Integrated prevention and detection of Byzantine attacks in mobile ad hoc networks

Date

2009

Authors

Su, Xu

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

A mobile ad hoc network (MANET) consists of several wireless hosts that are capable of communicating with each other without the use of a network infrastructure or any centralized administration. Owing to the use of wireless channels and broadcasts for route discovery and maintenance techniques involving all nodes in the networks, MANETs are more vulnerable to security attacks than conventional wired and wireless networks. Byzantine attacks, in which attackers have full control of one or more authenticated nodes, collude with one another and use the most effective strategies to disrupt the network, are even more difficult to prevent and mitigate. Existing secure routing protocols (preventive solutions) do not handle such colluding Byzantine attacks well, and known intrusion detection techniques (post-attack solutions) are incomplete, and often inaccurate. Typically both approaches are software only solutions and lack experimental validation and/or vigorous theoretical justification.

In this dissertation, we provide an integrated solution to security issues in MANETs. Our solution consists of both secure routing protocols and support for reliable and efficient intrusion detection techniques (IDTs) to detect and mitigate attacks. We present new techniques to mitigate colluding attacks using software fortification at the network layer.

Through analysis of existing IDTs using analytical models, experiments on a testbed, and simulations, we show that software based intrusion detection systems are likely to be inaccurate and ineffective. Therefore we propose the use of limited hardware support to facilitate accurate and efficient intrusion detection. The hardware support is put in a new tamper-resistant communication (TRC) module between the network and data link layers. We identify the network-layer functionality that is incorporated within TRC, describe a log mechanism to record various network-layer events, and dissemination mechanisms that can be used to securely distribute these logs. We show the effectiveness of TRC in preventing, mitigating, or detecting a wide variety of known attacks. This combined with our current results on secure routing provides the most comprehensive and analyzed solutions to MANET security in the literature.

Description

This item is available only to currently enrolled UTSA students, faculty or staff. To download, navigate to Log In in the top right-hand corner of this screen, then select Log in with my UTSA ID.

Keywords

Anonymous Routing, Intrusion Detection, MANET, Secure Routing Protocol, Wireless Security, Wormhole Attacks

Citation

Department

Computer Science