Trust-based security for the OLSR routing protocol

International audienceThe trust is always present implicitly in the protocols based on cooperation, in particular, between the entities involved in routing operations in Ad hoc networks. Indeed, as the wireless range of such nodes is limited, the nodes mutually cooperate with their neighbors in order to extend the remote nodes and the entire network. In our work, we are interested by trust as security solution for OLSR protocol. This approach fits particularly with characteristics of ad hoc networks. Moreover, the explicit trust management allows entities to reason with and about trust, and to take decisions regarding other entities. In this paper, we detail the techniques and the contributions in trust-based security in OLSR. We present trust-based analysis of the OLSR protocol using trust specification language, and we show how trust-based reasoning can allow each node to evaluate the behavior of the other nodes. After the detection of misbehaving nodes, we propose solutions of prevention and countermeasures to resolve the situations of inconsistency, and counter the malicious nodes. We demonstrate the effectiveness of our solution taking different simulated attacks scenarios. Our approach brings few modifications and is still compatible with the bare OLSR

Efficient Cache Invalidation in Mobile Environments

[[abstract]]In a mobile environment, caching data items at the mobile clients is important as it reduces the data access time and bandwidth utilization. While caching is desirable, it may cause data inconsistency between the server and the mobile clients if their communication is disconnected for a period of time. To ensure information coherence between the source items and their cached items, the server can broadcast invalidation reports to the mobile clients who then use the reports to update the cached data items. Cache invalidation is indeed an effective approach to maintaining such data coherence. This paper presents a new cache invalidation strategy which is shown through experimental evaluation to maintain data consistency between the server and mobile clients in a more efficient way than existing invalidation strategies.[[notice]]補正完畢[[incitationindex]]E

A Survey on Wireless Sensor Network Security

Wireless sensor networks (WSNs) have recently attracted a lot of interest in the research community due their wide range of applications. Due to distributed nature of these networks and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. This problem is more critical if the network is deployed for some mission-critical applications such as in a tactical battlefield. Random failure of nodes is also very likely in real-life deployment scenarios. Due to resource constraints in the sensor nodes, traditional security mechanisms with large overhead of computation and communication are infeasible in WSNs. Security in sensor networks is, therefore, a particularly challenging task. This paper discusses the current state of the art in security mechanisms for WSNs. Various types of attacks are discussed and their countermeasures presented. A brief discussion on the future direction of research in WSN security is also included.Comment: 24 pages, 4 figures, 2 table

Networking Media Abstraction, Device Discovery, and Routing for the Pervasive Middleware PalCom

PalCom is a pervasive middleware that can be used to assemble services provided by networked devices into configurations, called assemblies, for specific use cases by the user. In this dissertation, we present the development of a networking media abstraction framework for PalCom that abstracts different network interfaces in a PalCom device to upper layers of PalCom. The media abstraction framework is documented in paper I. Over the media abstraction layer, we define a device discovery mechanism that enables a PalCom device to discover other devices on its local networks, where it has network interfaces, as well as across interconnected networks. The device discovery mechanism is documented in paper II. On top of the device discovery layer, we implemented support for distance vector routing that enables routing data among discovered devices via the least cost routes. The routing layer is documented in paper III. In the last phase of our work, we refined our device discovery mechanism for PalCom to include a distributed synchronization algorithm that two PalCom nodes can utilize to re-sync their exchanged views of the network to overcome possible loss of device discovery and undiscovery notifications over unreliable channels. The synchronization algorithm is documented in paper IV

Enabling individually entrusted routing security for open and decentralized community networks

Routing in open and decentralized networks relies on cooperation. However, the participation of unknown nodes and node administrators pursuing heterogeneous trust and security goals is a challenge. Community-mesh networks are good examples of such environments due to their open structure, decentralized management, and ownership. As a result, existing community networks are vulnerable to various attacks and are seriously challenged by the obligation to find consensus on the trustability of participants within an increasing user size and diversity. We propose a practical and novel solution enabling a secured but decentralized trust management. This work presents the design and analysis of securely-entrusted multi-topology routing (SEMTOR), a set of routing-protocol mechanisms that enable the cryptographically secured negotiation and establishment of concurrent and individually trusted routing topologies for infrastructure-less networks without relying on any central management. The proposed mechanisms have been implemented, tested, and evaluated for their correctness and performance to exclude non-trusted nodes from the network. Respective safety and liveness properties that are guaranteed by our protocol have been identified and proven with formal reasoning. Benchmarking results, based on our implementation as part of the BMX7 routing protocol and tested on real and minimal (OpenWRT, 10 Euro) routers, qualify the behaviour, performance, and scalability of our approach, supporting networks with hundreds of nodes despite the use of strong asymmetric cryptography.Peer ReviewedPostprint (author's final draft

A Protocol for Supporting Context Provision in Wireless Mobile Ad Hoc Networks

The increasing ubiquity of mobile computing devices has made ad hoc networks everyday occurrences. In these highly dynamic environments, the multitude of devices provides a varied and rapidly changing environment in which applications must learn to operate. Successful end-user applications will not only learn to function in this environment but will take advantage of the variety of information available. Protocols for gathering an application’s contextual information must be built into the network to function in a timely and adaptive fashion. This paper presents a protocol for providing context information to such applications. We present an implementation and show how it provides context information to mobile applications in an on-demand manner. We also provide a simulation analysis of the tradeoffs between consistency and range of context definitions in highly dynamic ad hoc networks