Utilising behaviour history and fuzzy trust levels to enhance security in ad-hoc networks

Hallani, Houssein, University of Western Sydney, College of Health and Science, School of Computing and Mathematics

January 2007

A wireless Ad-hoc network is a group of wireless devices that communicate with each other without utilising any central management infrastructure. The operation of Ad-hoc networks depends on the cooperation among nodes to provide connectivity and communication routes. However, such an ideal situation may not always be achievable in practice. Some nodes may behave maliciously, resulting in degradation of the performance of the network or even disruption of its operation altogether. The ease of establishment, along with the mobility capabilities that these networks offer, provides many advantages. On the other hand, these very characteristics, as well as the lack of any centralised administration, are the root of several nontrivial challenges in securing such networks. One of the key objectives of this thesis is to achieve improvements in the performance of Ad-hoc networks in the presence of malicious nodes. In general, malicious nodes are considered as nodes that subvert the capability of the network to perform its expected functions. Current Ad-hoc routing protocols, such as the Ad-hoc On demand Distance Vector (AODV), have been developed without taking the effects of misbehaving nodes into consideration. In this thesis, to mitigate the effects of such nodes and to attain high levels of security and reliability, an approach that is based on the utilisation of the behaviour history of all member nodes is proposed. The aim of the proposed approach is to identify routes between the source and the destination, which enclose no, or if that is not possible, a minimal number, of malicious nodes. This is in contrast to traditional approaches that predominantly tend to use other criteria such as shortest path alone. Simulation and experimental results collected after applying the proposed approach, show significant improvements in the performance of Ad-hoc networks even in the presence of malicious nodes. However, to achieve further enhancements, this approach is expanded to incorporate trust levels between the nodes comprising the Ad-hoc network. Trust is an important concept in any relation among entities that comprise a group or network. Yet it is hard to quantify trust or define it precisely. Due to the dynamic nature of Ad-hoc networks, quantifying trust levels is an even more challenging task. This may be attributed to the fact that different numbers of factors can affect trust levels between the nodes of Ad-hoc networks. It is well established that fuzzy logic and soft computing offer excellent solutions for handling imprecision and uncertainties. This thesis expands on relevant fuzzy logic concepts to propose an approach to establish quantifiable trust levels between the nodes of Ad-hoc networks. To achieve quantification of the trust levels for nodes, information about the behaviour history of the nodes is collected. This information is then processed to assess and assign fuzzy trust levels to the nodes that make up the Ad-hoc network. These trust levels are then used in the routing decision making process. The performance of an Ad-hoc network that implements the behaviour history based approach using OPtimised NETwork (OPNET) simulator is evaluated for various topologies. The overall collected results show that the throughput, the packet loss rate, and the round trip delay are significantly improved when the behaviour history based approach is applied. Results also show further enhancements in the performance of the Ad-hoc network when the proposed fuzzy trust evaluation approach is incorporated with a slight increase in the routing traffic overhead. Given the improvements achieved when the fuzzy trust approach is utilised, for further enhancements of security and reliability of Ad-hoc networks, future work to combine this approach with other artificial intelligent approaches may prove fruitful. The learning capability of Artificial Neural Networks makes them a prime target for combination with fuzzy based systems in order to improve the proposed trust level evaluation approach. / Doctor of Philosophy (PhD)

ad hoc networks (computer networks)

computer networks

security measures

fuzzy logic

neural networks

Ad hoc wireless networks flooding and statistical understanding of node movement /

Mancera-Mendez, German Andres.

January 2006

Thesis (M.S.E.C.E)--University of Delaware, 2006. / Principal faculty advisor: Leonard J. Cimini, Jr., Electrical and Computer Engineering. Includes bibliographical references.

Performance improvement in mobile ad-hoc networks.

Park, Sung Jin

08 November 2012

The objective of this research is to enhance the network performance under realistic mobile ad-hoc networks environments without modification of the standard. Overview of this research is summarized as follows: First, a packet-fragmentation technique to improve network throughput under the worst channel conditions is proposed. While the conventional packet-fragmentation technique research focuses only on random-bit errors, the proposed technique employs both random bit errors and hidden-node collisions. The analytical models based on Markov-chain model shows that the optimal fragmentation technique can effectively reduce the number of retransmissions caused by both collisions from hidden nodes and corrupted packets by random bit errors, and eventually improving throughput in noisy VANETs channels. As a second contribution, a dynamic service-channel allocation (DSCA) scheme is proposed to maximize the network throughput by dynamically assigning different service channels to the users. The theoretical analysis in this thesis will consider wireless access in the vehicular environment (WAVE) protocol, which is the main characteristic of the vehicular ad-hoc networks standard (the IEEE 802.11p). To summarize, the main contribution of this research is that two schemes will improve the network throughput significantly without modification of the standard. Therefore, there is no implementation issue to deploy the proposed schemes in real devices.

Packet fragmentation

VANETs

Performance

MANETs

Ad hoc networks (Computer networks)

Wireless communication systems

Mobile communication systems

An adaptive approach for optimized opportunistic routing over Delay Tolerant Mobile Ad hoc Networks /

Zhao, Xiaogeng.

January 2007

Thesis (Ph.D. (Computer Science)) - Rhodes University, 2008.

An energy-efficient transmission power control protocol for cooperative robotics

Kothandaraman, Arthi, Roppel, Thaddeus A.,

January 2008

Thesis (M.S.)--Auburn University, 2008. / Abstract. Vita. Includes bibliographical references (p. 41-44).

Performance evaluation of on demand multicast routing protocol for ad hoc wireless networks

Khan, Nabeel Pervaiz.

January 2009

Thesis (M.S.)--University of Delaware, 2009. / Principal faculty advisor: Charles G. Boncelet, Dept. of Computer & Information Sciences. Includes bibliographical references.

Spatial modelling and analysis of wireless ad-hoc and sensor networks: an energy perspective

Baek, Seung Jun

28 August 2008

Not available / text

Sensor networks--Mathematical models

Spatial analysis (Statistics)

Security protocols for mobile ad hoc networks

Davis, Carlton R.

January 2006

Mobile ad hoc networks (MANETs) are generating much interest both in academia and the telecommunication industries. The principal attractions of MANETs are related to the ease with which they can be deployed due to their infrastructure-less and decentralized nature. For example, unlike other wireless networks, MANETs do not require centralized infrastructures such as base stations, and they are arguably more robust due to their avoidance of single point of failures. Interestingly, the attributes that make MANETs attractive as a network paradigm are the same phenomena that compound the challenge of designing adequate security schemes for these innovative networks. / One of the challenging security problems is the issue of certificate revocation in MANETs where there are no on-line access to trusted authorities. In wired network environments, when certificates are to be revoked, certificate authorities (CAs) add the information regarding the certificates in question to certificate revocation lists (CRLs) and post the CRLs on accessible repositories or distribute them to relevant entities. In purely ad hoc networks, there are typically no access to centralized repositories or trusted authorities; therefore the conventional method of certificate revocation is not applicable. / Another challenging MANET security problem is the issue of secure routing in the presence of selfish or adversarial entities which selectively drop packets they agreed to forward; and in so doing these selfish or adversarial entities can disrupt the network traffic and cause various communication problems. / In this thesis, we present two security protocols we developed for addressing the above-mentioned MANET security needs. The first protocol is a decentralized certificate revocation scheme which allows the nodes within a MANET to have full control over the process of certificate revocation. The scheme is fully contained and it does not rely on any input from centralized or external entities such as trusted CAs. The second protocol is a secure MANET routing scheme we named Robust Source Routing (RSR). In addition to providing data origin authentication services and integrity checks, RSR is able to mitigate against intelligent, colluding malicious agents which selectively drop or modify packets they are required to forward.

Trust establishment in mobile ad hoc networks.

January 2010

The central focus of this dissertation is mobile ad hoc networks (MANETs) and their security. MANETs are autonomous networks of wireless nodes connected in an ad hoc manner, and have unique characteristics that make them difficult to secure. The principal aims of this investigation are to discuss the research and evaluation of existing mechanisms to secure MANETs and to design the implementation of a unique security mechanism. Key management is a major challenge in these networks due to the lack of fixed network infrastructure. In presenting a survey of the existing key management solutions for MANETs, the findings indicate that most security attacks target the network layer and more specifically the routing protocol. Consequently, the provision of secure routes is a vital element for trust establishment, and accordingly a survey is provided of the existing secure ad hoc routing protocols. The observation is made that most secure ad hoc routing protocols assume the existence of a key management system to certify, authenticate, and distribute keying information. Mobile ad hoc networks cannot assume the existence of a centralized authority member to perform key management tasks, and the problem of key management must be addressed. A novel key management solution called Direct Indirect Trust Distribution (DITD) is proposed for an on-demand ad hoc routing protocol. The solution includes a trust evaluation mechanism and a key distribution scheme to distribute keying information in the form of certificates. The key distribution scheme performs localized certificate exchanges following the routing procedure. A security evaluation metric is proposed that aggregates trust along a path based on a security metric and the path distance. The proposed solution is implemented on a modified AODV routing protocol, and simulated on the ns2 Network Simulator. Simulations are conducted in order to compare the performance of the AODV and DITD protocols. The simulation results show that the DITD model provides key distribution and trust path selection with minimal effect on the routing agent. The findings of the investigation confirm that DITD can be used as a basis for the operation of existing security protocols requiring a secure key distribution mechanism. / Thesis (M.Sc.Eng.)-University of KwaZulu-Natal, Durban, 2010.

Ad hoc networks (Computer networks)

Wireless communication systems.

Theses--Electronic engineering.

Ad hoc distributed simulation: a method for embedded online simulations

Huang, Ya-Lin

20 September 2013

The continual growth of computing power in small devices has motivated the development of novel approaches to optimizing operational systems efficiently and effectively. These optimization problems are often so complex that solving them analytically may be difficult, if not prohibited. One method for solving such problems is to use online simulation. However, challenges in using online simulation include the issues of responsiveness (e.g., because of communication delays), scalability, and failure resistance. To tackle these issues, this study proposes embedding online simulations into a network of sensors that monitors the system under investigation. This thesis explores an approach termed “ad hoc distributed simulation,” which is based on embedding online simulations into a sensor network and adding communication and synchronization among simulators to model operational systems. This approach offers several potential advantages over existing approaches: (1) it can provide rapid response to system dynamics as well as efficiency since data exchange is local to the sensor network, (2) it can achieve better scalability to incorporate more sensors, and (3) it can provide better robustness to failures because portions of the system are still under local control. This research addresses several statistical issues in this ad hoc approach: (1) rapid and effective estimation of the input processes at model boundaries, (2) estimation of system-wide performance measures from individual simulator outputs, and (3) correction mechanisms responding to unexpected events or inaccuracies within the model. This thesis examines ad hoc distributed simulation analytically and experimentally, mainly focusing on the accuracy of predicting the performance of open queueing networks. First, the analytical part formalizes the ad hoc approach and evaluates its accuracy at modeling certain class of open queueing networks with regard to the steady-state system performance measures. This work concerning steady-state metrics is extended to a broader class of networks by an empirical study, which presents evidence to show that the ad hoc approach can generate predictions comparable to those from sequential simulations. Furthermore, a “buffered-area” mechanism is proposed to substantially reduce prediction bias with a moderate increase in execution time. In addition to those steady-state studies, another empirical study targets the prediction accuracy of the ad hoc approach at open queueing networks with short-term system-state transients. This study demonstrates that, with slight modification to the prior design of the ad hoc queueing simulation method for those steady-state studies, system dynamics can be well modeled. The results, again, support the conclusion that the ad hoc approach is competitive to the sequential simulation method in terms of prediction accuracy.

Distributed simulation

Simulation methodology

Computer simulation

Sensor networks

Ad hoc networks (Computer networks)