An end-to-end approach to secure routing in MANETs

Stephen Dabideen, Bradley R. Smith, J. J. Garcia-Luna-Aceves
2010 Security and Communication Networks  
Providing secure routing in mobile ad hoc networks (MANETs) is far more difficult than establishing secure routing in wired networks or static wireless networks. Node mobility and the relative scarcity of bandwidth render prior solutions ineffective. Solutions based on securing link or path information do not work well in MANETs because the dynamic nature of links requires extensive use of flooding to establish effective countermeasures. On the other hand, solutions based on hop-by-hop
more » ... of distance information are easily compromised. Instead of trying to secure the ordering of nodes, we argue that secure routing in MANETs must be based on the end-to-end verification of physical-path characteristics aided by the exploitation of path diversity to increase the probability of finding secure paths. We apply this approach to the design of the Secure Routing through Diversity and Verification (SRDV) protocol, a secure routing protocol that we show to be as efficient as unsecured on-demand or proactive routing approaches in the absence of attacks. We prove that the countermeasures used in SRDV can defend against a variety of known attacks to routing protocols, including attacks involving collusion, and the fabrication and modification of routing packets. We also show the effectiveness of the end-to-end mechanisms via simulations. basis, so that nodes order themselves with respect to destinations according to the routing metric (e.g., hop count). This empowers adversaries in a MANET to perform attacks by using false distance information to disrupt the ordering nodes try to establish for different destinations. This is especially problematic when nodes act in collusion with other nodes [1] . Because of the problems in securing distance-based routing protocols, most previous approaches to secure routing in MANETs have focused on securing entire paths from source to destination or have each node along the path secure the link it intends to use (e.g., References [2, 3] ). However this is not a viable approach for large END-TO-END SECURITY IN MANETS 131 Previous Work Previous work on secure routing for MANETs has been based on mechanisms that either compromise scalability of the routing protocol, or leave routing vulnerable to significant attacks. Hu et al. [2] propose the Secure Efficient Ad hoc Distance vector protocol (SEAD) as an enhancement of the Destination-Sequenced Distance-Vector (DSDV) protocol [5] for secure routing in wireless networks. SEAD's primary enhancement over DSDV is the use of hash chains to authenticate the source of the update, and to secure the metric and sequence numbers contained in the update. There are a number of limitations with this solution. The use of a topology-driven routing model in which routes are pre-computed by all routers for all destinations in a network, is not a good match
doi:10.1002/sec.121 fatcat:kibi6qjppjarfnhaa2cynqt3xy