Visible to the public Biblio

Filters: Keyword is central control program  [Clear All Filters]
2020-11-02
Li, T., Ma, J., Pei, Q., Song, H., Shen, Y., Sun, C..  2019.  DAPV: Diagnosing Anomalies in MANETs Routing With Provenance and Verification. IEEE Access. 7:35302–35316.
Routing security plays an important role in the mobile ad hoc networks (MANETs). Despite many attempts to improve its security, the routing mechanism of MANETs remains vulnerable to attacks. Unlike most existing solutions that prevent the specific problems, our approach tends to detect the misbehavior and identify the anomalous nodes in MANETs automatically. The existing approaches offer support for detecting attacks or debugging in different routing phases, but many of them cannot answer the absence of an event. Besides, without considering the privacy of the nodes, these methods depend on the central control program or a third party to supervise the whole network. In this paper, we present a system called DAPV that can find single or collaborative malicious nodes and the paralyzed nodes which behave abnormally. DAPV can detect both direct and indirect attacks launched during the routing phase. To detect malicious or abnormal nodes, DAPV relies on two main techniques. First, the provenance tracking enables the hosts to deduce the expected log information of the peers with the known log entries. Second, the privacy-preserving verification uses Merkle Hash Tree to verify the logs without revealing any privacy of the nodes. We demonstrate the effectiveness of our approach by applying DAPV to three scenarios: 1) detecting injected malicious intermediated routers which commit active and passive attacks in MANETs; 2) resisting the collaborative black-hole attack of the AODV protocol, and; 3) detecting paralyzed routers in university campus networks. Our experimental results show that our approach can detect the malicious and paralyzed nodes, and the overhead of DAPV is moderate.
2019-06-10
Li, T., Ma, J., Pei, Q., Shen, Y., Sun, C..  2018.  Log-based Anomalies Detection of MANETs Routing with Reasoning and Verification. 2018 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC). :240–246.

Routing security plays an important role in Mobile Ad hoc Networks (MANETs). Despite many attempts to improve its security, the routing procedure of MANETs remains vulnerable to attacks. Existing approaches offer support for detecting attacks or debugging in different routing phases, but many of them have not considered the privacy of the nodes during the anomalies detection, which depend on the central control program or a third party to supervise the whole network. In this paper, we present an approach called LAD which uses the raw logs of routers to construct control a flow graph and find the existing communication rules in MANETs. With the reasoning rules, LAD can detect both active and passive attacks launched during the routing phase. LAD can also protect the privacy of the nodes in the verification phase with the specific Merkle hash tree. Without deploying any special nodes to assist the verification, LAD can detect multiple malicious nodes by itself. To show that our approach can be used to guarantee the security of the MANETs, we deploy our experiment in NS3 as well as the practical router environment. LAD can improve the accuracy rate from 2.28% to 29.22%. The results show that LAD performs limited time and memory usages, high detection and low false positives.