Showing papers by "Sanjeev Setia published in 2005"
12 Dec 2005
TL;DR: This paper investigates the security of MAODV (Multicast Ad hoc On-Demand Distance Vector protocol), a well-known multicast routing protocol, and identifies several attacks on it and presents an authentication framework and proposed countermeasures that can prevent or mitigate the impact of these attacks.
Abstract: Most of the multicast routing protocols proposed for ad hoc networks assume a trusted, non-adversarial environment and do not take security issues into account in their design. In this paper, we investigate the security of MAODV (Multicast Ad hoc On-Demand Distance Vector protocol), a well-known multicast routing protocol, and identify several attacks on it. We show, via simulation, that these attacks can have a significant impact on the performance of MAODV. We present an authentication framework for MAODV and propose countermeasures that can prevent or mitigate the impact of these attacks.
61 citations
12 Dec 2005
TL;DR: McTorrent and McSynch are presented, two multichannel sensor network protocols for data dissemination designed to take advantage of the spatial multiplexing properties of the half-duplex radio transceivers available on the current generation of sensor nodes.
Abstract: This paper presents McTorrent and McSynch, two multichannel sensor network protocols for data dissemination. Both protocols are designed to take advantage of the spatial multiplexing properties of the half-duplex radio transceivers available on the current generation of sensor nodes. McTorrent is used for reliable end-to-end dissemination of a large data object. Compared to existing protocols, we show that McTorrent significantly reduces the amount of time required to propagate a large data object throughout a sensor network. McSynch is used to achieve data object synchronization within a local cluster of nodes. By using a scheduled channel access approach and an appropriate number of transmission channels, McSynch can significantly reduce the amount of time required to update a local cluster. We also describe our experiences implementing a multichannel system, and report on lessons learned for channel and frequency settings
33 citations
07 Jun 2005
TL;DR: A bandwidth-efficient scheme that seamlessly integrates network access control and group key management, and a DoS-resilient key distribution scheme that delivers updated keys to a large fraction of nodes with high probability even if an attacker can selectively compromise nodes in the multicast data delivery hierarchy and command these compromised nodes to drop keying packets.
Abstract: This paper studies the security issues that arise in an overlay multicast architecture where service providers distribute content such as web pages, static and streaming multimedia data, realtime stock quotes, or security updates to a large number of users. In particular, two major security problems of overlay multicast, network access control and group key management, are addressed. We first present a bandwidth-efficient scheme, called CRBR, that seamlessly integrates network access control and group key management. Next we propose a DoS-resilient key distribution scheme, called k-RIP, that delivers updated keys to a large fraction of nodes with high probability even if an attacker can selectively compromise nodes in the multicast data delivery hierarchy and command these compromised nodes to drop keying packets. The proposed schemes do not rely on knowledge of overlay topology, and can scale up to very large overlay networks.
17 citations
05 Sep 2005
TL;DR: A metaprotocol (Meta-TMP) is proposed to represent the class of topology maintenance protocols for sensor networks and provides a better understanding of the characteristics and of how a specific TMP works, and it can be used to study the vulnerabilities of a particular TMP.
Abstract: We analyze the security vulnerabilities of PEAS, ASCENT, and CCP, three well-known topology maintenance protocols for sensor networks. These protocols aim to increase the lifetime of the sensor network by maintaining only a subset of nodes in an active or awake state. The design of these protocols assumes that the sensor nodes will be deployed in a trusted non-adversarial environment, and does not take into account the impact of attacks launched by malicious insider and outsider nodes. We describe three attacks against these protocols that can be used to reduce the lifetime of the sensor network, or to degrade the functionality of the sensor application by reducing the network connectivity and sensing coverage that can be achieved. Further, we describe counter-measures that can be used to increase the robustness of the protocols and make them resilient to such attacks.
14 citations
01 Jan 2005
TL;DR: Three types of attacks that can be launched against these protocols are described: sleep depriva- tion attacks that increase the energy expenditure of sensor nodes and thus reduce the lifetime of the sensor network, snooze attacks that result in inadequate sensing coverage or network connectivity, and network substitution attacks in which multiple attackers collude to take control of part of the sensors network.
Abstract: We analyze the security vulnerabilities of PEAS, AS- CENT, and CCP, three well-known topology maintenance protocols for sensor networks. These protocols aim to in- crease the lifetime of the sensor network by maintaining only a subset of nodes in an active or awake state. The design of these protocols assumes that the sensor nodes will be deployed in a trusted non-adversarial environment, and does not take into account the impact of attacks launched by malicious insider and outsider nodes. We describe three at- tacks against these protocols that can be used to reduce the lifetime of the sensor network, or to degrade the functional- ity of the sensor application by reducing the network con- nectivity and sensing coverage that can be achieved. Fur- ther, we describe counter-measures that can be used to in- crease the robustness of the protocols and make them re- silient to such attacks. nectivity and the application's coverage requirements in a configurable fashion. All these protocols involve some form of coordination and message exchanges between neighboring nodes in order to elect coordinators and determine sleep schedules. These protocols were designed assuming a non-adversarial trusted environment. Consequently, they are vulnerable to secu- rity attacks in which malicious nodes send spoofed or false messages to their neighbors with the goal of defeating the objectives of the protocol. Attacks on the topology maintenance protocols can be performed either by entities external to the network (out- sider attacks) or by compromised nodes (insider attacks). Insider attacks are a particularly challenging problem for sensor networks because many sensor applications involve deploying nodes in an unattended environment, thus leav- ing them vulnerable to capture and compromise by an ad- versary. Unlike outsider attacks, insider attacks cannot be prevented by authentication mechanisms since the adver- sary knows all the keying material possessed by the com- promised nodes. In this paper, we analyze the security vulnerabilities of three well-known topology maintenance protocols (PEAS, CCP, and ASCENT). We describe three types of attacks that can be launched against these protocols: sleep depriva- tion attacks that increase the energy expenditure of sensor nodes and thus reduce the lifetime of the sensor network, snooze attacks that result in inadequate sensing coverage or network connectivity, and network substitution attacks in which multiple attackers collude to take control of part of the sensor network. Further, we describe counter-measures that can be used to increase the robustness of the protocols and make them resilient to such attacks. The proposed counter-measures include authentication mechanisms that can be used to pre- vent outsider attacks and certain insider attacks (such as im- personation attacks). However, for all these protocols, we
13 citations