A SECURITY FRAMEWORK FOR MOBILE AD HOC NETWORKS

Open Access
Author:
Hsu, Hung-Yuan
Graduate Program:
Computer Science and Engineering
Degree:
Doctor of Philosophy
Document Type:
Dissertation
Date of Defense:
October 02, 2008
Committee Members:
  • Jialiang Zhu, Dissertation Advisor
  • Ali R Hurson, Committee Chair
  • Sencun Zhu, Committee Chair
  • Trent Ray Jaeger, Committee Member
  • Piotr Berman, Committee Member
  • Ling Rothrock, Committee Member
Keywords:
  • Traceback
  • Network Access Control
  • Ad Hoc Networks
  • Power Efficiency
Abstract:
Mobile Ad Hoc Networks are networks composed of autonomous resource scare mobile nodes, built upon open media accessible to anonymous nodes, and operating in an isolated environment where each node has to defend itself without trustworthy gateways. These characteristics make the security issues more challenging in a Mobile Ad Hoc Networks than the Internet, since a wide variety of attacks could exploit its weaknesses. In this thesis, we propose a security framework for Mobile Ad Hoc networks which consists of a network access control protocol and an online traceback protocol. The thesis addresses five major challenges in mobile ad hoc networks security. It: (i) Introduces a lightweight mechanism to restrict non-authorized network access, (ii) Proposes a theoretical model to study the characteristics of the online traceback, (iii) Proposes a protocol to localize the attack, (iv) Studies the impact of performance by introducing the aforementioned network access control and online traceback protocols, finally, (v) Evaluates the power efficiency of the proposed security framework. As advanced in the literature, most ad hoc networks do not implement any network access control, leaving these networks vulnerable to the attack by malicious party injecting packets into the network with the goal of depleting the resources. A Lightweight Inter-layer Protocol (LIP) is proposed to prevent packet injection attacks based on an efficient local broadcast authentication mechanism. Our research makes the first effort to quantitatively analyze the impacts of node mobility, attack packet rate, and intrusion response time on the traceability of two types of well-known IP traceback schemes: namely, probabilistic packet marking (PPM) and hash-based logging. Based on the principle of divide and conquer, we propose an efficient online traceback scheme that works by dividing a forwarding path into multiple interweaving fragments. We assess the performance of the proposed security protocols by conducting extensive simulations studies. Finally, the thesis introduces a power consumption model and evaluates the power efficiency of the proposed security framework.