Wireless networks may be the way of the future, but their security is no sure thing. This was the message conveyed by participants of the "Attacks on and Security Measures for Ad Hoc Wireless Networks" panel, on Saturday, February 19.
The panel, part of the American Association for the Advancement of Science, was moderated by Stevens computer science professor Susanne Wetzel and dealt with the security of ad hoc wireless networks.
An ad hoc network is one where every device forwards traffic for every other; unlike traditional networks, ad hoc networks become more efficient as more nodes are added. This type of network is most common with small mobile devices.
In addition to Professor Wetzel, there were four other members on the panel: Markus Jakobsson and XiaoFeng Wang, both from Indiana University, Panos Papadimitratos from Virginia Tech, and Adrian Perrig from Carnegie Mellon University.
Professor Wetzel started things off, explaining the basics of ad hoc networks, as well as their advantages and disadvantages compared to traditional client/server networks. She described ad hoc networks as a "double-edged sword," due to the new opportunities and new challenges these networks bring.
From there, the topics centered mostly on the various types of attacks that could be made on these networks as well as steps that could be taken to prevent them. Jakobsson focused mostly on stealth attacks, where a malicious node interferes with or intercepts network traffic without exposing itself. He noted the use of cryptography as a potential problem for ad hoc networks, as the processing power required for cryptographic operations can help in denial of service attacks against mobile devices.
The most dangerous stealth attack is a "man in the middle" attack, where a malicious node listens to and potentially changes messages that pass through it. A node operating in this manner can gain access to sensitive information being transmitted across the network, and is similar to a "phishing" attack.
Wang focused on using game theory to improve cooperation between nodes on and security of ad hoc networks. The idea is that by "rewarding" nodes that follow the rules, and establishing a reputation system for devices, malicious nodes will be gradually edged out of the network.
Papadimitratos noted that attacker nodes will seek to "hit when it hurts," by establishing themselves as reliable nodes and then dropping or intercepting potentially sensitive network traffic. He proposed a system, which breaks messages into redundant parts and sending them through different routes.
He noted that if 50 percent of a network consisted of attacker nodes, and no system of redundancy were in place, only 35 percent of traffic would reach its intended destination without resending. With his system, however, this number increases to 93 percent. This has the disadvantage of requiring more transmissions, but "bandwidth is the price we need to pay for security," commented Papadimitratos.
Perrig sought to secure the routing protocols of a network, preventing an attacker node from halting a network by attracting all the traffic. He broke down attacks into two classes, those by external attackers, who do not have access to any of the network's encryption keys, and internal attackers, who do. Stopping external attackers is a simple matter of authenticating it to the network; this would not work for an internal attacker. An internal attacker could bring down a network by claiming to be the quickest route to all other nodes; this would cause nearly all traffic to be sent to that node, which would not forward it. Perrig's solution would make it impossible for a node to hide its true distance from other nodes.
The talks were followed by a question and answer session, where Perrig explained that much of the focus has been on securing routing and messages, and not on the physical security of the network. This is because the frequencies can be jammed, and no security solution is going to be able to overcome that.
Jakobsson noted that the other attacks, particularly "man in the middle" attacks, pose a greater risk than jamming. Since jamming is an obvious attack, it can be easily observed, as opposed to the silent interception or alteration of traffic, which is stealthier and can also result in information being compromised.
Securing ad hoc wireless networks is one of the research areas for WiNSeC, the Wireless Network Security Center, in the Lieb building here at Stevens. It is also one of Professor Wetzel's research aims.