SUPERMAN: Security using pre-existing routing for mobile ad hoc networks

The flexibility and mobility of Mobile Ad hoc Networks (MANETs) have made them increasing popular in a wide range of use cases. To protect these networks, security protocols have been developed to protect routing and application data. However, these protocols only protect routes or communication, not both. Both secure routing and communication security protocols must be implemented to provide full protection. The use of communication security protocols originally developed for wireline and WiFi networks can also place a heavy burden on the limited network resources of a MANET. To address these issues, a novel secure framework (SUPERMAN) is proposed. The framework is designed to allow existing network and routing protocols to perform their functions, whilst providing node authentication, access control, and communication security mechanisms. This paper presents a novel security framework for MANETs, SUPERMAN. Simulation results comparing SUPERMAN with IPsec, SAODV and SOLSR are provided to demonstrate the proposed frameworks suitability for wireless communication securit

Trust-based security for the OLSR routing protocol

International audienceThe trust is always present implicitly in the protocols based on cooperation, in particular, between the entities involved in routing operations in Ad hoc networks. Indeed, as the wireless range of such nodes is limited, the nodes mutually cooperate with their neighbors in order to extend the remote nodes and the entire network. In our work, we are interested by trust as security solution for OLSR protocol. This approach fits particularly with characteristics of ad hoc networks. Moreover, the explicit trust management allows entities to reason with and about trust, and to take decisions regarding other entities. In this paper, we detail the techniques and the contributions in trust-based security in OLSR. We present trust-based analysis of the OLSR protocol using trust specification language, and we show how trust-based reasoning can allow each node to evaluate the behavior of the other nodes. After the detection of misbehaving nodes, we propose solutions of prevention and countermeasures to resolve the situations of inconsistency, and counter the malicious nodes. We demonstrate the effectiveness of our solution taking different simulated attacks scenarios. Our approach brings few modifications and is still compatible with the bare OLSR

A lightweight group-key management protocol for secure ad-hoc-network routing

AbstractSecure routing protocols for ad hoc networks use group keys for authenticating control messages without high energy consumption. A distributed and robust group-key management is, thus, essential. This paper proposes and specifies a protocol for distributing and managing group keys in ad hoc environments based on the Secure Optimized Link State Routing protocol (SOLSR). The proposed protocol manages group keys taking into consideration frequent network partitions/mergers and also reduces the impact of non-authorized users that try to illegitimately obtain the group key to use network resources. The analysis shows that our proposal provides high availability and presents low energy consumption for the two most important group events in ad hoc network: joining-node events and network-partition-merging events. Our protocol reduces both the number of control messages and the energy spent with cryptographic operations by up to three orders of magnitude when compared to contributory group-key agreement algorithms. The proposed protocol provides an efficient key management in a timely manner

Efficient and Secure Routing In Network Layer For MANET

Secure routing and communication security protocols can be combined and applied on the messages to deliver them with complete shielding. The custom of communication security protocols initially advanced for wire line and Wi-Fi networks can also present a heavy burden on the limited network resources of a MANET. To discourse these issues, a novel secure framework (SUPERMAN) was projected. The basis is planned to consent existing network and routing protocols to complete their functions, while providing node authentication, access control, and communication security mechanisms. In this work we present innovative security framework for MANETs, SUPERMAN. Recreation results comparing SUPERMAN with IPsec, SAODV and SOLSR are provided to determine the suggested frameworks correctness for wireless communication security

Efficient Secure Framework For Providing Security In n/w Layer For MANET

SUPERMAN lectures the badly-behaved of unified MANET communication haven. It outfits a Virtual Closed Network architecture to shelter both network and application data. This is in disparity with the approaches suggested in previous work, which application on protective definite communication based services. The charter is deliberate to countenance existing network and routing protocols to execute their functions, at the same time as providing node authentication, access control, and communication security mechanisms. This gifts a original safety framework for MANETs, SUPERMAN. Simulation results likening SUPERMAN with IPsec, SAODV and SOLSR are if to prove the future frameworks appropriateness for wireless communication security

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

EFFICIENT NOVEL FRAMEWORK FOR PROTECT COMMUNICATION IN MANET

The adaptability and portability of Versatile Specially appointed Systems (MANETs) have made them expanding well known in a widerange of utilization cases. To ensure these systems, security conventions have been produced to ensure steering and application information. In any case, these conventions just secure courses or correspondence, not both. Both secure steering and correspondence security protocols must be actualized to give full insurance. The utilization of correspondence security conventions initially created for wireline and WiFi systems can likewise put an overwhelming weight on the restricted system assets of a MANET. To address these issues, a novel secure system (SUPERMAN) is proposed. The structure is intended to permit existing system and routing protocols to play out their capacities, while giving hub confirmation, get to control, and correspondence security mechanisms. This paper shows a novel security system for MANETs, SUPERMAN. Reproduction results comparing SUPERMAN with IPsec, SAODV and SOLSR are given to show the proposed structures reasonableness for wireless communication security

Diseño de un Esquema Cross-Layer para el Balance entre Eficiencia Energética y Calidad de Servicio en la Transmisión de Tráfico Multimedia en Redes Ad-Hoc

This thesis dissertation addresses the problem of energy constraints in ad hoc wireless networks. In this sort of networks nodes are generally powered by means of batteries, which involves significant limitations regarding the time of operation of devices. The nodes whose battery level describes important energy depletion represent potential elements for loss of connectivity, which results in an increase of packet loss rate. Therefore, the management of energy expenditure is one of the main research challenges to face in ad hoc networks, especially when developing applications in real scenarios. However, energy management is not a trivial task due to the inherent features of this kind of networks, such as the distributed operation as well as the access medium mechanism. In that sense, traditional solutions of energy optimization based on the definition of power-saving intervals (sleep mode) are not suitable considering the operational characteristics of an ad hoc network, due to the substantial deterioration of network connectivity. In addition, the exponential growth of applications focused on the transmission of multimedia contents (especially video) available on mobile devices involves specific quality of service levels. Consequently, the design of solutions for the optimization of energy resources should be carried out without degrading the Quality of Experience perceived by the users. The contributions of this thesis are focused, in the first place, on the analysis of those factors which generate an increase of the energy consumption in the wireless medium and are related to the principle of operation of the radio interface. In particular, the intense operation in reception mode on the interference areas, as a result of the overhearing effect, as well as the high number of transmission retries due to channel access contention, are defined as the main aspects that increase energy demand in the network. On the other hand, with the aim of optimizing energy resources in the nodes without causing damage on the Quality of Service, this thesis proposes meaningful improvements to the routing protocol by means of a cross-layer scheme. Specifically, the designed mechanism carries out an evaluation of both the energy capacity available in the nodes and the distribution of devices along the wireless medium. To that end, this proposal introduces a new metric in the routing computation process, called strategic value, which reports the importance of a node in the network in terms of connectivity (i.e. number of neighbor nodes). This scheme aims to reduce the energy expenditure caused by the overhearing effect along the areas with higher node density as well as to extend the lifetime for those nodes with higher number of neighbors which are strategic to preserve network connectivity. Additionally, considering the current pragmatic approach in ad hoc networks focused on the design of specific applications, the evaluation hereby presented has been performed by means of a simulation environment and also through the implementation of a testbed. Specifically, the operation of the proposed scheme has been analyzed on a set of ad hoc nodes which has been implemented through development platforms. Also, a software tool has been developed in order to control and configure the experiments. Results prove that the proposal allows to extend the lifetime of the network as well as to increase packet reception rate as a consequence of the prevention in the route breakages due to energy depletion. Finally, it is worth mentioning that the knowledge acquired by the design, configuration and analysis of experiments by means of hardware devices, has motivated the development of proposals and application studies of ad hoc networks in real environments, which represent an additional contribution of this thesis dissertation.El presente trabajo de tesis doctoral aborda la problemática de las limitaciones de energía en redes inalámbricas ad hoc. En este tipo de redes, los nodos generalmente emplean baterías como fuente de alimentación, lo que limita de forma dramática la autonomía de funcionamiento. Los nodos con mayor agotamiento de energía constituyen potenciales elementos para la pérdida de conectividad parcial o total de la red ocasionando el incremento de la pérdida de paquetes. Por tanto, la gestión eficiente del gasto es uno de los principales desafíos a enfrentar en el ámbito de investigación de redes ad hoc, en especial para el desarrollo de aplicaciones en escenarios reales de operación. Sin embargo, dicha gestión no es una tarea trivial debido a las características inherentes de este tipo de redes, como por ejemplo la operación distribuida, así como el acceso compartido al medio inalámbrico. En tal sentido, los mecanismos usuales de optimización del gasto de energía basados en el establecimiento de períodos de bajo consumo (modo sleep), no se ajustan a las características operativas de una red ad hoc, debido al impacto notable que ocasionan sobre la conectividad en la red. Además, el crecimiento significativo de las aplicaciones y servicios de distribución de contenidos multimedia, especialmente tráfico de vídeo, demandan niveles específicos de calidad de servicio. Por consiguiente, el diseño de soluciones de optimización de los recursos de energía disponible en los nodos no debe implicar la degradación de la calidad de experiencia percibida por los usuarios finales. Las contribuciones del trabajo de tesis se centran, en primer lugar, en el análisis de los factores que incrementan el gasto de energía en el medio inalámbrico y que están relacionados con el principio de operación de la interfaz de radio. En particular, el incremento dramático del funcionamiento en modo recepción ocasionado sobre las zonas de interferencia por el efecto overhearing así como el mayor número de intentos de transmisión debido a la contienda por el acceso al canal, se definen como las principales causas que incrementan la demanda de energía en la red. Por otra parte, con el objetivo de optimizar los recursos de energía disponibles en los nodos sin ocasionar un perjuicio sobre la calidad de servicio, en el presente trabajo de tesis se proponen mejoras al protocolo de encaminamiento mediante un esquema cross-layer. En concreto, el mecanismo diseñado realiza una evaluación de la capacidad de energía disponible en los nodos, así como de la distribución de los dispositivos en el medio inalámbrico. Con tal fin, la propuesta introduce en el cómputo de enrutamiento una métrica nueva denominada valor estratégico, la cual reporta la importancia de un nodo en la red en términos de conectividad (número de dispositivos vecinos). El esquema apunta a reducir el gasto de energía ocasionado por el efecto overhearing en las zonas con mayor densidad de dispositivos, así como extender la autonomía de operación sobre aquellos nodos con mayor número de vecinos, que resultan estratégicos para conservar la conectividad en la red. Además, de forma consecuente con el actual enfoque pragmático en redes ad hoc orientado al diseño de soluciones para escenarios específicos de aplicación, la evaluación de la propuesta se ha realizado tanto en un entorno de simulación, así como mediante la implementación de un testbed. Específicamente, se ha analizado la operación del mecanismo de enrutamiento propuesto sobre un conjunto de nodos ad hoc implementados mediante plataformas de desarrollo. Adicionalmente, se ha desarrollado una herramienta para el control y configuración de los experimentos. Los resultados demuestran que la propuesta permite extender el tiempo de operación de la red, así como incrementar la tasa de paquetes en recepción como consecuencia de la prevención en la ruptura de los enlaces por agotamientoEl present treball de tesi doctoral aborda la problemàtica de les limitacions d'energia en xarxes sense fil ad hoc. En este tipus de xarxes, els nodes generalment empren bateries com a font d'alimentació, la qual cosa limita de forma dramàtica l'autonomia de funcionament. Els nodes amb major esgotament d'energia constituïxen potencials elements per a la pèrdua de connectivitat parcial o total de la xarxa, ocasionant l'increment de la pèrdua de paquets. Per tant, la gestió eficient de la despesa és un dels principals desafiaments a enfrontar en l'àmbit d'investigació de xarxes ad hoc, en especial per al desenvolupament d'aplicacions en escenaris reals d'operació. No obstant això, aquesta gestió no és una tasca trivial a causa de les característiques inherents d'este tipus de xarxes, com per exemple l'operació distribuïda així com l'accés compartit al mitjà sense fil. En este sentit, els mecanismes usuals d'optimització de la despesa d'energia basats en l'establiment de períodes de baix consum (mode sleep), no s'ajusten a les característiques operatives d'una xarxa ad hoc, a causa de l'impacte notable que ocasionen sobre la connectivitat a la xarxa. A més, el creixement significatiu de les aplicacions i serveis de distribució de continguts multimèdia, especialment tràfic de vídeo, demanden nivells específics de qualitat de servei. Per tant, el disseny de solucions d'optimització dels recursos d'energia disponible en els nodes no ha d'implicar la degradació de la qualitat d'experiència percebuda pels usuaris finals. Les contribucions del treball de tesi se centren, en primer lloc, en l'anàlisi dels factors que incrementen la despesa d'energia en el mitjà sense fil i que estan relacionats amb el principi d'operació de la interfície de ràdio. En particular, l'increment dramàtic del funcionament en mode recepció, ocasionat sobre les zones d'interferència per l'efecte overhearing, així com el major nombre d'intents de transmissió a causa de la contesa per l'accés al canal, es definixen com les principals causes que incrementen la demanda d'energia a la xarxa. D'altra banda, amb l'objectiu d'optimitzar els recursos d'energia disponibles en els nodes sense ocasionar un perjudici sobre la qualitat de servici, en el present treball de tesi es proposen millores al protocol d'encaminament mitjançant un esquema cross-layer. En concret, el mecanisme dissenyat realitza una avaluació de la capacitat d'energia disponible en els nodes així com de la distribució dels dispositius en el mitjà sense fil. Amb tal fi, la proposta introduïx en el còmput d'encaminament una nova mètrica denominada valor estratègic, la qual reporta la importància d'un node en la xarxa en termes de connectivitat (nombre de dispositius veïns). L'esquema reduix la despesa ocasionada per l'efecte overhearing a les zones amb major densitat de dispositius i estén l'autonomia d'operació sobre aquells nodes amb major nombre de veïns, que resulten estratègics per conservar la connectivitat a la xarxa. A més, de forma conseqüent amb l'actual enfocament pragmàtic en xarxes ad hoc orientat al disseny de solucions per a escenaris específics d'aplicació, l'avaluació de la proposta s'ha realitzat tant en un entorn de simulació així com per mitjà de la implementació d'un testbed. Específicament, s'ha analitzat l'operació del mecanisme d'encaminament proposat sobre un conjunt de nodes ad hoc implementats mitjançant plataformes de desenvolupament. Addicionalment, s'ha desenvolupat una eina per al control i configuració dels experiments. Els resultats demostren que la proposta permet estendre el temps d'operació de la xarxa així com incrementar la taxa de paquets en recepció com a conseqüència de la prevenció en la ruptura dels enllaços per esgotament d'energia.González Martínez, SR. (2017). Diseño de un Esquema Cross-Layer para el Balance entre Eficiencia Energética y Calidad de Servicio en la Transmisión de Tráfico Multimedia en Redes Ad-Hoc [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/84284TESI