Covert Channels and Anonymous Communication in Ad-hoc Networks

Thumbnail Image


umi-umd-4854.pdf (597.68 KB)
No. of downloads: 1901

Publication or External Link




Li, Song




Ad-hoc wireless networks distinguish themselves from their traditional wired counterparts by three unique characteristics: mobility, lack of infrastructure, and shared wireless channel. These properties have gained popularity in various military and civilian applications, but have also introduced challenging problems in terms of ensuring satisfying network performance and network security. Ad hoc networks are a fertile ground for new threats and security problems.

We start by demonstrating how new covert attacks can be launched by using the ad hoc network protocols. In particular, nodes in ad-hoc wireless networks have to cooperate with each other in order to accomplish many networking functions such as routing and channel access. We observe that covert information can be conveyed during the cooperation procedure. It is very difficult to eliminate or even detect these covert channels. Simulation results show that performance of these covert channels depends on various network characteristics.

Anonymous communication has been considered as one possible way of fighting covert threats. In fact, anonymity and privacy by themselves have attracted intensive attention as important societal issues and desirable security features. One of the key components in most anonymous routing protocols is anonymous trapdoors, for which we propose a new construction scheme based on pairing-based cryptographies.

More careful analysis has shown that anonymity could be in conflict with other secure properties and secure mechanisms, such as accountability and intrusion detection. We propose a solution that can flexibly trade off anonymity against accountability according to the needs of individual applications. The basic idea is to distribute the real identity of a given user among a set of pseudonyms in such a way that only a sufficient number of pseudonyms can lead to the recovery of the identity. Users authenticate each other anonymously under pseudonyms. When the number of times a user is caught misbehaving exceeds the threshold, the user's real identity can be recovered from the pseudonyms that had been used. Thus, accountability is enforced.

As conclusion, we propose to jointly investigate and incorporate all different secure properties by using various secure mechanisms across multiple protocol layers of the network.