Preventive and corrective protection for mobile ad hoc network routing protocols

Abstract

In this paper we describe vulnerabilities and possible protections for mobile ad hoc networks (MANET) routing protocols. Vulnerability and adversary models are built to describe impersonation, fabrication and modification attacks. A security model is proposed, considering both preventive and corrective protection. The basic preventive protection consists of a certificate-based authentication mechanism, which is designed as a MANET authentication extension (MAE) that provides authentication for all routing protocol messages. Corrective protection consists of an intrusion detection and response service (IDS). Certification service and IDS are both provided in a distributed and self-organized manner. Intrusion response is mainly defined in terms of interaction between certification service and IDS. The proposed vulnerability analysis and security design are detailed and validated using the Optimized Link State Routing (OLSR) Protocol. © IFIP International Federation for Information Processing 2004.