Edith C.H. Ngai and Michael R. Lyu

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks:

Description and Security Evaluation

Edith C.H. Ngai and Michael R. Lyu

Department of Computer Science and EngineeringThe Chinese University of Hong Kong

5 Jun 2006The IEEE International Conference on Sensor Networks, Ubiquitou

s, and Trustworthy Computing (SUTC 2006)

Dept. of Computer Science & Engineering, CUHK 2

Outline

Introduction Related Work Architecture and Models Trust- and Clustering-Based

Authentication Service Simulation Results Conclusion


Mobile Ad Hoc Network An ad-hoc network (of wireless nodes) is a

temporarily formed network, created, operated and managed by the nodes themselves.

It is also often termed an infrastructure-less, self-organized, or spontaneous network.


Mobile Ad Hoc Network

Connected with wireless communication Dynamic Topology Nodes are often mobile Vulnerable to security attacks Applications

– Military: for tactical communications– Rescue missions : in times of natural disaster– Commercial use: for sales presentations or

meetings


Vulnerabilities

Security in wireless ad hoc network is hard to achieve due to the vulnerabilities of its links, limited physical protection, and the absence of centralized management point

Unlike conventional networks, nodes of ad hoc networks cannot be secured in locked cabinets

Risk in being captured and compromised Wireless communications are vulnerable to

eavesdropping and active interference


Security Mechanisms Popular network authentication architecture

include X. 509 standard and Kerberos systems Pretty Good Privacy (PGP) functions by

following a web-of-trust model and using digital signatures

Authentication service establishes the valid identities of communicating nodes

In reality, a node may turn from trustworthy to malicious under a sudden attack

We provide a secure authentication service that can defend against malicious nodes


Related Work

Partially-distributed certificate authority by Zhou and Hass

Mobile Certificate Authority (MOCA) by Yi and Kravets

Fully-distributed certificate authority by Kong et. al.


Related Work

Pretty Good Privacy (PGP) – following a web-of-trust authentication model

Self-issued certificates by Hubaux et. al.– distribute certificates by users themselves without

the involvement of any certificate authority


Our Work

Propose a secure public key authentication service in mobile ad hoc networks with malicious nodes

Prevent nodes from obtaining false public keys of the others

Engage a network model and a trust model Design security operations including public

key certification, identification of malicious nodes, and trust value update


Trust- and Clustering-Based Authentication Service Architecture


The Network Model Clustering-based network model obtains a

hierarchical organization of a network Limit direct monitoring capability to

neighboring nodes Allow monitoring work

to proceed more naturally Improve network security


The Trust Model

This model uses digital signatures as its form of introduction. Any node signs another's public key with its own private key to establish a web of trust

Define the authentication metric as a continuous value between 0.0 and 1.0

Define a direct trust relationship as the trust relationship between two nodes in the same group and a recommendation trust as the trust relationship between nodes of different groups.


Clustering Structure Maintenance Maintain a balanced clustering structure for

supporting our trust model and security operations

Adapt to the mobility of nodes Handle leave and join of nodes from one

cluster to another Each node requests for the cluster ID of its

neighboring nodes periodically In each cycle, a node collects this information

and updates its cluster ID


Clustering Structure Maintenance

A node joins the neighbouring cluster with minimum size only if it leaves the original cluster or the sizes of the neighbouring clusters are not within a certain range


Evolution of Cluster Size

Cluster Size to Round in Approach 3

0

10

20

30

40

0 1 2 3 4 5 10 15 20 25 30 35

No. of Round

No.

of n

odes cluster 14

cluster 19

cluster 27

cluster 30

It keeps balance cluster sizes


Authentication Service1. Public key

certification2. Identification of

malicious nodes3. Trust value

update

Selects a number of trustable nodes as introducers

Sends out request messages to introducers

Collects and compares all the public key certificates received

Selects the public key of t with majority votes

Discovers malicious introducer?

Isolates malicious introducer

Calculates trust value of t

Updates trust table


Public Key Certification Authentication in our network relies on the public key

certificates signed by some trust-worthy nodes Nodes in the same group always know each other

better by means of their monitoring components and their short distances

Every node is able to request for the public key certificates of other new nodes

Nodes in the same cluster are assumed to know each other by means of their mutual monitoring components


Public Key Certification We focus on public

key certification, where s and t belong to different groups

Nodes, which are in the same cluster as t and have already built up a trust relationship with s, can be introducers


Public Key Certification

Send request to neighbors if target node in same cluster

Send request to introducers if target node in different cluster


Identification of Malicious Nodes

Identify malicious neighboring nodes by monitoring their behaviors

Identify introducers who provide public key certificates different from the others

Identify a target node as malicious if the trust values provided from the introducers indicate that


Trust Value Update


Parameters Setting Network simulator

Glomosim Evaluate the effecti

veness in providing secure public key authentication in the presence of malicious nodes


Simulation Metrics Successful

rate Fail rate Unreachable

rate False-positive

error rate False-negative

error rate

Possible Cases with 3 Introducers


Effectiveness of Neighbor Monitoring

Rates to No. of Cycles with n=40, r=100, (left) m=0.3 (right) m=0.7


Isolation of Malicious Nodes

Rates to No. of Cycles with n=40, r=100, and Isolation of Suspicious Nodes in Cases 2,3,4,6,7 (left) m=0.3 (right) m=0.7

ID Cases0 Not enough

Introducers 1 OOO2 OOX3 OXX4 XXX5 OO6 OX7 XX8 O9 X10 No Reply


Isolation of Malicious Nodes

Rates to No. of Cycles with n=40, r=100, and Isolation of Suspicious Nodes in Cases 2,4,7

(left) m=0.3 (right) m=0.7

ID Cases0 Not enough

Introducers 1 OOO2 OOX3 OXX4 XXX5 OO6 OX7 XX8 O9 X10 No Reply


Conclusions We developed a trust- and clustering-based public key

authentication mechanism We defined a clustering-based network model with a

balanced structure and a trust model that allows nodes to monitor and rate each other with quantitative trust values

The authentication protocol proposed involves new security operations on public key certification, update of trust table, discovery and isolation of malicious nodes

We conducted security evaluation to demonstrate the effectiveness of our solution

Edith C.H. Ngai and Michael R. Lyu

Documents

Transcript of Edith C.H. Ngai and Michael R. Lyu