doi.org/10.1109/ICCNC.2012.6167574

On the analysis of identity delegation attacks. / Khalil, Issa; Khreishah, Abdallah.

2012 International Conference on Computing, Networking and Communications, ICNC'12. 2012. p. 990-994 6167574.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Khalil, I & Khreishah, A 2012, On the analysis of identity delegation attacks. in 2012 International Conference on Computing, Networking and Communications, ICNC'12., 6167574, pp. 990-994, 2012 International Conference on Computing, Networking and Communications, ICNC'12, Maui, HI, United States, 30/1/12. https://doi.org/10.1109/ICCNC.2012.6167574
Khalil I, Khreishah A. On the analysis of identity delegation attacks. In 2012 International Conference on Computing, Networking and Communications, ICNC'12. 2012. p. 990-994. 6167574 https://doi.org/10.1109/ICCNC.2012.6167574
Khalil, Issa ; Khreishah, Abdallah. / On the analysis of identity delegation attacks. 2012 International Conference on Computing, Networking and Communications, ICNC'12. 2012. pp. 990-994
@inproceedings{3387f66934cd4009a03be25d0133574b,
title = "On the analysis of identity delegation attacks",
abstract = "Identity delegation is a sever attack that can be easily launched against multihop wireless ad hoc and sensor networks. Its severity lies in its capability to evade detection by even the-state-of-the-art intrusion detection techniques such as the neighbor monitoring based mechanisms. Through identity delegation, an adversary can drop packets, evade detection, and frame innocent nodes of dropping the traffic. In a previous work, we proposed a mechanism called Sadec to mitigate identity delegation attacks. In this paper, we provide a thorough investigation of Sadec and compare it with the state-of-the-art mitigation technique dubbed basic local monitoring (BLM). Our analysis which is validated by ns-2 simulation scenarios show that BLM fails to efficiently mitigate packet drop through identity delegation while Sadec successfully mitigates it in addition to considerably reducing the framing incidents of legitimate nodes.",
keywords = "identity delegation, Local monitoring, multi-hop wireless networks, packet dropping",
author = "Issa Khalil and Abdallah Khreishah",
year = "2012",
month = "4",
day = "24",
doi = "10.1109/ICCNC.2012.6167574",
language = "English",
isbn = "9781467300094",
pages = "990--994",
booktitle = "2012 International Conference on Computing, Networking and Communications, ICNC'12",

}

TY - GEN

T1 - On the analysis of identity delegation attacks

AU - Khalil, Issa

AU - Khreishah, Abdallah

PY - 2012/4/24

Y1 - 2012/4/24

N2 - Identity delegation is a sever attack that can be easily launched against multihop wireless ad hoc and sensor networks. Its severity lies in its capability to evade detection by even the-state-of-the-art intrusion detection techniques such as the neighbor monitoring based mechanisms. Through identity delegation, an adversary can drop packets, evade detection, and frame innocent nodes of dropping the traffic. In a previous work, we proposed a mechanism called Sadec to mitigate identity delegation attacks. In this paper, we provide a thorough investigation of Sadec and compare it with the state-of-the-art mitigation technique dubbed basic local monitoring (BLM). Our analysis which is validated by ns-2 simulation scenarios show that BLM fails to efficiently mitigate packet drop through identity delegation while Sadec successfully mitigates it in addition to considerably reducing the framing incidents of legitimate nodes.

AB - Identity delegation is a sever attack that can be easily launched against multihop wireless ad hoc and sensor networks. Its severity lies in its capability to evade detection by even the-state-of-the-art intrusion detection techniques such as the neighbor monitoring based mechanisms. Through identity delegation, an adversary can drop packets, evade detection, and frame innocent nodes of dropping the traffic. In a previous work, we proposed a mechanism called Sadec to mitigate identity delegation attacks. In this paper, we provide a thorough investigation of Sadec and compare it with the state-of-the-art mitigation technique dubbed basic local monitoring (BLM). Our analysis which is validated by ns-2 simulation scenarios show that BLM fails to efficiently mitigate packet drop through identity delegation while Sadec successfully mitigates it in addition to considerably reducing the framing incidents of legitimate nodes.

KW - identity delegation

KW - Local monitoring

KW - multi-hop wireless networks

KW - packet dropping

UR - http://www.scopus.com/inward/record.url?scp=84859900775&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84859900775&partnerID=8YFLogxK

U2 - 10.1109/ICCNC.2012.6167574

DO - 10.1109/ICCNC.2012.6167574

M3 - Conference contribution

AN - SCOPUS:84859900775

SN - 9781467300094

SP - 990

EP - 994

BT - 2012 International Conference on Computing, Networking and Communications, ICNC'12

ER -