Ad Hoc Networks : Technologies and Protocols - University of ...

More documents

Recommendations

Info

Intrusion Detection Techniques 255 metric or fabricate one. Route authentication can be built with pairwise shared key as described in Ariadne [18]: the node in the path forwarding a route request packet computes a MAC using the key it shares with target D and includes a hash in the message – the target can then verify all the nodes in the path. The cost of using pairwise shared keys can be further reduced by adopting TELSA [35], an efficient broadcast authentication protocol that requires loose time synchronization, to secure route discovery and maintenance [18]. To use TELSA for authentication, a sender generates a hash chain and determines a schedule to publish the keys of the hash chain. The key required to authenticate a packet will not be published before the packet has arrived at the receiver so that an adversary cannot have captured the key and forged the packet. Some secure routing protocols such as SRP [30] use the multipath feature of an ad-hoc network to achieve better security properties. SRP uses a Secure Message Transmission (SMT) protocol to disperse a message into pieces and transmits them through different paths, given a topology map of the network. A successful reception of any pieces allows the reconstruction of the original message. 9.3.3 Limitations of Prevention Techniques While the techniques discussed in this section can prevent and deter certain attacks in MANET, there is a limitation to the effects of prevention techniques in general. First, these techniques are designed for a set of known attacks. They are unlikely to prevent newer attacks that are designed to circumvent the existing security measures. We must have a second mechanism to detect these newer attacks. Second, each of the prevention techniques comes with added overhead and complexity. Given the resource constraints in MANET, it is not realistic to have all known prevention techniques activated at all time. Unfortunately, we do not yet have a good understanding of the resource consumption characteristics of the prevention techniques, and nor have we developed good strategies for activating the appropriate mechanisms according to run-time conditions. Experience in security research in the wired environments has taught us that we need to deploy defense-in-depth or layered security mechanisms because security is a process (or a chain) that is as secure as its weakest link [39]. In addition to prevention, we also need detection and response, as well as security policies and vulnerability analysis. Clearly, the same principle applies to MANET because not a single approach can solve all MANET security problems.
256 Security in Mobile Ad-Hoc Networks 9.4 Intrusion Detection Techniques Although much attention in building a secure mobile ad-hoc network is still focused on prevention techniques as shown in the previous section, researchers have begun to investigate detection and response schemes as well. Partridge et al. [31] report that basic signal processing techniques can be used to perform traffic analysis on packet streams, even if the data is encrypted. Marti et al. [28] propose to use “watchdog” to identify nodes with routing misbehavior and to avoid such nodes in the route used. It also uses “pathrater” to choose better path based on the reputation of intermediate nodes if multiple paths are available. CONFIDANT [8] further extends these approaches to evaluate the level of trust of alert reports and to include a reputation system to rate each node. Hsin et al. [16] study a static sensor network and propose a power-efficient distributed neighbor monitoring mechanism where alarms are transmitted back to a control center. Bucegger et al. [7] propose a routing protocol extension that detects and isolates nodes that do not cooperate in routing and forwarding due to selfishness. Finally, Zhang et al. [43] were the first to discuss the need for a general intrusion detection framework in MANET. A follow-up work [44] focuses on a preliminary investigation of anomaly detection approaches for MANET. The primary assumptions of intrusion detection are: user and program activities are observable, for example via system auditing mechanisms; and more importantly, normal and intrusion activities have distinct behavior. Intrusion detection therefore involves capturing audit data and reasoning about the evidence in the data to determine whether the system is under attack. Based on the type of audit data used, intrusion detection systems (IDSs) can be categorized as network-based or host-based. A network-based IDS normally runs at the gateway of a network and “captures” and examines network packets that go through the network hardware interface. A host-based IDS relies on operating system audit data to monitor and analyze the events generated by programs or users on the host. The same methodology can be applied to intrusion detection in MANET, but it must be adapted to the new environment and new requirements. 9.4.1 Architecture Overview Due to the dynamic nature of MANET, intrusion detection and response in MANET must be distributed and cooperative [43]. In this architecture, as shown in Figure 9.1, “monitoring nodes” throughout the network each runs an IDS agent. In the “every node” scheme, every node can be the monitoring node for itself. Alternatively a “clustering-based” scheme can be derived for better efficiency, where a cluster of neighboring nodes can elect a node to be the monitoring node for the neighborhood.
Page 2 and 3:
AD HOC NETWORKS Technologies and Pr
Page 4 and 5:
AD HOC NETWORKS Technologies and Pr
Page 6 and 7:
Contents List of Figures List of Ta
Page 8 and 9:
Contents vii 4.7. Conclusions and F
Page 10 and 11:
Contents ix 9.2. Potential Attacks
Page 12 and 13:
List of Figures 1.1 Internet in the
Page 14 and 15:
List of Figures xiii 6.3 COMPOW com
Page 16 and 17:
List of Figures xv 9.1 9.2 An IDS a
Page 18 and 19:
List of Tables 2.1 2.2 2.3 2.4 2.5
Page 20 and 21:
Contributing Authors Samir R. Das i
Page 22 and 23:
Preface Wireless mobile networks an
Page 24 and 25:
Acknowledgments xxiii We wish to ex
Page 26 and 27:
Chapter 1 AD HOC NETWORKS Emerging
Page 28 and 29:
Introduction and Definitions 3 coul
Page 30 and 31:
Introduction and Definitions 5 Secu
Page 32 and 33:
Ad Hoc Network Applications 7 tunis
Page 34 and 35:
Ad Hoc Network Applications 9 The d
Page 36 and 37:
Ad Hoc Network Applications 11 Figu
Page 38 and 39:
Design Challenges 13 example of cro
Page 40 and 41:
Evaluating Ad Hoc Network Protocols
Page 42 and 43:
Overview of the Chapters in this Bo
Page 44 and 45:
Overview of the Chapters in this Bo
Page 46 and 47:
Conclusions 21 1.6 Conclusions This
Page 48 and 49:
Chapter 2 COLLISION AVOIDANCE PROTO
Page 50 and 51:
Performance of collision avoidance
Page 52 and 53:
Page 54 and 55:
Page 56 and 57:
Page 58 and 59:
Page 60 and 61:
Page 62 and 63:
Page 64 and 65:
Page 66 and 67:
Page 68 and 69:
Page 70 and 71:
Framework and Mechanisms for Fair A
Page 72 and 73:
Page 74 and 75:
Page 76 and 77:
Page 78 and 79:
Page 80 and 81:
Page 82 and 83:
Page 84 and 85:
Conclusion 59 In the first part of
Page 86 and 87:
Conclusion 61 [13] [14] [15] [16] [
Page 88 and 89:
Chapter 3 ROUTING IN MOBILE AD HOC
Page 90 and 91:
Flooding 65 vector and link state p
Page 92 and 93:
Flooding 67 centralized approximati
Page 94 and 95:
Proactive Routing 69 status of each
Page 96 and 97:
Proactive Routing 71 Topology Broad
Page 98 and 99:
On-demand Routing 73 reply packets
Page 100 and 101:
On-demand Routing 75 during the lin
Page 102 and 103:
Proactive Versus On-demand Debate 7
Page 104 and 105:
Proactive Versus On-demand Debate 7
Page 106 and 107:
Location-based Routing 81 to find a
Page 108 and 109:
Location-based Routing 83 Figure 3.
Page 110 and 111:
Concluding Remarks 85 relative meri
Page 112 and 113:
Concluding Remarks 87 [14] [15] [16
Page 114 and 115:
Concluding Remarks 89 [42] [43] [44
Page 116 and 117:
Chapter 4 MULTICASTING IN AD HOC NE
Page 118 and 119:
Introduction 93 The mobility of the
Page 120 and 121:
Classifications of Protocols 95 red
Page 122 and 123:
Multicasting Protocols 97 this sect
Page 124 and 125:
Multicasting Protocols 99 as close
Page 126 and 127:
Multicasting Protocols 101 In ODMRP
Page 128 and 129:
Multicasting Protocols 103 hoc netw
Page 130 and 131:
Multicasting Protocols 105 A member
Page 132 and 133:
Multicasting Protocols 107 Figure 4
Page 134 and 135:
Broadcasting 109 “talk” to a ra
Page 136 and 137:
Broadcasting 111 broadcasted packet
Page 138 and 139:
Protocol Comparisons 113 are cluste
Page 140 and 141:
Overarching Issues 115 is user data
Page 142 and 143:
Overarching Issues 117 and RTS/CTS
Page 144 and 145:
Conclusions and Future Directions 1
Page 146 and 147:
Conclusions and Future Directions 1
Page 148 and 149:
Chapter 5 TRANSPORT LAYER PROTOCOLS
Page 150 and 151:
TCP and Ad-hoc Networks 125 Modifie
Page 152 and 153:
TCP and Ad-hoc Networks 127 mechani
Page 154 and 155:
TCP and Ad-hoc Networks 129 timeout
Page 156 and 157:
TCP and Ad-hoc Networks 131 to freq
Page 158 and 159:
TCP and Ad-hoc Networks 133 Figure
Page 160 and 161:
Transport Layer for Ad-hoc Networks
Page 162 and 163:
Modified TCP 137 MAC layers without
Page 164 and 165:
Modified TCP 139 Figure 5.6. TCP-EL
Page 166 and 167:
TCP-aware Cross-layered Solutions 1
Page 168 and 169:
Page 170 and 171:
Page 172 and 173:
Ad-hoc Transport Protocol 147 in it
Page 174 and 175:
Ad-hoc Transport Protocol Figure 5.
Page 176 and 177:
Summary 151 References [1] [2] [3]
Page 178 and 179:
Chapter 6 ENERGY CONSERVATION Robin
Page 180 and 181:
Energy Consumption in Ad Hoc Networ
Page 182 and 183:
Energy Consumption in Ad Hoc Networ
Page 184 and 185:
Communication-Time Energy Conservat
Page 186 and 187:
Page 188 and 189:
Page 190 and 191:
Page 192 and 193:
Page 194 and 195:
Page 196 and 197:
Page 198 and 199:
Page 200 and 201:
Idle-time Energy Conservation 175 a
Page 202 and 203:
Idle-time Energy Conservation 177 T
Page 204 and 205:
Idle-time Energy Conservation 179 k
Page 206 and 207:
Idle-time Energy Conservation 181 F
Page 208 and 209:
Page 210 and 211:
Idle-time Energy Conservation 185 t
Page 212 and 213:
Idle-time Energy Conservation 187 c
Page 214 and 215:
Page 216 and 217:
Conclusion 191 [6] [7] [8] [9] [10]
Page 218 and 219:
Conclusion 193 [33] [34] [35] [36]
Page 220 and 221:
Conclusion 195 [59] [60] [61] [62]
Page 222 and 223:
Chapter 7 USE OF SMART ANTENNAS IN
Page 224 and 225:
Smart Antenna Basics and Models 199
Page 226 and 227:
Medium Access Control with Directio
Page 228 and 229:
Medium Access Control with Directio
Page 230 and 231: Medium Access Control with Directio
Page 242 and 243: Routing with Directional Antennas 2
Page 248 and 249: Broadcast with Directional Antennas
Page 250 and 251: Broadcast with Directional Antennas
Page 252 and 253: Summary 227 [4] [5] [6] [7] [8] [9]
Page 254 and 255: Chapter 8 QOS ISSUES IN AD-HOC NETW
Page 256 and 257: Introduction 231 The concept of ad-
Page 258 and 259: Physical Layer 233 The 802.11a stan
Page 260 and 261: Medium Access Layer 235 neighbors,
Page 262 and 263: Medium Access Layer 237 Figure 8.5.
Page 264 and 265: QoS Routing 239 where is the number
Page 266 and 267: QoS at other Networking Layers 241
Page 268 and 269: Inter-Layer Design Approaches 243 8
Page 270 and 271: Conclusion 245 are specifically des
Page 272 and 273: Conclusion 247 [13] S. Mangold, S.
Page 274 and 275: Chapter 9 SECURITY IN MOBILE AD-HOC
Page 276 and 277: Potential Attacks 251 attacks, such
Page 278 and 279: Attack Prevention Techniques 253 9.
Page 282 and 283: Intrusion Detection Techniques 257
Page 290 and 291: Conclusion 265 an important and sti
Page 292 and 293: Conclusion 267 [24] [25] [26] [27]
Page 294 and 295: Index Ad hoc network multicast rout
show all

Ad Hoc Networks : Technologies and Protocols - University of ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?