Watchdogs to the rescue: Securing wireless TCP

In this paper, we make a case for using watchdogs to protect against misbehavior in dense wireless networks. We introduce “Generalized Watchdogs” and identify when and how watchdogs can be necessary and sufficient against misbehavior. We study feasibility of watchdog approach and show that the order of capacity bounds is preserved asymptotically even with watchdogs. We use generalized watchdogs to design protocols to improve both security and performance of TCP over wireless networks such that the application at the destination never accepts a corrupted packet and we achieve this without modifying TCP. We show that a strict dependence on availability and success of watchdogs can lead to “watchdog induced losses” and establish their effects on TCP throughput. We then propose solutions to deal with these losses and make watchdogs intelligent so they can tune the overheads incurred. With hop-by-hop verification of packet correctness, we ensure that tampered packets are not forwarded in the network and thus save potential wastage of network resources. We use NS-2 simulations of both controlled as well as realistic network scenarios, to show that watchdogs can provide simple, lightweight and reliable means of misbehavior detection, tolerance and most importantly “deterrence” while saving costs of security infrastructure. With a combination of intelligent watchdogs and source coding, and by leveraging route adaptation, our scheme achieves twice the throughput of a cryptographic alternative and that too in presence of as high as 30% packet tampering.