IPVPNs, MANETs, and Sybil Attacks - Aalto University€¦ · IPVPNs, MANETs, and Sybil Attacks...

IPVPNs, MANETs, and Sybil Attacks

Friday, October 6th 2006TML, Helsinki University of Technology,

Helsinki

Chittaranjan Hota, PhDComputer Science & Information Systems GroupBirla Institute of Technology & Science, Pilani

Rajasthan (INDIA)

� ��

Outline

� Introducing my Uni…BITS, Pilani

� IPVPNs: Traffic Engineering, and QoS

� Sybil Attacks: Definition, Defenses, and Proposals

� MANETs: QoS Routing, Secure Routing, ReliableMuticasting, and Resource Allocation Issues

� ��

Birla Institute of Technology & Science, Pilani

��

��

� ��

��

��

��

��

�� !��

� Academic Flexibility� Unique Online Admission Entrance Test� Practice School Options (India, Germany, France,

Italy, USA, Canada)� Different Administrative and Academic Structure� Funding from DST, AICTE, UGC, Microsoft,

Motorola, Intel, Broadcom, Wipro, Cisco, Philips.� CS and IS Group: BE (CS), BE(IS), ME(CS),

ME(SS), MS(SS), PhD(CSE)

� ��

39

40

41

44

44

46

51

0 10 20 30 40 50 60

QoS

Coverage

Security

Staff

Mobile

Legacy

Cost

Cost

Legacy

Mobile

Staff

Security

Coverage

QoS

"#� #$ ��%��&��

#��' ��(��)��(��*��+ ��*��, ��-

��

. ��

52

10

153

20

50

10

143

23

47

10

143

26

43

10

133

31

38

9

123

38

31

9

113

46

0

20

40

60

80

100

2001 2002 2003 2004 2005 2006

IPVPN

Other

Private N/W

PSTN/ISDNFrame/ATM

"#� #$ ��%��&��/��0

1�� %�2��$ ��*�3' ��%��+ ��*��, ��-

4 ��

"#� #$ �5 � ��%��&��

Personal voice over IP Network monitoring

CEO Video conference with analysis

Financial Transactions

Interactive whiteboard

Unicast radio

Network management traffic

Extranet web traffic

Public web traffic

Push news

Personal e-mail

Businesse-mail

Server backups

Sensitive

Insensitive

Casual CriticalMission Criticality

Delay

6 ��

�#7�� $ ��8��"#� #$

Residential Customer

Customer Edge Device

Enterprise Customer

Customer Edge Device

Stub Links

Border Routers

Enterprise Customer Core

Routers

Tunnel

Enterprise Customer

INTERNET

Tunnels

9 ��

5 � � ��#��*�!��(: *��#��'

��/" #0�$ ��

R1

R2

R4

d1

d3

2

2

31

3

4

2

1 3nt2

nt3

nt1

d2R3

;� ��

R1

R2

R4

d1

d3

d2

3

4

2

1

2

2

3

31

��#$<��=��=��=��<�;;

�#7�8��

R3

;; ��

R1

R2

R4

d1

d3

d2

3

1

2

42

3

31

��#$<�� =�;�=��=�<�;�

2

$ ��8��

R3

;� ��

R1

R2

R4

d1

d3

d2

3

2

1

2

2

1

3

3

4

��#$<��=��=��<�6

! ��"�� >��' ��2��?

$ ��8��/@ ��' �� ?0

R3

;� ��

� �"�� (��*�, /� >7 0>��(��(*��7��A=>��&��2��(*��A=>�!�<��&��&��>�%�� , ��8��/%�� 0>� �� A�� %

, ��!��3��*�� &��3

�*�� #�

��*��*��"�$%&'/&0�B<�! /��&��0

�*�� >��*��3>��

!��&�� %C ��*��2��D��' ��*�� *��' � ��&�

()! �*+&�, � (-�� / ��#7��*��' ��&��*��?��(��*��!��&��(��0�

%��' �� #$ �#��'

�.��.�/�0 /' ��' �' ��0

; ��

�7;

123

3��3��8#�E

456

#7� �7�

#7�

#

�7�

24371893

34197�455

4567244

�7;

#7;

#7� # #7�

�7�;

#7�;

#

#7�#7��

#

#7;

�7;

�7�

#7�

�7;

#7;123

�7;

#7;

#

#7�

�7�

�7�

#7�

#7;

�7;

�7�

#7�

#7�#

#7;#7;

�7;

�7�

<=

/$ ��, ��*0

/ ��;0 / ��0

/ ��0 / �� 0

4563419

243

243

/F ��(��*��*��:(� � ��0

�#7�8��

#7;

;� ��

3��&��(�" #�A��

� %��' �� *��?��(��?��&��(��" #��

� *��2��>��*��&��(��*��(��?��*�� #$

� 3�?��*��*��*��*��' ��(��(��*��' ��' ��*��' ��*��

� G ��' ��!��

� 3�?��*��*��&��H�!�� (��B��

� ��' �� /"0�;�'/"07�/"0 ��&��?�&��*��*�� %

� ��*��*��*��!��<!��/&0

;. ��

%��' �� *

�7;

#7; #7;

# #7�

#7� �7�

�7�

�7;

#7;

# #7�

#7�

�7�

�7�

I

$ ��8��

;4 ��

�' ��A��

Funds Vs QoS path

0

5

10

15

20

25

0 5 10 15 20 25Funds

QoS

pat

h ( H

euris

tic V

alue

)

Network 1Network 2Network 3

VPN Cost Vs Border Routers

0

5

1015

20

25

0 10 20 30Border Routers

VP

N C

ost

Funds = 5

Funds = 10

J"��(�!��*��*��' ��*

J"��(�$ �' ��8��A��&��*��#$ ��2��

;6 ��

8��*�%��(�' ��K �� #$

< ��(��

A��(

:(� �(��"��

:(� �)��&��

:(� �$�� =��

)��

1 2

4 5

6 >

1 < ��)�?��@��:(� ��2 =(+��.��?��A��3 :(� �.��@�� 4 :(� ��.��@��5 ��(�� '��6 (�� '��< .��

;9 ��

*��#��'

� 8��*��*��(�� #$

� "��*��*��' ��?��#$ �

� 3��&��*��*��*��&��' �2�' �' ��' ��' ��#$ �L��*��' ��>��)��

� *��(��(�� #$ ��' ��/��?��0�L ��&�

*��@ �M��&�

��

� 8��*� *��(� 7��*��' ��&��D��*��

� 8��*�#��(� ��#��(� �*�' �

J ΣΣΣΣ�;1�� αααα� =�≤≤≤≤ =

� 1?��' ��#��(� �*�' �J αααα�� ;�αααα��/φφφφ�0�*��>�φ� /��?0

1��3��*��

�; ��

8��*�%��(�' ��

1

/8��*�A��*�� ;��' ��?0

4

;�/4�' ��0

��/��' ��0

N;�/;��' ��0N��/��' ��0

��/;��' ��0

N��/��' ��0

N �/4��' ��0

1

5

2

4

;�/��' ��0

��/��' ��0

N;�/;��' ��0N��/��' ��0

��/;��' ��0

N��/��' ��0

N �/4��' ��0

5

2

/"�� N��0

/8��*�A��*�� ;�� ' ��?0

4

;�/9�' ��0

��/��' ��0

N;�/;��' ��0N��/��' ��0

��/;��' ��0

N��/��' ��0

N �/4��' ��0

15

2

4

;�/;��' ��0

��/��' ��0

N;�/;��' ��0N��/��' ��0

��/;��' ��0

N��/��' ��0

N �/4��' ��0

1

5

2

/8��*�#��*�A��(��*�� ;��6' ��' ��0

;�/;��' ��0

;�/;��' ��0

��

?��' �%��

"��*��*��(�&��?�

*��?��&��(�&��

"��*��*��* ��*��

CC ii *α= 10 ≤< iαWhere,

�=

−=N

iiCCSC

1

iii nCb /=

/;0

/�0

/�0

��

*��?��&��?��*��

*��?��(�&��

8��*�A��#��*�A��(��(�&��?�

ii bRbu /)( =

�=

=in

iit bubU

1

)()(

��

�

��

�

�

��

�

��

�

�

∈≤<<<

++

∈>≤+

<≤+

=

OtherwiseTunnelPathcompute

VSCbUbUMaxif

nC

VSCbUMaxbUifb

SCbUMaxbUifb

b

tt

victimii

ttvictimi

tti

i

,Re

&10,),()(_

),)/)*)(((

&),(_)(,

&)(_)(,

δσδσα

δδδ

δδ

δ

< ��#�� .��.��@@��

/ 0

/�0

/.0

?��' �%��/��0

� ��

72��' ��

E ��D��"��

8��*�@ ��

��&��

��&��$ ��

" #�; " #��

8��*�@ ��;

8%8% 8%

8%

8%

G ;

G �G �

G ;

G � G �

��&��;

;

�

�;

��

� ��

�. �4

1

"�� #$ � ��

��

�' ��A��

0

20

40

60

80

100

120

0 10 20 30 40 50 60 70 80

No. of Users

Ban

dwid

th U

tiliz

atio

n (M

bps)

No. o f Tunnels=1

No. o f Tunnels=3

No. o f Tunnels=6

N��G ��)�� $ �' ��G ��

)�� .��

�. ��

0

20

40

60

80

100

120

0 10 20 30 40 50 60 70 80

Average Traff ic Rate (Kbps)

Ban

dwid

th U

tiliz

atio

n (M

bps)

No. of Tunnels = 2

No. of Tunnels = 5

No. of Tunnels = 8

N��G ��)�� 3&��(�� A��

�' ��A��/��0

�&�� A��

&��

*��

�4 ��

0

5

10

15

20

25

0 10 20 30 40 50 60 70 80

Average Traff ic Rate (Kbps)

Req

uest

Blo

ckin

g R

ate No. o f Tunnels = 1

No. o f Tunnels = 2

No. o f Tunnels = 7

A�D��8��(�A�� 3&��(�� A��

�' ��A��/��0

=��@��"��

�6 ��

E �(*�� #$ �3&��?

1 2 4

5 6 >

3��&�� #$ �#��*;�

8��#$ �#��*;�

N��!��

3��&�� #$ �#��*.�

8��#$ �#��*.�

N��!��

�9 ��

A �� *�' ��

/�0�3��&��#��*�;�� /�0�8��#��*�;�.��

/�0�8��#��*�;.�

1

2 4

5

> 6

1

2 4

5

> 6

1

2 4

5

> 6

N��

#��*��

��

%��' ��A��#$

� %��*�' ��1��J 3��(��*�, /� >7 0>�7�(��(*��7� A=J � ��2��(*��A=>�8��&��/!0

J , ��%�⊆ ��>�A��∈ %

� ∈≤

MAvFvw

\)(

� � � �∈ ∈ ∈ ∈+

TAP APe BTBP BPeecec )()(

��' ��3��&��#��*>�8��#��*��3��&��*��*��

� *��>��3#�∈ >�8#�∈ 8 >��*��3#��8#��&��3>��&�∈ %�C �>��*��2��D��' ��*�� 8 ��*��' ��&��E ��>� ��*��' �� #$ �3��&�� >��8 ��*��' ��#$ �8��

%��' �)��

��*��*��

�; ��

3��#�#��?��' �

� #��(�3��/��' ��*��*��

� 1� �3��

� � ��"��

� �?��/3��*��(��#�#��0

� "��?��/ ��(��&��0

� ��' ' ��(�/ ��(�F ��0

� ��$�� /�� .��'�� 0

��

1��?��' ��

� ��' ��1�� ?��' ��

L ��*��O� ��D��' ��*��*��&��' ��&��

� "��(��?��?�' ��D��' ��?�: ��*�� ?��3��

� 1��' ��D��' ��1�� ?��' �

��

3��72�' �� ?��A��(

� ��

G ��(��%��(��$ ��*��' =;��*�' ��?

general

lieutenant lieutenantattack

retreat

“attack”“attack”

general

lieutenant lieutenantattack

retreat

“retreat”“attack”

One lieutenant is faulty (is a traitor)

The general is faulty (is a traitor)

3��*�� 72�' ��8?)�� 3(��' ��

��H<��' =;�/@ ��%��(� 3�(��? ��' ��>��*��>��0

�� '��,��@��@�� @�/�� .��@0�@��

��

�' � ��*��

� 1��P��/%��0��3��)��*��?��D��)��?��' �� ' ��?�

� A��?�� ?��, ��' ��?��

�. ��

?��, �� ", �@ %%�.

�� '�� &��

�4 ��

3��3�� 7�(��7�(�� /��/��PP��LL00

Attack Edge

*� ��' �� (�� ' �� ? �*� ��' �� *�� *� ��&��? �� *�

�6 ��

A ��'A��' � ��

TheThe currentcurrent nodenode flipsflips aa coincoin onon thethe flyfly andand selectsselectsaa randomrandom edgeedge toto proceed.proceed.

?

?

?

�9 ��

A ��'A��' A��A��

RandomRandom permutationpermutation of oneof one--toto--oneone mappingmapping fromfromincomingincoming edgesedges toto outgoingoutgoing edgesedges

e1

e2

e3

e4

@��

�; �

��

�� ;

� ��

� ��

*� *� #��?#��? �� A��'A��' A��A��

�� &��(��&��(�� ?��?

�� '��' �� (��( �� *��*�� (��( �*��*� ��' ��' � ��(��(� ��?��?� �2��2��(��( �*��*� ��' ��' � ��(��(�

�� 8��8�� ?��?

�� *� *� ��(��(��(��( ��(��(� ��D��?��D��? ��' ��' ��*��*� ��' ��(��' ��( ��(��(� ��

; ��

� ��

�� *� *� &��&�� ?��? �� *��*�� '��' �� *��* �*��*� &��&��PP�� '��' ��

�� 8��8�� *��*� ��' ��' �� ' ��' �� (��>��(��> ��*��* �� (�*��(�* ��>> �*��*� &��&��PP�� ' ��' ��?��? ��*��*�� *��*� *��*�� (��(�� *��* *�(**�(* ��?��?

:

�

� ��

� ��

8��(��*��$ ��@ �� ?��, ��

%�� (��?�� (�� (�� ?��(��

� ��

N��A��?

� 3��' �� ( �� >�� &��2�� *��*�� ( �*�� *�� (��

� A�� ?��( ��*��*�� *�*�� ' �� *�� ' �� ( ��*�� ?��(��

��

"' ��' ��

�1 �2 �4 �5 �6

$ � = �

A�(��? ��>��

� ��

@ ��&��

� �� *�� ' �(*� �� (�� (��D��&�� (�� $ ��*��' ��*�? ��' /��&��( ��&�� @ Q�� (

��&�� ' �� (�0

� "� ' �� *�� *�� >��*�� ' ��&��*��

� *�? *�&� ��' �� *�� ' ��(�� *�� #��( �*��(��? ��"� �� *�&� ��

' �� (�� /�0>��(��( ��

� "� �*��&��? �� (�� (� �� (�� /�� ? ��0>��*�� 2�O

. ��

@ �*�� 3��*��

� #�� /�%G 0��N�� ' ��* 8��*��? ��2

� 1E �A��(�/1��)��>�G ��' ��(�0

3

3;

8

�

1

4 ��

#��

� 1�� 3��*��?

� 3��(��( �� &�� ( �*��*�� &�� *�� &�� *��>��*�� (� �*�� ?��' ��? ��(��( ' ��*�&��(�� ( ��?��

� %��?��( �*��' �� &��' ��*��' �� ?��, ��

6 ��

%��3��E ��$ ��/%3$ 7 �0

� E ��' �&�' ��D��

� ��(?��*��(��D��

� $ ��%��*��

� 1��' ��&��' ��

� $ ��

� 3��' ��(��1�&�� "#��>��(>��

A B AB

9 ��

%3$ 7 ��A��* 3��

� 5 � 3�� A��(��*�� ' �� D�� 3�' �� !��*�' ��

� ��A��(� $ �� >��? ��>��? ��( �� >�

��( ��? ��*�&��( ��? ��

� 7�� %�� A��(

� A�� 1�� %��72�� F �� A��(��*��3��(�' �� %��*��%3$ 7 �

��

5 ��O

*��R

IPVPNs, MANETs, and Sybil Attacks - Aalto University€¦ · IPVPNs, MANETs, and Sybil Attacks...

Documents

Transcript of IPVPNs, MANETs, and Sybil Attacks - Aalto University€¦ · IPVPNs, MANETs, and Sybil Attacks...