SECURE ROUTE DISCOVERY FOR DYNAMIC SOURCE ROUTING IN MANETs

Mobile ad hoc networks (MANETs) are collections of wireless mobile devices with restricted broadcast range and resources and no fixed infrastructure. Communication is achieved by communicating data along suitable routes that are dynamically discovered and maintained through association between the nodes. Discovery of such routes is a major task both from good organization and security points of view. Recently a security model tailored to the specific requirements of MANETs. A novel route discovery algorithm called endairA is also proposed together with a claimed security proof within the same model. In this paper we show the security proof for the route discovery algorithm endairA is malfunctioning and moreover this algorithm is vulnerable to a hidden channel attack. We also analyze the security framework that is used for route discovery and argue the compos ability is an essential feature for ubiquitous applications. We conclude by discussing some of the major security challenges for route discovery in MANETs

Routing and Security in Mobile Ad Hoc Networks

A Mobile Ad hoc Network (MANET) consists of a set of nodes which can form a network among themselves. MANETs have applications in areas such as military, disaster rescue operations, monitoring animal habitats, etc. where establishing fixed communication infrastructure is not feasible. Routing protocols designed for MANETs can be broadly classified as position-based (geographic), topology-based and hybrid. Geographic routing uses location information of nodes to route messages. Topology-based routing uses network state information for route discovery and maintenance. Hybrid routing protocols use features in both position-based and topology-based approaches. Position-based routing protocols route packets towards the destination using greedy forwarding (i.e., an intermediate node forwards packets to a neighbor that is closer to the destination than itself). If a node has no neighbor that is closer to the destination than itself, greedy forwarding fails. In this case, we say there is void. Different position-based routing protocols use different methods for dealing with voids. Topology-based routing protocols can be classified into on-demand (reactive) routing protocols and proactive routing protocols. Generally, on-demand routing protocols establish routes when needed by flooding route requests throughout the entire network, which is not a scalable approach. Reactive routing protocols try to maintain routes between every pair of nodes by periodically exchanging messages with each other which is not a scalable approach also. This thesis addresses some of these issues and makes the following contribution. First, we present a position-based routing protocol called Greedy Routing Protocol with Backtracking (GRB) which uses a simple backtracking technique to route around voids, unlike existing position-based routing protocols which construct planarized graph of the local network to route around voids. We compare the performance of our protocol with the well known Greedy Perimeter Stateless Routing (GPSR) protocol and the Ad-Hoc On-demand Distance Vector (AODV) routing protocol as well as the Dynamic Source Routing (DSR) protocol. Performance evaluation shows that our protocol has less control overhead than those of DSR, AODV, and GPSR. Performance evaluation also shows that our protocol has a higher packet-delivery ratio, lower end-to-end delay, and less hop count, on average, compared to AODV, DSR and GPSR. We then present an on-demand routing protocol called ``Hybrid On-demand Greedy Routing Protocol with Backtracking for Mobile Ad-Hoc Networks which uses greedy approach for route discovery. This prevents flooding route requests, unlike the existing on-demand routing protocols. This approach also helps in finding routes that have lower hop counts than AODV and DSR. Our performance evaluation confirms that our protocol performs better than AODV and DSR, on average, with respect to hop count, packet-delivery ratio and control overhead. In MANETs, all nodes need to cooperate to establish routes. Establishing secure and valid routes in the presence of adversaries is a challenge in MANETs. Some of the well-known source routing protocols presented in the literature (e.g., Ariadne and endairA) which claim to establish secure routes are susceptible to hidden channel attacks. We address this issue and present a secure routing protocol called SAriadne, based on sanitizable signatures. We show that our protocol detects and prevents hidden channel attacks

Collaboration Enforcement In Mobile Ad Hoc Networks

Mobile Ad hoc NETworks (MANETs) have attracted great research interest in recent years. Among many issues, lack of motivation for participating nodes to collaborate forms a major obstacle to the adoption of MANETs. Many contemporary collaboration enforcement techniques employ reputation mechanisms for nodes to avoid and penalize malicious participants. Reputation information is propagated among participants and updated based on complicated trust relationships to thwart false accusation of benign nodes. The aforementioned strategy suffers from low scalability and is likely to be exploited by adversaries. To address these problems, we first propose a finite state model. With this technique, no reputation information is propagated in the network and malicious nodes cannot cause false penalty to benign hosts. Misbehaving node detection is performed on-demand; and malicious node punishment and avoidance are accomplished by only maintaining reputation information within neighboring nodes. This scheme, however, requires that each node equip with a tamper-proof hardware. In the second technique, no such restriction applies. Participating nodes classify their one-hop neighbors through direct observation and misbehaving nodes are penalized within their localities. Data packets are dynamically rerouted to circumvent selfish nodes. In both schemes, overall network performance is greatly enhanced. Our approach significantly simplifies the collaboration enforcement process, incurs low overhead, and is robust against various malicious behaviors. Simulation results based on different system configurations indicate that the proposed technique can significantly improve network performance with very low communication cost

Policy-Based Immunization Framework for MANET

Mobility is one of the most important driving forces of hyper-interconnected world that we are living in. Mobile computing devices are becoming smaller, more ubiquitous and simultaneously providing more computing power. Various mobile devices in diff rent sizes with high computing power cause the emergence of new type of networks\u27 applications. Researchers in conferences, soldiers in battlefields, medics in rescue missions, and drivers in busy high- ways can perform more efficiently if they can be connected to each other and aware of the environment they are interacting with. In all mentioned scenarios, the major barrier to have an interconnected collaborative environment is the lack of infrastructure. Mobile Ad hoc Networks (MANETs) are very promising to be able to handle this challenge. In recent years, extensive research has been done on MANETs in order to deliver secure and reliable network services in an infrastructure-less environment. MANETs usually deal with dynamic network topologies and utilize wireless technologies, they are very susceptible to different security attacks targeting different network layers. Combining policy-based management concepts and trust evaluation techniques in more granular level than current trust management frameworks can lead to interesting results toward more secure and reliable MANETs

Security Verification of Secure MANET Routing Protocols

Secure mobile ad hoc network (MANET) routing protocols are not tested thoroughly against their security properties. Previous research focuses on verifying secure, reactive, accumulation-based routing protocols. An improved methodology and framework for secure MANET routing protocol verification is proposed which includes table-based and proactive protocols. The model checker, SPIN, is selected as the core of the secure MANET verification framework. Security is defined by both accuracy and availability: a protocol forms accurate routes and these routes are always accurate. The framework enables exhaustive verification of protocols and results in a counter-example if the protocol is deemed insecure. The framework is applied to models of the Optimized Link-State Routing (OLSR) and Secure OLSR protocol against five attack vectors. These vectors are based on known attacks against each protocol. Vulnerabilities consistent with published findings are automatically revealed. No unknown attacks were found; however, future attack vectors may lead to new attacks. The new framework for verifying secure MANET protocols extends verification capabilities to table-based and proactive protocols

A Unified Wormhole Attack Detection Framework for Mobile Ad hoc Networks

The Internet is experiencing an evolution towards a ubiquitous network paradigm, via the so-called internet-of-things (IoT), where small wireless computing devices like sensors and actuators are integrated into daily activities. Simultaneously, infrastructure-less systems such as mobile ad hoc networks (MANET) are gaining popularity since they provide the possibility for devices in wireless sensor networks or vehicular ad hoc networks to share measured and monitored information without having to be connected to a base station. While MANETs offer many advantages, including self-configurability and application in rural areas which lack network infrastructure, they also present major challenges especially in regard to routing security. In a highly dynamic MANET, where nodes arbitrarily join and leave the network, it is difficult to ensure that nodes are trustworthy for multi-hop routing. Wormhole attacks belong to most severe routing threats because they are able to disrupt a major part of the network traffic, while concomitantly being extremely difficult to detect. This thesis presents a new unified wormhole attack detection framework which is effective for all known wormhole types, alongside incurring low false positive rates, network loads and computational time, for a variety of diverse MANET scenarios. The framework makes three original technical contributions: i) a new accurate wormhole detection algorithm based on packet traversal time and hop count analysis (TTHCA) which identifies infected routes, ii) an enhanced, dynamic traversal time per hop analysis (TTpHA) detection model which is adaptable to node radio range fluctuations, and iii) a method for automatically detecting time measurement tampering in both TTHCA and TTpHA. The thesis findings indicate that this new wormhole detection framework provides significant performance improvements compared to other existing solutions by accurately, efficiently and robustly detecting all wormhole variants under a wide range of network conditions

Routing Security in Mobile Ad-hoc Networks

The role of infrastructure-less mobile ad hoc networks (MANETs) in ubiquitous networks is outlined. In a MANET there are no dedicated routers and all network nodes must contribute to routing. Classification of routing protocols for MANET is based on how routing information is acquired and maintained by mobile nodes and/or on roles of network nodes in a routing. According to the first classification base, MANET routing protocols are proactive, reactive, or hybrid combinations of proactive and reactive protocols. According to the role-based classification, MANET routing protocols are either uniform when all network nodes have the same role or non-uniform when the roles are different and dedicated. A contemporary review of MANET routing protocols is briefly presented. Security attacks against MANET routing can be passive and or active. The purpose of the former is information retrieval, for example network traffic monitoring, while the latter is performed by malicious nodes with the express intention of disturbing, modifying or interrupting MANET routing. An overview of active attacks based on modification, impersonation/ spoofing, fabrication, wormhole, and selfish behavior is presented. The importance of cryptography and trust in secure MANET routing is also outlined, with relevant security extensions of existing routing protocols for MANETs described and assessed. A comparison of existing secure routing protocols form the main contribution in this paper, while some future research challenges in secure MANET routing are discussed

Mobile Ad-Hoc Networks

Being infrastructure-less and without central administration control, wireless ad-hoc networking is playing a more and more important role in extending the coverage of traditional wireless infrastructure (cellular networks, wireless LAN, etc). This book includes state-of-the-art techniques and solutions for wireless ad-hoc networks. It focuses on the following topics in ad-hoc networks: quality-of-service and video communication, routing protocol and cross-layer design. A few interesting problems about security and delay-tolerant networks are also discussed. This book is targeted to provide network engineers and researchers with design guidelines for large scale wireless ad hoc networks

A Study on Enhancement of the Security of the Routing Protocols in Adhoc Networks

An ad hoc wireless network is a set of wireless mobile nodes that self-configure to build a network without the requirement for any reputable infrastructure or backbone. Mobile nodes are utilized by the Ad hoc networks to facilitate effective communication beyond the wireless transmission range. As ad hoc networks do not impose any fixed infrastructure, it becomes very tough to handle network services with the available routing approaches, and this creates a number of problems in ensuring the security of the communication. Majority of the existing ad hoc protocols that deal with security issues depends on implicit trust relationships to route packets among participating nodes. The general security objectives like authentication, confidentiality, integrity,availability and nonrepudiation should not be compromised in any circumstances. Thus, security in ad hoc networks becomes an active area of research in the field of networking. There are various techniques available in the literature for providing security to the ad hoc networks. This paper focuses on analyzing the various routing protocols available in the literature for ad hoc network environment and its applications in security mechanisms