Issue No.02 - April-June (2009 vol.6)
Patrick Tague , University of Washington, Seattle
David Slater , University of Washington, Seattle
Jason Rogers , Naval Research Laboratory, Washington
Radha Poovendran , Unversity of Washington, Seattle
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TDSC.2008.60
Joint analysis of security and routing protocols in wireless networks reveals vulnerabilities of secure network traffic that remain undetected when security and routing protocols are analyzed independently. We formulate a class of continuous metrics to evaluate the vulnerability of network traffic as a function of security and routing protocols used in wireless networks. We develop two complementary vulnerability definitions using set theoretic and circuit theoretic interpretations of the security of network traffic, allowing a network analyst or an adversary to determine weaknesses in the secure network. We formalize node capture attacks using the vulnerability metric as a nonlinear integer programming minimization problem and propose the GNAVE algorithm, a Greedy Node capture Approximation using Vulnerability Evaluation. We discuss the availability of security parameters to the adversary and show that unknown parameters can be estimated using probabilistic analysis. We demonstrate vulnerability evaluation using the proposed metrics and node capture attacks using the GNAVE algorithm through detailed examples and simulation.
Wireless networks, security, routing, node capture attacks, adversary models.
Patrick Tague, David Slater, Jason Rogers, Radha Poovendran, "Evaluating the Vulnerability of Network Traffic Using Joint Security and Routing Analysis", IEEE Transactions on Dependable and Secure Computing, vol.6, no. 2, pp. 111-123, April-June 2009, doi:10.1109/TDSC.2008.60