Trust-based security for the OLSR routing protocol

International audienceThe trust is always present implicitly in the protocols based on cooperation, in particular, between the entities involved in routing operations in Ad hoc networks. Indeed, as the wireless range of such nodes is limited, the nodes mutually cooperate with their neighbors in order to extend the remote nodes and the entire network. In our work, we are interested by trust as security solution for OLSR protocol. This approach fits particularly with characteristics of ad hoc networks. Moreover, the explicit trust management allows entities to reason with and about trust, and to take decisions regarding other entities. In this paper, we detail the techniques and the contributions in trust-based security in OLSR. We present trust-based analysis of the OLSR protocol using trust specification language, and we show how trust-based reasoning can allow each node to evaluate the behavior of the other nodes. After the detection of misbehaving nodes, we propose solutions of prevention and countermeasures to resolve the situations of inconsistency, and counter the malicious nodes. We demonstrate the effectiveness of our solution taking different simulated attacks scenarios. Our approach brings few modifications and is still compatible with the bare OLSR

MQMF: Multiple Quality Measure Factors for Trust Computation and Security in MANET

Identification of the mobile ad hoc network node in a secure, reliable communication is a very important factor. It will be a node in the service of reconciliation and node behaviour leads to uncertainty. It is always challenge to manage node security and resource due to the complexity of high mobility and resource constraints. Trust based security provides light-weight security computing for individual node trust to provide reliable and quality of service. In this paper we present a multiple quality measure factors (MQMF) approach for computing node trust to improvise the quality of service. It compute four quality measure factors based on node throughput and packet drop during communication to measure the node individual trustworthiness. It prevent the network from anomalous and malicious nodes to improvise the security and throughput. The evaluation measures shows an improvisation in throughput with less packet drop and computational overload in compare to existing protocols

Enhanced cluster based trust management framework for mobile Ad hoc networks

Trust management in decentralized networks and MANETs are much more complicated than the traditional access point based on wireless networks. The nodes in MANETs are used to provide trust information or evidence to find trustworthy nodes. However, the trust evaluation procedure depends on the local information due to its limited resources. In a trust management framework, there are issues to be resolved that include inefficient monitoring system with trust, inaccuracy in trust computation assign and lack of path selection based on trust. Therefore, in this research, a Trust Management Framework (TMF) was developed to address the aforementioned issues. The framework has the capability to monitor the network, assign trust values, and select an appropriate path for the transmission of packets among nodes which depends on the assignment of trust values. The TMF provides a secure cluster-based trust management to monitor the network that minimizes network overhead, improves path selection based on trust evaluation, and assigns trust for clusters-nodes with improved packet delivery ratio and delay. The performance of the TMF was assessed by performing simulation with Network Simulator version 2 (NS2). The results of the framework were compared with the state-of-the-art frameworks such as Requirement for Neural TMF (RNTMF), Recommendation Trust Framework with Defence Framework (RTMD), and Energy Efficient Secure Dynamic Source Routing (EESDSR). The results demonstrated that the Packets Delivery Ratio (PDR) of the TMF was 25.2% better than RNTMF, 21.4% better than RTMD, and 18.4% better than EESDSR. The overhead of the TMF was 4.5% less than RNTMF, 23.2% less than RTMD, and 26.8% less than EESDSR. The findings showed that TMF has better performance in terms of trust management in MANETs

Routing Security Issues in Wireless Sensor Networks: Attacks and Defenses

Wireless Sensor Networks (WSNs) are rapidly emerging as an important new area in wireless and mobile computing research. Applications of WSNs are numerous and growing, and range from indoor deployment scenarios in the home and office to outdoor deployment scenarios in adversary's territory in a tactical battleground (Akyildiz et al., 2002). For military environment, dispersal of WSNs into an adversary's territory enables the detection and tracking of enemy soldiers and vehicles. For home/office environments, indoor sensor networks offer the ability to monitor the health of the elderly and to detect intruders via a wireless home security system. In each of these scenarios, lives and livelihoods may depend on the timeliness and correctness of the sensor data obtained from dispersed sensor nodes. As a result, such WSNs must be secured to prevent an intruder from obstructing the delivery of correct sensor data and from forging sensor data. To address the latter problem, end-to-end data integrity checksums and post-processing of senor data can be used to identify forged sensor data (Estrin et al., 1999; Hu et al., 2003a; Ye et al., 2004). The focus of this chapter is on routing security in WSNs. Most of the currently existing routing protocols for WSNs make an optimization on the limited capabilities of the nodes and the application-specific nature of the network, but do not any the security aspects of the protocols. Although these protocols have not been designed with security as a goal, it is extremely important to analyze their security properties. When the defender has the liabilities of insecure wireless communication, limited node capabilities, and possible insider threats, and the adversaries can use powerful laptops with high energy and long range communication to attack the network, designing a secure routing protocol for WSNs is obviously a non-trivial task.Comment: 32 pages, 5 figures, 4 tables 4. arXiv admin note: substantial text overlap with arXiv:1011.152

A Scalable Trust Management scheme for Mobile Ad Hoc Networks

Mobile ad hoc networks MANETs, have special resource requirements and different topology features, they establish themselves on fly without reliance on centralized or specialized entities such as base stations. All the nodes must cooperate with each other in order to send packets, forwarding packets, responding to routing messages, sending recommendations, among others, Cooperating nodes must trust each other. In MANETs, an untrustworthy node can wreak considerable damage and adversely affect the quality and reliability of data. Therefore, analyzing the trust level of a node has a positive influence on the confidence with which an entity conducts transactions with that node. This thesis presents a new trust management scheme to assign trust levels for spaces or nodes in ad hoc networks. The scheme emulates the human model which depends on the previous individual experience and on the intercession or recommendation of other spaces in the same radio range. The trust level considers the recommendation of trustworthy neighbors and their own experience. For the recommendation computation, we take into account not only the trust level, but also its accuracy and the relationship maturity. The relationship rationality -maturity-, allows nodes to improve the efficiency of the proposed model for mobile scenarios. We also introduce the Contribution Exchange Protocol (CEP) which allows nodes to exchange Intercessions and recommendation about their neighbors without disseminating the trust information over the entire network. Instead, nodes only need to keep and exchange trust information about nodes within the radio range. Without the need for a global trust knowledge. Different from most related works, this scheme improves scalability by restricting nodes to keep and exchange trust information solely with direct neighbors, that is, neighbors within the radio range. We have developed a simulator, which is specifically designed for this model, in order to evaluate and identify the main characteristics of the proposed system. Simulation results show the correctness of this model in a single-hop network. Extending the analysis to mobile multihop networks, shows the benefits of the maturity relationship concept, i.e. for how long nodes know each other, the maturity parameter can decrease the trust level error up to 50%. The results show the effectiveness of the system and the influence of main parameters in the presence of mobility. At last, we analyze the performance of the CEP protocol and show its scalability. We show that this implementation of CEP can significantly reduce the number messages

Mobile Ad hoc Networking: Imperatives and Challenges

Mobile ad hoc networks (MANETs) represent complex distributed systems that comprise wireless mobile nodes that can freely and dynamically self-organize into arbitrary and temporary, "ad-hoc" network topologies, allowing people and devices to seamlessly internetwork in areas with no pre-existing communication infrastructure, e.g., disaster recovery environments. Ad hoc networking concept is not a new one, having been around in various forms for over 20 years. Traditionally, tactical networks have been the only communication networking application that followed the ad hoc paradigm. Recently, the introduction of new technologies such as the Bluetooth, IEEE 802.11 and Hyperlan are helping enable eventual commercial MANET deployments outside the military domain. These recent evolutions have been generating a renewed and growing interest in the research and development of MANET. This paper attempts to provide a comprehensive overview of this dynamic field. It first explains the important role that mobile ad hoc networks play in the evolution of future wireless technologies. Then, it reviews the latest research activities in these areas, including a summary of MANET\u27s characteristics, capabilities, applications, and design constraints. The paper concludes by presenting a set of challenges and problems requiring further research in the future

Intrusion detection and response model for mobile ad hoc networks.

This dissertation presents a research whose objective is to design and develop an intrusion detection and response model for Mobile Ad hoc NETworks (MANET). Mobile ad hoc networks are infrastructure-free, pervasive and ubiquitous in nature, without any centralized authority. These unique MANET characteristics present several changes to secure them. The proposed security model is called the Intrusion Detection and Response for Mobile Ad hoc Networks (IDRMAN). The goal of the proposed model is to provide a security framework that will detect various attacks and take appropriate measures to control the attack automatically. This model is based on identifying critical system parameters of a MANET that are affected by various types of attacks, and continuously monitoring the values of these parameters to detect and respond to attacks. This dissertation explains the design and development of the detection framework and the response framework of the IDRMAN. The main aspects of the detection framework are data mining using CART to identify attack sensitive network parameters from the wealth of raw network data, statistical processing using six sigma to identify the thresholds for the attack sensitive parameters and quantification of the MANET node state through a measure called the Threat Index (TI) using fuzzy logic methodology. The main aspects of the response framework are intruder identification and intruder isolation through response action plans. The effectiveness of the detection and response framework is mathematically analyzed using probability techniques. The detection framework is also evaluated by performance comparison experiments with related models, and through performance evaluation experiments from scalability perspective. Performance metrics used for assessing the detection aspect of the proposed model are detection rate and false positive rate at different node mobility speed. Performance evaluation experiments for scalability are with respect to the size of the MANET, where more and more mobile nodes are added into the MANET at varied mobility speed. The results of both the mathematical analysis and the performance evaluation experiments demonstrate that the IDRMAN model is an effective and viable security model for MANET

Security and Energy Efficiency in Resource-Constrained Wireless Multi-hop Networks

In recent decades, there has been a huge improvement and interest from the research community in wireless multi-hop networks. Such networks have widespread applications in civil, commercial and military applications. Paradigms of this type of networks that are critical for many aspects of human lives are mobile ad-hoc networks, sensor networks, which are used for monitoring buildings and large agricultural areas, and vehicular networks with applications in traffic monitoring and regulation. Internet of Things (IoT) is also envisioned as a multi-hop network consisting of small interconnected devices, called ``things", such as smart meters, smart traffic lights, thermostats etc. Wireless multi-hop networks suffer from resource constraints, because all the devices have limited battery, computational power and memory. Battery level of these devices should be preserved in order to ensure reliability and communication across the network. In addition, these devices are not a priori designed to defend against sophisticated adversaries, which may be deployed across the network in order to disrupt network operation. In addition, the distributed nature of this type of networks introduces another limitation to protocol performance in the presence of adversaries. Hence, the inherit nature of this type of networks poses severe limitations on designing and optimizing protocols and network operations. In this dissertation, we focus on proposing novel techniques for designing more resilient protocols to attackers and more energy efficient protocols. In the first part of the dissertation, we investigate the scenario of multiple adversaries deployed across the network, which reduce significantly the network performance. We adopt a component-based and a cross-layer view of network protocols to make protocols secure and resilient to attacks and to utilize our techniques across existing network protocols. We use the notion of trust between network entities to propose lightweight defense mechanisms, which also satisfy performance requirements. Using cryptographic primitives in our network scenario can introduce significant computational overhead. In addition, behavioral aspects of entities are not captured by cryptographic primitives. Hence, trust metrics provide an efficient security metric in these scenarios, which can be utilized to introduce lightweight defense mechanisms applicable to deployed network protocols. In the second part of the dissertation, we focus on energy efficiency considerations in this type of networks. Our motivation for this work is to extend network lifetime, but at the same time maintain critical performance requirements. We propose a distributed sleep management framework for heterogeneous machine-to-machine networks and two novel energy efficient metrics. This framework and the routing metrics are integrated into existing routing protocols for machine-to-machine networks. We demonstrate the efficiency of our approach in terms of increasing network lifetime and maintaining packet delivery ratio. Furthermore, we propose a novel multi-metric energy efficient routing protocol for dynamic networks (i.e. mobile ad-hoc networks) and illustrate its performance in terms of network lifetime. Finally, we investigate the energy-aware sensor coverage problem and we propose a novel game theoretic approach to capture the tradeoff between sensor coverage efficiency and energy consumption