Defending against cache consistency attacks in wireless ad hoc networks

Wensheng Zhang, Guohong Cao

Research output: Contribution to journalArticle

3 Citations (Scopus)

Abstract

Caching techniques can be used to reduce bandwidth consumption and data access delay in wireless ad hoc networks. When cache is used, the issue of cache consistency must be addressed, and maintaining strong cache consistency is desired in some strategic scenarios (e.g., battlefields). In these situations, the invalidation-based approach is preferred due to its low overhead. However, this approach may suffer from some security attacks. For example, malicious nodes (also called intruders) may drop, insert or modify invalidation messages to mislead receivers to use stale data or unnecessarily invalidate data that are still valid. In this paper, we first propose to employ the Invalidation Report (IR) based cache invalidation strategy to prevent intruders from dropping or modifying invalidation messages. Although digital signatures can be used to protect IRs, this has significantly high overhead in terms of computational and bandwidth overhead. To address this problem, we further propose a family of randomized grouping-based schemes for intrusion detection, damage recovery and intruder identification. Extensive analysis and simulations are performed to evaluate the proposed schemes. The results show that our solution can achieve a satisfactory level of security with low overhead.

Original languageEnglish (US)
Pages (from-to)363-379
Number of pages17
JournalAd Hoc Networks
Volume6
Issue number3
DOIs
StatePublished - May 1 2008

Fingerprint

Wireless ad hoc networks
Bandwidth
Electronic document identification systems
Intrusion detection
Recovery

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications

Cite this

@article{04d48c7898ba4721bd379ae54c5605d9,
title = "Defending against cache consistency attacks in wireless ad hoc networks",
abstract = "Caching techniques can be used to reduce bandwidth consumption and data access delay in wireless ad hoc networks. When cache is used, the issue of cache consistency must be addressed, and maintaining strong cache consistency is desired in some strategic scenarios (e.g., battlefields). In these situations, the invalidation-based approach is preferred due to its low overhead. However, this approach may suffer from some security attacks. For example, malicious nodes (also called intruders) may drop, insert or modify invalidation messages to mislead receivers to use stale data or unnecessarily invalidate data that are still valid. In this paper, we first propose to employ the Invalidation Report (IR) based cache invalidation strategy to prevent intruders from dropping or modifying invalidation messages. Although digital signatures can be used to protect IRs, this has significantly high overhead in terms of computational and bandwidth overhead. To address this problem, we further propose a family of randomized grouping-based schemes for intrusion detection, damage recovery and intruder identification. Extensive analysis and simulations are performed to evaluate the proposed schemes. The results show that our solution can achieve a satisfactory level of security with low overhead.",
author = "Wensheng Zhang and Guohong Cao",
year = "2008",
month = "5",
day = "1",
doi = "10.1016/j.adhoc.2007.02.005",
language = "English (US)",
volume = "6",
pages = "363--379",
journal = "Ad Hoc Networks",
issn = "1570-8705",
publisher = "Elsevier",
number = "3",

}

Defending against cache consistency attacks in wireless ad hoc networks. / Zhang, Wensheng; Cao, Guohong.

In: Ad Hoc Networks, Vol. 6, No. 3, 01.05.2008, p. 363-379.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Defending against cache consistency attacks in wireless ad hoc networks

AU - Zhang, Wensheng

AU - Cao, Guohong

PY - 2008/5/1

Y1 - 2008/5/1

N2 - Caching techniques can be used to reduce bandwidth consumption and data access delay in wireless ad hoc networks. When cache is used, the issue of cache consistency must be addressed, and maintaining strong cache consistency is desired in some strategic scenarios (e.g., battlefields). In these situations, the invalidation-based approach is preferred due to its low overhead. However, this approach may suffer from some security attacks. For example, malicious nodes (also called intruders) may drop, insert or modify invalidation messages to mislead receivers to use stale data or unnecessarily invalidate data that are still valid. In this paper, we first propose to employ the Invalidation Report (IR) based cache invalidation strategy to prevent intruders from dropping or modifying invalidation messages. Although digital signatures can be used to protect IRs, this has significantly high overhead in terms of computational and bandwidth overhead. To address this problem, we further propose a family of randomized grouping-based schemes for intrusion detection, damage recovery and intruder identification. Extensive analysis and simulations are performed to evaluate the proposed schemes. The results show that our solution can achieve a satisfactory level of security with low overhead.

AB - Caching techniques can be used to reduce bandwidth consumption and data access delay in wireless ad hoc networks. When cache is used, the issue of cache consistency must be addressed, and maintaining strong cache consistency is desired in some strategic scenarios (e.g., battlefields). In these situations, the invalidation-based approach is preferred due to its low overhead. However, this approach may suffer from some security attacks. For example, malicious nodes (also called intruders) may drop, insert or modify invalidation messages to mislead receivers to use stale data or unnecessarily invalidate data that are still valid. In this paper, we first propose to employ the Invalidation Report (IR) based cache invalidation strategy to prevent intruders from dropping or modifying invalidation messages. Although digital signatures can be used to protect IRs, this has significantly high overhead in terms of computational and bandwidth overhead. To address this problem, we further propose a family of randomized grouping-based schemes for intrusion detection, damage recovery and intruder identification. Extensive analysis and simulations are performed to evaluate the proposed schemes. The results show that our solution can achieve a satisfactory level of security with low overhead.

UR - http://www.scopus.com/inward/record.url?scp=37549010749&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=37549010749&partnerID=8YFLogxK

U2 - 10.1016/j.adhoc.2007.02.005

DO - 10.1016/j.adhoc.2007.02.005

M3 - Article

AN - SCOPUS:37549010749

VL - 6

SP - 363

EP - 379

JO - Ad Hoc Networks

JF - Ad Hoc Networks

SN - 1570-8705

IS - 3

ER -