Integrated prevention and detection of Byzantine attacks in mobile ad hoc networks.

摘要

A mobile ad hoc network (MANET) consists of several wireless hosts that are capable of communicating with each other without the use of a network infrastructure or any centralized administration. Owing to the use of wireless channels and broadcasts for route discovery and maintenance techniques involving all nodes in the networks, MANETs are more vulnerable to security attacks than conventional wired and wireless networks. Byzantine attacks, in which attackers have full control of one or more authenticated nodes, collude with one another and use the most effective strategies to disrupt the network, are even more difficult to prevent and mitigate. Existing secure routing protocols (preventive solutions) do not handle such colluding Byzantine attacks well, and known intrusion detection techniques (post-attack solutions) are incomplete, and often inaccurate. Typically both approaches are software only solutions and lack experimental validation and/or vigorous theoretical justification.;In this dissertation, we provide an integrated solution to security issues in MANETs. Our solution consists of both secure routing protocols and support for reliable and efficient intrusion detection techniques (IDTs) to detect and mitigate attacks. We present new techniques to mitigate colluding attacks using software fortification at the network layer.;Through analysis of existing IDTs using analytical models, experiments on a testbed, and simulations, we show that software based intrusion detection systems are likely to be inaccurate and ineffective. Therefore we propose the use of limited hardware support to facilitate accurate and efficient intrusion detection. The hardware support is put in a new tamper-resistant communication (TRC) module between the network and data link layers. We identify the network-layer functionality that is incorporated within TRC, describe a log mechanism to record various network-layer events, and dissemination mechanisms that can be used to securely distribute these logs. We show the effectiveness of TRC in preventing, mitigating, or detecting a wide variety of known attacks. This combined with our current results on secure routing provides the most comprehensive and analyzed solutions to MANET security in the literature.