On the analysis of identity delegation attacks

Issa M. Khalil; Abdallah Khreishah

doi:10.1109/ICCNC.2012.6167574

On the analysis of identity delegation attacks

Issa M. Khalil, Abdallah Khreishah

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

2 Scopus citations

Abstract

Identity delegation is a sever attack that can be easily launched against multihop wireless ad hoc and sensor networks. Its severity lies in its capability to evade detection by even the-state-of-the-art intrusion detection techniques such as the neighbor monitoring based mechanisms. Through identity delegation, an adversary can drop packets, evade detection, and frame innocent nodes of dropping the traffic. In a previous work, we proposed a mechanism called Sadec to mitigate identity delegation attacks. In this paper, we provide a thorough investigation of Sadec and compare it with the state-of-the-art mitigation technique dubbed basic local monitoring (BLM). Our analysis which is validated by ns-2 simulation scenarios show that BLM fails to efficiently mitigate packet drop through identity delegation while Sadec successfully mitigates it in addition to considerably reducing the framing incidents of legitimate nodes.

Original language	English (US)
Title of host publication	2012 International Conference on Computing, Networking and Communications, ICNC'12
Pages	990-994
Number of pages	5
DOIs	https://doi.org/10.1109/ICCNC.2012.6167574
State	Published - 2012
Externally published	Yes
Event	2012 International Conference on Computing, Networking and Communications, ICNC'12 - Maui, HI, United States Duration: Jan 30 2012 → Feb 2 2012

Publication series

Name	2012 International Conference on Computing, Networking and Communications, ICNC'12

Other

Other	2012 International Conference on Computing, Networking and Communications, ICNC'12
Country/Territory	United States
City	Maui, HI
Period	1/30/12 → 2/2/12

All Science Journal Classification (ASJC) codes

Computer Networks and Communications
Electrical and Electronic Engineering

Keywords

Local monitoring
identity delegation
multi-hop wireless networks
packet dropping

Access to Document

10.1109/ICCNC.2012.6167574

Cite this

@inproceedings{104b8602663e49d5b194792e03692776,

title = "On the analysis of identity delegation attacks",

abstract = "Identity delegation is a sever attack that can be easily launched against multihop wireless ad hoc and sensor networks. Its severity lies in its capability to evade detection by even the-state-of-the-art intrusion detection techniques such as the neighbor monitoring based mechanisms. Through identity delegation, an adversary can drop packets, evade detection, and frame innocent nodes of dropping the traffic. In a previous work, we proposed a mechanism called Sadec to mitigate identity delegation attacks. In this paper, we provide a thorough investigation of Sadec and compare it with the state-of-the-art mitigation technique dubbed basic local monitoring (BLM). Our analysis which is validated by ns-2 simulation scenarios show that BLM fails to efficiently mitigate packet drop through identity delegation while Sadec successfully mitigates it in addition to considerably reducing the framing incidents of legitimate nodes.",

keywords = "Local monitoring, identity delegation, multi-hop wireless networks, packet dropping",

author = "Khalil, {Issa M.} and Abdallah Khreishah",

year = "2012",

doi = "10.1109/ICCNC.2012.6167574",

language = "English (US)",

isbn = "9781467300094",

series = "2012 International Conference on Computing, Networking and Communications, ICNC'12",

pages = "990--994",

booktitle = "2012 International Conference on Computing, Networking and Communications, ICNC'12",

note = "2012 International Conference on Computing, Networking and Communications, ICNC'12 ; Conference date: 30-01-2012 Through 02-02-2012",

}

Khalil, IM & Khreishah, A 2012, On the analysis of identity delegation attacks. in 2012 International Conference on Computing, Networking and Communications, ICNC'12., 6167574, 2012 International Conference on Computing, Networking and Communications, ICNC'12, pp. 990-994, 2012 International Conference on Computing, Networking and Communications, ICNC'12, Maui, HI, United States, 1/30/12. https://doi.org/10.1109/ICCNC.2012.6167574

On the analysis of identity delegation attacks. / Khalil, Issa M.; Khreishah, Abdallah.
2012 International Conference on Computing, Networking and Communications, ICNC'12. 2012. p. 990-994 6167574 (2012 International Conference on Computing, Networking and Communications, ICNC'12).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - On the analysis of identity delegation attacks

AU - Khalil, Issa M.

AU - Khreishah, Abdallah

PY - 2012

Y1 - 2012

N2 - Identity delegation is a sever attack that can be easily launched against multihop wireless ad hoc and sensor networks. Its severity lies in its capability to evade detection by even the-state-of-the-art intrusion detection techniques such as the neighbor monitoring based mechanisms. Through identity delegation, an adversary can drop packets, evade detection, and frame innocent nodes of dropping the traffic. In a previous work, we proposed a mechanism called Sadec to mitigate identity delegation attacks. In this paper, we provide a thorough investigation of Sadec and compare it with the state-of-the-art mitigation technique dubbed basic local monitoring (BLM). Our analysis which is validated by ns-2 simulation scenarios show that BLM fails to efficiently mitigate packet drop through identity delegation while Sadec successfully mitigates it in addition to considerably reducing the framing incidents of legitimate nodes.

AB - Identity delegation is a sever attack that can be easily launched against multihop wireless ad hoc and sensor networks. Its severity lies in its capability to evade detection by even the-state-of-the-art intrusion detection techniques such as the neighbor monitoring based mechanisms. Through identity delegation, an adversary can drop packets, evade detection, and frame innocent nodes of dropping the traffic. In a previous work, we proposed a mechanism called Sadec to mitigate identity delegation attacks. In this paper, we provide a thorough investigation of Sadec and compare it with the state-of-the-art mitigation technique dubbed basic local monitoring (BLM). Our analysis which is validated by ns-2 simulation scenarios show that BLM fails to efficiently mitigate packet drop through identity delegation while Sadec successfully mitigates it in addition to considerably reducing the framing incidents of legitimate nodes.

KW - Local monitoring

KW - identity delegation

KW - multi-hop wireless networks

KW - packet dropping

UR - http://www.scopus.com/inward/record.url?scp=84859900775&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84859900775&partnerID=8YFLogxK

U2 - 10.1109/ICCNC.2012.6167574

DO - 10.1109/ICCNC.2012.6167574

M3 - Conference contribution

AN - SCOPUS:84859900775

SN - 9781467300094

T3 - 2012 International Conference on Computing, Networking and Communications, ICNC'12

SP - 990

EP - 994

BT - 2012 International Conference on Computing, Networking and Communications, ICNC'12

T2 - 2012 International Conference on Computing, Networking and Communications, ICNC'12

Y2 - 30 January 2012 through 2 February 2012

ER -

On the analysis of identity delegation attacks

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Keywords

Access to Document

Other files and links

Fingerprint

Cite this