The secure operation of the routing protocol is one of the majorchallenges to be met for the proliferation of the Mobile Ad hocNetworking (MANET) paradigm. Nevertheless, securityenhancements have been proposed mostly for reactive MANETprotocols. The proposed here Secure Link State Routing Protocol(SLSP) provides secure proactive topology discovery, which canbe multiply beneficial to the network operation. SLSP can beemployed as a stand-alone protocol, or fit naturally into a hybridrouting framework, when combined with a reactive protocol.SLSP is robust against individual attackers, it is capable ofadjusting its scope between local and network-wide topologydiscovery, and it is capable of operating in networks offrequently changing topology and membership.

Ad-hoc networks — and in particular wireless mobile ad-hoc networks — have unique characteristics and constraints that make traditional cryptographic mechanisms and assumptions inappropriate. In particular, it may not be warranted to assume pre-existing shared secrets between members of the network or the presence of a common PKI. Thus, the issue of key distribution in ad-hoc networks represents an important problem. Unfortunately, this issue has been largely ignored; as an example, most protocols for secure ad-hoc routing assume that key distribution has already taken place. Traditional key distribution schemes either do not apply in an ad-hoc scenario or are not efficient enough for small, resource-constrained devices. We propose to combine efficient techniques from identity-based (ID-based) and threshold cryptography to provide a mechanism that enables flexible and efficient key distribution while respecting the constraints of ad-hoc networks. We also discuss the available mechanisms and their suitability for the proposed task. 1.

Protecting the network layer from malicious attacks is an important yet challenging security issue in mobile ad hoc networks. In this paper we describe SCAN, a unified networklayer security solution for such networks that protects both routing and data forwarding operations through the same reactive approach. SCAN does not apply any cryptographic primitives on the routing messages. Instead, it protects the network by detecting and reacting to the malicious nodes. In SCAN, local neighboring nodes collaboratively monitor each other and sustain each other, while no single node is superior to the others. SCAN also adopts a novel credit strategy to decrease its overhead as time evolves. In essence, SCAN exploits localized collaboration and information cross-validation to protect the network in a self-organized manner. Through both analysis and simulation results we demonstrate the effectiveness of SCAN even in a highly mobile and hostile environment.

An authentication service is one of the the most fundamental building blocks for providing communication security. In this paper, we present the MOCA (MObile Certificate Authority) key management framework designed to provide authentication service for ad hoc wireless networks. MOCA is a distributed certificate authority (CA) based on threshold cryptography. We present a set of guidelines for a secure configuration of threshold cryptography to maintain strong security. MOCA utilizes a carefully selected set of mobile nodes to function as a collective certificate authority while the MOCA nodes are kept anonymous. Equipped with a novel routing protocol designed to support the unique communication pattern for certification traffic, MOCA achieves high availability without sacrificing security. Both the security of the framework and the operational performance is evaluated with rigorous analysis and extensive simulation study. 1

Ad hoc networks rely on the cooperation of the nodes participating in the network to forward packets for each other. A node may decide not to cooperate to save its resources while still using the network to relay its tra#c. If too many nodes exhibit this behavior, network performance degrades and cooperating nodes may find themselves unfairly loaded. Most previous e#orts to counter this behavior ([4],[5],[6],[21]) have relied on further cooperation between nodes to exchange reputation information about other nodes. If a node observes another node not participating correctly, it reports this observation to other nodes who then take action to avoid being a#ected and potentially punish the bad node by refusing to forward its tra#c. Unfortunately, such second-hand reputation information is subject to false accusations and requires maintaining trust relationships with other nodes. The objective of OCEAN is to avoid this trust-management machinery and see how far we can get simply by using direct first-hand observations of other nodes' behavior. We find that, in many scenarios, OCEAN can do as well as, or even better than, schemes requiring second-hand reputation exchanges. This encouraging result could possibly help obviate solutions requiring trust-management for some contexts.

The vision of nomadic computing with its ubiquitous access has stimulated much interest in the Mobile Ad Hoc Networking (MANET) technology. However, its proliferation strongly depends on the availability of security provisions, among other factors. In the open, collaborative MANET environment practically any node can maliciously or selfishly disrupt and deny communication of other nodes. In this paper, we present and evaluate the Secure Message Transmission (SMT) protocol, which safeguards the data transmission against arbitrary malicious behavior of other nodes. SMT is a lightweight, yet very effective, protocol that can operate solely in an end-to-end manner. It exploits the redundancy of multi-path routing and adapts its operation to remain efficient and effective even in highly adverse environments. SMT is capable of delivering up to 250% more data messages than a protocol that does not secure the data transmission. Moreover, SMT outperforms an alternative single-path protocol, a secure data forwarding protocol we term Secure Single Path (SSP) protocol. SMT imposes up to 68% less routing overhead than SSP, delivers up to 22% more data packets and achieves end-to-end delays that are up to 94% lower than those of SSP. Thus, SMT is better suited to support QoS for real-time communications in the ad hoc networking environment. The security of data transmission is achieved without restrictive assumptions on the network nodes' trust and network membership, without the use of intrusion detection schemes, and at the expense of moderate multi-path transmission overhead only.

Significant progress has been made towards making ad hoc networks secure and DoS resilient. However, little attention has been focused on quantifying DoS resilience: Do ad hoc networks have sufficiently redundant paths and counter-DoS mechanisms to make DoS attacks largely ineffective? Or are there attack and system factors that can lead to devastating effects? In this paper, we design and study DoS attacks in order to assess the damage that difficultto -detect attackers can cause. The first attack we study, called the JellyFish attack, is targeted against closed-loop flows such as TCP; although protocol compliant, it has devastating effects. The second is the Black Hole attack, which has effects similar to the JellyFish, but on open-loop flows. We quantify via simulations and analytical modeling the scalability of DoS attacks as a function of key performance parameters such as mobility, system size, node density, and counter-DoS strategy. One perhaps surprising result is that such DoS attacks can increase the capacity of ad hoc networks, as they starve multi-hop flows and only allow one-hop communication, a capacity-maximizing, yet clearly undesirable situation.

Restricting network access of routing and packet forwarding to well-behaving nodes, and denying access from misbehaving nodes are critical for the proper functioning of a mobile ad-hoc network where cooperation among all networking nodes is usually assumed. However, the lack of a network infrastructure, the dynamics of the network topology and node membership, and the potential attacks from inside the network by malicious and/or non-cooperative selfish nodes make the conventional network access control mechanisms not applicable. We present URSA, a ubiquitous and robust access control solution for mobile ad-hoc networks. URSA implements ticket certification services through multiple-node consensus and fully localized instantiation, and uses tickets to identify and grant network access to well-behaving nodes. In URSA, no single node monopolizes the access decision or is completely trusted, and multiple nodes jointly monitor a local node and certify/revoke its ticket. Furthermore, URSA ticket certification services are fully localized into each node's neighborhood to ensure service ubiquity and resilience. Through analysis, simulations and experiments, we show that our design effectively enforces access control in the highly dynamic, mobile ad-hoc network.

Most proposed routing protocols for mobile ad hoc networks are vulnerable to modification, impersonation and fabrication attacks. The proposed secure rout8 Mobile Computing and Communications Review, Volume 6, Number 4 ing protocol, Authenticated Routing for Ad Hoc Networks, prevents such attacks through message authentication, integrity and non-repudiation. Simulation results show that ARAN maintains good network performance while offering significant security advantages over existing routing protocols.

An ad-hoc network of wireless nodes is a temporarily formed network, created, operated and managed by the nodes themselves. It is also often termed an infrastructure-less, self-organized, or spontaneous network. Nodes assist each other by passing data and control packets from one node to another, often beyond the wireless range of the original sender. The execution and survival of an ad-hoc network is solely dependent upon the cooperative and trusting nature of its nodes.