A Security Framework to Cope With Node Misbehaviors in Mobile Ad Hoc Networks

Ph.D. Dissertation Defense

A Mobile Ad-hoc NETwork (MANET) has no fixed infrastructure, and is generally composed of a dynamic set of cooperative peers. These peers share their wireless transmission power with other peers so that indirect communication can be possible between nodes that are not in the radio range of each other . The nature of MANETs, such as node mobility, unreliable transmission medium and restricted battery power, makes them extremely vulnerable to a variety of node misbehaviors. Wireless links, for instance, are generally prone to both passive eavesdropping and active intrusion. Another security concern in ad hoc networks is caused by the cooperative nature of the nodes. Attacks from external adversaries may disturb communications, but the external intruder generally cannot directly participate in the cooperative activities among the nodes because they do not possess the proper secure credentials, such as shared keys. However, compromised nodes, which are taken over by an adversary, are capable of presenting the proper secure credentials, and consequently can interfere with almost all of the network operations, including route discovery, key management and distribution, and packet forwarding. Hence, it is essential to cope with node misbehaviors so as to secure mobile ad hoc networks.

In this dissertation, we address the question of how to ensure that a MANET will properly operate despite the presence of various node misbehaviors by building a holistic framework that can cope with various node misbehaviors in an intelligent and adaptive manner. The main purpose of this framework is to provide a platform so that the components that identify and respond to misbehaviors can better cooperate with each other and quickly adapt to the changes of network context. Therefore, policies are utilized in our framework in order to make those components correctly function in different network contexts. Besides the policy component, there are three other components, which fulfill the tasks of misbehavior detection, trust management, and context awareness, respectively. To validate and evaluate our proposed framework, we implement our framework based on a simulator.

The specific contributions of this dissertation are: (i) Develop a framework to combine the functionalities of surveillance and detection of misbehavior, trust management, context awareness, and policy management to provide a high-level solution to cope with various misbehaviors in MANETs in an intelligent and adaptive manner; (ii) Utilize the outlier detection technique as well as the Support Vector Machine (SVM) algorithm to detect node misbehaviors, and both techniques do not require a pre-defined fix threshold for misbehavior detection; (iii) Trust is modeled in a vector instead of a single scalar so that it can reflect the trustworthiness of a node in a more accurate manner; (iv) Sense and record various contextual information, such as network status (channel busy/idle, etc.), node status (transmission buffer full/empty, battery full/low, etc.) and environmental factors (altitude, velocity, temperature, weather condition, etc.), so that we can distinguish truly malicious behaviors from faulty behaviors and also more accurately evaluate nodes' trust; (v) Specify and enforce policies in the proposed framework, which makes the framework promptly adapt to the rapidly changing network context.

Committee:

• Dr. Anupam Joshi (Chair)
• Dr. Tim Finin
• Dr. Yelena Yesha
• Dr. Yun Peng
• Dr. Lalana Kagal (MIT CSAIL)