Security for Wireless Ad Hoc Networks

FAROOQ ANJUM, PhD, is a senior scientist at Telcordia Technologies. He is also an adjunct professor at both the University of Pennsylvania and Stevens Institute of Technology. His research focuses on problems in diverse areas such as security in computer networks, wireless technologies, middleware, and next generation networks. PETROS MOUCHTARIS, PhD, leads Telcordia's research department in information assurance and security, including security for wireless ad hoc networks.

Preface. Foreword.

Acknowledgments.

1 Introduction.

1.1 Definition of Wireless Ad Hoc Networks.

1.2 Applications of Wireless Ad Hoc Networks.

1.3 Threats, Attacks, and Vulnerabilities.

1.3.1 Threats.

1.3.2 Vulnerabilities in Ad Hoc Networks.

1.3.3 Attacks.

1.4 Overview of the Book.

2 Basic Security Concepts.

2.1 Introduction.

2.2 Basic Concepts.

2.2.1 Attributes.

2.2.2 Cryptographic Primitives.

2.3 Modes of Operation.

2.4 Miscellaneous Properties.

2.4.1 One-Way Property of Hash Chains.

2.4.2 TESLA.

2.5 Summary.

3 Key Management.

3.1 Introduction.

3.2 Traditional Solution.

3.3 Solutions for Ad Hoc Networks.

3.3.1 Asymmetric Key-Based Approach.

3.3.2 Symmetric Key-Based Approach.

3.4 Summary.

4 Secure Routing.

4.1 Introduction.

4.1.1 Distance-Vector and Link-State Routing.

4.1.2 Proactive vs Reactive Routing.

4.2 Ad Hoc On-Demand Distance Vector.

4.2.1 Secure AODV.

4.2.2 Authenticated Routing for Ad Hoc Networks (ARAN).

4.2.3 Security-Aware Ad Hoc Routing.

4.3 Dynamic Source Routing Protocol.

4.3.1 Secure Routing Protocol.

4.3.2 Ariadne.

4.3.3 EndairA: A Provably Secure Routing Protocol.

4.4 Destination-Sequenced Distance-Vector Routing Protocol.

4.4.1 Secure Efficient Distance Vector Routing (SEAD).

4.4.2 SuperSEAD.

4.4.3 S-DSDV.

4.5 Optimized Link-State Routing Protocol.

4.5.1 Secure Extension to OLSR.

4.5.2 Secure Link-State Routing Protocol.

4.6 Anonymous Routing Protocols.

4.6.1 ANODR.

4.6.2 MASK.

4.7 Generic Attacks Against Routing.

4.7.1 Wormhole Attacks.

4.7.2 Rushing Attacks.

4.7.3 Sybil Attacks.

4.8 Summary.

5 Intrusion Detection Systems.

5.1 Introduction.

5.1.1 Traditional IDS Systems.

5.2 Unique IDS Challenges in MANET.

5.3 Threat Model.

5.4 Architecture for Intrusion Detection in MANET.

5.4.1 Noncollaborative Intrusion Detection System.

5.4.2 Cooperative Intrusion Detection.

5.4.3 Key Novel Concepts for Cooperative Intrusion Detection in MANET.

5.5 Evidence Collection.

5.5.1 Local Evidence.

5.5.2 Promiscuous Monitoring.

5.5.3 Evidence made Available by Other Nodes.

5.6 Detection of Specific Attacks.

5.6.1 Detection of Packet Dropping Attacks.

5.6.2 Detection of Attacks Against Routing Protocols.

5.7 Summary.

6 Policy Management.

6.1 Introduction.

6.2 Policy-Based Network Management.

6.2.1 Overview.

6.2.2 Architecture.

6.2.3 Policy Languages.

6.2.4 Distributed Policy Management Architecture.

6.2.5 IETF and DMTF Standardization Activities.

6.3 Application of Policy Management to Security Management.

6.3.1 Role-Based Access Control (RBAC).

6.3.2 Trust Management and the KeyNote System.

6.3.3 Firewall Management.

6.3.4 Policy Enforcement in a Wireless Ad Hoc Network.

6.4 Summary.

7 Secure Localization.

7.1 Introduction.

7.2 Localization.

7.2.1 Ranging.

7.2.2 Computation.

7.2.3 Attacks.

7.3 Secure Localization.

7.3.1 Distance Bounding Techniques.

7.3.2 Verifiable Multilateration.

7.3.3 Directional Antennae-Based Schemes.

7.3.4 Transmission Range Variation-Based Schemes.

7.3.5 Hybrid Schemes.

7.3.6 Malicious Beacons.

7.4 Summary.

8 Conclusions and Future Research.

8.1 Vehicular Networks.

8.1.1 Differences with MANET.

8.1.2 Open Problems and Solutions.

8.2 Summary.

Acronyms.

References.

Index.