TY - GEN
T1 - Detection of malicious packet dropping in wireless ad hoc networks based on privacy-preserving public auditing
AU - Shu, Tao
AU - Krunz, Marwan
PY - 2012
Y1 - 2012
N2 - In a multi-hop wireless ad hoc network, packet losses are attributed to harsh channel conditions and intentional packet discard by malicious nodes. In this paper, while observing a sequence of packet losses, we are interested in determining whether losses are due to link errors only, or due to the combined efiect of link errors and malicious drop. We are especially interested in insider's attacks, whereby a malicious node that is part of the route exploits its knowledge of the communication context to selectively drop a small number of packets that are critical to network performance. Because the packet dropping rate in this case is comparable to the channel error rate, conventional algorithms that are based on detecting the packet loss rate cannot achieve satisfactory detection accuracy. To improve the detection accuracy, we propose to exploit the correlations between lost packets. Furthermore, to ensure truthful calculation of these correlations, we develop a homomorphic linear authenticator (HLA) based public auditing architecture that allows the detector to verify the truthfulness of the packet loss information reported by nodes. This architecture is privacy preserving, collusion proof, and incurs low communication and storage overheads. Through extensive simulations, we verify that the proposed mechanism achieves significantly better detection accuracy than conventional methods such as a maximum-likelihood based detection.
AB - In a multi-hop wireless ad hoc network, packet losses are attributed to harsh channel conditions and intentional packet discard by malicious nodes. In this paper, while observing a sequence of packet losses, we are interested in determining whether losses are due to link errors only, or due to the combined efiect of link errors and malicious drop. We are especially interested in insider's attacks, whereby a malicious node that is part of the route exploits its knowledge of the communication context to selectively drop a small number of packets that are critical to network performance. Because the packet dropping rate in this case is comparable to the channel error rate, conventional algorithms that are based on detecting the packet loss rate cannot achieve satisfactory detection accuracy. To improve the detection accuracy, we propose to exploit the correlations between lost packets. Furthermore, to ensure truthful calculation of these correlations, we develop a homomorphic linear authenticator (HLA) based public auditing architecture that allows the detector to verify the truthfulness of the packet loss information reported by nodes. This architecture is privacy preserving, collusion proof, and incurs low communication and storage overheads. Through extensive simulations, we verify that the proposed mechanism achieves significantly better detection accuracy than conventional methods such as a maximum-likelihood based detection.
KW - Denial-of-service
KW - Homomorphic linear authentication
KW - Malicious user detection
KW - Security
KW - Wireless ad hoc networks
UR - http://www.scopus.com/inward/record.url?scp=84860678494&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84860678494&partnerID=8YFLogxK
U2 - 10.1145/2185448.2185460
DO - 10.1145/2185448.2185460
M3 - Conference contribution
AN - SCOPUS:84860678494
SN - 9781450312653
T3 - WiSec'12 - Proceedings of the 5th ACM Conference on Security and Privacy in Wireless and Mobile Networks
SP - 87
EP - 98
BT - WiSec'12 - Proceedings of the 5th ACM Conference on Security and Privacy in Wireless and Mobile Networks
T2 - 5th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec'12
Y2 - 16 April 2012 through 18 April 2012
ER -