Secure Routing in Ad Hoc networks

 

Yurii Kulakov¹, professor, D.S., & Mikhail Trifonov¹, post graduate student

 

1 Computer System Department, Faculty of Information and Computing Technique, National Technical University of Ukraine “Kyiv Polytechnic Institute”, Address: 37, Prospect Permohy, 03056, Kyiv-56, Ukraine, e-mail: mikle@idg-soft.com

 

Recent years have witnessed a proliferation of mobile devices. Corporations and government agencies alike are increasingly using embedded and wireless technologies, and working towards mobilizing their workforce. Mobile devices typically support several forms of wireless connectivity like 802.11, IrDA, Bluetooth, GPRS etc. Due to technology limitations, however, wireless access to the service providing infrastructure (cell towers, WLAN base-stations) is limited to particular areas.

 

Ad hoc networks, as the name suggests, have no supporting infrastructure. Ad hoc networks are comprised of a dynamic set of cooperating peers, which share their wireless capabilities with other similar devices to enable communication with devices not in direct radio-range of each other, effectively relaying messages on behalf of others. Conventional methods of identification and authentication are not available, since the availability of a CA or a KDC cannot be assumed. Consequently, mobile device identities or their intentions cannot be predetermined or verified.

 

Conventional IDSs have relied on monitoring real time traffic at switches, gateways, and routers. Vulnerabilities in Medium Access Control (MAC) for wired networks have been protected by physical partitioning and restricted connectivity amongst networks. The wireless connectivity of mobile nodes shares a common medium but cannot be partitioned, nor can the mobility of the nodes be restricted. Mobility introduces additional difficulty in setting up a system of nodes cooperating in an IDS. A node’s movements cannot be restricted in order to let the IDS cooperate or collect data and a node cannot be expected to monitor the same physical area for an extended period of time. A single node may be unable to obtain a large enough sample size of data to accurately diagnose other nodes. We present interesting results that provide insights into practical considerations in such a deployment that have not been addressed thus far, and are not apparent from simulations.