Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Security

IWSEC 2010: Advances in Information and Computer Security pp 232–250Cite as

Securing MANET Multicast Using DIPLOMA

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6434))

Abstract

Multicast traffic, such as live audio/video streaming, is an important application for Mobile Ad Hoc Networks (MANETs), including those used by militaries and disaster recovery teams. The open nature of multicast, where any receiver can join a multicast group, and any sender can send to a multicast group, makes it an easy vehicle for launching Denial of Service (DoS) attacks in resource-constrained MANETs.

In this paper, we extend our previously introduced DIPLOMA architecture to secure multicast traffic. DIPLOMA is a deny − by − default distributed policy enforcement architecture that can protect the end-host services and network bandwidth. DIPLOMA uses capabilities to provide a unified solution for sender and receiver access control to the multicast groups, as well as to limit the bandwidth usage of the multicast group. We have extended common multicast protocols, including ODMRP and PIM-SM, to incorporate DIPLOMA. We have implemented multicast DIPLOMA in Linux, without requiring any changes to existing applications and the routing substrate. We conducted an experimental evaluation of the system in the Orbit MANET testbed. The results show that the architecture incurs limited overhead in throughput, packet loss, and packet inter-arrival times. We also show that the system protects network bandwidth and the end-hosts in the presence of attackers.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Alicherry, M., Keromytis, A.D.: DIPLOMA: Distributed Policy Enforcement Architecture for MANETs. In: International Conference on Network and System Security (September 2010)

    Google Scholar 

  2. Alicherry, M., Keromytis, A.D., Stavrou, A.: Deny-by-Default Distributed Security Policy Enforcement in Mobile Ad Hoc Networks. In: SecureComm (September 2009)

    Google Scholar 

  3. Ammar, P.J.M.: Security issues and solutions in multicast content distribution: A survey. IEEE Network 17 (2003)

    Google Scholar 

  4. Anderson, T., Roscoe, T., Wetherall, D.: Preventing Internet Denial-of-Service with Capabilities. In: Proc. of Hotnets-II (2003)

    Google Scholar 

  5. Ballardie, A., Crowcroft, J.: Multicast-Specific Security Threats and Countermeasures. In: SNDSS (1995)

    Google Scholar 

  6. Cordeiro, C.M., Gossain, H., Agrawal, D.: Multicast over Wireless Mobile Ad Hoc Networks: Present and Future Directions. IEEE Network 17 (2003)

    Google Scholar 

  7. Estrin, D., Mogul, J.C., Tsudik, G.: Visa protocols for controlling interorganizational datagram flow. In: IEEE JSAC (May 1989)

    Google Scholar 

  8. Galera, F.J., Ruiz, P.M., Gomez-Skarmeta, A.F., Kassler, A.: Security Extensions to MMARP Through Cryptographically Generated Addresses. LNI (2005)

    Google Scholar 

  9. Hardjono, T., Cain, B.: Key Establishment for IGMP Authentication in IP Multicast. In: IEEE ECUMN (2000)

    Google Scholar 

  10. Judge, P., Ammar, M.: Gothic: A Group Access Control Architecture for Secure Multicast and Anycast. In: INFOCOM (2002)

    Google Scholar 

  11. Kaya, T., Lin, G., Noubir, G., Yilmaz, A.: Secure Multicast Groups on Ad Hoc Networks. In: ACM Workshop on Security of Ad Hoc and Sensor Networks (2003)

    Google Scholar 

  12. Klaue, J.: EvalVid - A Video Quality Evaluation Tool-set, http://www.tkn.tu-berlin.de/research/evalvid/

  13. Lee, S.-J., Gerla, M., Chiang, C.-C.: On-Demand Multicast Routing Protocol (October 1999)

    Google Scholar 

  14. Naval Research Laboratory. Multi Generator (MGEN), http://cs.itd.nrl.navy.mil/work/mgen/

  15. Roy, S., Addada, V.G., Setia, S., Jajodia, S.: Securing MAODV: Attacks and Countermeasures. In: IEEE Intl. Conf. SECON (2005)

    Google Scholar 

  16. Slezak, D., Kim, T., Chang, A.C., Vasilakos, T., Li, M., Sakurai, K.: Security in Tactical MANET Deployments. In: Comm. and NetInt. Conf., FGCN/ACN (2009)

    Google Scholar 

  17. Wobber, E., Abadi, M., Burrows, M., Lampson, B.: Authentication in the Taos Operating System. ACM Trans. on Computer Systems 12 (February 1994)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Columbia University, USA

    Mansoor Alicherry & Angelos D. Keromytis

Authors
  1. Mansoor Alicherry
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Angelos D. Keromytis
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. National Institute of Informatics, 2-1-2 Hitotsubashi, 101-8430, Chiyoda-ku, Tokyo, Japan

    Isao Echizen

  2. School of Frontier Sciences, Department of Complexity Science and Engineering, University of Tokyo, 5-1-5 Kashiwanoha, Kashiwa-shi, 277-8561, Chiba, Japan

    Noboru Kunihiro

  3. School of Science and Technology for Future Life, Department of Information Systems and Multi Media, Tokyo Denki University, 2-2 Kanda-Nishiki-cho, 101-8457, Chiyoda-ku, Tokyo, Japan

    Ryoichi Sasaki

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Alicherry, M., Keromytis, A.D. (2010). Securing MANET Multicast Using DIPLOMA. In: Echizen, I., Kunihiro, N., Sasaki, R. (eds) Advances in Information and Computer Security. IWSEC 2010. Lecture Notes in Computer Science, vol 6434. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16825-3_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-16825-3_16

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-16824-6

  • Online ISBN: 978-3-642-16825-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation