Subscribe
Issue No.02 - March/April (2012 vol.9)
pp: 250-260
Ziming Zhao , Arizona State University, Tempe
Hongxin Hu , Arizona State University, Tempe
Gail-Joon Ahn , Arizona State University, Tempe
Ruoyu Wu , Arizona State University, Tempe
ABSTRACT
Mobile Ad hoc Networks (MANET) have been highly vulnerable to attacks due to the dynamic nature of its network infrastructure. Among these attacks, routing attacks have received considerable attention since it could cause the most devastating damage to MANET. Even though there exist several intrusion response techniques to mitigate such critical attacks, existing solutions typically attempt to isolate malicious nodes based on binary or naïve fuzzy response decisions. However, binary responses may result in the unexpected network partition, causing additional damages to the network infrastructure, and naïve fuzzy responses could lead to uncertainty in countering routing attacks in MANET. In this paper, we propose a risk-aware response mechanism to systematically cope with the identified routing attacks. Our risk-aware approach is based on an extended Dempster-Shafer mathematical theory of evidence introducing a notion of importance factors. In addition, our experiments demonstrate the effectiveness of our approach with the consideration of several performance metrics.
INDEX TERMS
Mobile ad hoc networks, intrusion response, risk aware, dempster-shafer theory.
CITATION
Ziming Zhao, Hongxin Hu, Gail-Joon Ahn, Ruoyu Wu, "Risk-Aware Mitigation for MANET Routing Attacks", IEEE Transactions on Dependable and Secure Computing, vol.9, no. 2, pp. 250-260, March/April 2012, doi:10.1109/TDSC.2011.51
REFERENCES
 [1] Y. Sun, W. Yu, Z. Han, and K. Liu, “Information Theoretic Framework of Trust Modeling and Evaluation for Ad Hoc Networks,” IEEE J. Selected Areas in Comm., vol. 24, no. 2, pp. 305-317, Feb. 2006. [2] M. Refaei, L. DaSilva, M. Eltoweissy, and T. Nadeem, “Adaptation of Reputation Management Systems to Dynamic Network Conditions in Ad Hoc Networks,” IEEE Trans. Computers, vol. 59, no. 5, pp. 707-719, May 2010. [3] P. Cheng, P. Rohatgi, C. Keser, P. Karger, G. Wagner, and A. Reninger, “Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control,” Proc. 28th IEEE Symp. Security and Privacy, 2007. [4] S. Wang, C. Tseng, K. Levitt, and M. Bishop, “Cost-Sensitive Intrusion Responses for Mobile Ad Hoc Networks,” Proc. 10th Int'l Symp. Recent Advances in Intrusion Detection (RAID '07), pp. 127-145, 2007. [5] G. Shafer, A Mathematical Theory of Evidence. Princeton Univ., 1976. [6] L. Sun, R. Srivastava, and T. Mock, “An Information Systems Security Risk Assessment Model under the Dempster-Shafer Theory of Belief Functions,” J. Management Information Systems, vol. 22, no. 4, pp. 109-142, 2006. [7] C. Mu, X. Li, H. Huang, and S. Tian, “Online Risk Assessment of Intrusion Scenarios Using D-S Evidence Theory,” Proc. 13th European Symp. Research in Computer Security (ESORICS '08), pp. 35-48, 2008. [8] K. Sentz and S. Ferson, “Combination of Evidence in Dempster-Shafer Theory,” technical report, Sandia Nat'l Laboratories, 2002. [9] L. Zadeh, “Review of a Mathematical Theory of Evidence,” AI Magazine, vol. 5, no. 3, p. 81, 1984. [10] R. Yager, “On the Dempster-Shafer Framework and New Combination Rules$^{\ast}1$ ,” Information Sciences, vol. 41, no. 2, pp. 93-137, 1987. [11] H. Wu, M. Siegel, R. Stiefelhagen, and J. Yang, “Sensor Fusion Using Dempster-Shafer Theory,” Proc. IEEE Instrumentation and Measurement Technology Conf., vol. 1, pp. 7-12, 2002. [12] T. Clausen and P. Jacquet, “Optimized Link State Routing Protocol,” Network Working Group, 2003. [13] C. Perkins, E. Belding-Royer, and S. Das, “Ad Hoc On-Demand Distance Vector Routing,” Mobile Ad-Hoc Network Working Group, vol. 3561, 2003. [14] H. Deng, W. Li, and D. Agrawal, “Routing Security in Wireless Ad Hoc Networks,” IEEE Comm. Magazine, vol. 40, no. 10, pp. 70-75, Oct. 2002. [15] Y. Hu and A. Perrig, “A Survey of Secure Wireless Ad Hoc Routing,” IEEE Security and Privacy Magazine, vol. 2, no. 3, pp. 28-39, May/June 2004. [16] B. Kannhavong, H. Nakayama, Y. Nemoto, N. Kato, and A. Jamalipour, “A Survey of Routing Attacks in Mobile Ad Hoc Networks,” IEEE Wireless Comm. Magazine, vol. 14, no. 5, pp. 85-91, Oct. 2007. [17] C. Karlof and D. Wagner, “Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures,” Ad Hoc Networks, vol. 1, nos. 2/3, pp. 293-315, 2003. [18] M. Yamada and M. Kudo, “Combination of Weak Evidences by D-S Theory for Person Recognition,” Knowledge-Based Intelligent Information and Engineering Systems, pp. 1065-1071, Springer, 2004. [19] K. Fall and K. Varadhan, “The NS Manual,” 2010. [20] F. Ros, “UM-OLSR Implementation (version 0.8.8) for NS2,” 2007. [21] Y. Hu, A. Perrig, and D. Johnson, “Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks,” Wireless Networks, vol. 11, no. 1, pp. 21-38, 2005. [22] B. Levine, C. Shields, and E. Belding-Royer, “A Secure Routing Protocol for Ad Hoc Networks,” Proc. 10th IEEE Int'l Conf. Network Protocols (ICNP '02), pp. 78-88, 2002. [23] Y. Hu, D. Johnson, and A. Perrig, “SEAD: Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Networks,” Ad Hoc Networks, vol. 1, no. 1, pp. 175-192, 2003. [24] B. Awerbuch, R. Curtmola, D. Holmer, C. Nita-Rotaru, and H. Rubens, “ODSBR: An On-Demand Secure Byzantine Resilient Routing Protocol for Wireless Ad Hoc Networks,” ACM Trans. Information and System Security, vol. 10, no. 4, pp. 1-35, 2008. [25] C. Tseng, S. Wang, C. Ko, and K. Levitt, “DEMEM: Distributed Evidence-Driven Message Exchange Intrusion Detection Model for Manet,” Proc. Ninth Int'l Symp. Recent Advances in Intrusion Detection (RAID '06), pp. 249-271, 2006. [26] C. Tseng, T. Song, P. Balasubramanyam, C. Ko, and K. Levitt, “A Specification-Based Intrusion Detection Model for OLSR,” Proc. Ninth Int'l Symp. Recent Advances in Intrusion Detection (RAID '06), pp. 330-350, 2006. [27] N. Mohammed, H. Otrok, L. Wang, M. Debbabi, and P. Bhattacharya, “Mechanism Design-Based Secure Leader Election Model for Intrusion Detection in MANET,” IEEE Trans. Dependable and Secure Computing, vol. 8, no. 1, pp. 89-103, Jan./Feb. 2011. [28] J. Felix, C. Joseph, B.-S. Lee, A. Das, and B. Seet, “Cross-Layer Detection of Sinking Behavior in Wireless Ad Hoc Networks Using SVM and FDA,” IEEE Trans. Dependable and Secure Computing, vol. 8, no. 2, pp. 233-245, Mar./Apr. 2011. [29] S. Marti, T. Giuli, K. Lai, and M. Baker, “Mitigating Routing Misbehavior in Mobile Ad Hoc Networks,” Proc. ACM MobiCom, pp. 255-265, 2000. [30] S. Kurosawa, H. Nakayama, N. Kato, and A. Jamalipour, “Detecting Blackhole Attack on AODV-Based Mobile Ad Hoc Networks by Dynamic Learning Method,” Int'l J. Network Security, vol. 105, no. 627, pp. 65-68, 2006. [31] Y. Hu, A. Perrig, and D. Johnson, “Packet Leashes: A Defense against Wormhole Attacks in Wireless Networks,” Proc. IEEE INFOCOM, vol. 3, pp. 1976-1986, 2004. [32] T. Toth and C. Kruegel, “Evaluating the Impact of Automated Intrusion Response Mechanisms,” Proc. 18th Ann. Computer Security Applications Conf. (ACSAC '02), pp. 9-13, 2002. [33] C. Strasburg, N. Stakhanova, S. Basu, and J. Wong, “Intrusion Response Cost Assessment Methodology,” Proc. Fourth ACM Symp. Information, Computer, and Comm. Security (ASIACCS '09), pp. 388-391, 2009. [34] L. Teo, G. Ahn, and Y. Zheng, “Dynamic and Risk-Aware Network Access Management,” Proc. Eighth ACM Symp. Access Control Models and Technologies (SACMAT '03), pp. 217-230, 2003.