ABSTRACT
The vision of nomadic computing with its ubiquitous access hasstimulated much interest in the Mobile Ad Hoc Networking(MANET) technology. However, its proliferation strongly dependson the availability of security provisions, among other factors. In theopen, collaborative MANET environment practically any node canmaliciously or selfishly disrupt and deny communication of othernodes. In this paper, we present and evaluate the Secure MessageTransmission (SMT) protocol, which safeguards the datatransmission against arbitrary malicious behavior of other nodes.SMT is a lightweight, yet very effective, protocol that can operatesolely in an end-to-end manner. It exploits the redundancy of multipathrouting and adapts its operation to remain efficient andeffective even in highly adverse environments. SMT is capable ofdelivering up to 250% more data messages than a protocol that doesnot secure the data transmission. Moreover, SMT outperforms analternative single-path protocol, a secure data forwarding protocolwe term Secure Single Path (SSP) protocol. SMT imposes up to68% less routing overhead than SSP, delivers up to 22% more datapackets and achieves end-to-end delays that are up to 94% lowerthan those of SSP. Thus, SMT is better suited to support QoS forreal-time communications in the ad hoc networking environment.The security of data transmission is achieved without restrictiveassumptions on the network nodes’ trust and network membership,without the use of intrusion detection schemes, and at the expenseof moderate multi-path transmission overhead only. C.2 [Computer-Communication Networks]: Network protocols,Security and protection; C.4 [Performance of Systems]: FaulttoleranceGeneral TermsSecurity, Reliability, Performance, Algorithms
KeywordsMANET security, Secure Message Transmission, Multi-pathRouting, Secure Routing, Secure Routing Protocol
1. INTRODUCTION
The communication in mobile ad hoc networks comprises twophases, the route discovery and the data transmission. In an adverseenvironment, both phases are vulnerable to a variety of attacks.First, adversaries can disrupt the route discovery by impersonatingthe destination, by responding with stale or corrupted routinginformation, or by disseminating forged control traffic. This way,attackers can obstruct the propagation of legitimate route controltraffic and adversely influence the topological knowledge of benignnodes. However, adversaries can also disrupt the data transmissionphase and, thus, incur significant data loss by tampering with,fraudulently redirecting, or even dropping data traffic or injectingforged data packets.To provide comprehensive security, both phases of MANETcommunication must be safeguarded. It is noteworthy that securerouting protocols, which ensure the correctness of the discoveredtopology information, cannot by themselves ensure the secure andundisrupted delivery of transmitted data. This is so, sinceadversaries could abide with the route discovery and be placed onutilized routes. But then, they could tamper with the in-transit datain an arbitrary manner and degrade the network operation.Upper layer mechanisms, such as reliable transport protocols, ormechanisms currently assumed by the MANET routing protocols,such as reliable data page link or acknowledged routing, cannot cope withmalicious disruptions of the data transmission. In fact, thecommunicating nodes may be easily deceived for relatively longperiods of time, thinking that the data flow is undisrupted, while noactual communication takes place.One way to counter security attacks would be to cryptographicallyprotect and authenticate all control and data traffic. But toaccomplish this, nodes would have to have the means to establishthe necessary trust relationships with each and every peer they aretransiently associated with, including nodes that just forward theirdata. Even if this were feasible, such cryptographic protectioncannot be effective against denial of service attacks, withadversaries simply discarding data packets.


Download full report
http://citeseerx.ist.psu.edu/viewdoc/dow...1&type=pdf