The increasing prominence of wireless ad hoc networks is stimulating greater interest in developing adequate security mechanisms for securing applications involving these innovative networks paradigms. To-date, the proposed security schemes either provide inadequate security or they are too costly computationally, and therefore impractical for most ad hoc network applications.Adapting wired network security schemes-particularly those involved digital certificates-to wireless ad hoc networks environments, poses many difficulties, primarily for two reasons: the limitation of computational resources, and the absence of centralized entities for performing critical key management tasks such as certificate revocation.In this paper, we propose a certificate revocation scheme for wireless ad hoc networks. Our revocation scheme not only provides a measure of protection against malicious accusation attacks, but it also effectively eliminates the window of opportunity whereby revoked certificates can be used to access network services.
The Storm botnet is one of the most sophisticated botnet active today, used for a variety of illicit activities. A key requirement for these activities is the ability by the botnet operators to transmit commands to the bots, or at least to the various segmented portions of the botnet. Disrupting these command and control (C&C) channels therefore becomes an attractive avenue to reducing botnets effectiveness and efficiency. Since the command and control infrastructure of Storm is based on peer-to-peer (P2P) networks, previous work has explored the use of index poisoning, a disruption method developed for filesharing P2P networks, where the network is inundated with false information about the location of files.In contrast, in this paper we explore the feasibility of Sybil attacks as a mitigation strategy against Storm. The aim here is to infiltrate the botnet with large number of fake nodes (sybils), that seek to disrupt the communication between the bots by inserting themselves in the peer lists of "regular" bots, and eventually rereroute or disrupt "real" C&C traffic. An important difference with index poisoning attacks is that sybil nodes must remain active and participate in the underlying P2P protocols, in order to remain in the peer list of regular bot nodes. However, they do not have to respond to the botmaster's commands and participate into illicit activities. First, we outline a methodology for mounting practical Sybil attacks on the Storm botnet. Then, we describe our simulation studies, which provide some insights regarding the number of sybils necessary to achieve the desired level of disruption, with respect to the net growth rate of the botnet. We also explore how certain parameters such as the duration of the Sybil attack, and botnet design choices such as the size of a bot's peer list, affect the effectiveness of the attack.
Secure routing in mobile ad hoc networks (MANETs) has emerged as a important MANET research area. MANETs, by virtue of the fact that they are wireless networks, are more vulnerable to intrusion by malicious agents than wired networks. In wired networks, appropriate physical security measures, such as restriction of physical access to network infrastructures, can be used to attenuate the risk of intrusions. Physical security measures are less effective however in limiting access to wireless network media. Consequently, MANETs are much more susceptible to infiltration by malicious agents. Authentication mechanisms can help to prevent unauthorized access to MANETs. However, considering the high likelihood that nodes with proper authentication credentials can be taken over by malicious entities, there are needs for security protocols which allow MANET nodes to operate in potential adversarial environments.In this paper, we present a secure on-demand MANET routing protocol, we named Robust Source Routing (RSR). In addition to providing data origin authentication services and integrity checks, RSR is able to mitigate against intelligent malicious agents which selectively drop or modify packets they agreed to forward. Simulation studies confirm that RSR is capable of maintaining high delivery ratio even when a majority of the MANET nodes are malicious.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.