Trust establishment in mobile ad hoc networks.

Abstract

The central focus of this dissertation is mobile ad hoc networks (MANETs) and their security.

MANETs are autonomous networks of wireless nodes connected in an ad hoc manner, and have

unique characteristics that make them difficult to secure. The principal aims of this

investigation are to discuss the research and evaluation of existing mechanisms to secure

MANETs and to design the implementation of a unique security mechanism. Key management

is a major challenge in these networks due to the lack of fixed network infrastructure. In

presenting a survey of the existing key management solutions for MANETs, the findings

indicate that most security attacks target the network layer and more specifically the routing

protocol. Consequently, the provision of secure routes is a vital element for trust establishment,

and accordingly a survey is provided of the existing secure ad hoc routing protocols. The

observation is made that most secure ad hoc routing protocols assume the existence of a key

management system to certify, authenticate, and distribute keying information. Mobile ad hoc

networks cannot assume the existence of a centralized authority member to perform key

management tasks, and the problem of key management must be addressed.

A novel key management solution called Direct Indirect Trust Distribution (DITD) is proposed

for an on-demand ad hoc routing protocol. The solution includes a trust evaluation mechanism

and a key distribution scheme to distribute keying information in the form of certificates. The

key distribution scheme performs localized certificate exchanges following the routing

procedure. A security evaluation metric is proposed that aggregates trust along a path based on

a security metric and the path distance. The proposed solution is implemented on a modified

AODV routing protocol, and simulated on the ns2 Network Simulator. Simulations are

conducted in order to compare the performance of the AODV and DITD protocols. The

simulation results show that the DITD model provides key distribution and trust path selection

with minimal effect on the routing agent. The findings of the investigation confirm that DITD

can be used as a basis for the operation of existing security protocols requiring a secure key

distribution mechanism.