Upload
duongmien
View
215
Download
0
Embed Size (px)
Citation preview
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Integration du raisonnement sur la confiance pourla securite de OLSR
Asmaa Adnane 1, Christophe Bidan 1 and Ludovic Me1, Rafaelde Sousa 2
1Supelec, SSIR team (EA 4039) ,2University of Brasılia - LabRedes, supported by CNPq - Brazil
14th October 2008
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Plan
1 Introduction
2 Trust-Based Reasoning for OLSR
3 Simulation and results - Example
4 Conclusions and future works
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Introduction
Ad hoc route discovery and maintenance introduce specificsecurity problems for routing protocols to prevent, detect orrespond.
Solutions to secure these routing protocols using somecentralized units or trusted third-parties actually constrain theself-organization of ad hoc networks.
For OLSR, we propose the integration of trust reasonings intoeach node behavior, so as to allow a self-organized trust-basedcontrol to help nodes to detect misbehavior attacks.
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Notion of trust
The fact that an entity A trusts an entity B in some respectmeans that:
A believes that B will behave in a certain way and performsome action in certain specific circumstances.A actually believes that B has the potential to carry out therelated tasks competently and honestly.
Different types/classes of trust depending onaction/circumstance.
Direct and derived (by means of recommendations) trustrelationships.
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Trust specification language [2]
A trusts B with respect to (doing) the action cc :
A trustscc(B)
A trusts the recommendations of entity B about the capacityof other entities to perform action cc :
A trusts.reccc (B) when.path[S ] when.target[R]
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Characteristics of the OLSR protocol (1/2)
Flooding routing OLSR routing
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Characteristics of the OLSR protocol (2/2)
Proactive link-state routing protocol, with a floodingmechanism to diffuse link state information.
Multi-point relays (MPRs) are selected nodes that forwardmessages during the flooding process.
HELLO messages:
Sent periodically by a node to advertise its links.Allow a node to establish its view of the 2-hop neighborhood,then MPR selection.
TC messages:
Convey the topological information necessary for computingroutes.Periodically broadcast by MPRs advertising link state tosymmetric neighbors.
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Notations
MANET : the set of the whole MANET nodes.
LSx : Link Set.
NSx : Neighbor Set.
2HNSx : 2-Hop Neighbor Set.
MPRSx : MPR Set (MPRx ⊆ NSx).
MPRSSx : MPR Selection Set.
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Validation process
Validation of basic belief.
Validation of MPR selection:
Validation of local view.Validation of neighbors view.
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Validation of basic belief (1/2)
In [3] authors present intrinsic properties of the protocol regardingthe expected correct behavior in message processing and routingorganization.
TCY ⊆ HELLOY
X ∈ TCY ⇒ Y ∈ MPRSX
TCY = (TCY )Z
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Validation of basic belief (2/2)
In term of trust :
HELLO and TC message of any neighbor must be consistent:
XHELLOY←− Y ,X
TCY←− Y ,TCY * NSY ⇒ X¬trusts(Y )
Received TC must be consistent with local MPR selection:
XTCY←− ∗, X ∈ TCY , Y /∈ MPRSX ⇒ X¬trusts(Y )
TC messages can not be modified before forwarding:
XTCY←− Y , ∃m ∈ MPRSY , TCY 6= (TCY )m
⇒ X¬trusts(Y , m)
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Validation of MPR selection
MPR Selection is a critical operation as it provides each node theaccess to the network. In our approach, after the MPR Selectioneach node should verify the two following points:
1 the nodes selected as MPR must behave correctly regardingthe operations of broadcasting TC messages and forwardingTC messages and data packets originated by MPR selectors;
2 the local choices of MPRs by a node must be in accordance toglobal topology information received by this node.
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Validation of the local view
Consistency of the symmetric link:
XHELLOY← Y ,X
HELLOZ← Z ,Z ∈ NSY ⇒ Y ∈ NSZ
In term of trust :
Figure: False link advertised by Y or Z
XHELLOY← Y ,X
HELLOZ← Z , (Z ∈ NSY ,Y /∈ NSZ )or (Y ∈ NSZ ,Z /∈ NSY )⇒ X¬trusts(Y ,Z )
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Supervising MPR behavior
MPR selection leads to the following expression :
∀ Y ∈ MPRSX : X trustsfw (Y )
this trust relation is broken in the following situation :
Checking TC message generation:
Y ∈ MPRSX , (XTC8 Y ) or (X
TC← Y ,X /∈ TCY )⇒ X¬trusts(Y )
Checking data packet and TC message forwarding:
Y ∈ MPRSX , (XTCX→ ∗,X TC8 Y ) or (X
DATA→ ∗,X DATAX8 Y )⇒ X¬trusts(Y )
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Validation of neighbor view (1/4)
If A,B ∈ NSX and NSA = NSB , then a common neighbor ofA and B must not select both of them as MPRs:
NSA = NSB ⇒ MPRSSA ∩MPRSSB = ∅
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Validation of neighbor view (2/4)
If A,B ∈ NSX and NSB ⊂ NSA, then B should not beselected as MPR, all its neighbors will select A as MPR, so Bshould not generate a TC message:
NSB ⊂ NSA ⇒ MPRSSB = ∅
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Validation of neighbor view (3/4)
If 2 neighbors, X and Y , have the same neighbors (NS), theyshould also select the same MPRs:
NSX − {Y } = NSY − {X} ⇒ MPRSX = MPRSY or
∀Z ∈ MPRSX , ∃W ∈ MPRSY : NSZ = NSW
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Validation of neighbor view (4/4)
In term of trust :
XHELLOA← A,X
HELLOB← B,NSA ⊆ NSB ,∃Z ∈ TCA ∩ TCB ⇒ X¬trusts(A,B,Z )
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Implementation
GlomoSim Simulator and the OLSR patch developed by theNiigata University .
Several attack scenario:1 Attack 1: the attacker advertises wrong links information to be
selected as the only MPR by target nodes in order to controlits messages.
2 Attack 2: The attacker does not advertise that it has beenselected as MPR by another nodes.
3 Attack 3: The attacker selected as MPR will not broadcastpackets of target nodes.
In the following, we discuss only results with 100 nodes usingthe first attack scenario.
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Detection rate regarding only the concerned nodes bythe attack
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Figure: Network example: A is the attacker, T is the Target
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Scenario of the attack(1/2)
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Scenario of the attack(2/2)
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Detection of the attack(1/5): Set of concerned nodes
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Detection of the attack(2/5): The target
Inconsistencies between (HELLOA, HELLON7, HELLON8), (TCA,
HELLON7, HELLON8) and (NSA, NSN2, NSN20):
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Detection of the attack(3/5): The faulty links
Inconsistencies between HELLOA, TCA and (NSX , X ∈ {7, 8, 9, 21, 22}):
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Detection of the attack(4/5):The neighbors of faulty links
Inconsistencies between (TCA, NS7, NS8, NS9) and (TCA, NS21, NS22):
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Detection of the attack(5/5): common neighbors
Inconsistencies between (NSA, NSN2, NSN20):
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Conclusions and future works
Conclusions
Identification of trust-related properties .
Each node is enabled to mistrust misbehaving nodes bycorrelation of received messages and deductions using thetrust rules.
MPR selection can be validated by exploiting trust propertiesand relations.
The simulation using attack scenarios shows the effectivenessof using mistrust to detect some known attacks against OLSR.
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Conclusions/future works
Past (Future works) :-) !
Trust-based reasoning in OLSR nodes can also be useful forrouting table validation,
Trust management module for OLSR without modifying theprotocol.
Measure the impact of trust-based reasoning on the protocol,not only to detect attacks, but to react and take measures tocounter them, while preserving the auto-organization of the adhoc environment.
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
Bibliography
Clausen T, Jacquet P (2003) IETF RFC-3626: Optimized LinkState Routing Protocol OLSR.
Yahalom R, Klein B, Beth T (1993) Trust Relationships inSecure Systems - A Distributed Authentication Perspective. In:SP’93: Proceedings of the 1993 IEEE Symposium on Securityand Privacy. IEEE Computer Society, Washington, USA.
M. Wang and L. Lamont and P Mason and M. Gorlatova(2005) : An Effective Intrusion Detection Approach for OLSRMANET Protocol. In the first Workshop on Secure NetworkProtocols (NPSec). Boston, Massachusetts, USA.
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR
Introduction Trust-Based Reasoning for OLSR Simulation and results - Example Conclusions and future works
This is the end ...
Integration du raisonnement sur la confiance pour lasecurite de OLSR
Questions and remarks ?
A. Adnane, C. Bidan, L. Me, R. de Sousa
Integration du raisonnement sur la confiance pour la securite de OLSR