An effective intrusion detection approach for OLSR MANET protocol

The optimized link state routing (OLSR) protocol is a proactive mobile ad hoc network (MANET) routing protocol. Security aspects have not been designed into the OLSR protocol and therefore make it vulnerable to various kinds of attacks. Recent research efforts have focused on providing authentication and encryption techniques to secure the OLSR protocol against attacks from outside intruders. A second line of defense is required to provide intrusion detection and response techniques in protecting the OLSR protocol against attacks from inside intruders. In this paper, we describe security threats to the OLSR MANET routing protocol and present an intrusion detection solution based on protocol semantics checking. Our approach is based on semantic properties that are implied in the protocol definition and specify the correct OLSR routing update behavior. Conflict checking based on semantic properties is applied in every MANET node. Any abnormal protocol semantics triggers an intrusion alarm. While we use OLSR as an example, we argue that the presented approach can be applied to any multi-point relay (MPR) proactive MANET protocol.

[1]  Manel Guerrero Zapata Secure ad hoc on-demand distance vector routing , 2002, MOCO.

[2]  Haiyun Luo,et al.  Self-securing ad hoc wireless networks , 2002, Proceedings ISCC 2002 Seventh International Symposium on Computers and Communications.

[3]  David A. Maltz,et al.  The Dynamic Source Routing Protocol (DSR) for Mobile Ad Hoc Networks for IPv4 , 2007, RFC.

[4]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2005, Wirel. Networks.

[5]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2002, MobiCom '02.

[6]  Danny Dhillon,et al.  Implementing a fully distributed certificate authority in an OLSR MANET , 2004, 2004 IEEE Wireless Communications and Networking Conference (IEEE Cat. No.04TH8733).

[7]  P. Jacquet,et al.  Securing the OLSR protocol , 2003 .

[8]  Daniel Massey,et al.  A framework for resilient Internet routing protocols , 2004, IEEE Network.

[9]  Robin Kravets,et al.  Key management for heterogeneous ad hoc wireless networks , 2002, 10th IEEE International Conference on Network Protocols, 2002. Proceedings..

[10]  Carlisle M. Adams,et al.  Internet X.509 Certificate Request Message Format , 1999, RFC.

[11]  Charles E. Perkins,et al.  Ad hoc On-Demand Distance Vector (AODV) Routing , 2001, RFC.

[12]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[13]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[14]  Fred L. Templin,et al.  Topology Dissemination Based on Reverse-Path Forwarding (TBRPF) , 2004, RFC.

[15]  Burton S. Kaliski,et al.  PKCS #1: RSA Encryption Version 1.5 , 1998, RFC.

[16]  Sondre Wabakken Engell Securing the OLSR Protocol , 2004 .

[17]  Jiejun Kong,et al.  Providing robust and ubiquitous security support for mobile ad-hoc networks , 2001, Proceedings Ninth International Conference on Network Protocols. ICNP 2001.

[18]  Gregory A. Hansen,et al.  The Optimized Link State Routing Protocol , 2003 .

[19]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and CRL Profile , 1999, RFC.