Trust establishment in mobile ad hoc networks.
Gordon, Richard Lawrence
MetadataShow full item record
The central focus of this dissertation is mobile ad hoc networks (MANETs) and their security. MANETs are autonomous networks of wireless nodes connected in an ad hoc manner, and have unique characteristics that make them difficult to secure. The principal aims of this investigation are to discuss the research and evaluation of existing mechanisms to secure MANETs and to design the implementation of a unique security mechanism. Key management is a major challenge in these networks due to the lack of fixed network infrastructure. In presenting a survey of the existing key management solutions for MANETs, the findings indicate that most security attacks target the network layer and more specifically the routing protocol. Consequently, the provision of secure routes is a vital element for trust establishment, and accordingly a survey is provided of the existing secure ad hoc routing protocols. The observation is made that most secure ad hoc routing protocols assume the existence of a key management system to certify, authenticate, and distribute keying information. Mobile ad hoc networks cannot assume the existence of a centralized authority member to perform key management tasks, and the problem of key management must be addressed. A novel key management solution called Direct Indirect Trust Distribution (DITD) is proposed for an on-demand ad hoc routing protocol. The solution includes a trust evaluation mechanism and a key distribution scheme to distribute keying information in the form of certificates. The key distribution scheme performs localized certificate exchanges following the routing procedure. A security evaluation metric is proposed that aggregates trust along a path based on a security metric and the path distance. The proposed solution is implemented on a modified AODV routing protocol, and simulated on the ns2 Network Simulator. Simulations are conducted in order to compare the performance of the AODV and DITD protocols. The simulation results show that the DITD model provides key distribution and trust path selection with minimal effect on the routing agent. The findings of the investigation confirm that DITD can be used as a basis for the operation of existing security protocols requiring a secure key distribution mechanism.