Resilient networking in wireless sensor networks

This report deals with security in wireless sensor networks (WSNs), especially in network layer. Multiple secure routing protocols have been proposed in the literature. However, they often use the cryptography to secure routing functionalities. The cryptography alone is not enough to defend against multiple attacks due to the node compromise. Therefore, we need more algorithmic solutions. In this report, we focus on the behavior of routing protocols to determine which properties make them more resilient to attacks. Our aim is to find some answers to the following questions. Are there any existing protocols, not designed initially for security, but which already contain some inherently resilient properties against attacks under which some portion of the network nodes is compromised? If yes, which specific behaviors are making these protocols more resilient? We propose in this report an overview of security strategies for WSNs in general, including existing attacks and defensive measures. In this report we focus at the network layer in particular, and an analysis of the behavior of four particular routing protocols is provided to determine their inherent resiliency to insider attacks. The protocols considered are: Dynamic Source Routing (DSR), Gradient-Based Routing (GBR), Greedy Forwarding (GF) and Random Walk Routing (RWR)

Trust-based security for the OLSR routing protocol

International audienceThe trust is always present implicitly in the protocols based on cooperation, in particular, between the entities involved in routing operations in Ad hoc networks. Indeed, as the wireless range of such nodes is limited, the nodes mutually cooperate with their neighbors in order to extend the remote nodes and the entire network. In our work, we are interested by trust as security solution for OLSR protocol. This approach fits particularly with characteristics of ad hoc networks. Moreover, the explicit trust management allows entities to reason with and about trust, and to take decisions regarding other entities. In this paper, we detail the techniques and the contributions in trust-based security in OLSR. We present trust-based analysis of the OLSR protocol using trust specification language, and we show how trust-based reasoning can allow each node to evaluate the behavior of the other nodes. After the detection of misbehaving nodes, we propose solutions of prevention and countermeasures to resolve the situations of inconsistency, and counter the malicious nodes. We demonstrate the effectiveness of our solution taking different simulated attacks scenarios. Our approach brings few modifications and is still compatible with the bare OLSR

Implementation of a Regression-based Trust Model in a Wireless Ad hoc Testbed

Wireless ad hoc networks are resource constraint and vulnerable to various security attacks. Trust based security modelling go hand in hand with cryptographic services to offer good security services. We have implemented a vector auto regression (VAR) based trust model over ad hoc on demand distance vector protocol and optimised link state routing protocol. The novelty in this model lies in  capturing individual functional behaviours of a neighbour in an ad hoc network and modeling them as regression parameters. The experimental results show the feasibility of implementing trust models over real ad hoc network deployments. The simulations results show that the proposed VAR trust model offers better performance compared to the existing trust models.Defence Science Journal, 2012, 62(1), pp.167-173, DOI:http://dx.doi.org/10.14429/dsj.62.143

Reputation-Based Internet Protocol Security: A Multilayer Security Framework for Mobil Ad Hoc Networks

This research effort examines the theory, application, and results for a Reputation-based Internet Protocol Security (RIPSec) framework that provides security for an ad-hoc network operating in a hostile environment. In RIPSec, protection from external threats is provided in the form of encrypted communication links and encryption-wrapped nodes while internal threats are mitigated by behavior grading that assigns reputations to nodes based on their demonstrated participation in the routing process. Network availability is provided by behavior grading and round-robin multipath routing. If a node behaves faithfully, it earns a positive reputation over time. If a node misbehaves (for any number of reasons, not necessarily intentional), it earns a negative reputation. Each member of the MANET has its own unique and subjective set of Reputation Indexes (RI) that enumerates the perceived reputation of the other MANET nodes. Nodes that desire to send data will eliminate relay nodes they perceive to have a negative reputation during the formulation of a route. A 50-node MANET is simulated with streaming multimedia and varying levels of misbehavior to determine the impact of the framework on network performance. Results of this research were very favorable. Analysis of the simulation data shows the number of routing errors sent in a MANET is reduced by an average of 52% when using RIPSec. The network load is also reduced, decreasing the overall traffic introduced into the MANET and permitting individual nodes to perform more work without overtaxing their limited resources. Finally, throughput is decreased due to larger packet sizes and longer round trips for packets to traverse the MANET, but is still sufficient to pass traffic with high bandwidth requirements (i.e., video and imagery) that is of interest in military networks

Optimising routing and trustworthiness of ad hoc networks using swarm intelligence

This thesis was submitted for the degree of Doctor of Philsophy and awarded by Brunel UniversityThis thesis proposes different approaches to address routing and security of MANETs using swarm technology. The mobility and infrastructure-less of MANET as well as nodes misbehavior compose great challenges to routing and security protocols of such a network. The first approach addresses the problem of channel assignment in multichannel ad hoc networks with limited number of interfaces, where stable route are more preferred to be selected. The channel selection is based on link quality between the nodes. Geographical information is used with mapping algorithm in order to estimate and predict the links’ quality and routes life time, which is combined with Ant Colony Optimization (ACO) algorithm to find most stable route with high data rate. As a result, a better utilization of the channels is performed where the throughput increased up to 74% over ASAR protocol. A new smart data packet routing protocol is developed based on the River Formation Dynamics (RFD) algorithm. The RFD algorithm is a subset of swarm intelligence which mimics how rivers are created in nature. The protocol is a distributed swarm learning approach where data packets are smart enough to guide themselves through best available route in the network. The learning information is distributed throughout the nodes of the network. This information can be used and updated by successive data packets in order to maintain and find better routes. Data packets act like swarm agents (drops) where they carry their path information and update routing information without the need for backward agents. These data packets modify the routing information based on different network metrics. As a result, data packet can guide themselves through better routes. In the second approach, a hybrid ACO and RFD smart data packet routing protocol is developed where the protocol tries to find shortest path that is less congested to the destination. Simulation results show throughput improvement by 30% over AODV protocol and 13% over AntHocNet. Both delay and jitter have been improved more than 96% over AODV protocol. In order to overcome the problem of source routing introduced due to the use of the ACO algorithm, a solely RFD based distance vector protocol has been developed as a third approach. Moreover, the protocol separates reactive learned information from proactive learned information to add more reliability to data routing. To minimize the power consumption introduced due to the hybrid nature of the RFD routing protocol, a forth approach has been developed. This protocol tackles the problem of power consumption and adds packets delivery power minimization to the protocol based on RFD algorithm. Finally, a security model based on reputation and trust is added to the smart data packet protocol in order to detect misbehaving nodes. A trust system has been built based on the privilege offered by the RFD algorithm, where drops are always moving from higher altitude to lower one. Moreover, the distributed and undefined nature of the ad hoc network forces the nodes to obligate to cooperative behaviour in order not to be exposed. This system can easily and quickly detect misbehaving nodes according to altitude difference between active intermediate nodes

Reliable and efficient data dissemination schemein VANET: a review

Vehicular ad-hoc network (VANET), identified as a mobile ad hoc network MANETs with several added constraints. Basically, in VANETs, the network is established on the fly based on the availability of vehicles on roads and supporting infrastructures along the roads, such as base stations. Vehicles and road-side infrastructures are required to provide communication facilities, particularly when enough vehicles are not available on the roads for effective communication. VANETs are crucial for providing a wide range of safety and non-safety applications to road users. However, the specific fundamental problem in VANET is the challenge of creating effective communication between two fast-moving vehicles. Therefore, message routing is an issue for many safety and non-safety of VANETs applications. The challenge in designing a robust but reliable message dissemination technique is primarily due to the stringent QoS requirements of the VANETs safety applications. This paper investigated various methods and conducted literature on an idea to develop a model for efficient and reliable message dissemination routing techniques in VANET