A Lightweight and Attack Resistant Authenticated Routing Protocol for Mobile Adhoc Networks

In mobile ad hoc networks, by attacking the corresponding routing protocol, an attacker can easily disturb the operations of the network. For ad hoc networks, till now many secured routing protocols have been proposed which contains some disadvantages. Therefore security in ad hoc networks is a controversial area till now. In this paper, we proposed a Lightweight and Attack Resistant Authenticated Routing Protocol (LARARP) for mobile ad hoc networks. For the route discovery attacks in MANET routing protocols, our protocol gives an effective security. It supports the node to drop the invalid packets earlier by detecting the malicious nodes quickly by verifying the digital signatures of all the intermediate nodes. It punishes the misbehaving nodes by decrementing a credit counter and rewards the well behaving nodes by incrementing the credit counter. Thus it prevents uncompromised nodes from attacking the routes with malicious or compromised nodes. It is also used to prevent the denial-of-service (DoS) attacks. The efficiency and effectiveness of LARARP are verified through the detailed simulation studies.Comment: 14 Pages, IJWM

Analysis of DoS Attacks at MAC Layer in Mobile Adhoc Networks

—Wireless network security has received tremendous attention due to the vulnerabilities exposed in the open communication medium. The most common wireless Medium Access Control (MAC) protocol is IEEE 802.11, which assumes all the nodes in the network are cooperative. However, nodes may purposefully misbehave in order to disrupt network performance, obtain extra bandwidth and conserve resources. These MAC layer misbehaviours can lead to Denial of Service (DoS) attacks which can disrupt the network operation. There is a lack of comprehensive analysis of MAC layer misbehaviour driven DoS attacks for the IEEE 802.11 protocol. This research studied possible MAC layer DoS attack strategies that are driven by the MAC layer malicious/selfish nodes and investigates the performance of the IEEE 802.11 protocol. Such DoS attacks caused by malicious and selfish nodes violating backoff timers associated with the protocol. The experimental and analytical approach evaluates several practical MAC layer backoff value manipulation and the impact of such attacks on the network performance and stability in MANETs. The simulation results show that introducing DoS attacks at MAC layer could significantly affect the network throughput and data packet collision rate. This paper concludes that DoS attacks with selfish/malicious intend can obtain a larger throughput by denying well-behaved nodes to obtain deserved throughput, also DoS attacks with the intend of complete destruction of the network can succee

Observation-based Cooperation Enforcement in Ad Hoc Networks

Ad hoc networks rely on the cooperation of the nodes participating in the network to forward packets for each other. A node may decide not to cooperate to save its resources while still using the network to relay its traffic. If too many nodes exhibit this behavior, network performance degrades and cooperating nodes may find themselves unfairly loaded. Most previous efforts to counter this behavior have relied on further cooperation between nodes to exchange reputation information about other nodes. If a node observes another node not participating correctly, it reports this observation to other nodes who then take action to avoid being affected and potentially punish the bad node by refusing to forward its traffic. Unfortunately, such second-hand reputation information is subject to false accusations and requires maintaining trust relationships with other nodes. The objective of OCEAN is to avoid this trust-management machinery and see how far we can get simply by using direct first-hand observations of other nodes' behavior. We find that, in many scenarios, OCEAN can do as well as, or even better than, schemes requiring second-hand reputation exchanges. This encouraging result could possibly help obviate solutions requiring trust-management for some contexts.Comment: 10 pages, 7 figure

Resilient Misbehaviour Detection MAC Protocol (MD-MAC) for Distributed Wireless Networks

Chaminda Alocious, Hannan Xiao, B. Christianson, 'Resilient Misbehaviour Detection MAC Protocol (MD-MAC) for Distributed Wireless Networks' paper presented at the 2016 IEEE Wireless Communications and Networking Conference (IEEE WCNC). Doha, Qatar. 3-6 April 2016Wireless network security requirements are becoming more important and critical. The modern network security architectures require more attention to provide security in each network layer. This will require understanding of protocol vulnerabilities in existing protocol architectures. However, providing security requirements are not just limited to confidentiality and integrity, also availability and fairness are important security elements. IEEE 802.11 MAC protocol is one of the most common standard in modern day networks and has been designed without a consideration for providing security protection at MAC layer. IEEE 802.11 assumes all the nodes in the network are cooperative. However, nodes may purposefully misbehave in order to obtain extra bandwidth, conserve resources and disrupt network performance. This research proposes a Misbehaviour Detection MAC protocol (MD-MAC) to address the problematic scenarios of MAC layer misbehaviours, which takes a novel approach to detect misbehaviours in Mobile Adhoc Networks (MANETs). The MD-MAC modifies the CSMA/CA protocol message exchange and uses verifiable backoff value generation mechanism with an incorporated trust model which is suitable for distributed networks. The MD-MAC protocol has been implemented and evaluated in ns2, simulation results suggest that the protocol is able to detect misbehaving wireless nodes in a distributed network environment

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Proposing an Effective Retransmission Using the Relaying Nodes for Multihop Networks

Coop MAC has been recently proposed as a possible implementation of cooperation protocols in the medium access control (MAC) layer of a wireless network. However, some nodes may refrain from cooperation for selfish purposes, e.g. in order to save energy, in what is called selfish behavior or misbehavior. This protocol violation worsens other nodes’ performance and can be avoided if other nodes detect and punish (e.g. banning from the network) misbehaving nodes. However, fading and interference may prevent nodes from cooperating even if they are willing, therefore it is not trivial to identify misbehaving nodes. In a fading scenario where an automatic repeat request (ARQ) protocol is used, we propose a mechanism that allows detecting misbehaving nodes. Two approaches, either based on the uniformly most powerful (UMP) test or on the sequential probability ratio test (SPRT) are considered. The two techniques are characterized and compared in terms of their average detection delay and resulting network performance. Index Terms: Ad-hoc networks, cooperative diversity, medium access control, MIMO systems, security, privacy, and authentication