Securing wireless network topology and routing
This dissertation investigates two research problems to protect wireless network topology and routing: (1) designing protocols with configurable overhead to defend against wormhole attacks; (2) designing an intruder identification mechanism to locate and isolate the malicious nodes in distance vector routing protocols. Previous approaches for wormhole detection in ad hoc networks assume a relationship of trust between direct neighbors and cannot detect wormholes when the attackers are legal members in the network. As a generic approach, an end-to-end mechanism is proposed that assumes trust only between the source and the destination of a route. It integrates the positions of nodes and loosely synchronized clocks to identify fake neighbor connections. An information management scheme is designed to allow a mobile node to predetermine the resources that are consumed on wormhole detection. In our experiments, the computation overhead is less than 0.28% of the CPU time for a ten-hop route. This justifies the feasibility of the proposed mechanism. For wormhole detection in sensor networks, we propose the first group of approaches that do not depend on any special hardware. A normalized variable wormhole indicator is defined based on the distortions in edge length and angles among neighboring sensors. As a centralized approach, MDS-VOW reconstructs the network layout using inaccurate distance measurements among sensors and identifies fake neighbor connections. As a distributed approach, Dis-VoW allows every sensor to detect wormholes locally when the network topology changes. The research creates a new method to solve wireless network security problems by integrating techniques from social science, computer graphics, and scientific visualization. An intruder identification mechanism is designed to locate and isolate malicious nodes that attack the AODV protocol with false destination sequence numbers. The propagation paths of false routes are marked through reverse labeling and the suspicious attackers are put into blacklists to achieve isolation. The quorum voting method is adopted to reduce false positive alarms. In our experiments, the proposed mechanism can improve the packet delivery ratio by 30% even when there are multiple malicious nodes in the network.
Bhargava, Purdue University.
Off-Campus Purdue Users:
To access this dissertation, please log in to our