Anjan tech4 seminar

04/08/23 104/08/23Covert Channels in wireless networks 1

Covert Channels in Adhoc Covert Channels in Adhoc Wireless NetworksWireless Networks

Presentation By

Anjan.KIV Sem M.Tech

Dept of CSEM.S.R.I.T

[email protected]

Technical Seminar [MCSE 401S]

04/08/23 2

Pre-requisites Introduction to Paper Need For focus on Wireless Network Covertness Selective Overview of Reactive protocol – AODV

◦ On-Demand mechanism◦ Messages Types and Formats◦ Routing Table Management

Covert Operation in AODV◦ Timing the route request◦ Source sequence number in route request◦ Lifetime field in route reply◦ Destination ID field in route request

Covert Channels through Splitting Algorithms Conculsion References

04/08/23Covert Channels in wireless networks 2

04/08/23 3

Prerequisites Introduction to Paper

Basics of Adhoc wireless networks◦ Splitting Algorithms or

Collision- Resolution Procedure

◦ Routing Protocols Reactive Proactive Hybrid

Network Security MAC protocols Channel Access

Mechanism

Titled – “Covert Channels in Adhoc Wireless Network”

Authored By◦ Song Li◦ Anthony Ephremides

Published in Elsevier Journal on Adhoc Network, Apr 2009.

ACM Communication, Vol 8, Issue 2,Mar 2010.

Keywords - Ad-hoc networks, Security, Covert channel, Routing protocol, Media access control

04/08/23 3Covert Channels in wireless networks

04/08/23 4

Previous research on covert channels focuses on multilevel computer system or wired computer network.

Focus here is on covert communication in adhoc wireless network.

Covert Channels are concealed communication paths whose existence is not anticipated in design of communication systems.

In wireless network, nodes co-operate each other to accomplish many network functions like routing and channel access.

Each node is autonomous entity.

04/08/23Covert Channels in wireless

networks 4

04/08/23 5

Wireless network are susceptible to covertness during the co-operation procedure.

Focus here is on various ways to embed covertness in routing protocol initially and then to MAC algorithms.

Covert channels in such routing protocols are less susceptible to detection and elimination is unimaginable.

Identification of such activity is possible but end covert responder’s identity is not revealed.


networks 5

04/08/23 6

On-Demand Mechanism◦ Valid Routes are available only when source

needs to communicate with the some destination.◦ Valid routes are generated when source initiates

route discovery procedure by broadcasting route request message for that destination.

◦ Route reply back to source establishes an active route.

◦ Hence AODV is On-demand in nature.


networks 6

04/08/23 7

Message types as per RFC 3561◦ Route Request (RREQ)

Route to new destination is found by broadcasting RREQ from source node. This enables to determine fresh route once RREQ reaches destination node.

◦ Route Reply (RREP) RREP is unicast message sent to source node after

RREQ broadcast.◦ Route Error (RERR)

When line break in the active route is detected , RERR notify other nodes of loss of link.


networks 7

04/08/23 804/08/23Covert Channels in wireless

networks 8

Message Formats- RREQ

04/08/23 9

AODV Route Discovery InitiationRREQ Broadcast flood


networks 10

Message Formats- RREP

04/08/23 11

AODV Route Discovery CompletionRREP Unicast Propagation


networks 12

Message Formats- RERR

04/08/23 13

Route Table Entry <Destination IP address, Destination Sequence no., Hop

Count, Next Hop, List of Precursors, Lifetime, Routing Flags>

Routing Table Management◦ Each valid route is associated with life-time value◦ Life-time of valid routes is determined by the

route control packet and updated during data transmission.

◦ Routes after the life-time are invalidated route and are removed from the route table after fixed period of time.


networks 13

04/08/23 14

Covert Channels in the wired network are narrow band in nature and can transmit a covert message at low throughput.

Covert Channels in the co-operation procedure in adhoc network can pump in and out more throughput than wired network.

Four different covert channels that can be established in reactive protocols like AODV are◦ Timing the route request◦ Source Sequence number in the route request◦ Lifetime field in the route reply◦ Destination ID field in the route request

Destination ID method is the easily deployable covert channel in adhoc networks.


networks 14

04/08/23 15

Establishes covert indication type of covert communication.

Based on the timing information of successive RREQ originated by source node. Node that can distinguish can derive extra information.

Relies on the timing of RREQ for covert transmission which require source and covert information receiver node to be synchronized.

Drawback synchronization is often not possible in multi-hop adhoc wireless network.


networks 15

04/08/23 16

Two methods to convey the covert information◦ Method 1

Embed the covert information into the increments of the sequence number between successive RREQ.

Before RREQ is constructed, increase the sequence number to specific value such that increments represents the covert symbol, to be transmitted.

Drawback Easy Detection Rapid Exhaustion of size of sequence number field

◦ Method 2 Embed the Covert information in increments of sequence

number within fixed period of time. Draw back

Timing information synchronization Sequence number exhaustion


networks 16

04/08/23 17

When intermediate node construct a RREP, lifetime field is constructed based on the entry in the routing table.

Lifetime entry indicate when is last time that route was used.

Receiver can derive an extra information by looking at who recently the route was constructed.

Covert Transmitter (CT) has regularly construct RREP which means RREQ should be received regularly.

Probability that intend user misses the covert information is high as RREP is intended for route inquirer node only.


networks 17

04/08/23 18

Covert information is embedded in Destination ID field of RREQ.

It does not require covert transmitter and receiver CT & CR to be synchronized.

It is found that for network with N nodes log2(N-1) bits of covert information can be sent.

CT controls its own demand for routes other than that it compiles to AODV.

CR passively monitors the RREQ issued by CT. CT has to comply when sending the RREQ for

any destination.


networks 18

04/08/23 19

Covert transmission depends on the availability of the route to intended node.

Covert symbol is transmitted as part of broadcast RREQ destination ID.

Covert symbol i is transmitted if CT originates the route request to destination i.

There may be loss of covert symbol due to RREP being constructed by intermediate node stopping further broadcast of RREQ due expanding ring search technique.

Also that CR may not receive RREQ.


networks 19

04/08/23 20

Splitting algorithm are part of MAC protocol also referred as collision-resolution procedure (CRP).

Employed for contention-free dedicated channel access to avoid losses due to collision in the channel.

Covert information embedded in lower layer of protocol stack are difficult detect than those in the upper layers.

Idea of CP is that when collision occurs due transmission from two or more nodes.

Collided nodes are divided in smaller subset then timing based priority is used for retransmission. This period is referred to CR period.


networks 20

04/08/23 21

Splitting is accomplished by two algorithms◦ Basic Binary tree ◦ Unblocked

Covert operation is carried out by placing a information trapdoor in CRP for bitwise transmission.

CR in network passively monitors and LR pattern which is reverse of pattern sent by CT.

Covert transmission is based on different modes of operation.◦ Conservative mode◦ Aggressive mode◦ Strategic mode


networks 21

04/08/23 22

Need for focus on issues related with covert channel in wireless environment.

Need for in-depth study for re-engineering the routing protocol as well as splitting algorithm.

A strong pitch for legitimate detection methodologies to actively detect such malicious activity.

Secure form of Adhoc routing protocol should ensure the covertness avoidance.

Research on extending the elimination technique used in rudimentary wired network to adhoc network.

04/08/23 22Covert Channels in wireless

networks

04/08/23 23

[1] B.W. Lampson, A note on the confinement problem, ACM Commun. 16 (Oct) (1973)613–615.

[2] K. Ahsan, D. Kundur, Practical data hiding in TCP/IP, in: Proceedings of the Workshop on Multimedia Security at ACM Multimedia’02, French Riviera, December 2002.

[3] Steven Murdoch, Embedding Covert channel in to TCP/IP, Information Hiding Workshop, Jul 2005.

[4] Steen Wendzel, Protocol Channels, HAKIN9,Jun 2009.[5] Sarder Cabuk,Carla Brodley,Clay Sheilds, IP Covert channel Detection, ACMTransaction on Information and System Security, Vol 12, Article 22, Apr 2009.

04/08/23 23Covert Channels in wireless

networks

Technology

Anjan tech4 seminar