research-article

Adversarial testing of wireless routing implementations

Authors:

Md. Endadul Hoque,

Rahul Potharaju,

Charles E. Killian,

Cristina Nita-RotaruAuthors Info & Claims

WiSec '13: Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks

Pages 143 - 148

https://doi.org/10.1145/2462096.2462120

Published: 17 April 2013 Publication History

Abstract

We focus on automated adversarial testing of real-world implementations of wireless routing protocols. We extend an existing platform, Turret, designed for general distributed systems, to address the specifics of wireless routing protocols. Specifically, we add functionality to differentiate routing messages from data messages and support wireless specific attacks such as blackhole and wormhole, or routing attacks such as replay attacks. The extended platform, Turret-W, uses a network emulator to create reproducible network conditions and virtualization to run unmodified binaries of wireless protocol implementations. Using the platform on publicly available implementations of two representative routing protocols we (re-)discovered 14 attacks and 3 bugs.

References

[1]

AODV-UU. http://sourceforge.net/projects/aodvuu/.

[2]

ARAN. http://prisms.cs.umass.edu/arand/.

[3]

ASL. http://sourceforge.net/projects/aslib/.

[4]

Emulab - network emulation testbed. http://www.emulab.net/.

[5]

Iperf. http://sourceforge.net/projects/iperf.

[6]

Network Simulator 2. http://www.isi.edu/nsnam/ns/.

[7]

Network Simulator 3. http://www.nsnam.org/.

[8]

OpenSSL toolkit. http://www.openssl.org/.

[9]

Orbit. http://www.orbit-lab.org.

[10]

RFC 3561. http://tools.ietf.org/html/rfc3561.

[11]

B. Awerbuch, R. Curtmola, D. Holmer, C. Nita-Rotaru, and H. Rubens. ODSBR: An on-demand secure byzantine resilient routing protocol for wireless ad hoc networks. TISSEC, 2008.

Digital Library

[12]

F. De Renesse and A. Aghvami. Formal verification of ad-hoc routing protocols using spin model checker. In IEEE Melecon, 2004.

[13]

S. M. ElRakabawy and C. Lindemann. A practical adaptive pacing scheme for TCP in multihop wireless n/ws. ToN, 2011.

Digital Library

[14]

R. S. Gray, D. Kotz, C. Newport, N. Dubrovsky, A. Fiske, J. Liu, C. Masone, S. McGrath, and Y. Yuan. Outdoor experimental comparison of four ad hoc routing algorithms. In Procs. of MSWiM, 2004.

Digital Library

[15]

H. S. Gunawi, T. Do, P. Joshi, P. Alvaro, J. M. Hellerstein, A. C. Arpaci-Dusseau, R. H. Arpaci-Dusseau, K. Sen, and D. Borthakur. Fate and Destini: a framework for cloud recovery testing. In NSDI, 2011.

Digital Library

[16]

A. Gupta, I. Wormsbecker, and C. Wilhainson. Experimental evaluation of TCP performance in multi-hop wireless ad hoc networks. In Mascots, 2004.

Digital Library

[17]

I. Habib. Virtualization with kvm. Linux Journal, 2008.

Digital Library

[18]

G. Holzmann. The model checker spin. Software Engineering, IEEE Transactions on, 23(5):279--295, 1997.

Digital Library

[19]

N. Horman. Understanding and programming with netlink sockets. http://www.smacked.org/docs/netlink.pdf, 2004.

[20]

Y. Hu, A. Perrig, and D. Johnson. Ariadne: A secure on-demand routing protocol for ad hoc networks. WN, 2005.

Digital Library

[21]

D. Johnson and D. Maltz. Dynamic source routing in ad hoc wireless networks. Mobile computing, pages 153--181, 1996.

[22]

N. Kothari, R. Mahajan, T. Millstein, R. Govindan, and M. Musuvathi. Finding protocol manipulation attacks. Sigcomm CCR, 2011.

Digital Library

[23]

H. Lee, C. Killian, C. Nita-Rotaru, and J. Seibert. A Platform for Finding Attacks in Unmodified Implementations of Intrusion Tolerant Systems. Poster at OSDI, 2012.

[24]

H. Lee, J. Seibert, C. Killian, and C. Nita-Rotaru. Gatling: Automatic attack discovery in large-scale distributed systems. NDSS, 2012.

[25]

Q. Li, M. Zhao, J. Walker, Y.-C. Hu, A. Perrig, and W. Trappe. SEAR: A secure efficient ad hoc on demand routing protocol for wireless networks. Security Comm. Networks, 2(4):325--340, 2009.

[26]

P. Mahadevan, A. Rodriguez, D. Becker, and A. Vahdat. Mobinet: a scalable emulation infrastructure for ad hoc and wireless networks. Sigmobile CCR, 2006.

Digital Library

[27]

P. Marinescu and G. Candea. Efficient testing of recovery code using fault injection. ACM ToCS, 2011.

Digital Library

[28]

K. McMillan. Symbolic model checking: an approach to the state explosion problem. Technical report, 1992.

[29]

M. Musuvathi, D. Engler, et al. Model checking large network protocol implementations. In NSDI, 2004.

Digital Library

[30]

M. Musuvathi, D. Park, A. Chou, D. Engler, and D. Dill. CMC: Pragmatic approach to model checking real code. Sigops, 2002.

Digital Library

[31]

S. Paris, C. Nita-Rotaru, F. Martignon, and A. Capone. Efw: A cross-layer metric for reliable routing in wireless mesh networks with selfish participants. In Infocom, 2011.

[32]

C. Perkins and P. Bhagwat. Highly dynamic DSDV for mobile computers. ACM Sigcomm CCR, 1994.

[33]

C. E. Perkins and E. M. Royer. Ad-hoc On-Demand Distance Vector Routing. In IEEE Mcsa, 1997.

Digital Library

[34]

S. Radhakrishnan, G. Racherla, C. Sekharan, N. Rao, and S. Batsell. Dst-a routing protocol for ad hoc networks using distributed spanning trees. In IEEE WCNC, 1999.

[35]

K. Sanzgiri, B. Dahill, B. Levine, C. Shields, and E. Belding-Royer. A secure routing protocol for ad hoc networks. In IEEE ICNP, 2002.

Digital Library

[36]

K. Sanzgiri, D. LaFlamme, B. Dahill, B. Levine, C. Shields, and E. Belding-Royer. Authenticated routing for ad hoc networks. IEEE JSAC, 2005.

Digital Library

[37]

M. Stanojevic, R. Mahajan, T. Millstein, and M. Musuvathi. Can you fool me? towards automatically checking protocol gullibility. In HotNets, 2008.

[38]

M. G. Zapata and N. Asokan. Securing ad hoc routing protocols. In ACM WiSE, 2002.

Digital Library

[39]

X. Zeng, R. Bagrodia, and M. Gerla. Glomosim: a library for parallel simulation of large wireless networks. Sigsim, 1998.

Digital Library

Cited By

Kang QXing JQiu YChen ASherwood TBerger EKozyrakis C(2021)Probabilistic profiling of stateful data planes for adversarial testingProceedings of the 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems10.1145/3445814.3446764(286-301)Online publication date: 19-Apr-2021
https://dl.acm.org/doi/10.1145/3445814.3446764
Hoque ELee HPotharaju RKillian CNita-Rotaru C(2016)Automated Adversarial Testing of Unmodified Wireless Routing ImplementationsIEEE/ACM Transactions on Networking10.1109/TNET.2016.252047424:6(3369-3382)Online publication date: 1-Dec-2016
https://dl.acm.org/doi/10.1109/TNET.2016.2520474
Lee HSeibert JHoque EKillian CNita-Rotaru C(2014)TurretProceedings of the 2014 IEEE 34th International Conference on Distributed Computing Systems10.1109/ICDCS.2014.73(660-669)Online publication date: 30-Jun-2014
https://dl.acm.org/doi/10.1109/ICDCS.2014.73

Index Terms

Adversarial testing of wireless routing implementations
1. Hardware
  1. Communication hardware, interfaces and storage
2. Networks
  1. Network types
    1. Mobile networks
    2. Wireless access networks

Recommendations

Adversarial testing of wireless routing implementations
CERIAS '13: Proceedings of the 14th Annual Information Security Symposium

We focus on automated adversarial testing of real-world implementations of wireless routing protocols. We extend an existing platform, Turret, designed for general distributed systems, to address the specifics of wireless routing protocols. Specifically,...
Automated Adversarial Testing of Unmodified Wireless Routing Implementations

Numerous routing protocols have been designed and subjected to model checking and simulations. However, model checking the design or testing the simulator-based prototype of a protocol does not guarantee that the implementation is free of bugs and ...
Mitigating attacks against virtual coordinate based routing in wireless sensor networks
WiSec '08: Proceedings of the first ACM conference on Wireless network security

Virtual coordinate system (VCS) based routing provides a practical, efficient and scalable means for point-to-point routing in wireless sensor networks. Several VCS-based routing protocols have been proposed in the last few years, all assuming that ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

WiSec '13: Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks

April 2013

230 pages

ISBN:9781450319980

DOI:10.1145/2462096

General Chair:
Levente Buttyán
Budapest University of Technology and Economics, Hungary
,
Program Chairs:
Ahmad-Reza Sadeghi
Technische Universitaet Darmstadt, Fraunhofer SIT, Intel-CRISC, Germany
,
Marco Gruteser
Rutgers University, USA

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

In-Cooperation

SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 April 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

WISEC'13

Sponsor:

SIGSAC

WISEC'13: Sixth ACM Conference on Security and Privacy in Wireless and Mobile Networks

April 17 - 19, 2013

Budapest, Hungary

Acceptance Rates

WiSec '13 Paper Acceptance Rate 26 of 70 submissions, 37%;

Overall Acceptance Rate 98 of 338 submissions, 29%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
294
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)0

Reflects downloads up to 03 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Kang QXing JQiu YChen ASherwood TBerger EKozyrakis C(2021)Probabilistic profiling of stateful data planes for adversarial testingProceedings of the 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems10.1145/3445814.3446764(286-301)Online publication date: 19-Apr-2021
https://dl.acm.org/doi/10.1145/3445814.3446764
Hoque ELee HPotharaju RKillian CNita-Rotaru C(2016)Automated Adversarial Testing of Unmodified Wireless Routing ImplementationsIEEE/ACM Transactions on Networking10.1109/TNET.2016.252047424:6(3369-3382)Online publication date: 1-Dec-2016
https://dl.acm.org/doi/10.1109/TNET.2016.2520474
Lee HSeibert JHoque EKillian CNita-Rotaru C(2014)TurretProceedings of the 2014 IEEE 34th International Conference on Distributed Computing Systems10.1109/ICDCS.2014.73(660-669)Online publication date: 30-Jun-2014
https://dl.acm.org/doi/10.1109/ICDCS.2014.73

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten