Mitigate denial of service attacks in mobile ad-hoc networks

Wireless networks are proven to be more acceptable by users compared with wired networks for many reasons, namely the ease of setup, reduction in running cost, and ease of use in different situations such as disasters recovery. A Mobile ad-hoc network (MANET) is as an example of wireless networks. MANET consists of a group of hosts called nodes which can communicate freely via wireless links. MANET is a dynamic topology, self-configured, non-fixed infrastructure, and does not have any central administration that controls all nodes among the network. Every device, used in day-to-day living, is assumed to be a network device, and it is managed using Internet Protocols (IP). Information on every electronic device is collected using infrared sensors, voice or video sensors, Radio-Frequency Identification (RFID), etc. The new wireless networks and communications paradigm known as Internet of Things (IoT) is introduced which refers to the range of multiple interconnected devices which communicate and exchange data between one another. MANET becomes prone to many attacks mainly due to its specifications and challenges such as limited bandwidth, nodes mobility and limited energy. This research study focuses specifically on detecting Denial of Service attack (DoS) in MANET. The main purpose of DoS attack is to deprive legitimate users from using their authenticated services such as network resources. Thus, the network performance would degrade and exhaust the network resources such as computing power and bandwidth considerably which lead the network to be deteriorated. Therefore, this research aims to detect DoS attacks in both Single MANET (SM) and Multi MANETs (MM). A novel Monitoring, Detection, and Rehabilitation (MrDR) method is proposed in order to detect DoS attack in MANET. The proposed method is incorporating trust concept between nodes. Trust value is calculated in each node to decide whether the node is trusted or not. To address the problem when two or more MANETs merge to become one big MANET, the novel technique of Merging Using MrDR (MUMrDR) is also applied to detect DoS attack. As the mobility of nodes in MANET, the chance of MANETs merge or partition occurs. Both centralised and decentralised trust concepts are used to deal with IP address conflict and the merging process is completed by applying the MUMrDR method to detect DoS attacks in MM. The simulation results validate the effectiveness in the proposed method to detect different DoS attacks in both SM and MM

Secure prophet address allocation for MANETs

A mobile node in a MANET must be assigned a free IP address before it may participate in unicast communications. This is a fundamental and difficult problem in the practical application of any MANET. There have been several solutions proposed, among which prophet address allocation outperforms others in terms of communication overhead, latency, and scalability. However, none of the approaches can survive attacks in an insecure environment. Although there are a few secure autoconfiguration schemes proposed, they all have some disadvantages. Based on studies of insecure scenarios, attack schemes, and our previous work, a secure autoconfiguration algorithm, namely secure prophet address allocation, is proposed in the paper. The proposed approach is able to maintain uniqueness of address assignment in the presence of IP spoofing attacks, `state pollution' attacks, and Sybil attacks. The invulnerability of the scheme is supported by both theoretical analysis and simulation results. Copyright (C) 2009 John Wiley & Sons, Ltd