Defending against cache consistency attacks in wireless ad hoc networks

Wensheng Zhang; Guohong Cao

doi:10.1016/j.adhoc.2007.02.005

Defending against cache consistency attacks in wireless ad hoc networks

Wensheng Zhang
, Guohong Cao

Computer Science and Engineering

Research output: Contribution to journal › Article › peer-review

4 Scopus citations

Abstract

Caching techniques can be used to reduce bandwidth consumption and data access delay in wireless ad hoc networks. When cache is used, the issue of cache consistency must be addressed, and maintaining strong cache consistency is desired in some strategic scenarios (e.g., battlefields). In these situations, the invalidation-based approach is preferred due to its low overhead. However, this approach may suffer from some security attacks. For example, malicious nodes (also called intruders) may drop, insert or modify invalidation messages to mislead receivers to use stale data or unnecessarily invalidate data that are still valid. In this paper, we first propose to employ the Invalidation Report (IR) based cache invalidation strategy to prevent intruders from dropping or modifying invalidation messages. Although digital signatures can be used to protect IRs, this has significantly high overhead in terms of computational and bandwidth overhead. To address this problem, we further propose a family of randomized grouping-based schemes for intrusion detection, damage recovery and intruder identification. Extensive analysis and simulations are performed to evaluate the proposed schemes. The results show that our solution can achieve a satisfactory level of security with low overhead.

Original language	English (US)
Pages (from-to)	363-379
Number of pages	17
Journal	Ad Hoc Networks
Volume	6
Issue number	3
DOIs	https://doi.org/10.1016/j.adhoc.2007.02.005
State	Published - May 2008

All Science Journal Classification (ASJC) codes

Software
Hardware and Architecture
Computer Networks and Communications

Access to Document

10.1016/j.adhoc.2007.02.005

Cite this

@article{04d48c7898ba4721bd379ae54c5605d9,

title = "Defending against cache consistency attacks in wireless ad hoc networks",

abstract = "Caching techniques can be used to reduce bandwidth consumption and data access delay in wireless ad hoc networks. When cache is used, the issue of cache consistency must be addressed, and maintaining strong cache consistency is desired in some strategic scenarios (e.g., battlefields). In these situations, the invalidation-based approach is preferred due to its low overhead. However, this approach may suffer from some security attacks. For example, malicious nodes (also called intruders) may drop, insert or modify invalidation messages to mislead receivers to use stale data or unnecessarily invalidate data that are still valid. In this paper, we first propose to employ the Invalidation Report (IR) based cache invalidation strategy to prevent intruders from dropping or modifying invalidation messages. Although digital signatures can be used to protect IRs, this has significantly high overhead in terms of computational and bandwidth overhead. To address this problem, we further propose a family of randomized grouping-based schemes for intrusion detection, damage recovery and intruder identification. Extensive analysis and simulations are performed to evaluate the proposed schemes. The results show that our solution can achieve a satisfactory level of security with low overhead.",

author = "Wensheng Zhang and Guohong Cao",

note = "Funding Information: Guohong Cao received his BS degree from Xian Jiaotong University, Xian, China. He received the MS degree and Ph.D. degree in computer science from the Ohio State University in 1997 and 1999 respectively. Since then, he has been with the Department of Computer Science and Engineering at the Pennsylvania State University, where he is currently an Associate Professor. His research interests are wireless networks and mobile computing. He has published one hundred papers in the areas of sensor networks, data dissemination, resource management, wireless network security, and distributed fault-tolerant computing. He is an editor of the IEEE Transactions on Mobile Computing and IEEE Transactions on Wireless Communications, a co-guest editor of special issue on heterogeneous wireless networks in ACM/Kluwer Mobile Networking and Applications, and has served on the program committee of many conferences. He was a recipient of the Presidential Fellowship at the Ohio State University in 1999, and a recipient of the NSF CAREER award in 2001. He is a senior member of IEEE.",

year = "2008",

month = may,

doi = "10.1016/j.adhoc.2007.02.005",

language = "English (US)",

volume = "6",

pages = "363--379",

journal = "Ad Hoc Networks",

issn = "1570-8705",

publisher = "Elsevier B.V.",

number = "3",

}

TY - JOUR

T1 - Defending against cache consistency attacks in wireless ad hoc networks

AU - Zhang, Wensheng

AU - Cao, Guohong

N1 - Funding Information: Guohong Cao received his BS degree from Xian Jiaotong University, Xian, China. He received the MS degree and Ph.D. degree in computer science from the Ohio State University in 1997 and 1999 respectively. Since then, he has been with the Department of Computer Science and Engineering at the Pennsylvania State University, where he is currently an Associate Professor. His research interests are wireless networks and mobile computing. He has published one hundred papers in the areas of sensor networks, data dissemination, resource management, wireless network security, and distributed fault-tolerant computing. He is an editor of the IEEE Transactions on Mobile Computing and IEEE Transactions on Wireless Communications, a co-guest editor of special issue on heterogeneous wireless networks in ACM/Kluwer Mobile Networking and Applications, and has served on the program committee of many conferences. He was a recipient of the Presidential Fellowship at the Ohio State University in 1999, and a recipient of the NSF CAREER award in 2001. He is a senior member of IEEE.

PY - 2008/5

Y1 - 2008/5

N2 - Caching techniques can be used to reduce bandwidth consumption and data access delay in wireless ad hoc networks. When cache is used, the issue of cache consistency must be addressed, and maintaining strong cache consistency is desired in some strategic scenarios (e.g., battlefields). In these situations, the invalidation-based approach is preferred due to its low overhead. However, this approach may suffer from some security attacks. For example, malicious nodes (also called intruders) may drop, insert or modify invalidation messages to mislead receivers to use stale data or unnecessarily invalidate data that are still valid. In this paper, we first propose to employ the Invalidation Report (IR) based cache invalidation strategy to prevent intruders from dropping or modifying invalidation messages. Although digital signatures can be used to protect IRs, this has significantly high overhead in terms of computational and bandwidth overhead. To address this problem, we further propose a family of randomized grouping-based schemes for intrusion detection, damage recovery and intruder identification. Extensive analysis and simulations are performed to evaluate the proposed schemes. The results show that our solution can achieve a satisfactory level of security with low overhead.

AB - Caching techniques can be used to reduce bandwidth consumption and data access delay in wireless ad hoc networks. When cache is used, the issue of cache consistency must be addressed, and maintaining strong cache consistency is desired in some strategic scenarios (e.g., battlefields). In these situations, the invalidation-based approach is preferred due to its low overhead. However, this approach may suffer from some security attacks. For example, malicious nodes (also called intruders) may drop, insert or modify invalidation messages to mislead receivers to use stale data or unnecessarily invalidate data that are still valid. In this paper, we first propose to employ the Invalidation Report (IR) based cache invalidation strategy to prevent intruders from dropping or modifying invalidation messages. Although digital signatures can be used to protect IRs, this has significantly high overhead in terms of computational and bandwidth overhead. To address this problem, we further propose a family of randomized grouping-based schemes for intrusion detection, damage recovery and intruder identification. Extensive analysis and simulations are performed to evaluate the proposed schemes. The results show that our solution can achieve a satisfactory level of security with low overhead.

UR - https://www.scopus.com/pages/publications/37549010749

UR - https://www.scopus.com/pages/publications/37549010749#tab=citedBy

U2 - 10.1016/j.adhoc.2007.02.005

DO - 10.1016/j.adhoc.2007.02.005

M3 - Article

AN - SCOPUS:37549010749

SN - 1570-8705

VL - 6

SP - 363

EP - 379

JO - Ad Hoc Networks

JF - Ad Hoc Networks

IS - 3

ER -

Defending against cache consistency attacks in wireless ad hoc networks

Abstract

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this