How to misuse AODV: a case study of insider attacks against mobile ad-hoc routing protocols

Ning, Peng; Sun, Kun

doi:10.1109/smcsia.2003.1232402

Cited by 114 publications

(53 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The following list illustrates a set of attacks described in [7], [8], followed by a short description of the IDS solution to contrast each attack type:…”

Section: Appendixmentioning

confidence: 99%

A Wireless Intrusion Detection System for Secure Clustering and Routing in Ad Hoc Networks

Bononi

Tacconi

2006

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Intrusion detection and secure routing schemes have been proposed for increasing the security and reliability in critical scenarios like mobile ad hoc networks. In this paper we present an integrated secure routing system based on Intrusion Detection Systems (IDS) and SUCV (Statistically Unique and Cryptographically Verifiable) identifiers. The proposed IDS has been used for the support of secure AODV routing, named IDS-based Secure AODV (IS-AODV), in a wireless ad hoc network scenario. Our IDS solution is based on the detection of behavior anomalies on behalf of neighbor hosts, with passive reactions, aiming to create a cluster whose route paths will include only safe nodes, eventually. We implemented a simulation model to test the effects and overheads of the proposed IDS scheme when defending the AODV routing functions. Results show that the proposed IDS is effective in isolating byzantine hosts, and it assists the AODV secure routing scheme to converge in finding end-to-end safe routes.

show abstract

“…The following list illustrates a set of attacks described in [7], [8], followed by a short description of the IDS solution to contrast each attack type:…”

Section: Appendixmentioning

confidence: 99%

A Wireless Intrusion Detection System for Secure Clustering and Routing in Ad Hoc Networks

Bononi

Tacconi

2006

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…An insider is someone who is authorized to use computers and networks [Sch02]; 2. An insider has access to the keying materials or full control of some nodes [NS05]; 3. An insider has "access, privilege, or knowledge of information systems and services" ([BA04], p. 10) 4.…”

Section: Introductionmentioning

confidence: 99%

A Risk Management Approach to the “Insider Threat”

Bishop

Engle

Frincke

et al. 2010

Insider Threats in Cyber Security

View full text Add to dashboard Cite

Recent surveys indicate that the financial impact and operating losses due to insider intrusions are increasing. But these studies often disagree on what constitutes an "insider;" indeed, many define it only implicitly. In theory, appropriate selection of, and enforcement of, properly specified security policies should prevent legitimate users from abusing their access to computer systems, information, and other resources. However, even if policies could be expressed precisely, the natural mapping between the natural language expression of a security policy, and the expression of that policy in a form that can be implemented on a computer system or network, creates gaps in enforcement. This paper defines "insider" precisely, in terms of these gaps, and explores an access-based model for analyzing threats that include those usually termed "insider threats." This model enables an organization to order its resources based on the business value for that resource and of the information it contains. By identifying those users with access to high-value resources, we obtain an ordered list of users who can cause the greatest amount of damage. Concurrently with this, we examine psychological indicators in order to determine which users are at the greatest risk of acting inappropriately. We conclude by examining how to merge this model with one of forensic logging and auditing.

show abstract

“…A number of attacks on AODV have been proposed in the literature [6], [27], [30]. Ning et al [20] propose a taxonomy of attacks on the AODV protocol. Our authentication framework described in Section V adapts some security mechanisms used in ARAN [27] and SAODV [33] for securing MAODV.…”

Section: Related Workmentioning

confidence: 99%

“…Hence, in the design of a secure multicast routing protocol, it is necessary to take into account the possibility of malicious insiders, and to develop security mechanisms that can prevent attacks by such insiders. Previously, Ning et al [20] have presented a systematic study of insider attacks on AODV [22]. To the best of our knowledge, however, the impact of insider attacks on MAODV has not been studied.…”

Section: Introductionmentioning

confidence: 99%

Securing MAODV: attacks and countermeasures

Roy¹,

Addada²,

Setia³

et al.

2005 Second Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2005. IEEE SECON 20

View full text Add to dashboard Cite

Abstract-Most of the multicast routing protocols proposed for ad hoc networks assume a trusted, non-adversarial environment and do not take security issues into account in their design. In this paper, we investigate the security of MAODV (Multicast Ad hoc On-Demand Distance Vector protocol), a well-known multicast routing protocol, and identify several attacks on it. We show, via simulation, that these attacks can have a significant impact on the performance of MAODV. We present an authentication framework for MAODV and propose countermeasures that can prevent or mitigate the impact of these attacks.

show abstract

How to misuse AODV: a case study of insider attacks against mobile ad-hoc routing protocols

Cited by 114 publications

References 9 publications

A Wireless Intrusion Detection System for Secure Clustering and Routing in Ad Hoc Networks

A Wireless Intrusion Detection System for Secure Clustering and Routing in Ad Hoc Networks

A Risk Management Approach to the “Insider Threat”

Securing MAODV: attacks and countermeasures

Contact Info

Product

Resources

About