Lei Guang

Enhancing IEEE 802.11 Random Backoff in Selfish Environments

Wireless access protocols currently deployed in mobile ad hoc networks use distributed contention resolution mechanisms for sharing the wireless channel. In such an environment, selfish hosts that fail to adhere to the medium access control (MAC) protocol may obtain an unfair share of the channel bandwidth at the expense of performance degradation of well-behaved hosts. We present a novel access method, called predictable random backoff (PRB), that is capable of mitigating the misbehavior of selfish hosts, particularly hosts that deliberately do not respect the random deferment of the transmission of their packets. PRB is based on minor modifications of the IEEE 802.11 binary exponential backoff (BEB) and forces each node to generate a predictable backoff interval. The key idea is to adjust, in a predictable manner, the lower bound of the contention window to enhance the per-station fairness in selfish environments. Hosts that do not follow the operation of PRB are therefore easily detected and isolated. We present an accurate analytical model to compute the system throughput using a 3-D Markov chain. We evaluate the performance of PRB under the normal case and in the presence of selfish hosts. Our results show that PRB and BEB similarly perform in the former case. Selfish hosts, however, achieve substantially higher throughput than well-behaved hosts under BEB. PRB, on the other hand, can effectively enhance IEEE 802.11 BEB by mitigating the impacts of these MAC selfish misbehaviors and guarantee a fair share of the wireless channel for well-behaved hosts.

MAC layer misbehavior in wireless networks: challenges and solutions

IEEE 802.11 CSMA/CA has been widely deployed as the primary MAC protocol for ad hoc networks and wireless LANs. It was designed with the assumption that nodes would follow proper operation of the protocol. Nodes, however, may choose to deviate in order to either obtain an unfair share of the available bandwidth or disrupt the services of the network. Accordingly, a misbehavior rooted at the MAC layer can be classified as selfish or malicious behavior. This article surveys the research activities related to MAC layer misbehavior; based on the operating principles and the objective of misbehaving nodes, we classify MAC layer misbehavior and present descriptions for each solution. We conclude with a brief summary of the key ideas and a general direction for future work.

Modeling and analysis of predictable random backoff in selfish environments

We present Predictable Random Backoff (PRB) algorithm that is capable of mitigating the impacts of selfish hosts on well-behaved hosts in wireless local area networks (WLAN) and mobile ad hoc networks (MANETs). Here, hosts fail to follow the operation of PRB are easily detected. We present an accurate analytical model to compute the system throughput using a three-dimensional Markov chain and evaluate the performance of PRB under both normal case and selfish case. PRB and BEB (Binary Exponential Backoff) perform similarly in the former case. However, PRB can effectively mitigate the impacts of MAC selfish misbehavior and guarantee a fair share of the wireless channel for well behaved hosts.

Vulnerabilities of ad hoc network routing protocols to MAC misbehavior

In a mobile ad hoc network (MANET), adversaries could compromise network functionality by attacking the physical layer, the MAC layer, or the network layer. Significant research efforts have been made towards increasing the survivability of MANET either by developing secure routing algorithms or by improving the robustness of MAC layer protocol in the presence of selfish or compromised nodes. In addition, some recent studies have focused on quantifying the resiliency of MANET against MAC layer misbehaviors; however little work has been done on quantifying the impact of these misbehaviors on the performance of ad hoc routing protocols. In this paper, we review some of MANET link layer vulnerabilities, we study their impacts on network layer performance and compare the performance of two prominent on-demand routing protocols (AODV and DSR). We show that simple attacks on the link layer could propagate to the upper network layer and disrupt the routing mechanism, therefore causing devastating effects on the overall network performance. Although several secure ad hoc routing protocols have been proposed, none of them are resilient to MAC misbehaviors.

DREAM: A system for detection and reaction against MAC layer misbehavior in ad hoc networks

MAC layer misbehavior due to selfish or malicious reasons can significantly degrade the performance of mobile ad hoc networks. Currently, detection systems for handling selfish misbehavior has been proposed and studied. In this paper we study a new class of malicious misbehaviors that causes transmission timeout of MAC frames at either the transmitter side or the receiver side. A misbehaving node fully cooperates by forwarding packets for other nodes and completely adheres to the proper selection of backoff intervals; however, it maliciously forces the forwarding operation to fail in order to either disrupt the route discovery process or cause damage to the existing flows routed through itself. We design and implement a new detection and reaction system DREAM (a system for Detection and REAction to timeout mac layer Misbehavior) that identifies the malicious nodes through a set of monitoring and reaction procedures. Once a misbehaving node is detected, the system reacts, by adapting simple protocol parameters, to mitigate the negative effects. We describe the detection system and the different reaction procedures for different misbehaviors. We evaluate through network simulations the effectiveness of the system in detecting malicious nodes and improving the network performance.

Interlayer Attacks in Mobile Ad Hoc Networks

In this paper, we demonstrate a new class of protocol compliant exploits that initiates at the MAC layer but targets ad hoc on-demand routing mechanisms. A misbehaved node implementing this type of attacks completely follows the specifications of IEEE802.11 standard and the existing on-demand routing protocols. However, it can cause routing shortcut attacks or detour attacks. We detail the exploits against two on-demand routing protocols: AODV and DSR. We evaluate the impact of such attacks on the network performance and propose PSD (Prevention from Shortcut and Detour Attack) to mitigate their impacts.

A Self-Adaptive Detection System for MAC Misbehavior in Ad Hoc Networks

MAC layer misbehavior due to selfish or malicious reasons can significantly degrade the performance of mobile adhoc networks. Currently, detection systems for handling selfish misbehavior has been proposed and studied. In this paper we study a new class of malicious misbehaviors that causes transmission timeout of MAC frames at either the transmitter side or the receiver side. A misbehaving node fully cooperates by forwarding packets for other nodes and completely adheres to the proper selection of backoff intervals; however, it maliciously forces the forwarding operation to fail in order to either disrupt the route discovery process or cause damage to the existing flows routed through itself. We design and implement a new detection system that identifies the malicious nodes through a set of monitoring and reaction procedures. Once a misbehaving node is detected, the system reacts, by adapting simple protocol parameters, to mitigate the negative effects. We describe the detection system and the different reaction procedures for different misbehaviors. We evaluate through network simulation the effectiveness of the system in detecting malicious nodes and improving the network performance.

On the resiliency of mobile ad hoc networks to MAC layer misbehavior

This paper describes a new vulnerability for the IEEE 802.11 protocol and studies its impact on degrading the performance of ad hoc networks. A host that exploits this new simple, but practical, vulnerability could cause devastating effects on the proper operation of the network protocols and hence severe performance degradation. Here, a misbehaving node fully cooperates by forwarding packets for other nodes and completely adheres to the proper selection of backoff intervals; however, it maliciously forces the forwarding operation to fail in order to either disrupt the route discovery process or to cause damage to existing flows routed though that node. As a result, the medium around the misbehaving node will be less congested and hence the node will obtain an increased unfair access to the channel. We use network simulations to show that such malicious misbehaviors have devastating effect on demoting the network performance and disrupting the protocol functioning. Hence, necessary extensions for existing detection systems are required to mitigate the effects of these new vulnerabilities.

A Confident Community to Secure Mobile Ad Hoc Networks

Providing a security solution for mobile ad-hoc networks (MANETs) is not an easy task. This is due to the unique characteristics of MANETs, such as the lack of a pre- existent infrastructure, the dynamic topology of the network, the non-existence of a control authority and the constraints of device resources. In this paper, we introduce the monitoring and cluster manager modules to improve our distributed hierarchical architecture. Moreover, we study the concept of dynamic demilitarized zone (DDMZ) defined in our hierarchical architecture to avoid a single point of failure in MANETs. The DDMZ is formed by the dispensable nodes which belong to the confident community. The confident community is formed by sets of confident nodes which have high trust levels and collaborate with each other to ensure secure services. We propose a probabilistic model to define the direct connectivity between confident nodes in order to study the resistance degree of DDMZ against different attacks. Furthermore, we estimate the robustness and the availability of DDMZ and we also analyze the effects of direct connectivity and transmission range on the stability and security of the network.

Cross-Layer Cooperation to Handle MAC Misbehavior in Ad Hoc Networks

Security in mobile ad hoc networks (MANET) presents new challenges due to the lack of centralized control policy. Prior research in securing ad hoc networks has generally focused on securing ad hoc routing and medium access control separately. The consideration of handling node misbehavior via cross-layer cooperation, however, has not been fully addressed. In this paper, we propose a detailed system framework illustrating the secure cross-layer design in MANET. We focus on the cross-layer interaction between routing layer and MAC layer. These two layers work together to facilitate detection and reaction of node MAC misbehavior in the ad hoc networks. Existing methods are efficient to detect MAC misbehaviors, but it is more critical to react to these misbehaviors after correct diagnosis. We illustrate how to build a trust list based on the detection information obtained at MAC layer according to different MAC misbehavior. By utilizing this list, the routing layer can select trust-weighted route rather than the shortest one. Furthermore, several enhancement schemes for routing and MAC are presented to mitigate MAC layer misbehavior