Location Tracking Attack in Ad hoc Networks based on Topology Information

Abstract — Unlike in conventional networks, node positions in mobile ad hoc networks (MANETs) usually change over time. As a side effect of managing routes, routing protocols to some extent also disseminate neighborship and topology information in the network, thereby disclosing at least some information on a node’s own position to other nodes. Due to the wireless nature of ad hoc networks, this information can become available even to third parties which are not participating in the network. Using this information, location profiling may become possible, where attackers gather information on node positions or mobility patterns. This information may then be used for anything ranging from targeted advertisement to criminal activities. Therefore, location privacy is an important issue in ad hoc networks. In this paper, we analyze to what extent an attacker can track the precise location of a node, assuming a powerful attacker model where an attacker knows all neighbor relationships plus information on node distances. We present a new approach which uses these information and uses geometric constraints and heuristics to find node positions efficiently. The quality of our results is discussed and compared to other approaches. Based on the localization precision that such an ”omniscient” attacker can reach, we will be able to evaluate the quality of future, more realistic attack models. I

Mechanism design and game theoretical models for intrusion detection

In this thesis, we study the problems related to intrusion detection systems in Mobile Ad hoc Networks (MANETs). Specifically, we are addressing the leader election in the presence of selfish nodes, the tradeoff between security and IDS's resource consumption, and the multi-fragment intrusion detection via sampling. To balance the resource consumption among all the nodes and prolong the lifetime of a MANET, the nodes with the most remaining resources should be elected as the leaders. Selfishness is one of the main problems facing such a model where nodes can behave selfishly during the election or after. To address this issue, we present a solution based on the theory of mechanism design. More specifically, the solution provides nodes with incentives in the form of reputations to encourage nodes in participating honestly in the election process. The amount of incentives is based on the Vickrey-Clarke-Groves (VCG) mechanism to ensure that truth-telling is the dominant strategy of any node. To catch and punish a misbehaving elected leader, checkers are selected randomly to monitor the behavior of a leader. To reduce the false-positive rate, a cooperative game-theoretic model is proposed to analyze the contribution of each checker on the catch decision. A multi-stage catch mechanism is also introduced to reduce the performance overhead of checkers. Additionally, we propose a series of local election algorithms that lead to globally optimal election results. Note that the leader election model, which is known as moderate model is only suitable when the probability of attacks is low. Once the probability of attacks is high, victims should launch their own IDSs. Such a robust model is, however, costly with respect to energy, which leads nodes to die fast. Clearly, to reduce the resource consumption of IDSs and yet keep its effectiveness, a critical issue is: When should we shift from moderate to robust mode? Here, we formalize this issue as a nonzero-sum non-cooperative game-theoretical model that takes into consideration the tradeoff between security and IDS resource consumption. Last but not least, we consider the problem of detecting multi-fragments intrusions that are launched from a MANET targeting another network. To generalize our solution, we consider the intrusion to be launched from any type of networks. The detection is accomplished by sampling a subset of the transmitted packets over selected network links or router interfaces. Given a sampling budget, our framework aims at developing a network packet sampling strategy to effectively reduce the success chances of an intruder. Non-cooperative game theory is used to express the problem formally. Finally, empirical results are provided to support our solutions