Oct 19, 2009 - Cumulative Security Leakage : Alice and Bob. Traditional Wireless .... Routing Metric. â· Minimum Hop Count : AODV [Perkins,Royer'99],.
Optimum Routing Protection against Cumulative Eavesdropping in Multihop Wireless Networks Shafi Bashar, Zhi Ding Department of Electrical and Computer Engineering University of California, Davis Oct. 19, 2009
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009)
1 / 30
Introduction
Wireless Communication : Wireless Medium Characteristics of Wireless Medium I
Fading I Good link : Difficult maintenance
I
Shared Medium I Eavesdropping I Jamming
I
Creates security challenges.
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009)
2 / 30
Introduction
Multihop Wireless Network I
Ad-Hoc Network, Mesh Network I I
I
Difference in wireless structure I I I
I
Recently gaining attention Commercial and military Applications Cellular : Point to multi-point Radio : Point to point Ad-Hoc, Mesh : Hop to hop
Figure: Cellular Sytem
Security Challenges : Newer Issues I I I
Securing one hop → Not enough Cumulative leakage : A new issue PHY centric solution
Optimum Routing Protection against Cumulative Eavesdropping
Figure: Multihop
(
Oct. 19, 2009)
3 / 30
Introduction
Cumulative Security Leakage : Alice and Bob Traditional Wireless Network
Alice
Bob LB-E
Eve Leakage=LB-E
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009)
4 / 30
Introduction
Cumulative Security Leakage : Alice and Bob Multihop Wireless Network
Carol
Charlie
LCa-E
Alice
LCh-E
Bob LB-E Dave
Eve Leakage=LB-E + LCh-E + LCa-E
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009)
5 / 30
Introduction
Securing Wireless Link : Traditional Approach Encryption Mechanism I Makes packet decoding harder I Does not prevent eavesdropping I Active Attack : Jamming, Denial of service etc. I Secure Routing : [Yu, Perrig ’04], [Djenouri, et.al. ’05] etc. I Passive Attack : Eavesdropping I [Kao, Marculesu ’07] I Eavesdropping Risk = f (Transmission Power). I limits on single hop transmission power. I [Lou, Liu, Fang ’03] I Eavesdropping Risk = Probabilistic value at each node. I Our Approach : I Eavesdropping Risk = PHY-centric measure I Coherent joint detection at Eve with multihop consideration. I
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009)
6 / 30
Introduction
Eavesdropping Risk : Secrecy Measure Information Theory : Equivocation Rate I [Shanon ’49] : Amount of uncertainty left in a message in presence of Eve’s observation. I More Practical Measure I [Rodrigues, Almeida ’08]: Mean-square Error (MSE) of received signal. I [Bloch et.al. ’08]: Secrecy Outage Probability Pr (Rbob − Reve ≤ R) I Our Approach : I Consider leakage of information. I Measured by Received Signal-to-Noise Ratio (SNR) at Eve. I
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009)
7 / 30
Introduction
Why SNR ?
I
More practical PHY-centric measure; understood by all. At low receive SNR → Decoded message unreliable.
I
Conclusion : Link is secured when
I
Eve’s SNR ≤ threshold I
Model coherent eavesdropping risk from multihop transmission well.
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009)
8 / 30
Coherent and Joint Eavesdropping
Coherent Eavesdropping from Multihop Transmission es Eav
per drop
t1 Tx 1
tK
t2
Tx K
√ t1 , Tx 1 : y1 = p1 h1 s + n1 √ t2 , Tx 2 : y2 = p2 h2 s + n2 .. . √ tK , Tx K : yK = pK hK s + nK
Tx 2
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009)
9 / 30
Coherent and Joint Eavesdropping
Coherent Eavesdropping from Multihop Transmission es Eav
per drop
t1 Tx 1
tK
t2
Tx K
√ t1 , Tx 1 : y1 = p1 h1 s + n1 √ t2 , Tx 2 : y2 = p2 h2 s + n2 .. . √ tK , Tx K : yK = pK hK s + nK
Tx 2
Eve stores y1 , . . . , yK and performs joint detection. I Signals → coherent, Noises → not coherent.
I
I I
Received SNR from Tx i : SNRi = Cumulative received SNR :
SNRc
pi |hi |2 σi2 PK
=
2 2 i=1 pi |hi | PK 2 2 i=1 pi |hi | σi K pi |hi |2 i=1 σ2
{
P Equal noise variance : SNRc = Ki=1 I Observation : SNRc depends on hi ’s.
I
Optimum Routing Protection against Cumulative Eavesdropping
}
=
P
(
SNRi
Oct. 19, 2009)
9 / 30
Coherent and Joint Eavesdropping
Eavesdropper Channel Information
I
In practice, hi ’s → Not available.
I
Obtain partial channel information I I
Use information obtained from prior transmission Identify high-risk region a priori I High-risk region : Presence of Eve highly probable I e.g. Battlefield : Eve resides in unswept areas.
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
10 / 30
Coherent and Joint Eavesdropping
Scenario 1 s
s
s
Optimum Routing Protection against Cumulative Eavesdropping
s
(
Oct. 19, 2009 )
11 / 30
Coherent and Joint Eavesdropping
Scenario 2 s s
s
s
s s
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
12 / 30
Coherent and Joint Eavesdropping
Eavesdropper Channel Information
I
In practice, hi ’s → Not available.
I
Obtain partial channel information I I
I
Use information obtained from prior transmission Identify high-risk region a priori I High-risk region : Presence of Eve highly probable I e.g. Battlefield : Eve resides in unswept areas.
Distribute monitoring sensors.
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
13 / 30
Coherent and Joint Eavesdropping
Scenario 1 s
s
s
Optimum Routing Protection against Cumulative Eavesdropping
s
(
Oct. 19, 2009 )
14 / 30
Coherent and Joint Eavesdropping
Scenario 2 s s
s
s
s s
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
15 / 30
Problem Formulation
Multihop Routing Problem
s
Find S − D Path
s
s
s
Such that : Condition 1 : Routing metric → minimized / maximized Condition 2 : SNRi−e ≤ α [Individual Node Leakage] Condition 3 : SNRc ≤ β [Cumulative Leakage]
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
16 / 30
Problem Formulation
Multihop Routing Problem
Condition 1 : Routing metric minimized/maximized Routing Metric Minimum Hop Count : AODV [Perkins,Royer’99], DSR [Johnson,Maltz’96], DSDV [Perkins,Bhagwat’94] I Extended Transmission Count (ETX) I Round Trip Time (RTT) I Link SNR I
Proposed Routing Algorithm can use any metric
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
17 / 30
Problem Formulation
Routing Problem Condition 2 : Individual Node Leakage Ensures leakage from each node is low I Local constraint : Each node checks its own
I
Condition 3 : Cumulative Leakage Ensures overall transmission leakage is low I Global constraint : Depends on route selection
I
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
18 / 30
Problem Formulation
Revised Routing Problem No Cond. 2, Cond. 3 : Shortest path problem I Consider nodes with Condition 2 satisfied
I
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
19 / 30
Problem Formulation
Revised Routing Problem No Cond. 2, Cond. 3 : Shortest path problem I Consider nodes with Condition 2 satisfied
I
minimize hop count maximize min SNRlink Find S-D path to minimize / maximize other metric subject to :
SNRc ≤ β
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
19 / 30
Problem Formulation
Revised Routing Problem No Cond. 2, Cond. 3 : Shortest path problem I Consider nodes with Condition 2 satisfied
I
minimize hop count maximize min SNRlink Find S-D path to minimize / maximize other metric subject to :
SNRc ≤ β
Resource Constrained Shortest Path Problem
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
19 / 30
Routing Algorithm
Resource Constrained Shortest Path Problem
Resource Constrained Shortest Path I NP-complete problem [Lawler ’01] I Quantize SNR values I Dynamic programming algorithm with pseudo-polynomial runtime
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
20 / 30
Routing Algorithm
Resource Constrained Shortest Path Problem I G = (V , E ) : Network as a graph I wij : link quality of arc (i, j) I `ij : leakage on arc (i, j) I Ui (j, `) : Value of optimum link quality from i to j such that total
leakage on the path does not exceed `
Recursive relation :
Ui(j,l-1)
i
j
Ui(j,l) = ?
k∈V \j
Ui ( k,llkj )
,l kj w kj
l (j, Ui
k
)j
w
-l m
m j ,l m j
Ui (j, `) = min Ui (j, ` − 1) , min {Ui (k, ` − `kj ) + wkj }
m
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
21 / 30
Routing Algorithm
Proposed Algorithms
Algorithm 1 Centralized Algorithm I Runtime O(n3 L) I L : No. of quantization state I Similar to Bellman-Ford with additional dimension I
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
22 / 30
Routing Algorithm
Proposed Algorithms Algorithm 2 I I I I I
Distributed Algorithm Similar to distance vector (DV) algorithm Each node use localized information Occasionally transmits table to neighbors Use sequence number to avoid looping
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
23 / 30
Numerical Result
Numerical Simulation I
I
Simulation Setup I
10×10 Grid
I
Source at (0, 5)
I
Destination as (10, 5)
I
Intermediate node randomly distributed
Performance Comparison I
Optimum routing without security concern
I
Most secured path without link quality concern
I
Proposed solution
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
24 / 30
Numerical Result
Successful secured routing (%)
Minimum hop routing : Successful secured routing 1
0.8
0.6 0.4
(i) Minimum hop routing w/o security concern (ii) Most secured path w/o concern on no. of hop (iii) Proposed algorithm
0.2
0
5
10
15
20
25
30
No. of intermediate nodes
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
25 / 30
Numerical Result
Minimum hop routing : Hop count 10 9
Average no. of hops
8 7 6 5
(i) Minimum hop routing w/o security concern (ii) Most secured path w/o concern on no. of hop (iii) Proposed algorithm
4 3 2 1 0
5
10
15
20
25
30
No. of intermediate nodes
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
26 / 30
Numerical Result
Max-min SNR routing : Successful secured routing
Successful secured routing (%)
1 0.9
(i) Best max−min SNR path w/o security concern (ii) Most secured routing path w/o link quality concern (iii) Proposed algorithm
0.8 0.7 0.6 0.5 0.4 0.3 0.2 0.1 0
5
10
15
20
25
30
No. of intermediate nodes
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
27 / 30
Numerical Result
Max−min SNR (dB) of the routing path
Max-min SNR routing : Max-min SNR 9 8 7 6 5 4 3
(i) Best max−min SNR path w/o security concern (ii) Most secured routing path w/o link quality concern (iii) Proposed algorithm
2 1 0
5
10
15
20
25
30
No. of intermediate nodes
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
28 / 30
Conclusion
Conclusion
I
Multihop wireless networks : Newer security challenges
I
Newer approaches : PHY-centric solution
I
Cumulative security leakage
I
Routing involving physical layer parameters
I
Trade-off : Pseudo-polynomial rather than polynomial time solution; Improved security.
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
29 / 30
Conclusion
Thank You
Optimum Routing Protection against Cumulative Eavesdropping
(
Oct. 19, 2009 )
30 / 30