Protocols for the Wireless Paranoid Nitin Vaidya University

  • Slides: 30
Download presentation
Protocols for the Wireless Paranoid Nitin Vaidya University of Illinois http: //www. crhc. uiuc.

Protocols for the Wireless Paranoid Nitin Vaidya University of Illinois http: //www. crhc. uiuc. edu/wireless Slightly revised version of slides used for a 2005 INFOCOM (Miami) panel on Paranoid Protocol Design for Wireless Networks March 16, 2005 Other panelists: Jean-Pierre Hubaux (Moderator), Bill Arbaugh, Ed Knightly, Adrian Perrig 1

Disclaimer If you review my research proposals, ignore everything I say here 2

Disclaimer If you review my research proposals, ignore everything I say here 2

Panel’s Premise g Wireless networks need more paranoid protocols than wired networks 3

Panel’s Premise g Wireless networks need more paranoid protocols than wired networks 3

Wireless Networks g Greater paranoia may be desirable in wireless networks i. Easier to

Wireless Networks g Greater paranoia may be desirable in wireless networks i. Easier to “tap” into i. Limited g resources Incentive to cheat Programmable devices provide means to cheat But … 4

What are Paranoid Protocols Anyway? 5

What are Paranoid Protocols Anyway? 5

Department of Net. Land Security (DNS) Severe High Elevated Paranoid Characterized by extreme and

Department of Net. Land Security (DNS) Severe High Elevated Paranoid Characterized by extreme and irrational distrust Guarded Low Threat Assessment 6

Paranoid Design Principles g Everything that can go wrong, will - Murphy’s Law g

Paranoid Design Principles g Everything that can go wrong, will - Murphy’s Law g Protect against everything 7

Research Community’s Response g Enumerate all possible ways things can go wrong g Separate

Research Community’s Response g Enumerate all possible ways things can go wrong g Separate solution for each of the ills Not quite the right approach è Proof by Example 3 Mistakes often made 8

Mistake 1: Assuming Extreme Scenario as the Common Case Ad hoc network are coming

Mistake 1: Assuming Extreme Scenario as the Common Case Ad hoc network are coming ! Ad hoc networks are coming !! 9

“Extreme” Ad Hoc Networking Large Isolated Networks No infrastructure C A E B 10

“Extreme” Ad Hoc Networking Large Isolated Networks No infrastructure C A E B 10

Extreme Scenario g “Extreme” ad hoc networks: No infrastructure No certification authority No DHCP

Extreme Scenario g “Extreme” ad hoc networks: No infrastructure No certification authority No DHCP server Long-lived partitions Why build networks this way, if you don’t have to? Not all networks are for the battlefield 11 !!

Extreme Ad Hoc Networks g g Model acceptable when exploring design space for MAC

Extreme Ad Hoc Networks g g Model acceptable when exploring design space for MAC and routing Assuming same model for “security” can lead to unnecessary complexity 12

More Likely Ad Hoc Networks Access to Infrastructure or Small internet C A E

More Likely Ad Hoc Networks Access to Infrastructure or Small internet C A E B 13

More Likely Ad Hoc Networks Access to Infrastructure or Small 14

More Likely Ad Hoc Networks Access to Infrastructure or Small 14

More Realistic Multi-Hop Wireless Mesh Networks internet Wireless “backbone” Mesh node Wireless channel B

More Realistic Multi-Hop Wireless Mesh Networks internet Wireless “backbone” Mesh node Wireless channel B A C 15

More Realistic Multi-Hop Wireless Hybrid Networks internet Access Point Wireless channel E B A

More Realistic Multi-Hop Wireless Hybrid Networks internet Access Point Wireless channel E B A C D 16

Even Vehicles Can Have Intermittent Infrastructure Access Picture courtesy Prof. Jean-Pierre Hubaux (somewhat modified

Even Vehicles Can Have Intermittent Infrastructure Access Picture courtesy Prof. Jean-Pierre Hubaux (somewhat modified from Prof. Hubaux’s version) 17

Multi-Hop Wireless is Here (Summary) g Multi-hop wireless, but “infrastructure” can be accessed selectively

Multi-Hop Wireless is Here (Summary) g Multi-hop wireless, but “infrastructure” can be accessed selectively g Not all enumerable scenarios are relevant Design protocols for the likely scenarios 18

Mistake 2: “In-Band” Solutions g “In-band” solutions Solution tied closely to attack 19

Mistake 2: “In-Band” Solutions g “In-band” solutions Solution tied closely to attack 19

Mistake 2: “In-Band” Solutions g Example attack: Node refuses to forward packets A P

Mistake 2: “In-Band” Solutions g Example attack: Node refuses to forward packets A P B C Discard g In-band solution: Watch each other for the misbehavior 20

Out-of-Band Solutions Often More Practical 1. 2. Disincentives for not forwarding packets Misbehavior translates

Out-of-Band Solutions Often More Practical 1. 2. Disincentives for not forwarding packets Misbehavior translates to poor performance Re-route around “bad” parts of the network Single out-of-band solution can help with many attacks 21

Mistake 2: “In-Band” Solutions Access Point Wireless channel g g g Example Attack: MAC

Mistake 2: “In-Band” Solutions Access Point Wireless channel g g g Example Attack: MAC Layer selfish misbehavior for performance gains In-band solution: Detect whether a node follows protocol faithfully Out-of-band solution: Determine whether a node receives unfair share 22

Out-of-Band Solutions (Summary) g Out-of-band solutions often superior, and easier to implement 23

Out-of-Band Solutions (Summary) g Out-of-band solutions often superior, and easier to implement 23

Mistake 3 Wireless = Wired Equivalent g Many protocols work correctly only when nodes

Mistake 3 Wireless = Wired Equivalent g Many protocols work correctly only when nodes see identical wireless channel status 24

Mistake 3 Wireless = Wired Equivalent g Many protocols work correctly only when nodes

Mistake 3 Wireless = Wired Equivalent g Many protocols work correctly only when nodes see identical wireless channel status Access Point When C transmits, A and B may see different channel status Wireless channel A B C Protocols cannot perform as advertised 25

Mistake 3 Wireless = Wired Equivalent g g Under realistic channel conditions, some of

Mistake 3 Wireless = Wired Equivalent g g Under realistic channel conditions, some of the attacks also difficult to launch undetected Example: Certain “wormhole” attacks Ignore such attacks? 26

Mistake 3 (Summary) g Pay attention to the physical layer g Wired equivalent for

Mistake 3 (Summary) g Pay attention to the physical layer g Wired equivalent for wireless not always reasonable g Use solutions that do not rely on such assumptions Out-of-band solutions, removed from the cause, may be less prone 27

Conclusion Need to protect wireless networks … g g but Not everything that can

Conclusion Need to protect wireless networks … g g but Not everything that can go wrong is worth the cost of protection Develop small set of solutions for a large problem space g Know the wireless channel 28

Conclusion Wireless networks are complex Focus on the real problems, ignore the imaginary 29

Conclusion Wireless networks are complex Focus on the real problems, ignore the imaginary 29

Thanks ! nhv@uiuc. edu 30

Thanks ! nhv@uiuc. edu 30

Protocols for the Wireless Paranoid Nitin Vaidya UniversityProtocols for the Wireless Paranoid Nitin Vaidya University
MultiChannel Wireless Networks Theory to Practice Nitin VaidyaMultiChannel Wireless Networks Theory to Practice Nitin Vaidya
Exploiting Antenna Capabilities in Wireless Networks Nitin VaidyaExploiting Antenna Capabilities in Wireless Networks Nitin Vaidya
NetworkAware Distributed Algorithms for Wireless Networks Nitin VaidyaNetworkAware Distributed Algorithms for Wireless Networks Nitin Vaidya
Heterogeneity in MultiHop Wireless Networks Nitin H VaidyaHeterogeneity in MultiHop Wireless Networks Nitin H Vaidya
Heterogeneity in MultiHop Wireless Networks Nitin H VaidyaHeterogeneity in MultiHop Wireless Networks Nitin H Vaidya
Consensus consensus everywhere Nitin Vaidya Georgetown University WithConsensus consensus everywhere Nitin Vaidya Georgetown University With
Some Issues in Ad Hoc Networks Nitin VaidyaSome Issues in Ad Hoc Networks Nitin Vaidya
Privacy and FaultTolerance in Distributed Optimization Nitin VaidyaPrivacy and FaultTolerance in Distributed Optimization Nitin Vaidya
Shared Memory Consistency Models Nitin Vaidya UIUC 2016Shared Memory Consistency Models Nitin Vaidya UIUC 2016
Byzantine Vector Consensus in Complete Graphs Nitin VaidyaByzantine Vector Consensus in Complete Graphs Nitin Vaidya
CS 425ECE 428 Distributed Systems Nitin Vaidya TCS 425ECE 428 Distributed Systems Nitin Vaidya T
Some Issues in Ad Hoc Networks Nitin VaidyaSome Issues in Ad Hoc Networks Nitin Vaidya
Antibiotics By Nitin Swamy Prepared by Nitin SwamyAntibiotics By Nitin Swamy Prepared by Nitin Swamy
Network Protocols UNIT III INTERNETWORK PROTOCOLS Routing ProtocolsNetwork Protocols UNIT III INTERNETWORK PROTOCOLS Routing Protocols
Springer Protocols Springer 2009 116 Protocols Springer ProtocolsSpringer Protocols Springer 2009 116 Protocols Springer Protocols
Control LockBased Protocols TimestampBased Protocols ValidationBased Protocols MultipleControl LockBased Protocols TimestampBased Protocols ValidationBased Protocols Multiple
Illinois Center for Wireless Systems CoDirectors NitinICWS VaidyaIllinois Center for Wireless Systems CoDirectors NitinICWS Vaidya
Spatial Backoff in Wireless Networks Xue Yang NitinSpatial Backoff in Wireless Networks Xue Yang Nitin
Explicit and Implicit Pipelining in Wireless MAC NitinExplicit and Implicit Pipelining in Wireless MAC Nitin
Explicit and Implicit Pipelining in Wireless MAC NitinExplicit and Implicit Pipelining in Wireless MAC Nitin
Distributed Fair Scheduling in a Wireless LAN NitinDistributed Fair Scheduling in a Wireless LAN Nitin
Cluster A OddEccentric Cluster Paranoid Personality Disorder SchizoidCluster A OddEccentric Cluster Paranoid Personality Disorder Schizoid
Why You Should Be Paranoid Dean Thornton TuesdayWhy You Should Be Paranoid Dean Thornton Tuesday