Hexagonal Clustered Trust Based Distributed Group Key Agreement Scheme in Mobile Ad Hoc Networks

Secure and efficient group communication among mobile nodes is one of the significant aspects in mobile ad hoc networks (MANETs). The group key management (GKM) is a well established cryptographic technique to authorise and to maintain group key in a multicast communication, through secured channels. In a secure group communication, a one-time session key is required to be shared between the participants by using distributed group key agreement (GKA) schemes. Due to the resource constraints of ad hoc networks, the security protocols should be communication efficient with less overhead as possible. The GKM solutions from various researches lacks in considering the mobility features of ad hoc networks. In this paper, we propose a hexagonal clustered one round distributed group key agreement scheme with trust (HT-DGKA) in a public key infrastructure based MANET environment. The proposed HT-DGKA scheme guarantees an access control with key authentication and secrecy. The performance of HT-DGKA is evaluated by simulation analysis in terms of key agreement time and overhead for different number of nodes. Simulation results reveal that the proposed scheme guarantees better performance to secure mobile ad hoc network. It is demonstrated that the proposed scheme possesses a maximum of 2250 ms of key agreement time for the higher node velocity of 25 m/s and lower key agreement overhead. Also, the HT-DGKA scheme outperforms the existing schemes in terms of successful message rate, packet delivery ratio, level of security, computation complexity, number of round, number of exponentiations and number of message sent and received that contribute to the network performance.

     

Compromise‐Resistant Pairwise Key Establishments for Mobile Ad hoc Networks

This letter presents a pairwise key establishment scheme that is robust against the compromise of nodes in mobile ad hoc networks. Each node establishes local keys with its neighbor nodes that are at most three hops away at network boot‐up time. When any two nodes establish a pairwise key, they receive the secret information from the nodes on the route between them, and construct the pairwise key using the secret information. Here, the local keys are utilized by the nodes on the route to send the secret information securely. The simulation results have proven that the proposed scheme provides better security than the key pre‐distribution‐based scheme.     

Performance of PKI-based security mechanisms in mobile ad hoc networks

Security for ad hoc network environments has received a lot of attention as of today. Previous work has mainly been focussing on secure routing, fairness issues, and malicious node detection. However, the issue of introducing and conserving trust relationships has received considerably less attention. In this article, we present a scalable method for the use of public key certificates and their revocation in mobile ad hoc networks (MANETs). With the LKN-ad hoc security framework (LKN-ASF) a certificate management protocol has been introduced, bringing PKI technology to MANETs. In addition a performance analysis of two different revocation approaches for MANETs will be presented.     

An efficient heterogeneous key management approach for secure multicast communications in ad hoc networks

In a mobile wireless ad hoc network, mobile nodes cooperate to form a network without using any infrastructure such as access points or base stations. Instead, the mobile nodes forward packets for each other, allowing communication among nodes outside wireless transmission range. As the use of wireless networks increases, security in this domain becomes a very real concern. One fundamental aspect of providing confidentiality and authentication is key distribution. While public-key encryption has provided these properties historically, ad hoc networks are resource constrained and benefit from symmetric key encryption. In this paper, we propose a new key management mechanism to support secure group multicast communications in ad hoc networks. The scheme proposes a dynamic construction of hierarchical clusters based on a novel density function adapted to frequent topology changes. The presented mechanism ensures a fast and efficient key management with respect to the sequential 1 to n multicast service.     

A localized certificate revocation scheme for mobile ad hoc networks

The issue of certificate revocation in mobile ad hoc networks (MANETs) where there are no on-line access to trusted authorities, is a challenging problem. In wired network environments, when certificates are to be revoked, certificate authorities (CAs) add the information regarding the certificates in question to certificate revocation lists (CRLs) and post the CRLs on accessible repositories or distribute them to relevant entities. In purely ad hoc networks, there are typically no access to centralized repositories or trusted authorities; therefore the conventional method of certificate revocation is not applicable.In this paper, we present a decentralized certificate revocation scheme that allows the nodes within a MANET to revoke the certificates of malicious entities. The scheme is fully contained and it does not rely on inputs from centralized or external entities.     

Secure interconnection protocol for integrated Internet and ad hoc networks

Integration of ad hoc networks with the Internet provides global Internet connectivity for ad hoc hosts through the coordination of mobile IP and ad hoc protocols. In a pure ad hoc network, it is difficult to establish trust relationship between two ad hoc hosts due to lack of infrastructure or centralized administration. In this paper, an infrastructure‐supported and distributed authentication protocol is proposed to enhance trust relationships amongst ad hoc hosts. In addition, an effective secure routing protocol (SRP) is discussed to protect the multi‐hop route for Internet and ad hoc communication. In the integrated ad hoc networks with Internet accessibility, the ad hoc routing security deployed with the help of infrastructure has a fundamental impact on ad hoc hosts in term of Internet access, integrity, and authentication. Both analysis and simulation results demonstrate the effectiveness of the proposed security protocol. Copyright © 2007 John Wiley & Sons, Ltd.     

An efficient k‐Means authentication scheme for digital certificates revocation validation in vehicular ad hoc networks

Vehicular ad hoc networks are emerging as a promising approach to improve traffic safety and provide a wide range of wireless applications to drivers and passengers on the road. In order to perform reliable and trusted vehicular communications, one requirement is to ensure peer vehicle credibility by means of validating digital certificate attached to messages that are transmitted by other vehicles. However, in vehicular communication systems, certificate validation is more time consuming than in traditional networks because each vehicle receives a large number of messages in a short period. Another concern is the unsuccessful delivery of information between vehicles and other entities on the road due to their high mobility rate. For these reasons, we seek new solutions that will aid in speeding up the process of certificate validation. In this article, we propose a certificate revocation status validation scheme using the concept of clustering from data mining that can meet the aforementioned requirements. We employ the technique of k‐Means clustering to boost the efficiency of certificate validation, thereby enhancing the security of a vehicular ad hoc network. Additionally, a comprehensive security analysis for this scheme is presented; the analysis shows that this scheme can effectively improve the validation of certificates and thus increase the communication security in vehicular ad hoc networks. Copyright © 2012 John Wiley & Sons, Ltd.     

Secure multicast routing protocols in mobile ad‐hoc networks

A mobile ad‐hoc network (MANET) is a collection of autonomous nodes that communicate with each other by forming a multi‐hop radio network. Routing protocols in MANETs define how routes between source and destination nodes are established and maintained. Multicast routing provides a bandwidth‐efficient means for supporting group‐oriented applications. The increasing demand for such applications coupled with the inherent characteristics of MANETs (e.g., lack of infrastructure and node mobility) have made secure multicast routing a crucial yet challenging issue. Recently, several multicast routing protocols (MRP) have been proposed in MANETs. Depending on whether security is built‐in or added, MRP can be classified into two types: secure and security‐enhanced routing protocols, respectively. This paper presents a survey on secure and security‐enhanced MRP along with their security techniques and the types of attacks they can confront. A detailed comparison for the capability of the various routing protocols against some known attacks is also presented and analyzed. Copyright © 2013 John Wiley & Sons, Ltd.     

Security in wireless sensor networks

With sensor networks on the verge of deployment, security issues pertaining to the sensor networks are in the limelight. Though the security in sensor networks share many characteristics with wireless ad hoc networks, the two fields are rapidly diverging due to the fundamental differences between the make‐up and goals of the two types of networks. Perhaps the greatest dividing difference is the energy and computational abilities. Sensor nodes are typically smaller, less powerful, and more prone to failure than nodes in an ad hoc network. These differences indicate that protocols that are valid in the context of ad‐hoc networks may not be directly applicable for sensor networks. In this paper, we survey the state of art in securing wireless sensor networks. We review several protocols that provide security in sensor networks, with an emphasis on authentication, key management and distribution, secure routing, and methods for intrusion detection. Copyright © 2006 John Wiley & Sons, Ltd.     

FPN‐SAODV: using fuzzy petri nets for securing AODV routing protocol in mobile Ad hoc network

In this paper, we use fuzzy Petri nets (FPNs) to propose a secure routing protocol in mobile ad hoc network. The proposed method is based on secure ad hoc on‐demand distance vector (SAODV), which is named FPN‐SAODV. In FPN‐SAODV routing protocol, for each packet delivery or firing each transition, a type of bidirectional node‐to‐node fuzzy security verification is conducted that can be carried out with five security threshold levels. This inference uses four fuzzy variables that have been selected to well represent the malicious behaviors of some public attacks in mobile ad hoc network. Furthermore, a through route security verification has been used for selecting the most secure route among each candidate path through source node to destination. Both of these verifications utilize FPN inherent features for their operation. For evaluation purpose, we used the metrics such as packet delivery ratio, end‐to‐end delay, average security level of the nodes, and percentage of true/false detector nodes. These metrics have been used for investigating the inner operation of FPN‐SAODV as determining the proper level of security threshold level in node‐to‐node security verification module. Also, these are used for comparison of FPN‐SAODV performance versus the original AODV. Copyright © 2015 John Wiley & Sons, Ltd.     

Power-aware routing protocols in ad hoc wireless networks

An ad hoc wireless network has no fixed networking infrastructure. It consists of multiple, possibly mobile, nodes that maintain network connectivity through wireless communications. Such a network has practical applications in areas where it may not be economically practical or physically possible to provide a conventional networking infrastructure. The nodes in an ad hoc wireless network are typically powered by batteries with a limited energy supply. One of the most important and challenging issues in ad hoc wireless networks is how to conserve energy, maximizing the lifetime of its nodes and thus of the network itself. Since routing is an essential function in these networks, developing power-aware routing protocols for ad hoc wireless networks has been an intensive research area in recent years. As a result, many power-aware routing protocols have been proposed from a variety of perspectives. This article surveys the current state of power-aware routing protocols in ad hoc wireless networks.     

Securing ad hoc networks

Ad hoc networks are a new wireless networking paradigm for mobile hosts. Unlike traditional mobile wireless networks, ad hoc networks do not rely on any fixed infrastructure. Instead, hosts rely on each other to keep the network connected. Military tactical and other security-sensitive operations are still the main applications of ad hoc networks, although there is a trend to adopt ad hoc networks for commercial uses due to their unique properties. One main challenge in the design of these networks is their vulnerability to security attacks. In this article, we study the threats on ad hoc network faces and the security goals to be achieved. We identify the new challenges and opportunities posed by this new networking environment and explore new approaches to secure its communication. In particular, we take advantage of the inherent redundancy in ad hoc networks-multiple routes between nodes-to defend routing against denial-of-service attacks. We also use replication and new cryptographic schemes, such as threshold cryptography, to build a highly secure and highly available key management service, which terms the core of our security framework     

Self‐adaptive routing protocols for integrating cellular networks,WLANs, and MANETs

A growing need to have ubiquitous connectivity has motivated our research to provide continuous connection between various wireless platforms such as cellular networks, wireless local area networks (WLANs), and mobile ad hoc networks (MANETs). In this paper, we consider integration at the routing layer and propose two adaptable routing protocols (IRP‐RD and IRP‐PD) that exploit topology information stored at the fixed network components (cellular base stations and WLAN access points) for the route discovery and maintenance processes. Our proposed protocols can provide connectivity to the cellular network and/or WLAN hotspots through multihop routing, while differ in the gateway discovery approach used. In IRP‐RD, multihop routes to gateways to the cellular network or WLAN hot spots are discovered on demand, while in IRP‐PD out of coverage users proactively maintain routes to the gateways. Furthermore, proposed protocols can be used in any heterogeneous scenario, combining a cellular network and WLANs operating in infrastructure or ad hoc (MANET) mode. We provide simulation results that demonstrate the effectiveness of the proposed integrated routing protocols and show the advantages and drawbacks of each gateway discovery approach in different heterogeneous scenarios. Copyright © 2006 John Wiley & Sons, Ltd.     

On-Demand Multicast Routing Protocol in Multihop Wireless Mobile Networks

An ad hoc network is a dynamically reconfigurable wireless network with no fixed infrastructure or central administration. Each host is mobile and must act as a router. Routing and multicasting protocols in ad hoc networks are faced with the challenge of delivering data to destinations through multihop routes in the presence of node movements and topology changes. This paper presents the On-Demand Multicast Routing Protocol (ODMRP) for wireless mobile ad hoc networks. ODMRP is a mesh-based, rather than a conventional tree-based, multicast scheme and uses a forwarding group concept; only a subset of nodes forwards the multicast packets via scoped flooding. It applies on-demand procedures to dynamically build routes and maintain multicast group membership. ODMRP is well suited for ad hoc wireless networks with mobile hosts where bandwidth is limited, topology changes frequently, and power is constrained. We evaluate ODMRP performance with other multicast protocols proposed for ad hoc networks via extensive and detailed simulation.     

Provably Secure On-Demand Source Routing in Mobile Ad Hoc Networks

Routing is one of the most basic networking functions in mobile ad hoc networks. Hence, an adversary can easily paralyze the operation of the network by attacking the routing protocol. This has been realized by many researchers and several "secure" routing protocols have been proposed for ad hoc networks. However, the security of those protocols has mainly been analyzed by informal means only. In this paper, we argue that flaws in ad hoc routing protocols can be very subtle, and we advocate a more systematic way of analysis. We propose a mathematical framework in which security can be precisely defined and routing protocols for mobile ad hoc networks can be proved to be secure in a rigorous manner. Our framework is tailored for on-demand source routing protocols, but the general principles are applicable to other types of protocols too. Our approach is based on the simulation paradigm, which has already been used extensively for the analysis of key establishment protocols, but, to the best of our knowledge, it has not been applied in the context of ad hoc routing so far. We also propose a new on-demand source routing protocol, called endairA, and we demonstrate the use of our framework by proving that it is secure in our model     

Multifold node authentication in mobile ad hoc networks

An ad hoc network is a collection of nodes that do not need to rely on a predefined infrastructure to keep the network connected. Nodes communicate amongst each other using wireless radios and operate by following a peer‐to‐peer network model. In this article, we propose a multifold node authentication approach for protecting mobile ad hoc networks. The security requirements for protecting data link and network layers are identified and the design criteria for creating secure ad hoc networks using multiple authentication protocols are analysed. Such protocols, which are based on zero‐knowledge and challenge‐response techniques, are presented through proofs and simulation results. Copyright © 2007 John Wiley & Sons, Ltd.     

Ad hoc空间网络密钥管理与认证方案

为了使一组卫星动态配置成一个具有灵活的分布式体系结构的集成网络信息系统，可以采用ad hoc组网方式，这种卫星网络的组网方式带来了新的安全挑战。提出了一个灵活的安全方案，设计了公钥基础设施和认证策略。基于完全分布式的认证中心，可以直接采用几乎所有的标准公钥认证协议。当空间节点的计算能力有限时，设计了一个轻型的基于对称密钥算法和单向散列函数的认证协议，在提供保密性和数据完整性的同时大大减小了计算量。     

Improving mobile ad hoc network routing with satellite out‐of‐band signaling

Routing in mobile ad hoc networks is a complex task due to the mobility of the nodes and the constraints linked to a wireless multihop network (e.g., limited bandwidth, collisions, and bit errors). These adverse conditions impair not only data traffic but also routing signaling traffic, which feeds route computation. In this contribution, we propose to use satellite communications to help in the distribution of mobile ad hoc network routing signaling. The optimized link‐state routing (OLSR) is chosen among several routing protocols to be extended with satellite‐based signaling, yielding a version we call OLSR hybrid signaling (OLSR‐H). This new scheme is evaluated through simulations and yields improvements of approximately 10% in the data delivery ratio compared with a regular OLSR. This evaluation is conducted using two different network topology models, one being fit for representing forest firefighting operations. Copyright © 2013 John Wiley & Sons, Ltd.     

Novel Trusted Hierarchy Construction for RFID Sensor–Based MANETs Using ECCs

In resource‐constrained, low‐cost, radio‐frequency identification (RFID) sensor–based mobile ad hoc networks (MANETs), ensuring security without performance degradation is a major challenge. This paper introduces a novel combination of steps in lightweight protocol integration to provide a secure network for RFID sensor–based MANETs using error‐correcting codes (ECCs). The proposed scheme chooses a quasi‐cyclic ECC. Key pairs are generated using the ECC for establishing a secure message communication. Probability analysis shows that code‐based identification; key generation; and authentication and trust management schemes protect the network from Sybil, eclipse, and de‐synchronization attacks. A lightweight model for the proposed sequence of steps is designed and analyzed using an Alloy analyzer. Results show that selection processes with ten nodes and five subgroup controllers identify attacks in only a few milliseconds. Margrave policy analysis shows that there is no conflict among the roles of network members.     

An efficient and attack‐resistant key agreement scheme for secure group communications in mobile ad‐hoc networks

As a result of the growing popularity of wireless networks, in particular mobile ad hoc networks (MANET), security over such networks has become very important. Trust establishment, key management, authentication, and authorization are important areas that need to be thoroughly researched before security in MANETs becomes a reality. This work studies the problem of secure group communications (SGCs) and key management over MANETs. It identifies the key features of any SGC scheme over such networks. AUTH‐CRTDH, an efficient key agreement scheme with authentication capability for SGC over MANETs, is proposed. Compared to the existing schemes, the proposed scheme has many desirable features such as contributory and efficient computation of group key, uniform work load for all members, few rounds of rekeying, efficient support for user dynamics, key agreement without member serialization and defense against the Man‐in‐the‐Middle attack, and the Least Common Multiple (LCM) attack. These properties make the proposed scheme well suited for MANETs. The implementation results show that the proposed scheme is computationally efficient and scales well to a large number of mobile users. Copyright © 2007 John Wiley & Sons, Ltd.