Security Issues in the Optimized Link State Routing Protocol Version 2 (Olsrv2)

Herberg, Ulrich; Clausen, Thomas

doi:10.5121/ijnsa.2010.2213

Cited by 14 publications

(19 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We present a series of simulations that show the validity of our approach, and that reveal that our method considerably improves the performance of previous existing proposals. Our proposal is, moreover, compatible with the forthcoming evolutions of the OLSR protocol (referred as OLSRv2 in the literature), by addressing the sketched extended quality criteria, such as the security aspects of the resulting new protocol [9,10].…”

Section: Introductionmentioning

confidence: 72%

Improved flooding of broadcast messages using extended multipoint relaying

Montolio-Aranda

García-Alfaro

Megías

2011

Journal of Network and Computer Applications

View full text Add to dashboard Cite

A common operation in wireless ad hoc networks is the flooding of broadcast messages to establish network topologies and routing tables. The flooding of broadcast messages is, however, a resource consuming process. It might require the retransmission of messages by most network nodes. It is, therefore, very important to optimize this operation. In this paper, we first analyze the multipoint relaying (MPR) flooding mechanism used by the Optimized Link State Routing (OLSR) protocol to distribute topology control (TC) messages among all the system nodes. We then propose a new flooding method, based on the fusion of two key concepts: distance-enabled multipoint relaying and connected dominating set (CDS) flooding. We present experimental simulations that show that our approach improves the performance of previous existing proposals.

show abstract

Section: Introductionmentioning

confidence: 72%

Improved flooding of broadcast messages using extended multipoint relaying

Montolio-Aranda

García-Alfaro

Megías

2011

Journal of Network and Computer Applications

View full text Add to dashboard Cite

show abstract

“…routers not able to correctly sign messages), but malicious routers can still record and replay messages (see [8] for details on such "replay attacks"). These replay attacks can be partly avoided by introducing "freshness" information, such as timestamps or nonces, in messages.…”

Section: Timestampsmentioning

confidence: 99%

“…that the MPR flooding process operates correctly. [8] provides a detailed security analysis of OLSRv2, observing how, and with which consequences, a disruptive attack might be conducted against an OLSRv2 network. A common, and not surprising, observation from [8] is, that identity spoofing and link spoofing, i.e., that a router in its control traffic either pretends to have the identity of another router or pretends to have (non-existing) links to another router, are major vectors for disruptive attacks on an OLSRv2 network.…”

Section: B Olsrv2 Vulnerability Taxonomymentioning

confidence: 99%

Router and Link Admittance Control in the Optimized Link State Routing Protocol Version 2 (OLSRv2)

Clausen

Herberg

2010

2010 Fourth International Conference on Network and System Security

Self Cite

View full text Add to dashboard Cite

This paper presents security mechanisms for router and link admittance control in OLSRv2. Digitally signing OLSRv2 control messages allows recipient routers to -individually -choose to admit or exclude the originating router for when populating link-state databases, calculating MPR sets etc. By additionally embedding signatures for each advertised link, recipient routers can also control admittance of each advertised link in the message, rendering an OLSRv2 network resilient to both identity-spoofing and link-spoofing attacks.The flip-side of the coin when using such a link-admittance mechanism is, that the number of signatures to include in each OLSRv2 control message is a function of the number of links advertised. For HELLO messages, this is essentially the number of neighbor routers, for TC messages, this is the number of MPR Selectors of the originator of the message. Also, upon receipt of a control message, these signatures are to be verified. This paper studies the impact of adding a link-admittance control mechanism to OLSRv2, both in terms of additional control-traffic overhead and additional in-router processing resources, using several cryptographic algorithms, such as RSA and Elliptic Curve Cryptography for very short signatures.

show abstract

“…In a neighbor discovery based mechanism, a malicious router can intentionally and frequently alter the information declared -including the RSSV -so as to cause generation of inordinate amounts of control traffic by legitimate routers. Such indirect jamming is discussed in [15] for neighborhood discovery and link state advertisement, and also applies for the RSSV, which a malicious router may alter and signal frequently, causing its neighborhood to launch (possibly computationally intensive) RSS recalculations and signal selected relay set (causing increased channel occupation) as well as the change of its neighbor's status.…”

Section: B Rssv Indirect Jammingmentioning

confidence: 99%

Vulnerability Analysis of the Simple Multicast Forwarding (SMF) Protocol for Mobile Ad Hoc Networks

Clausen

Herberg

2011

2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing

Self Cite

View full text Add to dashboard Cite

If deployments of Mobile Ad Hoc Networks (MANETs) are to become common outside of purely experimental settings, protocols operating such MANETs must be able to preserve network integrity, even when faced with careless or malicious participants. A first step towards protecting a MANET is to analyze the vulnerabilities of the routing protocol(s), managing the connectivity. Understanding how these routing protocols can be exploited by those with ill intent, countermeasures can be developed, readying MANETs for wider deployment and use.One routing protocol for MANETs, developed by the Internet Engineering Task Force (IETF) as a multicast routing protocol for efficient data dissemination, is denoted "Simplified Multicast Forwarding" (SMF). This protocol is analyzed, and its vulnerabilities described, in this paper.SMF consists of two independent components: (i) duplicate packet detection and (ii) relay set selection, each of which presents its own set of vulnerabilities that an attacker may exploit to compromise network integrity. This paper explores vulnerabilities in each of these, with the aim of identifying attack vectors and thus enabling development of countermeasures.

show abstract

Security Issues in the Optimized Link State Routing Protocol Version 2 (Olsrv2)

Cited by 14 publications

References 19 publications

Improved flooding of broadcast messages using extended multipoint relaying

Improved flooding of broadcast messages using extended multipoint relaying

Router and Link Admittance Control in the Optimized Link State Routing Protocol Version 2 (OLSRv2)

Vulnerability Analysis of the Simple Multicast Forwarding (SMF) Protocol for Mobile Ad Hoc Networks

Contact Info

Product

Resources

About