* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Secure Network Routing: Ariadne and Skipchains
Survey
Document related concepts
Zero-configuration networking wikipedia , lookup
IEEE 802.1aq wikipedia , lookup
Wireless USB wikipedia , lookup
Distributed firewall wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Deep packet inspection wikipedia , lookup
Network tap wikipedia , lookup
Computer security wikipedia , lookup
Internet protocol suite wikipedia , lookup
Computer network wikipedia , lookup
Policies promoting wireless broadband in the United States wikipedia , lookup
Airborne Networking wikipedia , lookup
Wireless security wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Transcript
Protocol Security for Wireless Networks Yih-Chun Hu Illinois Center for Wireless Systems Pervasiveness of Security • Layers in the Internet divide responsibility Application HTTP, IMAP Transport TCP, UDP Network IP MAC / Link 802.11 MAC Physical 802.11a PHY • Security is important at each layer CIA: Not Just an Intelligence Agency • Confidentiality: – Data – Privacy (Location, Identity, Traffic, …) • Integrity: – Data Integrity – Origin Integrity (Location, Identity, …) • Availability Solutions Must Pervade Layers • Many security properties are vulnerable at several layers: Application – Availability – Location privacy Transport Network MAC / Link Physical Why Location Privacy? • Wireless transmissions can reveal location: – Cellular – Electronic Toll Collection (iPass) – WiFi, Bluetooth, … Providing Location Privacy • Power-control for avoiding localization (Physical) • Pseudonymous geographic routing (Network) • Anonymous rendezvous (Network) • Transaction communication model (Transport) • Silent periods (Cross-Layer): – Dissociate one transaction from another – Duration depends on density, mobility • User Interface (Application) Reducing Localization Precision • Existing localization techniques: – Rice: less than 1m with 50% error indoors – Place Lab: 15-30m with 50% error outdoors • Need (generally) at least 3 APs passively scan all channels order all APs based on their RSSIs: R1 >= R2 >= … >= Rn exists R1-Ri-1<20 dB & R1-Ri>20 dB? NOtransmit at the maximum power YES adjust transmit power to TXAP – Ri+ RSAP-10dB effective area for TPC Using Silent Period • Decorrelate transmissions: – Deterministic plus random – BusView data validation User Interface • Directs all location privacy mechanisms • Privacy on/off checkbox • Wait notification Why Availability? • Many different wireless technologies: – Unlicensed bands share spectrum with industrial applications and other users • Users running the same protocol might not cooperate: – Selfish misbehavior – Malicious misbehavior – Software and hardware bugs A Multi-Layer Solution to Availability • Jamming mitigation (Physical) • Packet leashes (Physical / Network) • MAC-level misbehavior detection (MAC) • Secure routing protocols (Network) Possible Misbehavior • Do not follow MAC-layer rules for “backoff” B1 = 1 B1 = 1 Misbehaving node Transmit Transmit Well-behaved node Wait Wait B2 = 20 B2 = 19 Deterministic Backoff • Receivers choose the backoff for the senders – Included in the previous acknowledgement B Sender S Receiver R A Bottom-Up Approach to Availability • Start with a trusted core: – (Possibly) a subset of nodes – Very low bandwidth – Highly available • Bootstrap services using the core: – Routing – Congestion control • Handle failures of core nodes Wireless Security Faculty at Illinois • • • • • • • • • Tamer Basar Roy Campbell Carl Gunter Christoforos Hadjicostis Yih-Chun Hu Ravishankar K. Iyer Klara Nahrstedt William H. Sanders Nitin H. Vaidya