Detection of malicious packet dropping in wireless ad hoc networks based on privacy-preserving public auditing

Research output: Chapter in Book/Report/Conference proceedingConference contribution

12 Citations (Scopus)

Abstract

In a multi-hop wireless ad hoc network, packet losses are attributed to harsh channel conditions and intentional packet discard by malicious nodes. In this paper, while observing a sequence of packet losses, we are interested in determining whether losses are due to link errors only, or due to the combined efiect of link errors and malicious drop. We are especially interested in insider's attacks, whereby a malicious node that is part of the route exploits its knowledge of the communication context to selectively drop a small number of packets that are critical to network performance. Because the packet dropping rate in this case is comparable to the channel error rate, conventional algorithms that are based on detecting the packet loss rate cannot achieve satisfactory detection accuracy. To improve the detection accuracy, we propose to exploit the correlations between lost packets. Furthermore, to ensure truthful calculation of these correlations, we develop a homomorphic linear authenticator (HLA) based public auditing architecture that allows the detector to verify the truthfulness of the packet loss information reported by nodes. This architecture is privacy preserving, collusion proof, and incurs low communication and storage overheads. Through extensive simulations, we verify that the proposed mechanism achieves significantly better detection accuracy than conventional methods such as a maximum-likelihood based detection.

Original languageEnglish (US)
Title of host publicationWiSec'12 - Proceedings of the 5th ACM Conference on Security and Privacy in Wireless and Mobile Networks
Pages87-98
Number of pages12
DOIs
StatePublished - 2012
Event5th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec'12 - Tucson, AZ, United States
Duration: Apr 16 2012Apr 18 2012

Other

Other5th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec'12
CountryUnited States
CityTucson, AZ
Period4/16/124/18/12

Fingerprint

Wireless ad hoc networks
Packet loss
Communication
Network performance
Maximum likelihood
Detectors

Keywords

  • Denial-of-service
  • Homomorphic linear authentication
  • Malicious user detection
  • Security
  • Wireless ad hoc networks

ASJC Scopus subject areas

  • Computer Networks and Communications

Cite this

Shu, T., & Krunz, M. M. (2012). Detection of malicious packet dropping in wireless ad hoc networks based on privacy-preserving public auditing. In WiSec'12 - Proceedings of the 5th ACM Conference on Security and Privacy in Wireless and Mobile Networks (pp. 87-98) https://doi.org/10.1145/2185448.2185460

Detection of malicious packet dropping in wireless ad hoc networks based on privacy-preserving public auditing. / Shu, Tao; Krunz, Marwan M.

WiSec'12 - Proceedings of the 5th ACM Conference on Security and Privacy in Wireless and Mobile Networks. 2012. p. 87-98.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Shu, T & Krunz, MM 2012, Detection of malicious packet dropping in wireless ad hoc networks based on privacy-preserving public auditing. in WiSec'12 - Proceedings of the 5th ACM Conference on Security and Privacy in Wireless and Mobile Networks. pp. 87-98, 5th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec'12, Tucson, AZ, United States, 4/16/12. https://doi.org/10.1145/2185448.2185460
Shu T, Krunz MM. Detection of malicious packet dropping in wireless ad hoc networks based on privacy-preserving public auditing. In WiSec'12 - Proceedings of the 5th ACM Conference on Security and Privacy in Wireless and Mobile Networks. 2012. p. 87-98 https://doi.org/10.1145/2185448.2185460
Shu, Tao ; Krunz, Marwan M. / Detection of malicious packet dropping in wireless ad hoc networks based on privacy-preserving public auditing. WiSec'12 - Proceedings of the 5th ACM Conference on Security and Privacy in Wireless and Mobile Networks. 2012. pp. 87-98
@inproceedings{3c5cab9318234235ae74cfedbbeb8322,
title = "Detection of malicious packet dropping in wireless ad hoc networks based on privacy-preserving public auditing",
abstract = "In a multi-hop wireless ad hoc network, packet losses are attributed to harsh channel conditions and intentional packet discard by malicious nodes. In this paper, while observing a sequence of packet losses, we are interested in determining whether losses are due to link errors only, or due to the combined efiect of link errors and malicious drop. We are especially interested in insider's attacks, whereby a malicious node that is part of the route exploits its knowledge of the communication context to selectively drop a small number of packets that are critical to network performance. Because the packet dropping rate in this case is comparable to the channel error rate, conventional algorithms that are based on detecting the packet loss rate cannot achieve satisfactory detection accuracy. To improve the detection accuracy, we propose to exploit the correlations between lost packets. Furthermore, to ensure truthful calculation of these correlations, we develop a homomorphic linear authenticator (HLA) based public auditing architecture that allows the detector to verify the truthfulness of the packet loss information reported by nodes. This architecture is privacy preserving, collusion proof, and incurs low communication and storage overheads. Through extensive simulations, we verify that the proposed mechanism achieves significantly better detection accuracy than conventional methods such as a maximum-likelihood based detection.",
keywords = "Denial-of-service, Homomorphic linear authentication, Malicious user detection, Security, Wireless ad hoc networks",
author = "Tao Shu and Krunz, {Marwan M}",
year = "2012",
doi = "10.1145/2185448.2185460",
language = "English (US)",
isbn = "9781450312653",
pages = "87--98",
booktitle = "WiSec'12 - Proceedings of the 5th ACM Conference on Security and Privacy in Wireless and Mobile Networks",

}

TY - GEN

T1 - Detection of malicious packet dropping in wireless ad hoc networks based on privacy-preserving public auditing

AU - Shu, Tao

AU - Krunz, Marwan M

PY - 2012

Y1 - 2012

N2 - In a multi-hop wireless ad hoc network, packet losses are attributed to harsh channel conditions and intentional packet discard by malicious nodes. In this paper, while observing a sequence of packet losses, we are interested in determining whether losses are due to link errors only, or due to the combined efiect of link errors and malicious drop. We are especially interested in insider's attacks, whereby a malicious node that is part of the route exploits its knowledge of the communication context to selectively drop a small number of packets that are critical to network performance. Because the packet dropping rate in this case is comparable to the channel error rate, conventional algorithms that are based on detecting the packet loss rate cannot achieve satisfactory detection accuracy. To improve the detection accuracy, we propose to exploit the correlations between lost packets. Furthermore, to ensure truthful calculation of these correlations, we develop a homomorphic linear authenticator (HLA) based public auditing architecture that allows the detector to verify the truthfulness of the packet loss information reported by nodes. This architecture is privacy preserving, collusion proof, and incurs low communication and storage overheads. Through extensive simulations, we verify that the proposed mechanism achieves significantly better detection accuracy than conventional methods such as a maximum-likelihood based detection.

AB - In a multi-hop wireless ad hoc network, packet losses are attributed to harsh channel conditions and intentional packet discard by malicious nodes. In this paper, while observing a sequence of packet losses, we are interested in determining whether losses are due to link errors only, or due to the combined efiect of link errors and malicious drop. We are especially interested in insider's attacks, whereby a malicious node that is part of the route exploits its knowledge of the communication context to selectively drop a small number of packets that are critical to network performance. Because the packet dropping rate in this case is comparable to the channel error rate, conventional algorithms that are based on detecting the packet loss rate cannot achieve satisfactory detection accuracy. To improve the detection accuracy, we propose to exploit the correlations between lost packets. Furthermore, to ensure truthful calculation of these correlations, we develop a homomorphic linear authenticator (HLA) based public auditing architecture that allows the detector to verify the truthfulness of the packet loss information reported by nodes. This architecture is privacy preserving, collusion proof, and incurs low communication and storage overheads. Through extensive simulations, we verify that the proposed mechanism achieves significantly better detection accuracy than conventional methods such as a maximum-likelihood based detection.

KW - Denial-of-service

KW - Homomorphic linear authentication

KW - Malicious user detection

KW - Security

KW - Wireless ad hoc networks

UR - http://www.scopus.com/inward/record.url?scp=84860678494&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84860678494&partnerID=8YFLogxK

U2 - 10.1145/2185448.2185460

DO - 10.1145/2185448.2185460

M3 - Conference contribution

AN - SCOPUS:84860678494

SN - 9781450312653

SP - 87

EP - 98

BT - WiSec'12 - Proceedings of the 5th ACM Conference on Security and Privacy in Wireless and Mobile Networks

ER -