2
BRAVO: A Black-hole Resilient Ad-hoc on demand distance Vector rOuting for tactical communications Ermanno Guardo, Giacomo Morabito DIEEI – University of Catania V.le A. Doria 6 – 95125 Catania Italy Girolamo Catania, Agatino Mursia Selex ES SPA Network and Comm. Simulators Eng. V. A. Agosta - 95121 Italy Ferdinando Battiati SCUTI - Esercito Italiano Via dei Genieri 287 – Città Militare della Cecchignola Italy Abstract —Mobile Ad Hoc Networks (MANET) are widely used in tactical scenarios because they can be deployed rapidly in hostile areas and the distributed nature of their operations makes them robust to nodes failures. However, distributed control involves new vulnerabilities that might be critical in electronic warfare scenarios. In this paper we focus on black hole attacks which introduce in the network fake routing information. On the consequence of the above information, the malicious node enters in the end-to-end path of most communication sessions and discards all received packets. In this paper a solution, named BRAVO is proposed, that exploits a mechanism based on credits allowing nodes to estimate the trustworthiness of neighboring nodes. Simulation results demonstrate that in most scenarios BRAVO is robust to black hole attacks. I. Introduction In recent years the concept of network-centric warfare is gaining ground rapidly; in fact, it is commonly accepted that achieving awareness about the current situation is critical in tactical operations. As a result, the communication network is now considered a major tactical asset in military operations. Tactical scenarios are characterized by the absence (or unreliability and untrustworthiness of network infrastructure) and the need of a rapid deployment and start up of the communication solutions. The paradigm which satisfies the above requirement is mobile ad hoc networking (MANET). In MANET communication nodes are both the terminals and the routers of the network. in fact, MANETs are based on the wireless multihop communication paradigm: if the source and destination nodes are not directly connected to each other, data packets will find a path traversing other nodes relaying them towards the destination. Accordingly, MANETs are vulnerable to all security issues typical of wireless communication systems. Furthermore, new security problems arise due to the distributed and cooperative nature of routing. In fact, a malicious node can introduce in the network fake routing information so as to attract most of the network traffic. In this paper we will focus on black hole attacks on the consequence of which most data paths will include the malicious node, this will drop the packets instead of relaying them. Accordingly, black-hole attacks can be classified as denial of service attacks. To guarantee resilience to black hole attacks we propose the Black-hole Resilient Ad-hoc on demand distance Vector rOuting (BRAVO) protocol. BRAVO is an extension of the AODV protocol according to which nodes assign credits to their neighboring nodes. Credits are a measure of the trustworthiness of a node as relay. Therefore credits are reduced when the node is appointed for the relaying of a certain amount of packets and is increased when there are hints that the node has behaved as expected. Performance of BRAVO will be assessed through OPNET simulations. II. Black Hole Attacks The Black Hole Attack is one of the most critical Denial of Service attacks in MANETs [2]. It takes place at the network level and exploits the routing mechanisms of AODV. The Black Hole Attack interferes with the AODV mechanism to attract large amount of traffic towards the malicious node which will drop it instead of forwarding it. Accordingly Black Hole Attack consists two phases. Phase 1: The malicious node introduces false routing information to attract traffic. Phase 2: The malicious node drops packets instead of forwarding them. As shown in figure 1, during the route discovery, upon reception of a RREQ message, the attacker M responds with a RREP message in which the destination sequence number is set to a very high value and the hop count is falsified (it is set to a very small value). In this way the source S believes that until recently there have been evidences of a convenient path towards D passing through M. Figure 1: Black Hole Attack example. This work was partially supported by TeleDife under contract “Cyber Security Simulation Environemt (CSSE)”. 2014 IEEE International Black Sea Conference on Communications and Networking (BlackSeaCom) 978-1-4799-4067-7/14/$31.00 ©2014 IEEE 127

[IEEE 2014 IEEE International Black Sea Conference on Communications and Networking (BlackSeaCom) - Odessa, Ukraine (2014.5.27-2014.5.30)] 2014 IEEE International Black Sea Conference

Embed Size (px)

Citation preview

Page 1: [IEEE 2014 IEEE International Black Sea Conference on Communications and Networking (BlackSeaCom) - Odessa, Ukraine (2014.5.27-2014.5.30)] 2014 IEEE International Black Sea Conference

BRAVO: A Black-hole Resilient Ad-hoc on demand distance Vector rOuting for tactical communications

Ermanno Guardo, Giacomo Morabito DIEEI – University of Catania

V.le A. Doria 6 – 95125 Catania Italy

Girolamo Catania, Agatino Mursia Selex ES SPA

Network and Comm. Simulators Eng. V. A. Agosta - 95121

Italy

Ferdinando Battiati SCUTI - Esercito Italiano

Via dei Genieri 287 – Città Militare della Cecchignola

Italy

Abstract —Mobile Ad Hoc Networks (MANET) are widely used in tactical scenarios because they can be deployed rapidly in hostile areas and the distributed nature of their operations makes them robust to nodes failures. However, distributed control involves new vulnerabilities that might be critical in electronic warfare scenarios. In this paper we focus on black hole attacks which introduce in the network fake routing information. On the consequence of the above information, the malicious node enters in the end-to-end path of most communication sessions and discards all received packets. In this paper a solution, named BRAVO is proposed, that exploits a mechanism based on credits allowing nodes to estimate the trustworthiness of neighboring nodes. Simulation results demonstrate that in most scenarios BRAVO is robust to black hole attacks.

I. Introduction  In recent years the concept of network-centric warfare is gaining ground rapidly; in fact, it is commonly accepted that achieving awareness about the current situation is critical in tactical operations. As a result, the communication network is now considered a major tactical asset in military operations. Tactical scenarios are characterized by the absence (or unreliability and untrustworthiness of network infrastructure) and the need of a rapid deployment and start up of the communication solutions. The paradigm which satisfies the above requirement is mobile ad hoc networking (MANET). In MANET communication nodes are both the terminals and the routers of the network. in fact, MANETs are based on the wireless multihop communication paradigm: if the source and destination nodes are not directly connected to each other, data packets will find a path traversing other nodes relaying them towards the destination. Accordingly, MANETs are vulnerable to all security issues typical of wireless communication systems. Furthermore, new security problems arise due to the distributed and cooperative nature of routing. In fact, a malicious node can introduce in the network fake routing information so as to attract most of the network traffic. In this paper we will focus on black hole attacks on the consequence of which most data paths will include the malicious node, this will drop the packets instead of relaying them. Accordingly, black-hole attacks can be classified as denial of service attacks. To guarantee resilience to black hole

attacks we propose the Black-hole Resilient Ad-hoc on demand distance Vector rOuting (BRAVO) protocol. BRAVO is an extension of the AODV protocol according to which nodes assign credits to their neighboring nodes. Credits are a measure of the trustworthiness of a node as relay. Therefore credits are reduced when the node is appointed for the relaying of a certain amount of packets and is increased when there are hints that the node has behaved as expected. Performance of BRAVO will be assessed through OPNET simulations.

II. Black  Hole  Attacks  The Black Hole Attack is one of the most critical Denial of Service attacks in MANETs [2]. It takes place at the network level and exploits the routing mechanisms of AODV. The Black Hole Attack interferes with the AODV mechanism to attract large amount of traffic towards the malicious node which will drop it instead of forwarding it. Accordingly Black Hole Attack consists two phases.

• Phase 1: The malicious node introduces false routing information to attract traffic.

• Phase 2: The malicious node drops packets instead of forwarding them.

As shown in figure 1, during the route discovery, upon reception of a RREQ message, the attacker M responds with a RREP message in which the destination sequence number is set to a very high value and the hop count is falsified (it is set to a very small value). In this way the source S believes that until recently there have been evidences of a convenient path towards D passing through M.

Figure 1: Black Hole Attack example.

This work was partially supported by TeleDife under contract “Cyber Security Simulation Environemt (CSSE)”.

2014 IEEE International Black Sea Conference on Communications and Networking (BlackSeaCom)

978-1-4799-4067-7/14/$31.00 ©2014 IEEE 127

Page 2: [IEEE 2014 IEEE International Black Sea Conference on Communications and Networking (BlackSeaCom) - Odessa, Ukraine (2014.5.27-2014.5.30)] 2014 IEEE International Black Sea Conference

III. BRAVO  The changes to the AODV protocol introduced by BRAVO mainly concern the Route Table, to which two new fields, that is, <Credit> and <Counter> are added. The Credit field is an integer value and indicates the level of trust that each node has respect to the next hop. The Credit for each entry is initialized to the value: K*Hop Count, where K is a constant. Each node modifies the value of Credit assigned to the next hop towards the destination as follows:

• Credit Decrement: a local variable “Counter” is initially set to zero and stored in the corresponding field of the Route Table. Each time a packet is transmitted towards the destination, the variable Counter is increased by one. When Counter reaches the value N, the number of credits is reduced by one and Counter is set to zero.

• Credit Increment: Upon receiving a packet from a given node R, a node reads what is the source, S, of the packet in the header. Then it controls whether there is an entry in its Route Table related to S (considered as destination). If this is the case, it controls whether R is the next hop towards S. If so the paths passing through R towards S is trustworthy. Therefore, it increments the value of the credits by C.

In this way, if the malicious node is in the selected path, the packets will not reach the destination and the application at the destination will not respond. Accordingly, the number of credits assigned by each node to the next hop in the path will decrease. When the credit of a host reaches value 0, the specific node will be labeled as a Malicious Node and the other nodes will discard all routing messages from it, so as to isolate the malicious node from the network. An example of BRAVO operations is shown in figure 2.

Figure 2: The source S selects A as next hop towards the destination D.

Usage of a mechanism based on credits to face black hole attacks has been already proposed in [4]. However, differently from the BRAVO case, the solution proposed in [4] requires end-to-end ACKs to be exchanged. Such acknowledgement mechanism is not implemented in most application scenarios.

IV. Performance  assessment  BRAVO has been assessed through Opnet simulations. To this purpose specific software Opnet models have been implemented for both Black Hole attackers and BRAVO

nodes. The considered scenario consists of a network of 23 nodes in which a pair of nodes is running a videoconference, while a malicious node performs the black hole attack. In figure 3 we provide the average goodput versus time. Three curves are show in the plot:

• The Green Curve has been obtained assuming that no attacks occur.

• The Red Curve has been obtained assuming that Black Hole Attack is ongoing and nodes implement standard AODV.

• The Blue Curve has been obtained assuming that Black Hole Attack is ongoing and nodes implement BRAVO

Figure 3: Goodput vs. time. Note that the effect of the BRAVO protocol is remarkable. In fact, it achieves performance measures very close to those obtained in absence of attacks, and the difference with the curve showing the result with Black Hole attack is very obvious. In this case, a Black Hole node is able to reduce the goodput of the entire network of about 40%.

V. Conclusions  In this paper we have introduce BRAVO which is an extension of AODV which makes the network resilient to Black Hole Attacks. We are currently analyzing the optimal settings of the BRAVO parameters depending on the specific application scenario.

References  [1] C. Perkins, E. Belding-Royer, S. Das. Ad hoc On-Demand Distance Vector (AODV) Routing - RFC 3561 July 2003 [2] Mohammad Al-Shurman and Seong-Moo Yoo. Black Hole Attack in Mobile Ad Hoc Networks. ACM SE 2004. [3] Abhay Kumar Rai, Rajiv Ranjan Tewari, Saurabh Kant Upadhyay. Different types of attacks on integrated MANET-Internet Communication. [4] Watchara Saetang 1 and Sakuna Charoenpanyasak. CAODV Free Blackhole Attack in Ad Hoc Networks. CNCS 2012. [5] S. H. H. N. Ghazani, J. J. Lotf and R. M. Alguliev, “A New Survey of Routing Algorithm in Ad Hoc Networks,” 2nd Int. Conf. on Computer Engineering and Technology, vol. 3, pp. 684-688, 2010.

2014 IEEE International Black Sea Conference on Communications and Networking (BlackSeaCom)

128