Trust model for certificate revocation in Ad hoc networks

In this paper we propose a distributed trust model for certificate revocation in Adhoc networks. The proposed model allows trust to be built over time as the number of interactions between nodes increase. Furthermore, trust in a node is defined not only in terms of its potential for maliciousness, but also in terms of the quality of the service it provides. Trust in nodes where there is little or no history of interactions is determined by recommendations from other nodes. If the nodes in the network are selfish, trust is obtained by an exchange of portfolios. Bayesian networks form the underlying basis for this model

Secure Routing in Wireless Mesh Networks

Wireless mesh networks (WMNs) have emerged as a promising concept to meet the challenges in next-generation networks such as providing flexible, adaptive, and reconfigurable architecture while offering cost-effective solutions to the service providers. Unlike traditional Wi-Fi networks, with each access point (AP) connected to the wired network, in WMNs only a subset of the APs are required to be connected to the wired network. The APs that are connected to the wired network are called the Internet gateways (IGWs), while the APs that do not have wired connections are called the mesh routers (MRs). The MRs are connected to the IGWs using multi-hop communication. The IGWs provide access to conventional clients and interconnect ad hoc, sensor, cellular, and other networks to the Internet. However, most of the existing routing protocols for WMNs are extensions of protocols originally designed for mobile ad hoc networks (MANETs) and thus they perform sub-optimally. Moreover, most routing protocols for WMNs are designed without security issues in mind, where the nodes are all assumed to be honest. In practical deployment scenarios, this assumption does not hold. This chapter provides a comprehensive overview of security issues in WMNs and then particularly focuses on secure routing in these networks. First, it identifies security vulnerabilities in the medium access control (MAC) and the network layers. Various possibilities of compromising data confidentiality, data integrity, replay attacks and offline cryptanalysis are also discussed. Then various types of attacks in the MAC and the network layers are discussed. After enumerating the various types of attacks on the MAC and the network layer, the chapter briefly discusses on some of the preventive mechanisms for these attacks.Comment: 44 pages, 17 figures, 5 table

A Media Access Control Protocol for Wireless Adhoc Networks with Misbehaviour Avoidance

The most common wireless Medium Access Control (MAC) protocol is IEEE 802.11. Currently IEEE 802.11 standard protocol is not resilient for many identified MAC layer attacks, because the protocol is designed without intention for providing security and with the assumption that all the nodes in the wireless network adhere to the protocol. However, nodes may purposefully show misbehaviours at the MAC layer in order to obtain extra bandwidth con-serve resources and degrade or disrupt the network performance. This research proposes a secure MAC protocol for MAC layer which has integrated with a novel misbehaviour detection and avoidance mechanism for Mobile Ad Hoc Networks (MANETs). The proposed secure MAC protocol the sender and receiver work collaboratively together to handshakes prior to deciding the back-off values. Common neighbours of the sender and receiver contributes effectively to misbehaviours detection and avoidance process at MAC layer. In addition the proposed solution introduces a new trust distribution model in the network by assuming none of the wireless nodes need to trust each other. The secure MAC protocol also assumes that misbehaving nodes have significant levels of intelligence to avoid the detectio

Analysis of DoS Attacks at MAC Layer in Mobile Adhoc Networks

—Wireless network security has received tremendous attention due to the vulnerabilities exposed in the open communication medium. The most common wireless Medium Access Control (MAC) protocol is IEEE 802.11, which assumes all the nodes in the network are cooperative. However, nodes may purposefully misbehave in order to disrupt network performance, obtain extra bandwidth and conserve resources. These MAC layer misbehaviours can lead to Denial of Service (DoS) attacks which can disrupt the network operation. There is a lack of comprehensive analysis of MAC layer misbehaviour driven DoS attacks for the IEEE 802.11 protocol. This research studied possible MAC layer DoS attack strategies that are driven by the MAC layer malicious/selfish nodes and investigates the performance of the IEEE 802.11 protocol. Such DoS attacks caused by malicious and selfish nodes violating backoff timers associated with the protocol. The experimental and analytical approach evaluates several practical MAC layer backoff value manipulation and the impact of such attacks on the network performance and stability in MANETs. The simulation results show that introducing DoS attacks at MAC layer could significantly affect the network throughput and data packet collision rate. This paper concludes that DoS attacks with selfish/malicious intend can obtain a larger throughput by denying well-behaved nodes to obtain deserved throughput, also DoS attacks with the intend of complete destruction of the network can succee

Resilient Misbehaviour Detection MAC Protocol (MD-MAC) for Distributed Wireless Networks

Chaminda Alocious, Hannan Xiao, B. Christianson, 'Resilient Misbehaviour Detection MAC Protocol (MD-MAC) for Distributed Wireless Networks' paper presented at the 2016 IEEE Wireless Communications and Networking Conference (IEEE WCNC). Doha, Qatar. 3-6 April 2016Wireless network security requirements are becoming more important and critical. The modern network security architectures require more attention to provide security in each network layer. This will require understanding of protocol vulnerabilities in existing protocol architectures. However, providing security requirements are not just limited to confidentiality and integrity, also availability and fairness are important security elements. IEEE 802.11 MAC protocol is one of the most common standard in modern day networks and has been designed without a consideration for providing security protection at MAC layer. IEEE 802.11 assumes all the nodes in the network are cooperative. However, nodes may purposefully misbehave in order to obtain extra bandwidth, conserve resources and disrupt network performance. This research proposes a Misbehaviour Detection MAC protocol (MD-MAC) to address the problematic scenarios of MAC layer misbehaviours, which takes a novel approach to detect misbehaviours in Mobile Adhoc Networks (MANETs). The MD-MAC modifies the CSMA/CA protocol message exchange and uses verifiable backoff value generation mechanism with an incorporated trust model which is suitable for distributed networks. The MD-MAC protocol has been implemented and evaluated in ns2, simulation results suggest that the protocol is able to detect misbehaving wireless nodes in a distributed network environment

A Trustful Routing Protocol for Ad-hoc Network

Mobile Ad-hoc Network (MANET) is a wireless system that comprises mobile nodes. It is usually referred to a decentralized autonomous system. Self configurability and easy deployment feature of the MANET resulted in numerous applications in this modern era. Its routing protocol has to be able to cope with the new challenges that a MANET creates such as nodes mobility, security maintenance, and quality of service, limited bandwidth and limited power supply. These challenges set new demands on MANET routing protocols. With the increasing interest in MANETs, there has been a greater focus on the subject of securing such networks. However, the majority of these MANET secure routing protocols did not provide a complete solution for all the MANETs2019; attacks and assumed that any node participating in the MANET is not selfish and that it will cooperate to support different network functionalities. My thesis strategy is to choose one of the secure routing protocols According to its security-effectiveness, study it and analyze its functionality and performance. The authenticated routing for ad hoc networks (ARAN) secure routing protocol was chosen for analysis. Then, the different existing cooperation enforcement schemes were surveyed so that to come up with a reputation-based scheme to integrate with the ARAN protocol. The result of that integration is called: Trustful-ARAN. Consequently, the ARAN is capable of handling both selfish and malicious nodes2019; attacks. The improvement is obtained at the cost of a higher overhead percentage with minimal increase in the average number of hops. The Trustful-ARAN proves to be more efficient and more secure than normal ARAN secure routing protocol in defending against both malicious and authenticated selfish nodes

Counteracting Selfish Nodes Using Reputation Based System in Mobile Ad Hoc Networks

A mobile ad hoc network (MANET) is a group of nodes constituting a network of mobile nodes without predefined and pre-established architecture where mobile nodes can communicate without any dedicated access points or base stations. In MANETs, a node may act as a host as well as a router. Nodes in the network can send and receive packets through intermediate nodes. However, the existence of malicious and selfish nodes in MANETs severely degrades network performance. The identification of such nodes in the network and their isolation from the network is a challenging problem. Therefore, in this paper, a simple reputation-based scheme is proposed which uses the consumption and contribution information for selfish node detection and cooperation enforcement. Nodes failing to cooperate are detached from the network to save resources of other nodes with good reputation. The simulation results show that our proposed scheme outperforms the benchmark scheme in terms of NRL (normalized routing load), PDF (packet delivery fraction), and packet drop in the presence of malicious and selfish attacks. Furthermore, our scheme identifies the selfish nodes quickly and accurately as compared to the benchmark scheme