article

A framework for security analysis of mobile wireless networks

Authors:

Sebastian Nanz,

Chris HankinAuthors Info & Claims

Theoretical Computer Science, Volume 367, Issue 1

Pages 203 - 227

https://doi.org/10.1016/j.tcs.2006.08.036

Published: 24 November 2006 Publication History

Abstract

We present a framework for specification and security analysis of communication protocols for mobile wireless networks. This setting introduces new challenges which are not being addressed by classical protocol analysis techniques. The main complication stems from the fact that the actions of intermediate nodes and their connectivity can no longer be abstracted into a single unstructured adversarial environment as they form an inherent part of the system's security. In order to model this scenario faithfully, we present a broadcast calculus which makes a clear distinction between the protocol processes and the network's connectivity graph, which may change independently from protocol actions. We identify a property characterising an important aspect of security in this setting and express it using behavioural equivalences of the calculus. We complement this approach with a control flow analysis which enables us to automatically check this property on a given network and attacker specification.

References

[1]

{1} M. Abadi, C. Fournet, Mobile values, new names, and secure communication, in: Proc. 28th ACM SIGPLAN-SIGACT Symp. on Principles of Programming Languages (POPL'01), ACM Press, New York, 2001, pp. 104-115.

[2]

{2} M. Abadi, A.D. Gordon, A calculus for cryptographic protocols: the spi calculus, Inform. and Comput. 148 (1) (1999) 1-70.

Digital Library

[3]

{3} L. Bettini, V. Bono, R.D. Nicola, G. Ferrari, D. Gorla, M. Loreti, E. Moggi, R. Pugliese, E. Tuosto, B. Venneri, The klaim project: theory and practice, in: Global Computing--Programming Environments, Languages, Security and Analysis of Systems, Lecture Notes in Computer Science, Vol. 2874, Springer, Berlin, 2003.

[4]

{4} K. Bhargavan, D. Obradovic, C.A. Gunter, Formal verification of standards for distance vector routing protocols, J. ACM 49 (4) (2002) 538-576.

Digital Library

[5]

{5} C. Bodei, M. Buchholtz, P. Degano, H.R. Nielson, F. Nielson, Static validation of security protocols, J. Comput. Security 13 (3) (2005) 347-390.

Digital Library

[6]

{6} C. Bodei, P. Degano, F. Nielson, H.R. Nielson, Control flow analysis for the pi-calculus, in: Proc. Ninth Internat. Conf. on Concurrency Theory (CONCUR'98), Springer, Berlin, 1998, pp. 84-98.

[7]

{7} M. Buchholtz, H.R. Nielson, F. Nielson, A calculus for control flow analysis of security protocols, Internat. J. Inform. Security 2 (3-4) (2004) 145-167.

Digital Library

[8]

{8} M. Burrows, M. Abadi, R.M. Needham, A logic of authentication, ACM Trans. Comput. Systems 8 (1) (1990) 18-36.

Digital Library

[9]

{9} L. Cardelli, A.D. Gordon, Mobile ambients, in: Proc. First Internat. Conf. on Foundations of Software Science and Computation Structures (FOSSACS'98), Springer, Berlin, 1998.

[10]

{10} S. Chiyangwa, M. Kwiatkowska, An analysis of timed properties of AODV, in: Proc. Seventh IFIP Internat. Conf. on Formal Methods for Open Object-based Distributed Systems (FMOODS'05), 2005.

Digital Library

[11]

{11} C. Ene, T. Muntean, A broadcast-based calculus for communicating systems, in: Sixth Internat. Workshop on Formal Methods for Parallel Programming: Theory and Applications, 2001.

[12]

{12} F.J.T. Fabrega, J. Herzog, J.D. Guttman, Strand spaces: proving security protocols correct, J. Comput. Security (1999) 191-230.

[13]

{13} M. Guerrero Zapata, Secure ad hoc on-demand distance vector (SAODV) routing, IETF Internet Draft, 7 February 2006.

[14]

{14} M. Guerrero Zapata, N. Asokan, Securing ad hoc routing protocols, in: Proc. 2002 ACM Workshop on Wireless Security (WiSe'02), 2002, pp. 1-10.

[15]

{15} Y.-C. Hu, A. Perrig, D.B. Johnson, Ariadne: a secure on-demand routing protocol for ad hoc networks, in: Proc. Eighth ACM Internat. Conf. on Mobile Computing and Networking (MobiCom'02), 2002.

[16]

{16} D.B. Johnson, D.A. Maltz, Dynamic source routing in ad hoc wireless networks, in: K. Imielinski (Ed.), Mobile Computing, Vol. 353, Kluwer Academic Publishers, Dordrecht, 1996.

[17]

{17} S. Nanz, Specification and security analysis of mobile ad hoc networks, Ph.D. Thesis, Imperial College London, 2006.

[18]

{18} S. Nanz, C. Hankin, Static analysis of routing protocols for ad-hoc networks, in: Proc. 2004 ACM SIGPLAN and IFIP WG 1.7 Workshop on Issues in the Theory of Security (WITS'04), 2004, pp. 141-152.

[19]

{19} S. Nanz, C. Hankin, Formal security analysis for ad-hoc networks, in: Proc. 2004 Workshop on Views on Designing Complex Architectures (VODCA'04), Electronic Notes in Theoretical Computer Science, Vol. 142, 2006, pp. 195-213.

[20]

{20} F. Nielson, H.R. Nielson, C. Hankin, Principles of Program Analysis, Springer, Berlin, 1999.

[21]

{21} F. Nielson, H.R. Nielson, H. Sun, M. Buchholtz, R. Rydhof Hansen, H. Pilegaard, H. Seidl, The succinct solver suite, in: Proc. 10th Internat. Conf. on Tools and Algorithms for the Construction and Analysis of Systems (TACAS'04), Lecture Notes in Computer Science, Vol. 2988, Springer, Berlin, 2003, pp. 251-265.

[22]

{22} H.R. Nielson, F. Nielson, Flow logic: a multi-paradigmatic approach to static analysis, Essence of Computation: Complexity, Analysis, Transformation (2002) 223-244.

[23]

{23} H.R. Nielson, F. Nielson, H. Pilegaard, Spatial analysis of bioambients, in: Static Analysis Symposium (SAS'04), Lecture Notes in Computer Science, Vol. 3148, Springer, Berlin, 2004, pp. 69-83.

[24]

{24} L.C. Paulson, The inductive approach to verifying cryptographic protocols, J. Comput. Security 6 (1998) 85-128.

Digital Library

[25]

{25} C.E. Perkins, E.M. Belding-Royer, S. Das, Ad hoc on-demand distance vector (AODV) routing, IETF RFC 3561, July 2003.

[26]

{26} C.E. Perkins, E.M. Royer, Ad-hoc on demand distance vector routing, in: Second IEEE Workshop on Mobile Computing Systems and Applications (WMCSA'99), 1999.

[27]

{27} K.V.S. Prasad, A calculus of broadcasting systems, Sci. Comput. Programming 25 (2-3) (1995) 285-327.

Digital Library

[28]

{28} P.Y.A. Ryan, S.A. Schneider, The Modelling and Analysis of Security Protocols: The CSP Approach, Addison-Wesley, Reading, 2001.

[29]

{29} K. Sanzgiri, B. Dahill, B.N. Levine, C. Shields, E.M. Belding-Royer, A secure routing protocol for ad hoc networks, in: Proc. 10th IEEE Internat. Conf. on Network Protocols (ICNP'02), 2002.

Digital Library

[30]

{30} O. Shivers, Control flow analysis in scheme, in: Proc. ACM SIGPLAN 1988 Conf. on Programming Language Design and Implementation (PLDI'88), ACM Press, New York, 1988, pp. 164-174.

[31]

{31} O. Wibling, J. Parrow, A. Pears, Automatized verification of ad hoc routing protocols, in: Proc. 24th IFIP WG 6.1 Internat. Conf. on Formal Techniques for Networked and Distributed Systems (FORTE' 04), Lecture Notes in Computer Science, Springer, Berlin, 2004.

[32]

{32} I. Zakiuddin, M. Goldsmith, P. Whittaker, P. Gardiner, A methodology for model-checking ad hoc networks, in: Model Checking Software: 10th International SPIN Workshop, Lecture Notes in Computer Science, Vol. 2648, Springer, Berlin, 2003, pp. 181-196.

Cited By

Chen NZhu H(2024)A proof system of the CaIT calculusFrontiers of Computer Science: Selected Publications from Chinese Universities10.1007/s11704-022-2258-318:2Online publication date: 1-Apr-2024
https://dl.acm.org/doi/10.1007/s11704-022-2258-3
Chen NZhu H(2024)A process calculus SMrCaIT for IoTJournal of Software: Evolution and Process10.1002/smr.259536:5Online publication date: 25-Apr-2024
https://dl.acm.org/doi/10.1002/smr.2595
Jiang YLiu SEhrhard T(2019)A fully abstract semantics for value-passing CCS for treesFrontiers of Computer Science: Selected Publications from Chinese Universities10.1007/s11704-018-7069-113:4(828-849)Online publication date: 1-Aug-2019
https://dl.acm.org/doi/10.1007/s11704-018-7069-1
Show More Cited By

Index Terms

A framework for security analysis of mobile wireless networks
1. Networks
  1. Network protocols
    1. Protocol correctness
      1. Protocol testing and verification
  2. Network types
    1. Mobile networks
    2. Wireless access networks

Recommendations

A process calculus for Mobile Ad Hoc Networks

We present the @w-calculus, a process calculus for formally modeling and reasoning about Mobile Ad Hoc Wireless Networks (MANETs) and their protocols. The @w-calculus naturally captures essential characteristics of MANETs, including the ability of a ...
A weight-based clustering multicast routing protocol for mobile ad hoc networks

In mobile ad hoc networks, the mobile nodes can move arbitrarily without any centralised management mechanism. The topology of these networks can be very dynamic due to the mobility of mobile nodes. Under such changeable network topology, multicasting ...
A Performance Comparison of Routing Protocols for Security Issue in Wireless Mobile Ad Hoc Networks
ICETET '10: Proceedings of the 2010 3rd International Conference on Emerging Trends in Engineering and Technology

Mobile Ad-hoc Networks (MANETs) allow wireless nodes to form a network without requiring a fixed Infrastructure Dynamic Source Routing (DSR) for mobile Ad Hoc network. It is a reactive source routing protocol for mobile IP network. Temporally-Ordered ...

Comments

Information & Contributors

Information

Published In

Publisher

Elsevier Science Publishers Ltd.

United Kingdom

Publication History

Published: 24 November 2006

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

48
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 06 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Chen NZhu H(2024)A proof system of the CaIT calculusFrontiers of Computer Science: Selected Publications from Chinese Universities10.1007/s11704-022-2258-318:2Online publication date: 1-Apr-2024
https://dl.acm.org/doi/10.1007/s11704-022-2258-3
Chen NZhu H(2024)A process calculus SMrCaIT for IoTJournal of Software: Evolution and Process10.1002/smr.259536:5Online publication date: 25-Apr-2024
https://dl.acm.org/doi/10.1002/smr.2595
Jiang YLiu SEhrhard T(2019)A fully abstract semantics for value-passing CCS for treesFrontiers of Computer Science: Selected Publications from Chinese Universities10.1007/s11704-018-7069-113:4(828-849)Online publication date: 1-Aug-2019
https://dl.acm.org/doi/10.1007/s11704-018-7069-1
Cenciarelli PGorla DSalvo I(2019)Depletable channelsActa Informatica10.1007/s00236-018-0329-656:5(405-431)Online publication date: 1-Jul-2019
https://dl.acm.org/doi/10.1007/s00236-018-0329-6
Åman Pohjola J(2019)Psi-Calculi Revisited: Connectivity and CompositionalityFormal Techniques for Distributed Objects, Components, and Systems10.1007/978-3-030-21759-4_1(3-20)Online publication date: 17-Jun-2019
https://dl.acm.org/doi/10.1007/978-3-030-21759-4_1
Yadav PGaur MGuan S(2018)A behavioural theory for intrusion detection system in mobile ad-hoc networksProceedings of the 2nd International Conference on High Performance Compilation, Computing and Communications10.1145/3195612.3195617(51-60)Online publication date: 15-Mar-2018
https://dl.acm.org/doi/10.1145/3195612.3195617
Steyn TGruner SMasinde M(2017)A new optional parallelism operator in CSP for wireless sensor networksProceedings of the South African Institute of Computer Scientists and Information Technologists10.1145/3129416.3129431(1-8)Online publication date: 26-Sep-2017
https://dl.acm.org/doi/10.1145/3129416.3129431
Yousefi BGhassemi FKhosravi R(2017)Modeling and efficient verification of wireless ad hoc networksFormal Aspects of Computing10.1007/s00165-017-0429-z29:6(1051-1086)Online publication date: 1-Nov-2017
https://dl.acm.org/doi/10.1007/s00165-017-0429-z
Hoque ELee HPotharaju RKillian CNita-Rotaru C(2016)Automated Adversarial Testing of Unmodified Wireless Routing ImplementationsIEEE/ACM Transactions on Networking10.1109/TNET.2016.252047424:6(3369-3382)Online publication date: 1-Dec-2016
https://dl.acm.org/doi/10.1109/TNET.2016.2520474
Bourke TGlabbeek RHöfner P(2016)Mechanizing a Process Algebra for Network ProtocolsJournal of Automated Reasoning10.1007/s10817-015-9358-956:3(309-341)Online publication date: 1-Mar-2016
https://dl.acm.org/doi/10.1007/s10817-015-9358-9
Show More Cited By

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents