• PDF / 462,922 Bytes
• 15 Pages / 430 x 660 pts Page_size
• 98 Downloads / 209 Views

DOWNLOAD

REPORT

tract. In this paper, we investigate the use of Aspect-Oriented Programming (AOP) [13] in the domain of Mobile Ad-hoc NETworks (MANETs). More precisely we study the availability issues in Proactive routing protocols. This paper classifies the different possible attacks and examines the countermeasures to ensure availability. Our approach is based on a detection-reaction process. The reasoning followed by the detection process is built on a formal description of normal and incorrect node behaviors. This model allows us to derive security properties. These properties are woven into our implementation using the AOP. Our algorithm checks if these security properties are violated. If they are, detection of incorrect (malicious) behaviors occurs to allow the normal node to find a path without incorrect node behavior. Therefore the detector node sends to its neighborhood the detection information to allow its neighbors to avoid choosing the intruder as a node to cross to. A node chooses the path using its local diagnosis and the reputation of other nodes. Using a field in the standard control message to communicate the detections, our approach does not change the message format, so it is very easy to use and there is no overhead. While we use OLSR as an example of protocol for our studies, we argue that the presented techniques apply equally to any proactive routing protocol for MANETs. Keywords: Mobile Ad Hoc Network, Intrusion Detection, Availability, OLSR, Routing.

1

Introduction

A Mobile Ad-hoc NETwork (MANET) is a collection of nodes which are able to connect to a wireless medium forming an arbitrary and dynamic network. The routing protocol ensures that all nodes at all times can reach all destinations in the network. However several attacks can occur against security in order to disrupt the network. In this paper, we investigate the issues of intrusion detection and response in MANET. As a main result, we provide a security extension to OLSR, a proactive MANET routing protocol. Our primary issue with respect to securing MANET routing protocols is to ensure the network integrity, even in presence of malicious nodes. It is not our propose in this paper to deal with node authentication which is an issue already investigated elsewhere[14]. Our approach is based on H. Zhang et al. (Eds.): MSN 2007, LNCS 4864, pp. 799–813, 2007. c Springer-Verlag Berlin Heidelberg 2007 

800

F. Cuppens et al.

a formal security model called Nomad [7]. This model allows us to express node behaviors (normal and incorrect behaviors). From these expressions, we can derive properties to specify a security policy. These properties are woven into the routing protocol using an Aspect-Oriented Programming (AOP). These properties are checked when a message is received in order to detect intrusions. If a property is violated, a reaction occurs and the node attempts to find another path or Multipoint Relay (MPR) keeping the malicious node away. In this case, the node sends relevant information related to the detection to its neighborhood. The neighbo

Recommend Documents

Detection of Misbehaviors in Clone Identities on Online Social Networks

160 67 38MB

NICE to ensure integrated approach to following safety recommendations

151 33 166KB

Randomization Methods to Ensure Data Privacy

169 72 4MB

Introduction to High Availability

170 23 7MB

A model-driven approach to ensure trust in the IoT

168 12 2MB

Availability Vulnerabilities Evaluation to LoRaWAN

188 65 80MB

Availability

187 71 26MB

Availability

165 6 6KB

Service Availability Third International Service Availability Sympos

144 91 7MB

Service Availability 5th International Service Availability Symposiu

178 78 95KB

Service Availability First International Service Availability Sympos

150 71 4MB

Data Availability

192 97 2MB