SecMR – a secure multipath routing protocol for ad hoc networks

Multipath routing in ad hoc networks increases the resiliency against security attacks of collaborating malicious nodes, by maximizing the number of nodes that an adversary must compromise in order to take control of the communication. In this paper, we identify several attacks that render multipath routing protocols vulnerable to collaborating malicious nodes. We propose an on-demand multipath routing protocol, the secure multipath routing protocol (SecMR), and we analyze its security properties. Finally, through simulations, we evaluate the performance of the SecMR protocol in comparison with existing secure multipath routing protocols.     

Authenticated routing for ad hoc networks

Initial work in ad hoc routing has considered only the problem of providing efficient mechanisms for finding paths in very dynamic networks, without considering security. Because of this, there are a number of attacks that can be used to manipulate the routing in an ad hoc network. In this paper, we describe these threats, specifically showing their effects on ad hoc on-demand distance vector and dynamic source routing. Our protocol, named authenticated routing for ad hoc networks (ARAN), uses public-key cryptographic mechanisms to defeat all identified attacks. We detail how ARAN can secure routing in environments where nodes are authorized to participate but untrusted to cooperate, as well as environments where participants do not need to be authorized to participate. Through both simulation and experimentation with our publicly available implementation, we characterize and evaluate ARAN and show that it is able to effectively and efficiently discover secure routes within an ad hoc network.     

路由信息的攻击对AODV协议性能的影响分析

AODV协议是移动自组网络中一种按需反应的表驱动路由协议。在移动自组网中，每个节点既是计算机又是路由器，容易遭受基于路由信息的网络攻击，而现今的路由协议基本没有考虑到该问题。本文在分析移动自组网中针对路由信息主要攻击方法的基础上，建立了主动性和自私性两个攻击模型，并且在AODV协议中扩充实现了这两类攻击行为。通过对模拟结果的分析和比较，讨论了路由信息的攻击对AODV协议性能的影响，并进一步探讨了针对基于路由信息攻击的防御措施。     

Wireless Ad Hoc Multicast Routing with Mobility Prediction

An ad hoc wireless network is an infrastructureless network composed of mobile hosts. The primary concerns in ad hoc networks are bandwidth limitations and unpredictable topology changes. Thus, efficient utilization of routing packets and immediate recovery of route breaks are critical in routing and multicasting protocols. A multicast scheme, On-Demand Multicast Routing Protocol (ODMRP), has been recently proposed for mobile ad hoc networks. ODMRP is a reactive (on-demand) protocol that delivers packets to destination(s) on a mesh topology using scoped flooding of data. We can apply a number of enhancements to improve the performance of ODMRP. In this paper, we propose a mobility prediction scheme to help select stable routes and to perform rerouting in anticipation of topology changes. We also introduce techniques to improve transmission reliability and eliminate route acquisition latency. The impact of our improvements is evaluated via simulation.     

Efficient on-demand routing for mobile ad hoc wireless access networks

In this paper, we consider a mobile ad hoc wireless access network in which mobile nodes can access the Internet via one or more stationary gateway nodes. Mobile nodes outside the transmission range of the gateway can continue to communicate with the gateway via their neighboring nodes over multihop paths. On-demand routing schemes are appealing because of their low routing overhead in bandwidth restricted mobile ad hoc networks, however, their routing control overhead increases exponentially with node density in a given geographic area. To control the overhead of on-demand routing without sacrificing performance, we present a novel extension of the ad hoc on-demand distance vector (AODV) routing protocol, called LB-AODV, which incorporates the concept of load-balancing (LB). Simulation results show that as traffic increases, our proposed LB-AODV routing protocol has a significantly higher packet delivery fraction, a lower end-to-end delay and a reduced routing overhead when compared with both AODV and gossip-based routing protocols.     

A secure and trust based on-demand multipath routing scheme for self-organized mobile ad-hoc networks

A mobile ad hoc network (MANET) is a self-configurable network connected by wireless links. This type of network is only suitable for provisional communication links as it is infrastructure-less and there is no centralized control. Providing QoS and security aware routing is a challenging task in this type of network due to dynamic topology and limited resources. The main purpose of secure and trust based on-demand multipath routing is to find trust based secure route from source to destination which will satisfy two or more end to end QoS constraints. In this paper, the standard ad hoc on-demand multi-path distance vector protocol is extended as the base routing protocol to evaluate this model. The proposed mesh based multipath routing scheme to discover all possible secure paths using secure adjacent position trust verification protocol and better link optimal path find by the Dolphin Echolocation Algorithm for efficient communication in MANET. The performance analysis and numerical results show that our proposed routing protocol produces better packet delivery ratio, reduced packet delay, reduced overheads and provide security against vulnerabilities and attacks.     

SMORT: Scalable multipath on-demand routing for mobile ad hoc networks

Increasing popularity and availability of portable wireless devices, which constitute mobile ad hoc networks, calls for scalable ad hoc routing protocols. On-demand routing protocols adapt well with dynamic topologies of ad hoc networks, because of their lower control overhead and quick response to route breaks. But, as the size of the network increases, these protocols cease to perform due to large routing overhead generated while repairing route breaks. We propose a multipath on-demand routing protocol (SMORT), which reduces the routing overhead incurred in recovering from route breaks, by using secondary paths. SMORT computes fail-safe multiple paths, which provide all the intermediate nodes on the primary path with multiple routes (if exists) to destination. Exhaustive simulations using GloMoSim with large networks (2000 nodes) confirm that SMORT is scalable, and performs better even at higher mobility and traffic loads, when compared to the disjoint multipath routing protocol (DMRP) and ad hoc on-demand distance vector (AODV) routing protocol.     

On-demand power management for ad hoc networks

Battery power is an important resource in ad hoc networks. It has been observed that in ad hoc networks, energy consumption does not reflect the communication activities in the network. Many existing energy conservation protocols based on electing a routing backbone for global connectivity are oblivious to traffic characteristics. In this paper, we propose an extensible on-demand power management framework for ad hoc networks that adapts to traffic load. Nodes maintain soft-state timers that determine power management transitions. By monitoring routing control messages and data transmission, these timers are set and refreshed on-demand. Nodes that are not involved in data delivery may go to sleep as supported by the MAC protocol. This soft state is aggregated across multiple flows and its maintenance requires no additional out-of-band messages. We implement a prototype of our framework in the ns-2 simulator that uses the IEEE 802.11 MAC protocol. Simulation studies using our scheme with the Dynamic Source Routing protocol show a reduction in energy consumption near 50% when compared to a network without power management under both long-lived CBR traffic and on–off traffic loads, with comparable throughput and latency. Preliminary results also show that it outperforms existing routing backbone election approaches.     

A simulation study of table-driven and on-demand routing protocolsfor mobile ad hoc networks

Bandwidth and power constraints are the main concerns in current wireless networks because multihop ad hoc mobile wireless networks rely on each node in the network to act as a router and packet forwarder. This dependency places bandwidth, power, and computation demands on mobile hosts which must be taken into account when choosing the best routing protocol. In previous years, protocols that build routes based on demand have been proposed. The major goal of on-demand routing protocols is to minimize control traffic overhead. We perform a simulation and performance study on some routing protocols for ad hoc networks. The distributed Bellman-Ford (1957, 1962), a traditional table-driven routing algorithm, is simulated to evaluate its performance in multihop wireless network. In addition, two on-demand routing protocols (dynamic source routing and associativity-based routing) with distinctive route selection algorithms are simulated in a common environment to quantitatively measure and contrast their performance. The final selection of an appropriate protocol will depend on a variety of factors, which are discussed in this article     

An Ad Hoc Routing Protocol with Multiple Backup Routes

Numerous routing protocols have recently been developed for ad hoc mobile networks. Routing protocols to date can be categorized as either ‘table-driven’ or ‘on-demand’. Many of the proposed routing protocols take the on-demand approach because this does not require keeping lots of routing information. However, these kinds of protocols are not able to react fast enough to maintain routing. In this paper, we propose a new protocol to improve existing on-demand routing protocols by constructing multiple backup routes; when the network topology changed, the proposed protocol could transmit data packets dynamically through backup routes. We then developed an analytic model to estimate the reconnection probability of the proposed algorithm. We also examined the performance by simulating the protocol using ns2. The experimental results showed that the protocol had fewer control packages, lower routing packet overhead, and a higher receiving ratio than others.     

移动Ad Hoc网络安全按需路由协议

Ad Hoc网络的安全性问题越来越引起人们的关注,如何确保Ad Hoc网络路由协议的安全成为Ad Hoc研究的一项关键技术。提出一种适用于移动Ad Hoc网络的安全按需源路由协议,利用移动节点之间的会话密钥和基于散列函数的消息鉴别码HMAC一起来验证路由发现和路由应答的有效性。提出的邻居节点维护机制通过把MAC地址和每个节点的ID绑定来防御各种复杂的攻击如虫洞攻击。NS-2仿真表明该协议能有效地探测和阻止针对Ad Hoc网络的大部分攻击。     

一种改进型Ad hoc网络安全路由协议

移动Adhoc网络的自组织、动态拓扑以及无线接入等特点使路由的安全性问题日益突出,而现有的Adhoc网络路由协议并没有提供安全的保护机制。论文首先论述了Adhoc网络几种常见的按需安全路由协议,指出有待解决的问题,在此基础上提出一种改进的、有效的安全路由协议（SEAR）,阐述了该协议的路由请求、响应和维护的路由方式和过程,并通过协议间的比较分析其安全性和网络性能。该方案采用对称密钥协商和公钥认证方式,在兼顾性能资源的同时也保证了Adhoc网络的路由安全。     

移动自组网中基于声誉机制的安全路由协议设计与分析

移动自组网是一种有特殊用途的对等式网络,具有无中心、自组织、可快速展开、可移动等特点,这些特点使得它在战场、救灾等特殊场合的应用日渐受到人们的重视.由于在移动自组网络中每节点既是主机又是路由器,所以容易遭受基于路由信息的攻击,而现今的路由协议基本没有考虑到该问题.本文在分析移动自组网络安全特性的基础上,综述了该方面的研究工作,建立了基于声誉机制评价体系,并给出了具体的评价方法和计算模型.在此基础上,提出了基于声誉机制的安全路由协议S-DSR.仿真结果表明在存在攻击节点的情况下S-DSR协议比DSR协议具有更好的包传输率、包丢失率等属性.     

A Dynamic Alternate Path QoS Enabled Routing Scheme in Mobile Ad hoc Networks

A mobile ad hoc network (MANET) is a collection of self-organized mobile nodes that are capable of communicating with each other without the aid of any established infrastructure or centralized administration. Routing algorithm has been a challenge task in the wireless ad hoc network for a long time due to the dynamic nature of network topology. A recent trend in ad hoc network routing is the reactive on-demand philosophy where routes are established only when required. The on-demand routing protocol for ad hoc network is appealing because of its low routing overhead and its effectiveness when the frequency of route re-establishment and the demand of route queries are not high. However, considering the increasing demand of Quality-of-Service (QoS) requirements in many applications, the current on-demand routing protocols used for ad-hoc network should be adapted appropriately to effectively meet the stringent QoS requirements of specific multimedia traffic. We thus propose a routing protocol which tries its best to satisfy QoS requirements of specific multimedia traffic in the volatile environments of a MANET. The results of a series of simulations exhibit the practicability and feasibility of our approaches. This research was partially supported by National Science Council under grant NSC 93-2213-E-026-001     

基于NS2的无线自组织网络路由协议仿真

在无线自组织网络中,由于节点移动,网络拓扑结构变化频繁,所以路由协议的选择一直都是关键问题。该文采用NS2软件对两种主要的协议：动态源路由协议（DSR）和自组网按需距离矢量路由协议（AODV）进行了仿真。并且通过端到端延时、路由开销和分组投递率三种参数在不同条件下的数据对两种协议进行了评估。实验结果表明没有一种协议能够完全适用于自组网,对于特殊环境选择不同协议以满足需要。     

Secure interconnection protocol for integrated Internet and ad hoc networks

Integration of ad hoc networks with the Internet provides global Internet connectivity for ad hoc hosts through the coordination of mobile IP and ad hoc protocols. In a pure ad hoc network, it is difficult to establish trust relationship between two ad hoc hosts due to lack of infrastructure or centralized administration. In this paper, an infrastructure‐supported and distributed authentication protocol is proposed to enhance trust relationships amongst ad hoc hosts. In addition, an effective secure routing protocol (SRP) is discussed to protect the multi‐hop route for Internet and ad hoc communication. In the integrated ad hoc networks with Internet accessibility, the ad hoc routing security deployed with the help of infrastructure has a fundamental impact on ad hoc hosts in term of Internet access, integrity, and authentication. Both analysis and simulation results demonstrate the effectiveness of the proposed security protocol. Copyright © 2007 John Wiley & Sons, Ltd.     

Mobility helps peer-to-peer security

We propose a straightforward technique to provide peer-to-peer security in mobile networks. We show that far from being a hurdle, mobility can be exploited to set up security associations among users. We leverage on the temporary vicinity of users, during which appropriate cryptographic protocols are run. We illustrate the operation of the solution in two scenarios, both in the framework of mobile ad hoc networks. In the first scenario, we assume the presence of an offline certification authority and we show how mobility helps to set up security associations for secure routing; in this case, the security protocol runs over one-hop radio links. We further show that mobility can be used for the periodic renewal of vital security information (e.g., the distribution of hash chain/Merkle tree roots). In the second scenario, we consider fully self-organized security: Users authenticate each other by visual contact and by the activation of an appropriate secure side channel of their personal device; we show that the process can be fuelled by taking advantage of trusted acquaintances. We then show that the proposed solution is generic: It can be deployed on any mobile network and it can be implemented either with symmetric or with asymmetric cryptography. We provide a performance analysis by studying the behavior of the solution in various scenarios.     

A secure group key management scheme for hierarchical mobile ad hoc networks

In this paper, we present a secure group key management scheme for hierarchical mobile ad hoc networks. Our approach aims to improve both scalability and survivability of group key management for large-scale wireless ad hoc networks. To achieve our goal, we propose the following approaches: (1) a multi-level security model, which follows a modified Bell-La Padula security model that is suitable in a hierarchical mobile ad hoc networking environment, and (2) a decentralized group key management infrastructure to achieve such a multi-level security model. Our approaches reduce the key management overhead and improve resilience to any single point failure problem. In addition, we have developed a roaming protocol that is able to provide secure group communication involving group members from different groups without requiring new keys; an advantage of this protocol is that it is able to provide continuous group communication even when the group manager fails.     

A heterogeneous‐network aided public‐key management scheme for mobile ad hoc networks

A mobile ad hoc network does not require fixed infrastructure to construct connections among nodes. Due to the particular characteristics of mobile ad hoc networks, most existing secure protocols in wired networks do not meet the security requirements for mobile ad hoc networks. Most secure protocols in mobile ad hoc networks, such as secure routing, key agreement and secure group communication protocols, assume that all nodes must have pre‐shared a secret, or pre‐obtained public‐key certificates before joining the network. However, this assumption has a practical weakness for some emergency applications, because some nodes without pre‐obtained certificates will be unable to join the network. In this paper, a heterogeneous‐network aided public‐key management scheme for mobile ad hoc networks is proposed to remedy this weakness. Several heterogeneous networks (such as satellite, unmanned aerial vehicle, or cellular networks) provide wider service areas and ubiquitous connectivity. We adopt these wide‐covered heterogeneous networks to design a secure certificate distribution scheme that allows a mobile node without a pre‐obtained certificate to instantly get a certificate using the communication channel constructed by these wide‐covered heterogeneous networks. Therefore, this scheme enhances the security infrastructure of public key management for mobile ad hoc networks. Copyright © 2006 John Wiley & Sons, Ltd.