Network securities against compromised nodes in disruption tolerant mobile ad hoc networks

Abstract

In Singapore, the Singapore Armed Forces makes use of Mobile Ad Hoc Networks to communicate as it does not require an existing network infrastructure. Instead their mobile devices can communicate with each other using multi-hop wireless links. However, there are several disadvantages in MANETs; network security being a main concern due to highly classified information exchanged in military operations. A compromised node will cause disruption to the network operations which could threaten the safety of the army. Therefore in this project we aim to propose schemes to effectively detect and prevent forwarding misbehaviors to the MANET by malicious nodes. Our research has shown that the Network Monitoring Scheme [30][3][6] is the most effective anomaly detection method to date. Using this network monitoring system, we suggest that whenever there is activity between two nodes, both will act as the ‘monitoring’ and ‘monitored’ node. Their activities will then be recorded in a monitoring table. In order to get a complete report on the monitored node, it will require the monitoring table records from all its 1-hop neighbors. The values derived from the table records are applied to intrusion detection algorithms for different attacks. A simulation test was run to detect nodes compromised by most packet dropping and flooding attacks. This report documents the studies on different attacks and solutions in MANET. We believe our analysis gained in this research can be useful in future work against multiple and more complex network attacks.