An end-to-end approach to secure routing in MANETs

Authors

  • Stephen Dabideen,

    Corresponding author
    1. Department of Computer Engineering University of California, 1156 High Street, Santa Cruz, CA 95064, U.S.A.
    • SOEGRAD 1156 High Street, Santa Cruz, CA 95064, U.S.A.
    Search for more papers by this author
  • Bradley R. Smith,

    1. Department of Computer Engineering University of California, 1156 High Street, Santa Cruz, CA 95064, U.S.A.
    Search for more papers by this author
  • J. J. Garcia-Luna-Aceves

    1. Department of Computer Engineering University of California, 1156 High Street, Santa Cruz, CA 95064, U.S.A.
    2. Palo Alto Research Center (PARC), 3333 Coyote Hill Road, Palo Alto, CA 94304, U.S.A.
    Search for more papers by this author

Abstract

Providing secure routing in mobile ad hoc networks (MANETs) is far more difficult than establishing secure routing in wired networks or static wireless networks. Node mobility and the relative scarcity of bandwidth render prior solutions ineffective. Solutions based on securing link or path information do not work well in MANETs because the dynamic nature of links requires extensive use of flooding to establish effective countermeasures. On the other hand, solutions based on hop-by-hop exchanges of distance information are easily compromised. Instead of trying to secure the ordering of nodes, we argue that secure routing in MANETs must be based on the end-to-end verification of physical-path characteristics aided by the exploitation of path diversity to increase the probability of finding secure paths. We apply this approach to the design of the Secure Routing through Diversity and Verification (SRDV) protocol, a secure routing protocol that we show to be as efficient as unsecured on-demand or proactive routing approaches in the absence of attacks. We prove that the countermeasures used in SRDV can defend against a variety of known attacks to routing protocols, including attacks involving collusion, and the fabrication and modification of routing packets. We also show the effectiveness of the end-to-end mechanisms via simulations. Copyright © 2009 John Wiley & Sons, Ltd.

Ancillary