Evaluation of Rushing Attack on Secured Message Transmission (SMT/SRP)
protocol for Mobile Ad-Hoc Networks
Ani1 Rawat P. D. Vyavahare A. K Ramani Head, Computer Centre Professor and Head Professor Centre for Advanced Technology Dept. of Elx. & Telecom . School of Computer Science Government of India Shri G.S.Inst. of Tech. & Sci Devi Ahilya Vishwavidyalaya lndore - 452 01 3 I NDI A Indore - 452 001 I NDI A Indore - 452 017 INDIA Ph. +91 731 2488936 vyavahare@ cat.ernet. in ramani.iips@dauniv.ac.in Fax+917312488988 rawat@cat.emet .in ABSTRACT Mobile Ad-hoc NETworks (MANET) consist of mobile platforms, which are free to move arbitrarily. These platforms could be routers with multiple hosts, wireless communication devices etc. MANET is an autonomous system of mobile nodes and its majar characteristics include dynamic topology, limited and varying link bandwidths, energy constrained operation and limited physical security [l]. The communication in mobile adhoc networks comprises of two phases, the route discovery and the data transmission. In a hostile environment, adversarial nodes can try to disrupt communication in both the two phases. To emure comprehensive security, both phases of MANET communication should be safeguarded. Many protocol$ are devised to meet the routing needs for MANETs. Attempts have been made to develop peer-to- peer mobile routing capability in a purely mobile wireless domain. The one-hop fringe of the fixed network protocols is to be overcome. There are two broad categories for MANET protocol operations, namely, demand-based operation (reactive) and table driven (proactive) operation. It has been shown that on-demand protocols have lower overheads and are better suited for most of the applications 123. Whenever a route is to be discovered, the source node initiates a route discovery process wi thi n the network. This.process is completed when either a route is found or all possible permutations have been examined. Once a route i s discovered, it is maintained in some form of route maintenance procedure until either the route is lost or is no more desired. Some of the examples of routing protocols are DSR, SAQDVetc.[2]. Physical security in MANET setups is very limited and possibility o f spoofing, replay transmission, header modification etc. always exists. Link level security, using encryption does reduce the threats, but the most pressing issue remains with' inter-router authentication prior to the exchange of network control information. MANET routing protocols have been enhanced to address the security needs. Hu, Pemg and J ohnson presented a new type of attack and named it as Rushing Attack [3]. It prevents discovery of routes beyond two hops by all the previously published protocols. They have also presented Rushing Attack Prevention (RAP), a generic secure Route Discovery component, which can be applied on any on-demand Route Discovery mechanism against rushing attack. Rushing Attack is effectively a denial of service attack against all currently proposed on-demand ad-hoc network routing protocols, including the ones that are secured. In on-demand routing protocols ROUTE REQUEST packet floods the network in an attempt to find a route to the destination. To limit the flood, the nodes forward only one ROUTE REQUEST and typically only the fust arrived packet is forwarded. This weakness i s exploited by the 'Rushing Attack" and it results in denial of service for any route containing at least two hops (three nodes). In another attempt, Papadimitratos and Haas argued and discussed in a paper [4] that any node in MANET can maliciously or selfishly disrupt and deny communication of other nodes. They have presented Secured Message Transmission (SMT) protocol, which safeguards the data transmission against arbitrary malicious behavior of network nodes. SMT uses Secured routing Protocol (SRP) in the route discovery phase. It is proposed to analyze the outcome of Rushing Attack on SMT/SRP and also evaluate relevance of various variants of rushing attack as applicable to SMT/SRP. The paper first discusses the SRP protocol functioning, describe the vario-w variants of rushing attack and then analyses behavior of SEWunder rushing attack conditions. The paper finally concludes the relevance of rushing attack vis-i-vis SRP. OVERVIEW OF MANET What are MANETS? A mobile ad hoc network is a collection of autonomous mobile nodes that communicate with each other 0-7803-8964-6/05/$20.M1 Q z IEEE 62 ICPWC'ZOOS over wireless links. Without using any infi-astructure such as access points or base stations, mobile nodes cooperate to form a network, in multirhop wireless ad hoc networks. Such networks are expected to play an increasingly important role in future civilian and military settings, being usel l for providing communication support where no fuced infrastructure exists or- the deployment of a fixed infrastructure is not economically profitable and movement of communicating parties is possible. However, since there is no stationary infrastructure such as base stations, mobile hosts need to operate as routers in order to maintain the information about the network connectivity. A number of routing protocols have been proposed for ad hoc wireless networks. Attempts have also been made to evaluate performance and reaction of various protocols against variety of attacks. One such protocol, which is discussed in his paper is Secured Message Transmission (SMT) I Secured Routing Protocol (SW). SMT deals only with the data transmission phase of the MANET communication, while it relies on SW for the first phase of route discovery for MANET communication. Yuherabi l i ~ in MANET operation The topology of MANET is not known and is also dynamic because of its inherent property. Finding a route fkom Source to Destination always precedes the data transmission phase. Both these phases are to be safeguarded against maIicious attacks for secured communication in MANET. The route discovery can be disrupted by an attacker by impersonating the destination, by responding with stale or corrupted routing information, or by disseminating forged control traffic. Thi s way the attacker can block legitimate route traffic and deprive topological information to benign nodes. The attacker can also disrupt the data "ission phase by fraudulently redirecting or even dropping tmffic or injecting forged data packets. Type of routing protocols for MANET There are a variety of protocols proposed for MANET routing, broadly they can be divided into two broad categories: Table Driven / Proactive Routing Protocols On-Demand / Reactive Routing Protocols Networks, using table driven type of protocols attempts to maintain consistent, up-to-date routing information from each node to every other node in the network. A consistent network view is maintained in form of one or more tables, which store the routing information. These tables are updated with changes in network topology by propagating updates throughout the network. Protocols differ in the way changes in network are broadcasted and the number of tables used to maintain the routing information. Some of the table driven routing protocols are DSDV, OLSR, WRP etc. The on-demand category of protocals depends on source-initiated route discovery. Routes are created only when the source demands a route, i.e. source initiated. Route discovery phase is instantiated when a source desires a route to a destination. The route is maintained as long as it is desired or is available. Some of the popular on-demand routing protocols are AODV, SAODV, SRP, DSR etc. ATTACKS ON MANET Because of the peculiar architecture of ad-hoc networks, they are more vulnerable to attacks than wired networks. These attacks can be of two kinds: passive attacks and active attacks. The passive attacks are aimed for discovering valuable information by listening to the traffic, while active attacks try to disrupt the operation of the MANET protocols. The emphasis here is on active attacks, which exploits the clear text methodology employed for route discovery by the on-demand protocols. A good protocol should be able to safeguard the network particularly in the route discovery phase from malicious nodes. Various types of attacks are briefly described in the following subsections: Attach modfying route request packets In this type of attack a hacker tries to announce itself having shorter routes to the destination. The shorter route can either be identified by number of hops or announcing a better route metric in the reply packets for the route discovery phase to the sender. Similarly an intruder can become a part of the route and start discarding traffic by employing DOS (Denial of Service) attack for the packets received from the sender. Attacks using spoofing techniques The attacker can just st ar t spoofmg the valid IP addresses and isolate the nodes from the remainder of the network. TIUS vulnerability is easily exploitable in AODV and DSR protocols. Attach using fabrication The attacker can intentionally float error messages on the network thus falsifying existence of valid routes. A replay attack could be mounted by an attacker by advertising stale routes and the attacker can even advertise a zero metric 63 for all destinations causing all nodes to route packets to it and thus creating a black hole. Attention is drawn here to another ahck named as Rushing Attack and can be categorized as a denial of service attack. Currently proposed on-demand protocols flood the network with Route Request packets and attempt to fiid a route to the destination. Each protocol typically forwards only one Route Request, which arrives first at the node. If a route request from an attacker arrives first at each neighbor of the target (destination), it will be forwarded first and subsequent requests will be discarded. Legitimate non-attacking requests arriving later will not be forwarded by the nodes. As a result the initiator will not be able to discover any route to the destination containing at least two hops (three nodes). In subsequent sections we will describe variants of this type of attack in more detail, THE SECURED ROUTING PROTOCOL ( S W S W is a part of the SMT (Secured Message Transmission) protocol proposed by Papadimitratos and Hass and is used forthe route discovery phase of the SMT/SRP suit. They designed as an extension header to the ROUTE REQUEST and ROUTE REPLY packets used by all on- demand routing protocols for mobile ad-hoc networks for the route discovery phase. SRP assumes a security association between the two comunicating nodes (KS,T in case of S and T as the source and destination nodes). Following steps describe the functioning of the protocol: Source initiates a rote discovery by constructing a ROUTE REQUEST packet identified by a query sequence number and a random query identifier (generated randomly for each route request query initiated by the source). The query id is monotonically incremented for each route request initiated by the source for the destination, four billion such id are possible and it is reset when the SA is established between two authenticated nodes to communicate. Source (S), Destination (T), Query ID wi th is used to compute MAC, which f o m a part of the SRP header. IDS of intermediate traversed node gets accumulated in the route request packet and the ROUTE REQUEST are relayed. Intermediate nodes discards previously seen route requests, this is ascertained by the query identifier (generated randomly by the source for each query sequence number), which is extracted fiom the SRP header. Intermediate nodes also measure the frequency of queries received from the neighbor to regulate query propagation. Highest priority is given to nodes generating requests at the lowest rates and lowest priority to nodes generating queries at higher rates. Malicious nodes can not fabricate requests since the query identifier is used while computing the MAC and they are randomly generated. MAC computation excludes the fields in ROUTE REQUSEST which are updated as the packet propagates to destination and it also does not include IP header mutable fields. Destination validates the route request packet for its origin from a node with which it has a security binding. Query sequence number is compared with S , (maximum sequence number received from S within life time of SA) and if Qreq <= S, the request is discarded. If accepted, keyed hash of request fields is matched for the stored MAC in the SRP header and authenticity is verified. Destination may receive multiple ROUTE REQUEST query packets. Destination node constructs route reply by placing accumulated route, Qid, Qs,, and computes MAC covering route reply contents and returns packet to S. Source may receive multiple replies. S checks source and destination addresses, Qid and Qs, and discards the reply if does not match any pending request. S then compares repry IP source-route with reverse of the route canied in reply payload and the two match, S calculates MAC using replied route, SRP header and KS,T and MAC is matched, if matches the validation is complete. S validates replies and update its topology view, multiple routes from source to destination may be obtained by S, which in turn are used by SMT (Secured Message Transmission) in the data transmission phase. INRTfunctioning Route caching is generally not encouraged and intermediate nodes are not required to give a route replies. But route caching can improve effectiveness of the route discovery process, for example, if an intermediate node V has an active route to T and a SA exists between S and V. V can reply to S. This extension is enabled by Intermediate Node Reply Token (INRT). Route Maintenance Route maintenance has been proposed by the authors of the SFWSMT, but is not being evaluated here since attempt has been made only to evaluate rushing attack against the SRP and not to ascertain the full functionality of SRP. This paper only attempts to ascertain route discovery under rushing attack conditions. 64 THE RUSHING ATTACK nodes will be more than the transit time through the wired nodes. Rushing attack is a type of denial-of-service attack. The authors, Hu, Perrig an J ohnson in their paper on Rushing Attack [3] have based their proposal on a presumption that a11 on-demand routine protocoi are based on a property of forwarding only the first request for each route discoveq request query. This 'vulnerability' of the on-demand routing protocols is exploited to mount therushing attack. The source initiates a Route Discovery for the destination and if the attacker is able to reach the neighbor of the target first, before arrival of the legitimate ROUTE REQUEST, the attacker can force a route through itself or the attacker using this attack can prevent thediscovery of routes from source to destination needing mini" of two hops, i.e. having at least one intermediate node. The authors have further infroduced following four types of variants of rushing attack: Flooding of fabricated ROUTE REQUST queries In another scenario, an attacker can flood a node with fabricated route requests and delay the forwarding of the legitimate route requests. Protocols using public key authentication are susceptible to such attacks, since they require substantial time to compute for validation. Enforcing collision In a dense network, if a destination is twa hop away from the source and there are two common neighboring nodes to the source and destination, the route request packets may collide and thus prevent route discovery. This attack can be mounted by an attacker, if it colludes with one of the two neighboring nodes to the destination. Further, in a dense network collision of ROUTE REQUEST packets can prevent discovery of routes except for the direct link from source to destination, which makes the condition more severe then the rushing attack itself. Packet transmission at higher power An attacker can achieve faster transit by transmitting at higher power, thus bypassing intermediate nodes. This could result in reduced number of haps and can give a latency advantage to the attacker in mounting a attack. Wormhole attack Wormhole attack is yet another variant of the rushing attack, for which an attacker can use a pair of two nodes (may be wired) to provide a tunnel between the source and destination. In such a case the nodes near the attacker will not be able to discovery routes, since transit time through wireless Consider the following example topology to understand how SRP safeguards the route discovery phase of the SMT/SRP based communication: T I S M2 6 U Figure 1 : Example MANET topology In the above example topology, S is the source node requesting a route to the destination node T. The links represents the reach of mobile nodes transmission range. MI and M2 are two malicious nodes. RUSHING ATTACK vi s - hi s SRF' In Rushing Attack the attacker tries to rush ROUTE REQUEST query packets to the neighboring nodes (node 3 and 6 in the example topology) nearest to the destination (the node T) and if these packets are first to reach the neighbors, the neighboring nodes will discard subsequent ROTE REQUEST query packets and thus the route discovery phase will fail to find valid route. Following features of SRP enables the protocol to thwart the rushing attack conditions which an attacker can try to disrupt rote discovery by SRP: Inability to fabricate f ake ROUTE REQiJESTpackets The anacker cannot fabricate any false ROUTE REQUEST query packets and attempt to flood the network with such packets. The random query number cannot be predicted and hence malicious nodes cannot generate false ROUTE REQUEST packets. These packets will be dropped by the destination while verifylng the MAC. The basic type of Rushing Attack resulting in Denial-Of-Service by providing the neighboring node with false ROUTE REQUEST before arrival of valid ROUTE REQUEST packet can not be achieved by the attacker and no valid entry in the query table of the intermediate nodes can be made. The nodes will be able to forward the legitimate ROUTE REQUEST packets, since no entry in the query table can be made in advance. 65 Prevention againstflooding of false request packets Also, if a,&alicious node tries to flood the network with false ROUTE REQUEST packets in an attempt to overload the intmediate node and thus forcing delay in forwarding of the valid ROUTE REQUEST packets by the intermediate nodes. These packets will be dropped by the intermediate nodes while employing the traffic regulation mechanism of SRP. The traffic regulation is based on frequency dependent packet acceptance kom neighboring nodes and least priority is given to packets received at higher ffequency from a node. Prevention against collision The t he lag enforced by the protocols between the receipt of the ROUTE REQUEST packet and its relay to the neighbor nodes will prevent collision with similar relay by a malicious node. It is not possible to achieve perfect timing for relay by a malicious node. Of course in a densely populated network case collision can disrupt any on-demand routing protocol. Prevention against transmission at higher power If intermediate nodes start transmitting at higher power in an attempt to bypass some intermediate nodes, the protocol will not fail to discovery valid routes. The protocol does not prevent discovery of multiple routes, which anyway will be found by flow of ROUTE REQUEST query packets through the bypassed nodes. Also the receiver of these high power transmitted packets will not be able to transmit at higher power the ROUTE REPLY packets and thus the ROUTE REPLY packets will be dropped by the intermediate nodes. Prevention against wormhole attack using colluding nodes The colluding nodes (may be M1 and M2) forming tunnel between them to forward all packets at one end to the other end, will only provide one such route to t he source, while other routes wrll be discovered by SRP by its usual process. Application of SMT on top of the SRP further mitigates the impact of an attack mounted by colluding nodes. Thus the wormhole attack variant of rushing attack can be tackIed by SRP. CONCLUSIONS SFWSMT has been proposed and described by the authors in their work and they have also discussed various scenarios in which the attacker can attempt to disrupt the route discovery process. Authors of the work proposing Rushing Attack have dwelled upon various variants of Rushing Attack in addition to the basic DOS attack exploiting the only first request relay property of on-demand routing protocols. This paper analyzes various ways and techniques as applied by SRP for defense against such attacks. It has been found that Rushing Attack can not disrupt the route discovery phase of SRP as is claimed in the paper proposing the rushing attack [3]. Possibility of enhancing SRP to safeguard against some special conditions exists and leaves some questions to be answered. For example, if an intermediate node can maintain some additional information in the route table and forward ROUTE REQUEDT for already forwarded request through an altemate path, could help in finding more valid routes. This may necessitate maintenance of additional information by each intermediate node for the topology view of its neighboring nodes. Rushing Attack, may, only under special circumstance of malicious node being the only neighbor of the destination could result in disruption of the route discovery phase of the protocol and it need to be addressed. Nothmg much has been discussed by authors of variaus protocols about the behavior of the protocol if no route is discovered. In this paper, attempt has been made to evaluate the possibility of Denial of Service using Rushing Attack on SRP, which has been found to be ineffective and SRP can withstand the rushing attack. FIEFERENCES S. Corson and J. Macker, Mobile Ad hoc Networking (MANET) , Routing Protocol Performance Issues and Evaluation Considerations Request for Comments 2501 (RFC) of Intemet Engineering Task Force (XETF), J anuary 1999 Elizabeth Royer and C-K Toh, A Review of Current Routing Protocols for Ad-Hoc Mobile Wireless Networks, IEEE Personal Communications Magazine, pp, 46-55, April 1999. Yih-Chun Hu, Adrian Perrig and David B. J ohnson Rushing Attacks and Defense in WirelessAd Hoc Network Routing Protocols, Proceedings of the 2003 ACM workshop on Wireless security, San Diego, CA, USA, pp. 3040, September 2003. P. Papadimitratos and ZJ. Haas. Secure Message Transmission in Mobile Ad Hoc Networks Elsevier Ad Hoc Networks J ournal, vol. 1, no. 1, July 2003. 66