Risk-Aware Mitigation for MANET Routing Attacks

Mobile Ad hoc Networks (MANET) have been highly vulnerable to attacks due to the dynamic nature of its network infrastructure. Among these attacks, routing attacks have received considerable attention since it could cause the most devastating damage to MANET. Even though there exist several intrusion response techniques to mitigate such critical attacks, existing solutions typically attempt to isolate malicious nodes based on binary or naïve fuzzy response decisions. However, binary responses may result in the unexpected network partition, causing additional damages to the network infrastructure, and naïve fuzzy responses could lead to uncertainty in countering routing attacks in MANET. In this paper, we propose a risk-aware response mechanism to systematically cope with the identified routing attacks. Our risk-aware approach is based on an extended Dempster-Shafer mathematical theory of evidence introducing a notion of importance factors. In addition, our experiments demonstrate the effectiveness of our approach with the consideration of several performance metrics.

[1]  Nei Kato,et al.  A survey of routing attacks in mobile ad hoc networks , 2007, IEEE Wireless Communications.

[2]  Yih-Chun Hu,et al.  A survey of secure wireless ad hoc routing , 2004, IEEE Security & Privacy Magazine.

[3]  Charles E. Perkins,et al.  Ad-hoc on-demand distance vector routing , 1999, Proceedings WMCSA'99. Second IEEE Workshop on Mobile Computing Systems and Applications.

[4]  Lotfi A. Zadeh,et al.  Review of A Mathematical Theory of Evidence , 1984 .

[5]  Dharma P. Agrawal,et al.  Routing security in wireless ad hoc networks , 2002, IEEE Commun. Mag..

[6]  Gregory A. Hansen,et al.  The Optimized Link State Routing Protocol , 2003 .

[7]  H. K. Huang,et al.  Online Risk Assessment of Intrusion Scenarios Using D-S Evidence Theory , 2008, ESORICS.

[8]  Zhu Han,et al.  Information theoretic framework of trust modeling and evaluation for ad hoc networks , 2006, IEEE Journal on Selected Areas in Communications.

[9]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[10]  R. Yager On the dempster-shafer framework and new combination rules , 1987, Inf. Sci..

[11]  Rajendra P. Srivastava,et al.  An Information Systems Security Risk Assessment Model Under the Dempster-Shafer Theory of Belief Functions , 2006, J. Manag. Inf. Syst..

[12]  Gail-Joon Ahn,et al.  Dynamic and risk-aware network access management , 2003, SACMAT '03.

[13]  Yih-Chun Hu,et al.  SEAD: secure efficient distance vector routing for mobile wireless ad hoc networks , 2002, Proceedings Fourth IEEE Workshop on Mobile Computing Systems and Applications.

[14]  Kari Sentz,et al.  Combination of Evidence in Dempster-Shafer Theory , 2002 .

[15]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[16]  Glenn Shafer,et al.  A Mathematical Theory of Evidence , 2020, A Mathematical Theory of Evidence.

[17]  Nei Kato,et al.  Detecting Blackhole Attack on AODV-based Mobile Ad Hoc Networks by Dynamic Learning Method , 2007, Int. J. Netw. Secur..

[18]  Johnny S. Wong,et al.  Intrusion response cost assessment methodology , 2009, ASIACCS '09.

[19]  Bu-Sung Lee,et al.  Cross-Layer Detection of Sinking Behavior in Wireless Ad Hoc Networks Using SVM and FDA , 2011, IEEE Transactions on Dependable and Secure Computing.

[20]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[21]  Jie Yang,et al.  Sensor Fusion Using Dempster-Shafer Theory , 2002 .

[22]  Karl N. Levitt,et al.  Cost-Sensitive Intrusion Responses for Mobile Ad Hoc Networks , 2007, RAID.

[23]  Prabir Bhattacharya,et al.  This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. IEEE TRANSACTIONS ON DEPEDABLE AND SECURE COMPUTING 1 Mechanism Design-Based Secure Leader Elec , 2022 .

[24]  Reza Curtmola,et al.  ODSBR: An on-demand secure Byzantine resilient routing protocol for wireless ad hoc networks , 2008, TSEC.

[25]  Mineichi Kudo,et al.  Combination of Weak Evidences by D-S Theory for Person Recognition , 2004, KES.

[26]  Claudia Keser,et al.  Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[27]  Elizabeth M. Belding-Royer,et al.  A secure routing protocol for ad hoc networks , 2002, 10th IEEE International Conference on Network Protocols, 2002. Proceedings..

[28]  Christopher Krügel,et al.  Evaluating the impact of automated intrusion response mechanisms , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[29]  Mohammad Ilyas,et al.  Secure Routing in Wireless Sensor Networks , 2010, Handbook of Information and Communication Security.

[30]  Karl N. Levitt,et al.  DEMEM: Distributed Evidence-Driven Message Exchange Intrusion Detection Model for MANET , 2006, RAID.

[31]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2002, MobiCom '02.

[32]  Luiz A. DaSilva,et al.  Adaptation of Reputation Management Systems to Dynamic Network Conditions in Ad Hoc Networks , 2010, IEEE Transactions on Computers.