Slander-Resistant Attacker Isolation in Ad Hoc Networks

Speaker: Dr Qijun Gu

Time: 12:30pm-1:30pm, February 24th, 2006

Location: Neuces Conference Room

Abstract:

Our security analysis shows that current hop-by-hop authentication
protocols in multi-hop networks only partially achieve the defense goals
that they allow forwarding nodes to effectively identify and discard
injected or modified packets. However, the other important defense goal,
which has not been achieved yet, is to identify and isolate the
attackers so that they cannot inject in the future. We notice that
current authentication protocols provide evidence of injection attacks,
since injected packets will incur verification failures. Nevertheless,
the evidence may be exploited by attackers to deceive defenders. We find
that a non-injection attacker can slander any good forwarding node in a
route by modifying the authentication information carried in the
packets. In order to correctly isolate suspicious nodes, we propose a
new authentication approach. The approach not only preserve the function
to filter junk packets as in current authentication approaches, but also
help to isolate the attackers with a high probability. This approach
ensures that defenders can focus on investigating only two nodes to find
out the real attacker once failed verifications are detected