A Layer-Cluster Key Agreement Protocol for Ad Hoc Networks

Mobile ad hoc networks create additional challenges for implementing the group key establishment due to resource constraints on nodes and dynamic changes on topology. The nodes in mobile ad hoc networks are usually low power devices that run on battery power. As a result, the costs of the node resources should be minimized when constructing a group key agreement protocol so that the battery life could be prolonged. To achieve this goal, in this paper we propose a security efficient group key agreement protocol based on Burmester-Desmedt （BD） scheme and layer-cluster group model, referred to as LCKM-BD, which is appropriate for large mobile ad hoe networks. In the layer-cluster group model, BD scheme is employed to establish group key, which can not only meet security demands of mobile ad hoc networks but also improve executing performance. Finally, the proposed protocol LCKM-BD are compared with BD, TGDH （tree-based group Diffe-Hellman）, and GDH （group Diffie-Hellman） group key agreement protocols. The analysis results show that our protocol can significantly decrease both the computational overhead and communication costs with respect to these comparable protocols.

A Novel Approach towards Cost Effective Region-Based Group Key Agreement Protocol for Ad Hoc Networks Using Elliptic Curve Cryptography

This paper addresses an interesting security problem in wireless ad hoc networks: the dynamic group key agreement key establishment. For secure group communication in an ad hoc network, a group key shared by all group members is required. This group key should be updated when there are membership changes (when the new member joins or current member leaves) in the group. In this paper, we propose a novel, secure, scalable and efficient region-based group key agreement protocol for ad hoc networks. This is implemented by a two-level structure and a new scheme of group key update. The idea is to divide the group into subgroups, each maintaining its subgroup keys using group elliptic curve diffie-hellman (GECDH) Protocol and links with other subgroups in a tree structure using tree-based group elliptic curve diffie-hellman (TGECDH) protocol. By introducing region-based approach, messages and key updates will be limited within subgroup and outer group;hence computation load is distributed to many hosts. Both theoretical analysis and experimental results show that this Region-based key agreement protocol performs well for the key establishment problem in ad hoc network in terms of memory cost, computation cost and communication cost.

Trust-based co-operative routing for secure communication in mobile ad hoc networks

The working of a Mobile Ad hoc NETwork(MANET)relies on the supportive cooperation among the network nodes.But due to its intrinsic features,a misbehaving node can easily lead to a routing disorder.This paper presents two trust-based routing schemes,namely Trust-based Self-Detection Routing(TSDR)and Trust-based Cooperative Routing(TCOR)designed with an Ad hoc On-demand Distance Vector(AODV)protocol.The proposed work covers a wide range of security challenges,including malicious node identification and prevention,accurate trust quantification,secure trust data sharing,and trusted route maintenance.This brings a prominent solution for mitigating misbehaving nodes and establishing efficient communication in MANET.It is empirically validated based on a performance comparison with the current Evolutionary Self-Cooperative Trust(ESCT)scheme,Generalized Trust Model(GTM),and the conventional AODV protocol.The extensive simulations are conducted against three different varying network scenarios.The results affirm the improved values of eight popular performance metrics overcoming the existing routing schemes.Among the two proposed works,TCOR is more suitable for highly scalable networks;TSDR suits,however,the MANET application better with its small size.This work thus makes a significant contribution to the research community,in contrast to many previous works focusing solely on specific security aspects,and results in a trade-off in the expected values of evaluation parameters and asserts their efficiency.

Self-Organized Public-Key Management for Mobile Ad Hoc Networks Based on a Bidirectional Trust Model

In traditional networks , the authentication is performed by certificate authoritys（CA）,which can＇t be built in distributed mobile Ad Hoc Networks however. In this pa per, we propose a fully self-organized public key management based on bidirectional trust model without any centralized authority that allows users to generate their public-private key pairs, to issue certificates, and the trust relation spreads rationally according to the truly human relations. In contrast with the traditional self-organized public-key management, the average certificates paths get more short, the authentication passing rate gets more high and the most important is that the bidirectional trust based model satisfys the trust re quirement of hosts better.

Secure and efficient multi-message and multi-receiver ID-based signcryption for rekeying in ad hoc networks

In this paper, the security technology of ad hoc networks is studied.To improve the previous multi-receiver signcryption schemes, an ID-based multi-message and multi-receiver signcryption scheme for rekeying in ad hoc networks is proposed.In this scheme, a sender can simultaneously signcrypt n messeges for n receivers, and a receiver can unsigncrypt the ciphertext to get his message with his own private key.An analysis of this scheme indicates that it achieves authenticity and confidentiality in the random oracle model while being of lower computation and communication overhead.Finally, for the application of our scheme in ad hoc, a threshold key updating protocol for ad hoc networks is given.

Security Model Research Based on Trusted Computing in Ad Hoc Network

With the rapid development of wireless networks,the Ad Hoc networks are widely used in many fields,but the current network security solutions for the Ad Hoc network are not competitive enough.So the critical technology of Ad Hoc network applications shall be how to implement the security scheme.Here the discussions are focused on the specific solution against the security threats which the Ad Hoc networks will face,the methodology of a management model which uses trusted computing technology to solve Ad Hoc network security problems,and the analysis and verification for the security of this model.

Key Management Using Certificate-Based Cryptosystem in Ad Hoc Networks

This paper proposed a distributed key management approach by using the recently developed concepts of certificate-based cryptosystem and threshold secret sharing schemes. Without any assumption of prefixed trust relationship between nodes, the ad hoc network works in a self-organizing way to provide the key generation and key management services using threshold secret sharing schemes, which effectively solves the problem of single point of failure. The proposed approach combines the best aspects of identity-based key management approaches (implicit certification) and traditional public key infrastructure approaches (no key escrow).

AN IMMUNITY-BASED SECURITY ARCHITECTURE FOR MOBILE AD HOC NETWORKS

This paper focuses on investigating immunological principles in designing a multi-agent security architecture for intrusion detection and response in mobile ad hoc networks. In this approach, the immunity-based agents monitor the situation in the network. These agents can take appropriate actions according to the underlying security policies. Specifically, their activities are coordinated in a hierarchical fashion while sensing, communicating, decision and generating responses. Such an agent can learn and adapt to its environment dynamically and can detect both known and unknown intrusions. The proposed intrusion detection architecture is designed to be flexible, extendible, and adaptable that can perform real-time monitoring. This paper provides the conceptual view and a general framework of the proposed system. In the end, the architecture is illustrated by an example to show it can prevent the attack efficiently.

Multilevel security model for ad hoc networks

Modern battlefield doctrine is based on mobility, flexibility, and rapid response to changing situations. As is well known, mobile ad hoc network systems are among the best utilities for battlefield activity. Although much research has been done on secure routing, security issues have largely been ignored in applying mobile ad hoc network theory to computer technology. An ad hoc network is usually assumed to be homogeneous, which is an irrational assumption for armies. It is clear that soldiers, commanders, and commanders-in-chief should have different security levels and computation powers as they have access to asymmetric resources. Imitating basic military rank levels in battlefield situations, how multilevel security can be introduced into ad hoc networks is indicated, thereby controlling restricted classified information flows among nodes that have different security levels.

Complex Threshold Key Management for Ad Hoc Network

A complex threshold key management framework has been proposed, which canaddress the challenges posed by the unique nature of Ad hoc network. Depending on the cooperation ofthe controller and participation nodes, this scheme should be efficient in the operationenvironmental alteration and toleianl faults of node, which take the advantages of the benefits ofboth key management approaches and alleviate their limitations. For the cooperation of thecontroller and participation nodes, a (t, n) threshold Elliptic curve sign-encryption scheme withthe specified receiver also has been proposed. Using this threshold sign-encryption scheme, the keymanagement distributes the trust between a controller and a set of participation nodes.

A Partially Non-Cryptographic Security Routing Protocol in Mobile Ad Hoc Networks

In this paper, we propose a partially non-cryptographic security routing protocol （PNCSR） that protects both routing and data forwarding operations through the same reactive approach. PNCSR only apply public-key cryptographic system in managing token, but it doesn＇t utilize any cryptographic primitives on the routing messages. In PNCSR, each node is fair. Local neighboring nodes collaboratively monitor each other and sustain each other. It also uses a novel credit strategy which additively increases the token lifetime each time a node renews its token. We also analyze the storage, computation, and communication overhead of PNCSR, and provide a simple yet meaningful overhead comparison. Finally, the simulation results show the effectiveness of PNCSR in various situations.

A More Efficient Group Key Distribution Scheme for Wireless Ad hoc Networks

As the wireless medium is characterized by its lossy nature, reliable communication cannot be assumed in the key management scheme. Therefore self-healing is a good property for key distribution scheme in wireless applications. A new self-healing key distribution scheme was proposed, which is optimal in terms of user memory storage and efficient in terms of communication complexity.

Security of Ad Hoc Network

An Ad hoc network is composed of wireless mobile nodes.Because there is no other wired infrastructure such as base stations,the ad hoc network,unlike other wireless networks such as Wireless Local Area Network(WLAN),has to face attacks from both the control plane and the data plane.Ad hoc should ensure the routing security on the control plane,and the secure forwarding of packets on the data plane.The distributed network protocol should operate safely,and peer-to-peer nodes should have trusting relations for each other.For this purpose,a complete security solution should include three parts:security on the control plane,security on the data plane,and security of key management.

A NEW KEY MANAGEMENT METHOD FOR AD HOC NETWORKS

Some security-sensitive fields like military scenarios are the main application areas of ad hoc networks.In those areas,security issues have to be considered seriously for the network.In this paper, a key management method based on the combined public key is proposed for ad hoc networks. Through this method,private and public key pairs can be distributed to nodes of ad hoc networks efficiently.No certificate or other authentic channel is needed while two nodes perform authentication and key agreement protocol.The key management method is especially suitable for ad hoc networks,which has no fixed infrastructure and has constrained resources.

A Secured Message Transmission Protocol for Vehicular Ad Hoc Networks

Vehicular Ad hoc Networks(VANETs)become a very crucial addition in the Intelligent Transportation System(ITS).It is challenging for a VANET system to provide security services and parallelly maintain high throughput by utilizing limited resources.To overcome these challenges,we propose a blockchain-based Secured Cluster-based MAC(SCB-MAC)protocol.The nearby vehicles heading towards the same direction will form a cluster and each of the clusters has its blockchain to store and distribute the safety messages.The message which contains emergency information and requires Strict Delay Requirement(SDR)for transmission are called safety messages(SM).Cluster Members(CMs)sign SMs with their private keys while sending them to the blockchain to confirm authentication,integrity,and confidentiality of the message.A Certificate Authority(CA)is responsible for physical verification,key generation,and privacy preservation of the vehicles.We implemented a test scenario as proof of concept and tested the safety message transmission(SMT)protocol in a real-world platform.Computational and storage overhead analysis shows that the proposed protocol for SMT implements security,authentication,integrity,robustness,non-repudiation,etc.while maintaining the SDR.Messages that are less important compared to the SMs are called non-safety messages(NSM)and vehicles use RTS/CTS mechanism for NSM transmission.Numerical studies show that the proposed NSM transmission method maintains 6 times more throughput,2 times less delay and 125%less Packet Dropping Rate(PDR)than traditional MAC protocols.These results prove that the proposed protocol outperforms the traditional MAC protocols.

Cost management based security framework in mobile ad hoc networks

Security issues are always difficult to deal with in mobile ad hoe networks. People seldom studied the costs of those security schemes respectively and for some security methods designed and adopted beforehand, their effects are often investigated one by one. In fact, when facing certain attacks, different methods would respond individually and result in waste of resources. Making use of the cost management idea, we analyze the costs of security measures in mobile ad hoc networks and introduce a security framework based on security mechanisms cost management. Under the framework, the network system＇s own tasks can be finished in time and the whole network＇s security costs can be decreased. We discuss the process of security costs computation at each mobile node and in certain nodes groups. To show how to use the proposed security framework in certain applications, we give examples of DoS attacks and costs computation of defense methods. The results showed that more secure environment can be achieved based on the security framework in mobile ad hoc networks.

Distributed intrusion detection for mobile ad hoc networks

Mobile ad hoc networking （MANET） has become an exciting and important technology in recent years, because of the rapid proliferation of wireless devices. Mobile ad hoc networks is highly vulnerable to attacks due to the open medium, dynamically changing network topology, cooperative algorithms, and lack of centralized monitoring and management point. The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective for those features. A distributed intrusion detection approach based on timed automata is given. A cluster-based detection scheme is presented, where periodically a node is elected as the monitor node for a cluster. These monitor nodes can not only make local intrusion detection decisions, but also cooperatively take part in global intrusion detection. And then the timed automata is constructed by the way of manually abstracting the correct behaviours of the node according to the routing protocol of dynamic source routing （DSR）. The monitor nodes can verify the behaviour of every nodes by timed automata, and validly detect real-time attacks without signatures of intrusion or trained data. Compared with the architecture where each node is its own IDS agent, the approach is much more efficient while maintaining the same level of effectiveness. Finally, the intrusion detection method is evaluated through simulation experiments.

Anonymous multipath routing protocol based on secret sharing in mobile ad hoc networks

Because the intrinsic characteristics of mobile ad hoc networks（MANETs） cause several vulnerabilities,anonymous routing protocols attract much more attention in secure mobile ad hoc networks for the purposes of security and privacy concerns.Until recently,lots of anonymous routing protocols have been proposed.However,most of them are single path or use one path at a time,and the multipath schemes can not thwart both the passive attacks and active attacks simultaneously.Thus an anonymous multipath routing protocol based on secret sharing is proposed.The protocol provides identity anonymity,location anonymity,data and traffic anonymity by employing cryptograph technology and secret sharing in MANET communication process.Meanwhile,a hash function is introduced to detect active attacks in the data transmission process.The protocol can effectively thwart various passive attacks and reduce the successful probability of active attacks（such as interception and physical destroy attacks）.Simulation results show that the proposed scheme provides a reasonably good level of network security and performance.

Performance analysis of mobile ad hoc networks under flooding attacks

Due to their characteristics of dynamic topology, wireless channels and limited resources, mobile ad hoc networks are particularly vulnerable to a denial of service （DoS） attacks launched by intruders. The effects of flooding attacks in network simulation 2 （NS2） and measured performance parameters are investigated, including packet loss ratio, average delay, throughput and average number of hops under different numbers of attack nodes, flooding frequency, network bandwidth and network size. Simulation results show that with the increase of the flooding frequency and the number of attack nodes, network performance sharply drops. But when the frequency of flooding attacks or the number of attack nodes is greater than a certain value, performance degradation tends to a stable value.