TY - GEN
T1 - Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols
AU - Hu, Yih Chun
AU - Perrig, Adrian
AU - Johnson, David B.
PY - 2003
Y1 - 2003
N2 - In an ad hoc network, mobile computers (or nodes) cooperate to forward packets for each other, allowing nodes to communicate beyond their direct wireless transmission range. Many proposed routing protocols for ad hoc networks operate in an on-demand fashion, as on-demand routing protocols have been shown to often have lower overhead and faster reaction time than other types of routing based on periodic (proactive) mechanisms. Significant attention recently has been devoted to developing secure routing protocols for ad hoc networks, including a number of secure on-demand routing protocols, that defend against a variety of possible attacks on network routing. In this paper, we present the rushing attack, a new attack that results in denial-of-service when used against all previous on-demand ad hoc network routing protocols. For example, DSR, AODV, and secure protocols based on them, such as Ariadne, ARAN, and SAODV, are unable to discover routes longer than two hops when subject to this attack. This attack is also particularly damaging because it can be performed by a relatively weak attacker. We analyze why previous protocols fail under this attack. We then develop Rushing Attack Prevention (RAP), a generic defense against the rushing attack for on-demand protocols. RAP incurs no cost unless the underlying protocol fails to find a working route, and it provides provable security properties even against the strongest rushing attackers.
AB - In an ad hoc network, mobile computers (or nodes) cooperate to forward packets for each other, allowing nodes to communicate beyond their direct wireless transmission range. Many proposed routing protocols for ad hoc networks operate in an on-demand fashion, as on-demand routing protocols have been shown to often have lower overhead and faster reaction time than other types of routing based on periodic (proactive) mechanisms. Significant attention recently has been devoted to developing secure routing protocols for ad hoc networks, including a number of secure on-demand routing protocols, that defend against a variety of possible attacks on network routing. In this paper, we present the rushing attack, a new attack that results in denial-of-service when used against all previous on-demand ad hoc network routing protocols. For example, DSR, AODV, and secure protocols based on them, such as Ariadne, ARAN, and SAODV, are unable to discover routes longer than two hops when subject to this attack. This attack is also particularly damaging because it can be performed by a relatively weak attacker. We analyze why previous protocols fail under this attack. We then develop Rushing Attack Prevention (RAP), a generic defense against the rushing attack for on-demand protocols. RAP incurs no cost unless the underlying protocol fails to find a working route, and it provides provable security properties even against the strongest rushing attackers.
KW - Ad hoc network routing
KW - Routing
KW - Rushing
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=1542317831&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=1542317831&partnerID=8YFLogxK
U2 - 10.1145/941315.941317
DO - 10.1145/941315.941317
M3 - Conference contribution
AN - SCOPUS:1542317831
SN - 1581137699
SN - 9781581137699
T3 - Proceedings of the Workshop on Wireless Security
SP - 30
EP - 40
BT - Proceedings of the Workshop on Wireless Security
PB - Association for Computing Machinery
T2 - Proceedings of the 2003 ACM Workshop on Wireless Security
Y2 - 19 September 2003 through 19 September 2003
ER -