Light weight security architecture for ad hoc networks
Charles Joseph, John Felix
Date of Issue2010
School of Computer Engineering
Centre for Multimedia and Network Technology
The primary objective of the work is to design a security architecture which suits the inherent properties of ad hoc networks. Ad hoc networks are infrastructure-less, highly autonomous and distributed, and consist of nodes which are mostly limited in resources such as, battery power, processing and memory capacity. These inherent properties of ad hoc network have led us to design a novel security architecture that suits the ad hoc network characteristics. Typical security architecture comprises of three major components, namely, cryptography, intrusion detection and trust management. In legacy security architectures, cryptographic mechanisms are considered the prime component. However, due to the aforementioned characteristics of ad hoc networks and the complexity of encryption and key management algorithms, cryptography is hard to implement. Thus, in this work, we design a comprehensive security architecture for ad hoc networks with the absence of cryptographic mechanisms. Though the inherent properties of ad hoc networks have caused the paradigm shift in security design for ad hoc networks, there is a unique property in ad hoc networks which needs critical security consideration. The routing methodology in ad hoc networks is "cooperative routing", where nodes depend on their neighbors for routing and data forwarding. This dependency of cooperative behavior from neighbors for routing has spawned an unprecedented vulnerability to attack at the routing layer level. Hence, securing the routing protocol is critical for ad hoc networks. Thus, the prime focus of the security architecture's design is to provide a light-weight routing security for ad hoc networks. The architecture defines three processes, namely, detection, decision and response. Detection process monitors neighbor nodes' routing and data forwarding behavior and identifies malicious activity. Decision process computes the trustworthiness of neighbors by corroborating its local detection outcome with other neighbors' recommendations. The decision process yields the trustworthiness metric for each neighbor. In the response process, the computed trustworthiness metric is integrated into the ad hoc routing protocol's route computation process. Thus, trustworthy nodes are preferred in routes computed by the ad hoc routing protocol.
DRNTU::Engineering::Computer science and engineering::Computer systems organization::Computer-communication networks