lhap - * Article 1 LHAP: A Lightweight Network Access...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
1 LHAP: A Lightweight Network Access Control Protocol for Ad-Hoc Networks Sencun Zhu * , Shouhuai Xu , Sanjeev Setia and Sushil Jajodia * Department of Computer Science and Engineering and School of Information Science and Technology The Pennsylvania State University, University Park, PA 16802 Department of Computer Science, University of Texas at San Antonio, San Antonio, TX 78249 Center For Secure Information Systems, George Mason University, Fairfax, VA 22030 Email: [email protected], [email protected], [email protected],[email protected] Abstract — Most ad hoc networks do not implement any network access control , leaving these networks vulnerable to resource consumption attacks where a malicious node injects packets into the network with the goal of depleting the resources of the nodes relaying the packets. To thwart or prevent such attacks, it is necessary to employ authentication mechanisms to ensure that only authorized nodes can inject traffic into the network. We propose LHAP, a hop-by-hop authentication protocol for ad hoc networks. LHAP resides in between the network layer and the data link layer, thus providing a layer of protection that can prevent or thwart many attacks from happening, including outsider attacks and insider impersonation attacks. Our detailed performance evaluation shows that LHAP incurs small performance overhead and it also allows a tradeoff between security and performance. Keywords: Network Access Control, Hop-by-hop Authentica- tion, One-way Key Chain, TESLA I. INTRODUCTION In ad hoc wireless networks, no base stations exist and every mobile node acts as both a router and a host. Nodes in an ad hoc network can communicate with each other at any time, subject to connectivity limitations. Currently, most ad hoc networks do not have any provisions for restricting or regulating the traffic that flows through a node, i.e., they do not implement any network access control . This leaves these networks vulnerable to resource consumption attacks where a malicious node injects packets into the network with the goal of depleting the resources of the nodes relaying the packets. For example, since mobile hosts are usually battery powered, they are susceptible to battery exhaustion attacks [36]. Clearly, a network access control capability is essential for ad hoc networks in an adversarial environment such as a battlefield. A resource consumption attack can be especially effective if a packet injected into an ad hoc network by a mali- cious node ends up being multicast or broadcast throughout the network. For example, the operation of most routing protocols involves steps in which a control packet, e.g., a route request packet, is broadcast to all nodes. Moreover, many applications for ad hoc networks are group-oriented and involve collabo- rative computing; thus multicast communication is likely to increase in importance as multicast routing protocols for ad hoc networks become more mature. Corresponding Author: Sencun Zhu, [email protected], phone: 01-814-
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 02/16/2011 for the course CSE 566 taught by Professor Dr.shamboo during the Fall '10 term at SUNY Buffalo.

Page1 / 12

lhap - * Article 1 LHAP: A Lightweight Network Access...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online