• Journal of KIISE:Information Networking
• /
• v.32 no.3
• /
• pp.310-317
• /
• 2005

In opposition to conventional networks, mobile ad hoc networks usually do not offer trust about nodes or online access through certificate authorities or centralized servers. But, nodes in those systems need process that can search path as well as trust each other to exchange data in safety For these reasons, traditional security measures that require online trusted authorities or certificate storages are not well-suited for securing ad hoc networks. In this paper, I propose a secure and effective method to search the optimized path using profitable flooding techniques on certificate chains in MANETS(Mobile Ad hoc NETworks). This system includes not only using routing protocols that are generally broadcasting packets but also finding nodes securely and verifing the process through tiust relationships between nodes that are searched.

• The Journal of Society for e-Business Studies
• /
• v.10 no.1
• /
• pp.121-134
• /
• 2005

The MANET has many problems in security despite of its many advantages such as supporting the mobility of nodes, independence of the fixed infrastructure, and quick network establishment. In particular, in establishing security, the traditional certification service has many difficult problems in applying to the MANET because of its safety, expandability, and availability. In this paper, a secure and effective distributed certification service method was proposed using the Secret Sharing scheme and the Threshold Digital Signature scheme in providing certification services in the MANET. In the proposed distributed certification service, certain nodes of relatively high safety among the mobile nodes consisting of the MANET, were set as privileged nodes, from which the process of issuing a certification started. The proposed scheme solved problem that the whole network security would be damaged by the intrusion to one node in the Centralized Architecture and the Hierarchical Architecture. And it decreased the risk of the exposure of the personal keys also in the Fully Distributed Architecture as the number of the nodes containing the partial confidential information of personal keys decreased. By the network simulation, the features and availability of the proposed scheme was evaluated and the relation between the system parameters was analyzed.

• Journal of Information Processing Systems
• /
• v.16 no.5
• /
• pp.1113-1128
• /
• 2020

Ad hoc networks play an important role in mobile communications, and the performance of nodes has a significant impact on the choice of communication links. To ensure efficient and secure data forwarding and delivery, an intelligent routing protocol (IAODV) based on learning method is constructed. Five attributes of node energy, rate, credit value, computing power and transmission distance are taken as the basis of segmentation. By learning the selected samples and calculating the information gain of each attribute, the decision tree of routing node is constructed, and the rules of routing node selection are determined. IAODV algorithm realizes the adaptive evaluation and classification of network nodes, so as to determine the optimal transmission path from the source node to the destination node. The simulation results verify the feasibility, effectiveness and security of IAODV.

• Journal of Communications and Networks
• /
• v.15 no.1
• /
• pp.31-37
• /
• 2013

Mobile ad hoc networks (MANET) refers to a network designed for special applications for which it is difficult to use a backbone network. In MANETs, applications are mostly involved with sensitive and secret information. Since MANET assumes a trusted environment for routing, security is a major issue. In this paper we analyze the vulnerabilities of a pro-active routing protocol called optimized link state routing (OLSR) against a specific type of denial-of-service (DOS) attack called node isolation attack. Analyzing the attack, we propose a mechanism called enhanced OLSR (EOLSR) protocol which is a trust based technique to secure the OLSR nodes against the attack. Our technique is capable of finding whether a node is advertising correct topology information or not by verifying its Hello packets, thus detecting node isolation attacks. The experiment results show that our protocol is able to achieve routing security with 45% increase in packet delivery ratio and 44% reduction in packet loss rate when compared to standard OLSR under node isolation attack. Our technique is light weight because it doesn't involve high computational complexity for securing the network.

• ETRI Journal
• /
• v.37 no.3
• /
• pp.512-522
• /
• 2015

Recent developments in identity-based cryptography (IBC) have provided new solutions to problems related to the security of mobile ad hoc networks (MANETs). Although many proposals to solve problems related to the security of MANETs are suggested by the research community, there is no one solution that fits all. The interdependency cycle between secure routing and security services makes the use of IBC in MANETs very challenging. In this paper, two novel methods are proposed to eliminate the need for this cycle. One of these methods utilizes a key pool to secure routes for the distribution of cryptographic materials, while the other adopts a pairing-based key agreement method. Furthermore, our proposed methods utilize threshold cryptography for shared secret and private key generation to eliminate the "single point of failure" and distribute cryptographic services among network nodes. These characteristics guarantee high levels of availability and scalability for the proposed methods. To illustrate the effectiveness and capabilities of the proposed methods, they are simulated and compared against the performance of existing methods.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.9
• /
• pp.81-90
• /
• 2020

In order to operate multi drone efficiently, existing control methods must be improved, and drones must be able to construct communication networks autonomously. FANET(Flying Ad-Hoc Network), which is being considered as an alternative to solving these problems, is based on ad hoc network technology and can be exposed to a variety of security vulnerabilities. However, due to the limited computational power and memory of FANET nodes, and rapid and frequent changes in network topology, it is not easy to apply the existing security measures to FANET without modification. Thus, this paper proposes lightweight security measures applicable to FANET, which have distinct characteristics from existing ad hoc networks by utilizing PUF technology. The proposed security measures utilize unique values generated by non-replicable PUFs to increase the safety of AODV, FANET's reactive routing protocol, and are resistant to various attacks.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.11a
• /
• pp.1198-1201
• /
• 2007

무선 Ad-Hoc 네트워크는 노드의 참여와 이탈이 자유롭고 토폴로지의 변화가 많아 악의적인 노드에 의해 데이터의 무결성 및 기밀성 문제와 같은 보안 위협에 노출되어 있다. 또한 악의적인 노드의 참여로 잘못된 라우팅 정보의 삽입을 통해 네트워크 분할이나 잘못된 정보전달 제공으로 노드의 통신장애를 유발할 수 있다. 그러나 현재 이와 같은 무선 Ad-Hoc 네트워크에서의 악의적인 노드를 발견하고 대응할 수 있는 연구가 부족하며, 기존의 악의적인 노드 탐지 기술들[11][12][13][14]은 정상적인 노드임에도 불구하고 거짓으로 신고했을 경우 인증절차 없이 경로를 재탐색하여 최적의 경로를 변경시킴으로서 정상적인 전송환경을 구축하지 못하는 문제점이 있다. 본 논문에서는 다중경로 기반의 보안경로 탐색기술[8]을 이용해 보안경로에 존재하는 중간노드들 사이에서 악의적인 노드를 발견한고, 검증된 최단경로를 통해 데이터전송을 하는 기법을 제안하고자 한다. 제안한 기법을 적용함으로써 노드에 대한 신고가 있을 때 확인과정을 거쳐 불필요하게 경로를 재탐색하는 과정을 줄일 수 있다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.05a
• /
• pp.1167-1170
• /
• 2008

Ad-Hoc 네트워크는 임의 디바이스들이 무선 통신을 통해서 임의 네트워크 망을 구성하여 통신 서비스를 제공받는 것을 말한다. 특히 유비쿼터스 환경에서의 언제 어디서나 통신을 하기 위해서는 이동성과 자유로운 네트워크의 조인 및 탈퇴가 이루어져야 한다. 또한 통신에서 제 3자의 위장이나 정보의 도청 그리고 안전성을 제공하기 위해서 암호화 통신이 필수적으로 요구된다. 특히 Ad-Hoc 네트워크의 디바이스간의 라우팅 구성이 유동적이라서 구성하는 디바이스간의 인증 및 키 생성과정이 필요하며, 라우팅에 대한 보안 기술의 연구는 국내/외에서 진행되어져 왔다. 본 논문에서는 기존의 안전한 라우팅 방안에 대하여 알아보고 디바이스 인증 및 키 설립을 제공하는 방식에 대하여 제안한다. 본 방식은 세션키를 설립을 위해서 키 생성 및 아이디를 기반으로 한 인증 방안을 이용한다. 그로 인해 인증서를 이용하거나 디바이스간의 인증 정보 및 상호 공유된 비밀 정보가 필요하지 않는 장점을 가지고 있다. 이와 같은 방식을 이용하므로 임의 네트워크에 조인하더라도 보안 기술을 제공할 수 있는 방안이다. 본 연구를 이용하므로 유비쿼터스 환경에서의 안전한 서비스를 제공할 수 있는 기술로 활용할 수 있다.

• The KIPS Transactions:PartC
• /
• v.19C no.2
• /
• pp.83-90
• /
• 2012

MANET(Mobile Ad-Hoc Network) has a weakness from a security aspect because it operates where no wired network is built, which causes the exposed media, dynamic topology, and the lack of both central monitoring and management. It is especially difficult to detect and mitigate a malicious node because there is not a mediator which controls the network. This kind of malicious node is closely connected to the routing in the field of study of Ad-Hoc security. Accordingly this paper proposes the method on how to enhance the security for the safe and effective routing by detecting the malicious node. We propose MBC(Identification technition of Malicious Behavior node based on Collaboration in MANET) that can effectively cope with malicious behavior though double detecting the node executing the malicious behavior by the collaboration between individual node and the neighbor, and also managing the individual nodes in accordance with the trust level obtained. The simulation test results show that MBC can find the malicious nodes more accurately and promptly that leads to the more effectively secure routing than the existing method.

• The KIPS Transactions:PartC
• /
• v.12C no.5 s.101
• /
• pp.623-632
• /
• 2005

In ad-hoc network, there is no fixed infrastructure such as base stations or mobile switching centers. The security of ad-hoc network is more vulnerable than traditional networks because of the basic characteristics of ad-hoc network, and current muting protocols for ad-hoc networks allow many different types of attacks by malicious nodes. Malicious nodes can disrupt the correct functioning of a routing protocol by modifying routing information, by fabricating false routing information and by impersonating other nodes. We propose a routing suity mechanism based on one-time digital signature. In our proposal, we use one-time digital signatures based on one-way hash functions in order to limit or prevent attacks of malicious nodes. For the purpose of generating and keeping a large number of public key sets, we derive multiple sets of the keys from hash chains by repeated hashing of the public key elements in the first set. After that, each node publishes its own public keys, broadcasts routing message including one-time digital signature during route discovery and route setup. This mechanism provides authentication and message integrity and prevents attacks from malicious nodes. Simulation results indicate that our mechanism increases the routing overhead in a highly mobile environment, but provides great security in the route discovery process and increases the network efficiency.