The Quest for Mobility Models to Analyse Security in Mobile Ad Hoc Networks [chapter]

Mauro Conti, Roberto Di Pietro, Andrea Gabrielli, Luigi Vincenzo Mancini, Alessandro Mei
2009 Lecture Notes in Computer Science  
Mobile Ad Hoc networks are subject to some unique security issues that could delay their diffusion. Several solutions have already been proposed to enforce specific security properties. However, mobility pattern nodes obey to can, on one hand, severely affect the quality of the security solutions that have been tested over "synthesized" mobility pattern. On the other hand, specific mobility patterns could be leveraged to design specific protocols that could outperform existing solutions. In
more » ... work, we investigate the influence of a realistic mobility scenario over a benchmark mobility model (Random Waypoint Mobility Model), using as underlying protocol a recent solution introduced for the detection of compromised nodes. Extensive simulations show the quality of the underlying protocol. However, the main contribution is to show the relevance of the mobility model over the achieved performances, stressing out that in mobile ad-hoc networks the quality of the solution provided is satisfactory only when it can be adapted to the nodes underlying mobility model. 86 M. Conti et al. operate in unattended manner. However, this comes at a cost: Ad Hoc networks can be prone to different kinds of novel attacks. For instance, an adversary could eavesdrop all the network communications, or it might might capture (i.e. remove) nodes from the network. These nodes can then be re-programmed and deployed within the network area, with the goal of subverting the data aggregation or the decision making process. Another range of possible attacks is known as sybil attack [17] , where a single node illegitimately claims multiple identities -stolen from previously captured nodes. Finally, the clone attack occurs when a node is first captured, then tampered with, re-programmed, and finally replicated in the network. A few techniques exist to delve with the former attack: based on RSSI [7]; leveraging key-based authentication; and, probabilistic solutions based on node cooperation [4] . An application for node capture detection could be the LANdroids [13] research program by the U.S. Defense Advanced Research Projects Agency (DARPA). This research program has the aim to develop a so-called: Smart robotic radio relay nodes for battlefield deployment. LANdroid mobile nodes are supposed to be deployed in hostile environment, establish an ad-hoc network, and provide connectivity as well as valuable information for soldiers that would later approach the deployment area. An adversary might attempt to capture one of these nodes. We are not interested in the goals of the capture (that could be, for instance, to re-program the node to infiltrate the network, or simply extracting the information stored in it); but on the open problem of how to detect the node capture that represents, as shown by the above cited examples, a possible first step to jeopardize an Ad Hoc network. Indeed, an adversary has often to capture a node before being able to launch other more vicious, and may be still unknown, attacks. Node capture is one of the most vexing problems in Ad Hoc network security [18] . In fact, it is a very powerful attack and very hard to detect. We believe that any solution to this problem has to meet the following requirements: (i) to detect the node capture as early as possible; (ii) to have a low rate of false positives-nodes that are believed to be captured and thus subject to a revocation process, but that were not actually taken by the adversary; (iii) to introduce a small overhead. The solutions proposed so far are not efficient [18] . Moreover, due to the distributed nature of Ad Hoc networks, naïve centralized solutions, although it can be in principle applied, present drawbacks like single point of failure and non uniform energy consumption. The unique requirements of the Ad Hoc network context call for efficient and distributed solutions to the node capture attack. The contribution of this work is to investigate the influence of a realistic mobility scenario over our proposed framework. In particular, we consider the traces in [20]: The traces were collected distributing iMotes to students attending the 3-days INFOCOM 2005 student workshop. The number of devices is 41, and they were programmed to log contacts of the meeting with other devices. We study the characterization of these real traces against the Random Waypoint Mobility Model. Extensive simulations results show the quality of the underlying protocol for the node capture detection as well as the fact that mobility models have a relevant impact on the performance of the underlying algorithm. This provides an insight on the fact that protocols design cannot be separated from the underlying mobility models they are supposed to operate upon.
doi:10.1007/978-3-642-02118-3_8 fatcat:pegm53cyajdeldfwq7hf4co434