Protocols and models for the security of wireless ad-hoc networks

Abstract : In this document, we focus on ways of increasing the security of wireless ad-hoc networks. These networks, and more specifically wireless sensor networks, look increasingly like the right answer to a lot of problem, such as data collection over a large area, or providing emergency network infrastructure after a disaster. They are also inherently exposed to malicious intents due to their collaborative nature. In order to protect them, we focus on the security aspects of the protocols built for these networks. We first propose a Secure and Resilient Reputation-based Routing protocol, called SR3. This protocol routes messages according to a reputation metric built using only trusted information. This protocol achieves data confidentiality and data packet unforgeability, which we prove formally using two verification tools: CryptoVerif and Scyther. We experimentally show the resiliency of SR3 against various attack scenarios, and we compared our results to several routing algorithms of the literature. This evaluation shows that both the resiliency and fairness accomplished by SR3 are better than for those others protocols, especially when the network is sparse. Moreover, and unlike previous solutions, if the compromised nodes behavior changes, then SR3 will self-adapt in order to ensure an acceptable quality of service. Analyses of routing protocols security are nearly always supported by simulations, which often evaluate the ability to deliver messages to a given destination. Several competing definitions for secure routing exist, but to our knowledge, they only address source routing protocols. We propose the notion of incorruptibility, a quantitative computational definition for routing security based on the attacker's ability to alter the routes used by messages. These definitions are then illustrated with several routing algorithms. Finally, we study Intrusion Detection Systems (IDS) for WANET, and more specifically their inputs. These systems provide a supplementary layer of defenses for WANETs, and they are able to easily detect attacks who are complicated for the network protocols. We classify the different inputs used by the decision process of these IDS, according to their level of required cooperation, and the source of their data. We then propose the InDICE tool, a decision aid which, given an IDS, allows automated discovery of undetectable attacks according to the inputs used by that IDS. In the end, we apply our framework to discover weaknesses in two existing IDS.
Complete list of metadatas

Cited literature [126 references]  Display  Hide  Download

https://tel.archives-ouvertes.fr/tel-01551804
Contributor : Abes Star <>
Submitted on : Friday, June 30, 2017 - 3:24:37 PM
Last modification on : Friday, July 6, 2018 - 10:08:02 AM
Long-term archiving on : Monday, January 22, 2018 - 8:13:47 PM

File

pdf2star-1417017545-JAMET_2014...
Version validated by the jury (STAR)

Identifiers

  • HAL Id : tel-01551804, version 1

Collections

Citation

Raphaël Jamet. Protocols and models for the security of wireless ad-hoc networks. Networking and Internet Architecture [cs.NI]. Université de Grenoble, 2014. English. ⟨NNT : 2014GRENM039⟩. ⟨tel-01551804⟩

Share

Metrics

Record views

421

Files downloads

273