Spontaneous Wireless Networking to Counter Pervasive Monitoring



Similar documents
Performance Evaluation of AODV, OLSR Routing Protocol in VOIP Over Ad Hoc

Security for Ad Hoc Networks. Hang Zhao

6LoWPAN Technical Overview

Comparative Study of Performance Evaluation for Mobile Ad hoc networks using a proxy node

TOPOLOGIES NETWORK SECURITY SERVICES

PERFORMANCE ANALYSIS OF AD-HOC ON DEMAND DISTANCE VECTOR FOR MOBILE AD- HOC NETWORK

CHAPTER 6. VOICE COMMUNICATION OVER HYBRID MANETs

MetroNet6 - Homeland Security IPv6 R&D over Wireless

Security and Privacy Issues in Wireless Ad Hoc, Mesh, and Sensor Networks

VoIP over MANET (VoMAN): QoS & Performance Analysis of Routing Protocols for Different Audio Codecs

Unit 3 - Advanced Internet Architectures

Security Scheme for Distributed DoS in Mobile Ad Hoc Networks

Security in Ad Hoc Network

Design and Implementation of Ad-hoc Communication and Application on Mobile Phone Terminals

An Efficient QoS Routing Protocol for Mobile Ad-Hoc Networks *

mlab: A Mobile Ad Hoc Network Test Bed

Name Service in IPv6 Mobile Ad-hoc Network

Performance comparison and analysis of routing strategies in Mobile ad hoc networks

Experimental Comparison of Routing and Middleware Solutions for Mobile Ad Hoc Networks: Legacy vs Cross-Layer Approach

6PANview: A Network Monitoring System for the Internet of Things

A UBIQUITOUS PROTOCOL FOR ADDRESS DYNAMICALLY AUTO CONFIGURATION FOR MOBILE AD HOC NETWORKS

IJMIE Volume 2, Issue 7 ISSN:

A Link-state QoS Routing Protocol for Ad Hoc Networks

SECURITY ASPECTS IN MOBILE AD HOC NETWORK (MANETS)

SIMULATION STUDY OF BLACKHOLE ATTACK IN THE MOBILE AD HOC NETWORKS

An IEEE static mesh network design for isolated rural areas in developing regions

A REVIEW: MOBILE AD-HOC NETWORK PROTOCOLS AND SECURITY ISSUES

ROUTE MECHANISMS FOR WIRELESS ADHOC NETWORKS: -CLASSIFICATIONS AND COMPARISON ANALYSIS

SECURE DATA TRANSMISSION USING INDISCRIMINATE DATA PATHS FOR STAGNANT DESTINATION IN MANET

Comparing the Performance of the Ad Hoc Network under Attacks on Different Routing Protocol

A Novel Caching Scheme for Internet based Mobile Ad Hoc Networks

`PERFORMANCE COMPARISON OF ENERGY EFFICIENT AODV PROTOCOLS

Christian Bettstetter. Mobility Modeling, Connectivity, and Adaptive Clustering in Ad Hoc Networks

Mesh Topology Viewer (MTV): an SVG-Based Interactive Mesh Network Topology Visualization Tool

Connecting IPv6 capable Bluetooth Low Energy sensors with the Internet of Things

A Study of Internet Connectivity for Mobile Ad Hoc Networks in NS 2

Result Analysis of Virtual IP Address Configuration Protocol

6LoWPAN: An Open IoT Networking Protocol

Position and Velocity Aided Routing Protocol in Mobile Ad Hoc Networks

NetworkPathDiscoveryMechanismforFailuresinMobileAdhocNetworks

Portable Wireless Mesh Networks: Competitive Differentiation

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

Routing in the Internet of Things

Proposition of a new approach to adapt SIP protocol to Ad hoc Networks

Routing Protocols for Mobile Ad-hoc Networks: Current Development and Evaluation

Secured Data Transmissions In Manet Using Neighbor Position Verfication Protocol

Hybrid Overlay Multicast Framework draft-irtf-sam-hybrid-overlay-framework-01.txt. John Buford, Avaya Labs Research

MPLS VPN in Cellular Mobile IPv6 Architectures(04##017)

End-to-End Security in Wireless Sensor Networks (WSNs) Talk by Claudio Anliker Supervised by Dr. Corinna Schmitt University of Zurich

Security improvement in IoT based on Software Defined Networking (SDN)

VirtIX. Virtual Internet Exchange. IPredator et al. virtix.st

Security Threats in Mobile Ad Hoc Networks

Performance Evaluation of Aodv and Dsr Routing Protocols for Vbr Traffic for 150 Nodes in Manets

Intelligent Agents for Routing on Mobile Ad-Hoc Networks

PERFORMANCE ANALYSIS OF AODV, DSR AND ZRP ROUTING PROTOCOLS IN MANET USING DIRECTIONAL ANTENNA

CROSS LAYER BASED MULTIPATH ROUTING FOR LOAD BALANCING

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Study of Different Types of Attacks on Multicast in Mobile Ad Hoc Networks

Load-balancing Approach for AOMDV in Ad-hoc Networks R. Vinod Kumar, Dr.R.S.D.Wahida Banu

Keywords- manet, routing protocols, aodv, olsr, grp,data drop parameter.

BSc (Hons.) Computer Science with Network Security. Examinations for 2011/ Semester 2

LIST OF FIGURES. Figure No. Caption Page No.

Emerging Mobile Networking Architectures

Alessia Garofalo. Critical Infrastructure Protection Cyber Security for Wireless Sensor Networks. Fai della Paganella, 10-12/02/2014

A SURVEY OF P2P OVERLAYS IN VARIOUS NETWORKS

SBSCET, Firozpur (Punjab), India

A Secure Intrusion detection system against DDOS attack in Wireless Mobile Ad-hoc Network Abstract

A Comparison Study of Qos Using Different Routing Algorithms In Mobile Ad Hoc Networks

IPv6 SECURITY. May The Government of the Hong Kong Special Administrative Region

Robust Security Solution to Countermeasure of Malicious Nodes for the Security of MANET

Security protocols for ad-hoc wireless networks Raghava Karanam, Gautam Sreeram Pendum, Narendra Nath Vattikuti

QUALITY OF SERVICE METRICS FOR DATA TRANSMISSION IN MESH TOPOLOGIES

Performance Analysis of Load Balancing in MANET using On-demand Multipath Routing Protocol

Behavior Analysis of TCP Traffic in Mobile Ad Hoc Network using Reactive Routing Protocols

New System Security Model for a Mobile Operator s Meshed Access Network

Fostering IoT Deployment Challenges and Assets of SDN Techniques

Comparative Study of Routing Protocols for Mobile Ad-hoc NETworks

Keywords Ad hoc-network protocol, ad hoc cloud computing, performance analysis, simulation models, OPNET 14.5

LOADng Routing Protocol Evaluation for Bidirectional Data flow in AMI Mesh Networks

Mobile Ad Hoc Networking: An Essential Technology for Pervasive Computing

Transcription:

Spontaneous Wireless Networking to Counter Pervasive Monitoring E. Baccelli, O. Hahm, M. Wählisch January 15, 2014 1 Pervasive Monitoring is a Myth Pervasive monitoring does not exist for one good reason: if monitoring does happen, as revealed by recent whistleblowing that highlighted the scale of NSA surveillance activities [1], it happens in very few key central locations in the network. Monitoring, as we know it so far, is thus by no means pervasive in the geographical or topological sense. One might further speculate that such monitoring will probably never become pervasive because it would simply be too expensive to put in place. This observation leads to a fundamental question: how could NSA surveillance reach such an incredibly large scope, to the point where it seems pervasive, while in fact, they only monitor the network from a few select locations? The answer to this question is simple: the NSA s monitoring could scale because we are addicted to centralization. From the physical point of view, we made ourselves absolutely dependent on the deployed, fixed infrastructure. Whenever we communicate, the quasi totality of the traffic relies upon going through a central access point of some sort. This approach to networking certainly offers substantial advantages (a good performance/cost compromise for starters), but on the other hand it offers cheap and efficient vantage points for whoever seeks large scale monitoring opportunities. It does not have to be so. Similarly, from the logical point of view, we make ourselves more and more dependent on cloud services. Whenever we store, or access our data, we rely on a centralized architecture that concentrates everything in data centers. Again, this approach offers great advantages (e.g. easier access from anywhere, lower Emmanuel Baccelli is affiliated with INRIA and Freie Universität Berlin. Oliver Hahm is affiliated with INRIA. Matthias Wählisch is affiliated with Freie Universität Berlin. 1

cost reliability and efficiency), but on the other hand it offers more cheap and efficient vantage points for would-be spies. It does not have to be so either. 2 Making Massive Surveillance Harder At this point, it becomes apparent that there are essentially three ways to make large scale systematic surveillance a much harder task. The first type of solution is to significantly increase the physical security of potential vantage points. While this type of solution is obviously necessary, history shows that there are always cracks to infiltrate if the will to break in is there. And it will be there. So this type of solution is by no means sufficient. The second type of solution is to significantly increase the default levels of encryption used over the network. For starters, the default behavior should be to encrypt door-to-door and don t let communication be decrypted by intermediate devices. Furthermore the default cryptographic mechanisms should be significantly harder to decipher. Note that to ensure this actually happens consistently, the use of open source software should be mandatory concerning such cryptographic mechanisms. On one hand, as highlighted in [21], open-source bundled with automatic updates can slow down or stop obsolescence altogether, and on the other hand, open source is best known guarantee against malware and potential backdoors. However, if one of the physical end points of the communication is a vantage point of potentially high interest (say a data center), we quickly come back to the problems of the first type of solution, i.e. there are always cracks to infiltrate if the will to break in is there. And it will be there, with an extremely intense focus, because this is a potential vantage point and with an intense focus one can do wonders. The third type of solution is of an entirely different nature, which is the main purpose of this document. Instead of hardening the current architecture and increasing the security of high profile targets, another category of approach could be to aim for target dispersal, as suggested recently by B. Schneier in [2]. Target dispersal would eliminate default vantage points and thus naturally disable systematic mass surveillance. De facto, surveillance efforts would be forced to be more specific and personalized, and thus more directly accountable for. To that end, stateless networking approaches should be developed and employed, i.e. approaches that do not rely on central entities (infrastructure-based), but rather on spontaneous interaction between autonomous peer entities, as locally as possible (topologically and/or geographically). The network architecture should evolve towards a mode of operation where all possible stateless solutions are tried first, before considering any infrastructure-based approach again, the goal being to increase target dispersal. In fact, several examples of stateless approaches have appeared over the last decade, at different layers. These include 2

for instance peer-to-peer (P2P) networks or WebRTC [22] at the application layer, and multi-hop spontaneous wireless networks at the network layer [4], such as mobile ad hoc networks [3], wireless sensor networks, vehicular networks, or wireless mesh networks. While P2P networks have been massively deployed and adopted (WebRTC will likely enjoy the same fate) spontaneous wireless networks have not yet been widely adopted. There has however been quite some work in the research community over the past decade on this topic, which has identified issues that must (still) be tackled in order to efficiently adapt IP protocols for these new networks. Actually, the community has already produced a number of new protocol specifications dedicated to spontaneous wireless networking operation, such as [5] [6] [9], [13] among others. Some of these protocols have even been deployed in specific contexts. Several european and american military applications have deployed using mobile ad hoc routing to power spontaneous, on-the-move local communications between elements on-site. In another context, several cities in Europe and in the USA have deployed wireless community mesh networks (e.g. [18] [19]), which use these protocols. Last, but not least, the highly anticipated Internet of Things (IoT) is heavily based on spontaneous wireless networking and the outcome of efforts such as 6LoWPAN [14] or ROLL [15]. Indeed, merging spontaneous wireless networks with traditional, operated networks presents a number of advantages, aside of target dispersal to counter massive surveillance. First, it could offer operator infrastructure offloading [20]. Second, the resulting network would systematically maximize connectivity at marginal cost. Third, it offers natural coverage extension for the network access infrastructure already deployed. And last, it offers increased resilience of the network in face of infrastructure outage. There are of course lingering issues that do not allow off-the-shelf, spontaneous wireless networking at large scale. Among others, such issues include (i) the absence of efficient standard router auto-configuration schemes in this context [12], which has profound implications, (ii) the lack of dedicated, optimized link layer technology (which has focused on infrastructure based networking for decades), (iii) no standard key exchange protocol or alternatives for efficient authentication method to date, and (iv) some fundamental differences in terms of characteristics compared to traditional networks, such as throughput capacity vs number of nodes in the network. However, in light of the recent events revealing massive and systematic surveillance [1], there is a strong argument to decentralize our networking paradigms, and in this realm, spontaneous wireless networking at the networks layer is an asset that should not be overlooked. Contrary to infrastructure-based approaches, which are prone to monitoring, spontaneous wireless networking uses communication links that are local and volatile, i.e. unless one is physically present at the time and location of the communication, one must abandon all hope of 3

monitoring anything. While the wireless nature of the communication may on the other hand facilitate eavesdropping, the fact that one has to be there at the time/place of the communication significantly hampers mass surveillance, and cryptographic techniques can provide a privacy equivalent to what is achieved on wire. The honest, technical question that we should ask ourselves at this point is: are the lingering issues of spontaneous wireless networking integration in the IP stack worth solving/improving or not, taking into account our goal to maximize surveillance target dispersal? 3 Position: More Spontaneity Please The position highlighted in this paper is that in order to maximize target dispersal to counter systematic massive surveillance, we should not overlook the full potential of decentralized network paradigms. This full potential includes not only mantras such as think hard before you use the cloud, or let s bypass the service provider but also alternative techniques at the network layer, such as multi-hop spontaneous wireless networking, which could significantly reduce our dependence on the infrastructure which will remain, whether we want it or not, a desirable vantage point for mass monitoring. There are a number of issues that need to be resolved or alleviated towards native and massive integration of spontaneous wireless networks in the currently deployed IP architecture and infrastructure-based networks (massive IPv6 adoption could already help somewhat). However, the gains obtained in terms of target dispersal alone could be worth this cost and there are other gains too. References [1] G. Greenwald, E. MacAskill, L. Poitras, Edward Snowden: the whistleblower behind the NSA surveillance revelations, The Guardian, June 2013. [2] B. Schneier, What we know and what we do not know, IETF88 Technical Plenary on Internet Hardening, Vancouver, November 2013. [3] M. Corson, J. Macker, Mobile Ad hoc Networking (MANET): Routing Protocol Performance Issues and Evaluation Considerations, RFC 2501, January 1999. [4] J.A. Cordero, J. Yi, T. Clausen, E. Baccelli, Enabling Multihop Communication in Spontaneous Wireless Networks, in ACM SIGCOMM ebook on Recent Advances in Networking, Hamed Haddadi and Olivier Bonaventure (Ed.), Volume 1, Chapter 9, pp. 413-457, August 2013. [5] T. Clausen, P. Jacquet, Optimized Link State Routing Protocol (OLSR), RFC 3626, October 2003. [6] C. Perkins, E. Belding-Royer, S. Das, Ad hoc On-Demand Distance Vector (AODV) Routing, RFC 3561, July 2003. 4

[7] R. Ogier, F. Templin, M. Lewis, Topology Dissemination Based on Reverse-Path Forwarding (TBRPF), RFC 3684, February 2004. [8] D. Thaler, Multi-Link Subnet Issues, RFC 4903, June 2007. [9] E. Baccelli, P. Jacquet, D. Nguyen, T. Clausen, OSPF Multipoint Relay (MPR) Extension for Ad Hoc Networks, RFC 5449, February 2009. [10] D. Johnson, Y. Hu, D. Maltz, The Dynamic SourceRouting Protocol (DSR) for Mobile Ad Hoc Networks foripv4, RFC 4728, February 2007. [11] D. Thaler, Evolution of the IP Model, RFC 6250, May 2011. [12] E. Baccelli, M. Townsley, IP Addressing Model in Ad Hoc Networks, RFC 5889, September 2010. [13] T. Winter, P. Thubert, RPL: IPv6 Routing Protocol for Low-Power and Lossy Networks, IETF Request For Comments, RFC 6550, March 2012. [14] IPv6 over Low power WPAN (6lowpan) IETF Working Group, https://datatracker.ietf.org/wg/6lowpan/ [15] Routing Over Low power and Lossy networks (roll) IETF Working Group, https://datatracker.ietf.org/wg/roll/ [16] Kotz, D., Newport, C., and C. Elliott, The Mistaken Axioms of Wireless- Network Research, Dartmouth College Computer Science Technical Report TR2003-467, 2003. [17] E. Baccelli, C. Perkins, Multi-hop Ad Hoc Wireless Communication, IETF Internet Draft draft-baccelli-manet-multihop-communication, 2013. [18] Freifunk Wireless Community Networks, online at http://www.freifunk.net, 2014. [19] Austria Wireless Community Network, online at http://www.funkfeuer.at, 2014. [20] E.Baccelli, F. Juraschek, O. Hahm, T. C. Schmidt, H. Will, M. Wählisch, Proceedings of the 3rd MANIAC Challenge, published on ARXIV, http://arxiv.org/abs/1401.1163v2, January 2014. [21] B. Schneier, Security Risks of Embedded Systems, published online (Blog) http://www.schneier.com/blog/archives/2014/01/security risks 9.html, 2014. [22] Real-Time Communication in WEB-browsers IETF Working Group, http://tools.ietf.org/wg/rtcweb/ 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information