Security server-based architecture for mobile ad hoc networks

A Mobile Ad hoc Network (MANET) is receiving a great attention by different communities (e.g. military and civil applications) thanks to its self-configuration and self maintenance potential. Securing a MANET is a very critical matter as it is vulnerable to different attacks and also it is characterised with no clear line of defence. Since any security solution relies on a particular trust model, there are different types of trust models that could suit MANETs. This paper present a design of security architecture based on the hybrid trust model. It consists of a set of servers (i.e. a Central authority Server (CAS), Threshold Authority Servers (TASs) and Delegated Authority Servers (DASs)) emulating certification authorities. Our security architecture caters for improving services availability and utilisation. © 2012 IEEE

Survey on Security Management of Multiple Spoofing Attackers in Wireless Networks

Wireless spoofing attacks are simple to introduce and can importantly impact the performance of networks. In this paper, we propose to use spatial information a physical property related to every node, complex to mispresent and self reliant on cryptography, as the initializing for detecting spoofing attacks determining the number of attackers when multiple opponent masquerading as the same node identity and localizing multiple adversaries We propose to use the spatial correlation of received signal strength (RSS) inherited from wireless nodes to detect the spoofing attacks. For determining the number of attackers we are using cluster based mechanism. To localize the positions of multiple attackers, we have developed an integrated detection and localization system. The generated localization results with a representative set of algorithms provide strong evidence of high accuracy of localizing multiple adversaries. As the wireless networks are easily susceptible for various types of spoofing attacks, basically this paper focuses on Identity-based spoofing attacks and the enhanced and efficient techniques to secure from such attacks

A survey of distributed certificate authorities in MANETs

A Certificate Authority (CA) provides the critical authentication and security services for Public Key Infrastructure (PKI) which are used for the Internet and wired networks. In MANETs (wireless and ad hoc) there is an inability to offer a centralized CA to provide these security services. Recent research has looked to facilitate the use of CAs within MANETs through the use of a Distributed Certificate Authority (DCA) for wireless and ad hoc networks. This paper presents a number of different types of DCA protocols and categorizes them into groups based on their factors and specifications. The paper concludes by proposing the best DCA security services in terms of performance and level of security

Scalable and Secure Dynamic Key Management and Channel Aware Routing in Mobile Adhoc Networks

A MANET (Mobile Ad-hoc Network) is an infrastructure-less self configuring wireless networks of routers. Key management is at the center of providing network security via cryptographic mechanisms with a high-availability feature. Dynamic key is the efficient assistance for network scalability. Routing protocol used here is a form of reactive routing called CA-AOMDV and compared with Table driven routing called DSDV. Channel aware routing protocol quality of the channel which can be measured in terms of suitable metrics. This paper leads to an emphasis on Black hole attack and to develop a dynamic key framework using RSA algorithm

A Simulation-Based Study of Server Location Selection Rules in Manets Utilising Threshold Cryptography

Truly Ad Hoc wireless networks where a spontaneous formation of a network occurs and there is no prior knowledge of nodes to each other present significant security challenges, especially as entirely online configuration of nodes with encryption keys must be performed. Utilising threshold cryptography in this type of MANET can greatly increase the security by requiring servers to collaborate to form a single Certificate Authority (CA). In this type of CA responsibility for certificate services is shared between a threshold of servers, greatly increasing security and making attack against the CA considerably more difficult. Choosing which nodes to take on the role of a CA server can have a significant impact on the efficiency of the network, and the success of certificate requests. This research uses simulation to test different rules for choosing nodes to become servers based on their location within the network. Results show that choosing the best server location rules for particular configurations is essential in ensuring both robust security and efficient running of the network

Cluster Based Intrusion Detection Technique for Wireless Networks

Wireless networks are vulnerable to spoofing attacks, which allows for many other forms of attacks on the networks. Although th e identity of a node can be verified through cryptographic authentication, authentication is not always possible because it requires key management and additional infrastructural overhead. In this paper we propose a method for both detect ing spoofing attacks, as well as locating the positions of adversaries performing the attacks. We propose to use the spatial correlation of received signal strength (RSS) inherited from wireless nodes to detect the spoofing attacks. We then formulate the problem of determin ing the number of attackers as a multiclass detection problem. Cluster - based mechanisms are developed to determine the number of attackers. When the training data are available, we explore using the Support Vector Machines (SVM) method to further improve t he accuracy of determining the number of attackers. In addition, we developed an integrated detection and localization system that can localize the positions of multiple attackers. We evaluated our techniques through two test beds using both an 802.11 ( Wi - Fi ) network and an 802.15.4 network in two real office buildings. Our experimental results show that our proposed methods can achieve over 90 percent Hit Rate and Precision when determining the number of attackers. Our localizatio n results using a represen tative set of algorithms provide strong evidence of high accuracy of localizing multiple adversaries