Formal Analysis of Security Vulnerabilities in OLSR Routing Protocol Using SPAN Tool

Document Type : Original Article

Authors

1 Assistant Professor, Foman Technical College, Tehran University Technical College, Tehran, Iran

2 Professor, University of Science and Technology, Tehran, Iran

Abstract

Ad-hoc mobile networks are used in various fields. These networks require special routing protocols due to their characteristics. These protocols usually focus on providing better service and more efficiency and ignore security issues. Therefore, there are many threats including sniffing, tampering, and spoofing in these networks. Among these routing protocols, we can refer to the optimized link state routing protocol, or OLSR for short. The main purpose of this protocol is to prevent the unnecessary sending of control packets so that less congestion is created in network traffic and efficiency and service are improved. However, no security considerations are defined for the OLSR protocol, and thus it is the target of many attacks. There are researches in which the security of the OLSR protocol has been investigated, but in none of them, no comprehensive security analysis has been provided using formal methods. In this paper, a formal method based on the SPAN tool has been presented for the security analysis of the OLSR protocol, by using which the vulnerabilities reported for it have been identified and confirmed. Finally, cryptography-based solutions have been proposed to address these vulnerabilities.

Keywords

Main Subjects

Smiley face

 

References

[1].    N. Raza, M. U. Aftab, M. Q. Akbar, O. Ashraf and M. Irfan, "Mobile Ad-Hoc Networks Applications and Its Challenges," Communications and Network, vol. 8, no. 3, pp. 131-136, 2016.
[2].    T. Clausen and P. Jacquet, "RFC3626: Optimized Link State Routing Protocol (OLSR)," RFC Editor, USA, 01 October 2003.
[3].    R. Song and C. M. Peter, "ROLSR: A robust Optimized Link State Routing protocol for military Ad-Hoc networks," in MILCOM 2010 MILITARY COMMUNICATIONS CONFERENCE, San Jose, CA, USA, 31 Oct. 2010, pp. 1002-1010.
[4].    S. Szymoniak and S. Kesar, "Key Agreement and Authentication Protocols in the Internet of Things: A Survey," Applied Sciences, vol. 13, no. 1, p. 404, 2023.
[5].    F. G. Darbandeh and M. Safkhani, "SAPWSN: A Secure Authentication Protocol for Wireless Sensor Networks," Computer Networks, vol. 220, p. 109469, 2023.
[6].    M. L. Pura, V.-V. Patriciu and I. Bica, "Formal verification of secure ad hoc routing protocols using AVISPA: ARAN case study," in the 4th Conference on European Computing, Bucharest, Romania, Apr. 2010, pp. 200-206.
[7].    T. Genet, "A Short SPAN+AVISPA Tutorial," IRISA, 2017.
[8].    N. Imran, S. Riaz, A. Shaheen, M. Sharif and M. Raza, "Comparative Analysis of Link State and Distance Vector Routing Protocols for Mobile Adhoc Networks," Science International, vol. 26, no. 2, pp. 669-674, 2015.
[9].    M. A. Jubair, S. A. Mostafa, R. C. Muniyandi, H. Mahdin, A. Mustapha, M. H. Hassan, M. A. Mahmoud, Y. A. Al-Jawhar, A. S. Al-Khaleefa and A. J. Mahmood, "Bat Optimized Link State Routing Protocol for Energy-Aware Mobile Ad-Hoc Networks," Symmetry, vol. 11, no. 11, p. 1409, 2019.
[10].A. Shahidinejad, "A Mutual Authentication Protocol for IoT Users in Cloud Environment," Electronic and Cyber Defense, vol. 9, no. 2, pp. 17-28, 2021. (in persian).
[11]. A. Mohammadi and N. Modiri, "Secure and Fast Re-authentication Protocol to Support Extensive Movement of Users in IEEE 802.1X Wireless Networks," Electronic and Cyber Defense, vol. 3, no. 4, pp. 71-80, 2016. (in persian).https://dor.isc.ac/dor/20.1001.1.23224347.1394.3.4.6.7
[12]. M. h. Ansari, V. Tabatabavakili and M. Gohari, "Secure and Efficient 4-way Handshake in Smart Grid to DoS Attacks Mitigation," Electronic and Cyber Defense, vol. 4, no. 1, pp. 9-17, 2016. (in persian).https://dor.isc.ac/dor/20.1001.1.23224347.1395.4.1.2.4
[13]. M. M. Modiri, J. Mohajeri and M. Salmasizadeh, "A novel group-based secure lightweight authentication and key agreement protocol for machine-type communication," Transactions on Computer Science & Engineering and Electrical Engineering, vol. 29, no. 6, pp. 3273-3287, 2022.
[14]. K. H. Moussa, A. H. El-Sakka, S. Shaaban and H. N. Kheirallah, "Group Security Authentication and Key Agreement Protocol Built by Elliptic Curve Diffie Hellman Key Exchange for LTE Military Grade Communication," IEEE Access, vol. 10, pp. 80352-80364, 2022.
[15]. F. Hong, L. Hong and C. Fu, "Secure OLSR," in 19th International Conference on Advanced Information Networking and Applications, Taipei, Taiwan, 25 Mar. 2005, pp. 713-718.
[16]. D. Raffo, C. Adjih, T. Clausen and P. Mühlethaler, "An advanced signature system for OLSR," in Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networks, New York, NY, USA, 25 Oct. 2004. pp. 10-16.
[17]. B. Kannhavong, H. Nakayama, Y. Nemoto, N. Kato and A. Jamalipour, "SA-OLSR: Security Aware Optimized Link State Routing for Mobile Ad Hoc Networks," in IEEE International Conference on Communications, Beijing, China, 19-23 May. 2008. pp. 1464-1468.
[18]. L. García Villalba, J. Garcia Matesanz, D. Rupérez Cañas and A. Sandoval Orozco, "Secure extension to the optimised link state routing protocol," IET Information Security, vol. 5, no. 3, pp. 163-169, 2011.
[19]. A. Nabou, M. D. Laanaoui and M. Ouzzif, "Effect of black hole attack in different mobility models of MANET using OLSR protocol," International Journal of Information and Computer Security, vol. 18, no. 1/2, pp. 219-235, 2022.
[20]. A. Nabou, M. D. Laanaoui and M. Ouzzif, "New MPR Computation for Securing OLSR Routing Protocol Against Single Black Hole Attack," Wireless Personal Communications, vol. 117, pp. 525-544, 2021.

Files

History

  • Receive Date: 11 July 2024
  • Revise Date: 13 September 2024
  • Accept Date: 27 September 2024
  • Publish Date: 22 October 2024

Share

How to cite

Statistics