310 research outputs found
Vulnerability Analysis of the Simple Multicast Forwarding (SMF) Protocol for Mobile Ad Hoc Networks
If deployments of Mobile Ad Hoc Networks (MANETs) are to become common outside of purely experimental settings, protocols operating such MANETs must be able to preserve network integrity, even when faced with careless or malicious participants. A first step towards protecting a MANET is to analyze the vulnerabilities of the routing protocol(s), managing the connectivity. Understanding how these routing protocols can be exploited by those with ill intent, countermeasures can be developed, readying MANETs for wider deployment and use. One routing protocol for MANETs, developed by the Internet Engineering Task Force (IETF) as a multicast routing protocol for efficient data dissemination, is denoted "Simplified Multicast Forwarding" (SMF). This protocol is analyzed, and its vulnerabilities described, in this memorandum. SMF consists of two independent components: (i) duplicate packet detection and (ii) relay set selection, each of which presents its own set of vulnerabilities that an attacker may exploit to compromise network integrity. This memorandum explores vulnerabilities in each of these, with the aim of identifying attack vectors and thus enabling development of countermeasures.Afin d'augmenter le nombre de dĂ©ploiements de rĂ©seaux ad hoc dehors des "testbeds" purement expĂ©rimentals, des protocoles de routage des rĂ©seaux ad hoc doivent ĂȘtre en mesure de prĂ©server l'intĂ©gritĂ© du rĂ©seau, mĂȘme lorsqu'ils sont confrontĂ©s avec des participants imprudents ou malicieux. Un premier pas vers la protection d'un rĂ©seau ad hoc est d'analyser les vulnĂ©rabilitĂ©s du protocole de routage qui gĂšre la connectivitĂ© du rĂ©seau. En comprenant comment ces protocoles de routage peuvent ĂȘtre exploitĂ©s par des personnes ayant de mauvaises intentions, des contre-mesures peuvent ĂȘtre dĂ©veloppĂ©es. Un protocole de routage pour des rĂ©seaux ad hoc, dĂ©veloppĂ© par l'Internet Engineering Task Force (IETF) comme protocole de routage de multicast pour la diffusion efficace des donnĂ©es, est appelĂ© "Simplified Multicast Forwarding" (SMF). Ce protocole est analysĂ©, et ses vulnĂ©rabilitĂ©s dĂ©crites dans ce rapport. SMF est constituĂ© de deux composantes indĂ©pendantes: (i) la dĂ©tection des paquets dupliquĂ©s et (ii) la sĂ©lection des relais, dont chacun prĂ©sente son propre ensemble de vulnĂ©rabilitĂ©s qu'un attaquant peut exploiter pour compromettre l'intĂ©gritĂ© du rĂ©seau. Ce rapport explore des vulnĂ©rabilitĂ©s dans chacune des deux composantes, afin d'identifier les vecteurs d'attaque, ainsi de permettre de dĂ©velopper des contre-mesures
A Dynamic Reputation Management System for Mobile Ad Hoc Networks
This is an open access article distributed under the Creative Commons Attribution License (cc BY 4.0) https://creativecommons.org/licenses/by/4.0/, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.Nodes in mobile ad hoc networks (MANETs) are mandated to utilize their limited energy resources in forwarding routing control and data packets for other nodes. Since a MANET lacks a centralized administration and control, a node may decide to act selfishly, either by refusing to respond to route requests from other nodes or deceitfully by responding to some route requests, but dropping the corresponding data packets that are presented for forwarding. A significant increase in the presence of these misbehaving nodes in a MANET can subsequently degrade network performance. In this paper, we propose a dynamic reputation management system for detecting and isolating misbehaving nodes in MANETs. Our model employs a novel direct monitoring technique to evaluate the reputation of a node in the network, which ensures that nodes that expend their energy in transmitting data and routing control packets for others are allowed to carry out their network activities while the misbehaving nodes are detected and isolated from the network. Simulation results show that our model is effective at curbing and mitigating the effects of misbehaving nodes in the networkPeer reviewedFinal Published versio
A novel secure routing scheme using probabilistic modelling for better resistivity against lethal attacks
Study towards Wireless Adhoc Network dates two decades back with various researchers evolving up with new solutions towards addressing its problems. Irrespective of various other problems, the issues related to the secure routing is yet unsolved owing to massively increasing fatal strategies of the adversary. Review of existing literature shows that the existing secure routing scheme can only govern over the stated attacks reducing the applicability in case of dynamic attacks. Therefore, this manuscript introduces a novel probabilistic model which offers the capability to wireless nodes to identify the malicious behavior and react accordingly. Different from existing intrusion prevention system, the proposed system allows the malicious node to participate in the data forwarding process and exhaust its resources with no chance of launching an attack. The simulated outcome of the study shows that the proposed secure routing scheme offers better data forwarding characteristic in contrast to the existing system in the aspect of intrusion detection and secure data transmission
Recommended from our members
Securing autonomous networks through virtual closure
The increasing autonomy of Mobile Ad Hoc Networks (MANETs) has enabled a great many large-scale unguided missions, such as agricultural planning, conservation and similar surveying tasks. Commercial and military institutions have expressed great interest in such ventures, raising the question of security as the application of such systems in potentially hostile environments. Preventing theft, disruption or destruction of such MANETs through cyber-attacks has become a focus for many researchers as a result. Virtual Private Networks (VPNs) have been shown to enhance the security of Mobile Ad hoc Networks (MANETs). VPNs do not normally support broadcast communication, reducing their effectiveness in high-traffic MANETs which have many broadcast communication requirements. To support routing, broadcast updates and efficient MANET communication a Virtual Closed Network (VCN) architecture is proposed. By supporting private, secure communication in unicast, multicast and broadcast modes, VCNs provide an efficient alternative to VPNs when securing MANETs. Comparative analysis of the set-up and security overheads of VCN and VPN approaches is provided between OpenVPN, IPsec, Virtual Private LAN Service (VPLS), and the proposed VCN solution: Security Using Pre-Existing Routing for MANETs (SUPERMAN)
Content source selection in Bluetooth networks
Large scale market penetration of electronic devices equipped with Bluetooth technology now gives the ability to share content (such as music or video clips) between members of the public in a decentralised manner. Achieved using opportunistic connections, formed when they are colocated, in environments where Internet connectivity is expensive or unreliable, such as urban buses, train rides and coffee shops. Most people have a high degree of regularity in their movements (such as a daily commute), including repeated contacts with others possessing similar seasonal movement patterns. We argue that this behaviour can be exploited in connection selection, and outline a system for the identification of long-term companions and sources that have previously provided quality content, in order to maximise the successful receipt of content files. We utilise actual traces and existing mobility models to validate our approach, and show how consideration of the colocation history and the quality of previous data transfers leads to more successful sharing of content in realistic scenarios
Reducing Routing Overhead in Random Walk Protocol under MP2P Network
Due to network dynamics in self-organizing networks the resource discovery effort increases. To discover objects in unstructured peer-to-peer network, peers rely on traditional methods like flooding, random walk and probabilistic forwarding methods. With inadequate knowledge of paths, the peers have to flood the query message which creates incredible network traffic and overhead. Many of the previous works based on random walk were done in wired network. In this context random walk was better than flooding. But under MANETs random walk approach behaved differently increasing the overhead, due to frequent link failures incurred by mobility. Decentralized applications based on peer-to-peer computing are best candidates to run over such dynamic network. Issues of P2P service discovery in wired networks have been well addressed in several earlier works. This article evaluates the performance of random walk based resource discovery protocol over P2P Mobile Adhoc Network (MP2P) and suggests an improved scheme to suit MANET. Our version reduces the network overhead, lowers the battery power consumption, minimizes the query delay while providing equally good success rate. The protocol is validated through extensive NS-2 simulations. It is clear from the results that our proposed scheme is an alternative to the existing ones for such highly dynamic mobile network scenario
Recommended from our members
Trust Computational Models for Mobile Ad Hoc Networks. Recommendation Based Trustworthiness Evaluation using Multidimensional Metrics to Secure Routing Protocol in Mobile Ad Hoc Networks.
Distributed systems like e-commerce and e-market places, peer-to-peer networks, social networks, and mobile ad hoc networks require cooperation among the participating entities to guarantee the formation and sustained existence of network services. The reliability of interactions among anonymous entities is a significant issue in such environments. The distributed entities establish connections to interact with others, which may include selfish and misbehaving entities and result in bad experiences. Therefore, trustworthiness evaluation using trust management techniques has become a significant issue in securing these environments to allow entities decide on the reliability and trustworthiness of other entities, besides it helps coping with defection problems and stimulating entities to cooperate. Recent models on evaluating trustworthiness in distributed systems have heavily focused on assessing trustworthiness of entities and isolate misbehaviours based on single trust metrics. Less effort has been put on the investigation of the subjective nature and differences in the way trustworthiness is perceived to produce a composite multidimensional trust metrics to overcome the limitation of considering single trust metric. In the light of this context, this thesis concerns the evaluation of entitiesâ trustworthiness by the design and investigation of trust metrics that are computed using multiple properties of trust and considering environment.
Based on the concept of probabilistic theory of trust management technique, this thesis models trust systems and designs cooperation techniques to evaluate trustworthiness in mobile ad hoc networks (MANETs). A recommendation based trust model with multi-parameters filtering algorithm, and multidimensional metric based on social and QoS trust model are proposed to secure MANETs. Effectiveness of each of these models in evaluating trustworthiness and discovering misbehaving nodes prior to interactions, as well as their influence on the network performance has been investigated. The results of investigating both the trustworthiness evaluation and the network performance are promising.Ministry of Higher Education in Libya and the Libyan Cultural Attaché bureau in Londo
Recommended from our members
Trust Management for P2P application in Delay Tolerant Mobile Ad-hoc Networks. An Investigation into the development of a Trust Management Framework for Peer to Peer File Sharing Applications in Delay Tolerant Disconnected Mobile Ad-hoc Networks.
Security is essential to communication between entities in the internet. Delay tolerant and disconnected Mobile Ad Hoc Networks (MANET) are a class of networks characterized by high end-to-end path latency and frequent end-to-end disconnections and are often termed as challenged networks. In these networks nodes are sparsely populated and without the existence of a central server, acquiring global information is difficult and impractical if not impossible and therefore traditional security schemes proposed for MANETs cannot be applied. This thesis reports trust management schemes for peer to peer (P2P) application in delay tolerant disconnected MANETs. Properties of a profile based file sharing application are analyzed and a framework for structured P2P overlay over delay tolerant disconnected MANETs is proposed. The framework is implemented and tested on J2ME based smart phones using Bluetooth communication protocol. A light weight Content Driven Data Propagation Protocol (CDDPP) for content based data delivery in MANETs is presented. The CDDPP implements a user profile based content driven P2P file sharing application in disconnected MANETs. The CDDPP protocol is further enhanced by proposing an adaptive opportunistic multihop content based routing protocol (ORP). ORP protocol considers the store-carry-forward paradigm for multi-hop packet delivery in delay tolerant MANETs and allows multi-casting to selected number of nodes. Performance of ORP is compared with a similar autonomous gossiping (A/G) protocol using simulations. This work also presents a framework for trust management based on dynamicity aware graph re-labelling system (DA-GRS) for trust management in mobile P2P applications. The DA-GRS uses a distributed algorithm to identify trustworthy nodes and generate trustable groups while isolating misleading or untrustworthy nodes. Several simulations in various environment settings show the effectiveness of the proposed framework in creating trust based communities. This work also extends the FIRE distributed trust model for MANET applications by incorporating witness based interactions for acquiring trust ratings. A witness graph building mechanism in FIRE+ is provided with several trust building policies to identify malicious nodes and detect collusive behaviour in nodes. This technique not only allows trust computation based on witness trust ratings but also provides protection against a collusion attack. Finally, M-trust, a light weight trust management scheme based on FIRE+ trust model is presented
Recommended from our members
Multifold node authentication in mobile ad hoc networks
An ad hoc network is a collection of nodes that do not need to rely on a predefined infrastructure to keep the network connected. Nodes communicate amongst each other using wireless radios and operate by following a peer-to-peer network model. In this article we propose a multifold node authentication approach for protecting mobile ad hoc networks. The security requirements for protecting data link and network layers are identified and the design criteria for creating secure ad hoc networks using multiple authentication protocols are analysed. Such protocols, which are based on zero knowledge and challenge response techniques, are presented through proofs and simulation results
- âŠ