Mazda Salmanian

Enabling secure and reliable policy-based routing in MANETs

We propose and present a framework for enabling policy-based routing in mobile ad hoc networks (MANETs) by applying policy rules associated with the security and reliability (of connection) to peer-to-peer security associations (SA) that are established on (multi-link) routes. In this proposal, we leverage and integrate the concept of dispersity routing with the management and maintenance of an existing modular security architecture. We adopt the Ad hoc On-demand Multipath Distance Vector (AOMDV) routing protocol to achieve dispersity routing. We further expand the modular security architecture, containing the Trust-enhanced Routing Table (TRT) module to include a reliability metric so that a route, among multiple available routes to a destination, may be selected and tracked with policy-set parameters. Under our proposal, a secure route is one that would be mapped through authenticated (trusted) nodes with established SAs, whereas a reliable route is one that would have a high Mean Time Between Failures (MTBF). The combination of trust and reliability as parameters used with multiple routes renders a graded routing service - the capability of providing several potential routes to a destination in a MANET, each of which may be selected because its security and reliability metrics match those of the policy. We support this proposal with a proof of concept simulation and we discuss that secure and reliable policy-based routing in MANETs is a worthwhile area for further research and investment.

Lightweight Integrated Authentication for Tactical MANETs

Tactical mobile ad hoc networks (MANETs) impose special challenges for designing authentication schemes because of the hostile environments in which they may operate. In this paper, we propose a lightweight integrated authentication (LIA) scheme for tactical MANETs. Our proposal is a lightweight and efficient solution that is suitable for use in tactical MANETs because it has the following features: 1) integration of user-to-device authentication and device-to-network authentication 2) trust-enhanced routing table and 3) distributed revocation authority.

A frame handler module for a side-channel in mobile ad hoc networks

In this paper, we establish a hidden 802.11 wireless channel, with the masking of the channel achieved by inserting intentional errors in the Frame Check Sequence (FCS). We design a frame handler module to provide a proof-of-concept model of the side-channel using MATLAB and Simulink with Communication Toolbox. We justify using MATLAB over the other simulation tools because of its existing functions: physical layer IEEE 802.11 wireless local area networking (WLAN) standard, existing modular channel fading models, the MAC layer cyclic redundancy checksum (CRC) generator, the CRC Syndrome detector, and the capability of modifying fields in a frame. These existing functions allow for the creation of a frame handler which generates frames, according to our design, to be inserted as erroneous frames and recovers frames from normal 802.11 traffic. Herein we provide the design and details of the implementation of the channel. Our design offers the ability to introduce error detection and correction capabilities, and protection against passive monitoring defences. This simulation framework is a step towards the development of more sophisticated environments including multi-node simulations that maintain robust and reliable side-channel communication.

Challenges in the Implementation and Simulation for Wireless Side-Channel based on Intentionally Corrupted FCS

Abstract We report on the challenges faced in the implementation and simulation of a side-channel communication based on frames with an intentionally corrupted Frame Check Sequence (FCS). Systematically corrupted FCSs can be used to enable covert communications between nodes that share the same algorithm for deciphering the FCS. In order to assess the possibility in detecting this side-channel communication it is necessary to have the ability to simulate it as well as to implement it on actual devices. Nearly all simulators drop corrupted frames before they reach their destination, making it impossible to simulate any side-channel communication based on intentionally corrupted FCS. We present an example of the modifications required to prevent this as applied to a well-known simulator called Sinalgo. We also discuss problems encountered when trying to intentionally corrupt the FCS on actual devices.

Detection of side-channel communication in ad hoc networks using request to send (RTS) messages

Wireless communication channels using the 802.11 protocol adopt the RTS/CTS mechanism to avoid collisions in the channel and to increase throughput. In a perfect scenario with no data loss, there exists a linear relationship between number of the valid frames received and the RTS received in the receiver. We propose a detection mechanism that keeps track of the rate of RTS per application data frames received where any deviation from its expected value could trigger an alarm for a possible side-channel communication hidden by error frames. Several scenarios are simulated using QualNet simulator by varying the parameters to study the relationship between the good frames and the RTS. Based on the data collected we submit that this rate is a viable metric for detection.

A modular security architecture for managing security associations in MANETs

Maintaining security associations (SA) in mobile ad hoc networks (MANET) is challenging due to their intrinsically open, dynamic, and decentralized nature. Bandwidth limitations arising from both the physical characteristics of the wireless medium and the control overhead required to maintain routes in a network with changing topology add another level of difficulty to the problem. While establishing SAs with strong authentication is a generally accepted practice, the allowed duration of these SAs is a harder problem that may depend on a number of factors. Ideally, we would like to optimize the maintenance of the SAs to balance quality of protection (QoP) against quality of service (QoS). In this paper we propose and describe a modular security architecture to achieve this goal. The architecture consists of security policy, trust model, and state machine modules that together control the strong authentication process for establishing and maintaining SAs. We demonstrate the efficacy of this architecture through simulation of a MANET that implements a Trust-enhanced Routing Table (TRT). Our simulations use a state machine to manage the authentication process linked to a TRT previously proposed as a security extension of the optimized link state routing (OLSR) protocol. We demonstrate that this state machine, when linked to an adaptive trust model itself controlled by a security policy, can substantially outperform static models. Because the architecture is modular, the implementation can be tailored for different environments or scenarios.

Supporting periodic, strong re-authentication in MANET scenarios

A Security Association (SA), established by strong authentication, between a node pair in a Mobile Ad hoc Network (MANET) could be lost when its route is disconnected. In contrast, in good channel conditions and stable topology, routing protocols such as the Optimized Link State Routing (OLSR) do not refresh routes periodically, and in doing so, an SA bound to these routes could become stale and out of date. In this paper we demonstrate a decoupling of the maintenance of the SAs from the link state conditions by introducing a timer that defines the lifetime of the SAs, as well as the periodicity of strong authentications. This timer is implemented within a state machine that also manages other aspects of the authentication process. We implement these changes using a Trust-enhanced Routing Table (TRT), an extension of the OLSR routing table. The state machine and TRT are trialed in a series of MANET simulations in which the topology of the network remains static but channel conditions are made progressively less favorable. By varying the allowed SA duration timer within the state machine, we are able to measure the overhead (cost) associated with maintaining SAs in varying channel conditions. We show that the costs associated with our implementation are generally far lower than if we were to link SAs to standard OLSR routes in the same conditions. Since the allowed lifetime of SA is a security parameter, our results effectively demonstrate a trade-off between security and overhead for our model. Our implementation is designed to be further, and easily, extended to account for additional security parameters as input.

On the efficiency of establishing and maintaining security associations in tactical MANETs in group formation

It has been shown that a Security Association (SA) established by strong authentication between a node pair in a Mobile Ad Hoc Network (MANET) should not depend on link connectivity [1]. While stale (long) SAs should be renewed, SA duration should be managed by a security policy and based on a trust model regardless of link intermittence. Both the security policy and the trust model are modules of a security architecture in [2]. In this paper, we consider nodes in multiple groups using the same channel (one interface) and a hierarchical traffic pattern typical of a tactical operation. We show that the inter-group SAs, between group heads, require a different trust model than that of intra-group SAs if the overhead of authentication is to be kept manageable. We form a new trust model, apply it to the group heads, and adapt their SA duration to their hopped distance away from their authenticators. Our results show that for group heads, the number of hops is a more effective parameter to which their SA duration should be adapted than their actual link distance modeled by FER. Compared to a trust model that adapts to average system FER [2], we show that the new trust model reduces the overhead of authentication for group heads who tend to be multiple hops away from the authenticator. We also show that by relaxing the security policy one can reduce the authentication traffic so that group heads would not be easily detected by the volume of their authentication traffic. Respecting a nodes role in a MANET and its traffic pattern, we show the efficiency and flexibility of the security architecture in keeping the overhead low and reducing the probability of role identification by threat of traffic analysis.

An architecture for secure interoperability between coalition tactical MANETs

International military forces are increasingly engaged in coalition-based operations with an expectation that future coalition forces will be tightly interoperable even down to the tactical level. At the same time, there is an emerging trend towards increasing connectivity at the tactical edge, with mobile ad hoc networking (MANET) seen as a key enabling technology for this improved connectivity. This paper explores the convergence of these two trends-a desire for secure coalition interoperability and its potential co-existence with a MANET-based tactical communication platform. We present an architecture consisting of three elements that enable allied MANETs to share information securely: a key management strategy, gateway discovery and security association and network address translation. These concepts are well researched individually; in this paper we combine them in the context of a coalition tactical operation. We present several tactical scenarios in which our architecture enables a MANET to discover nearby allied MANETs, to identify and authenticate gateways to relay its information and to connect specialized nodes of allied MANETs and establish communities of interest. Our solutions could serve as models for the future development of secure interoperability policies, service level agreements and standards, e.g., for future NATO standardization agreements (STANAGs) or Combined Communications-Electronics Board Allied Communication Publications (CCEB ACPs).

Secure and efficient routing by Leveraging Situational Awareness Messages in tactical edge networks

A desired capability in military operations is the reliable and efficient sharing of Situational Awareness (SA) data at the tactical edge network. Many implementations of SA sharing in the literature use frequent broadcasts of SA messages in order to provide an up-to-date and comprehensive operating picture to all nodes. However, SA sharing may result in an increase in bandwidth requirements at the tactical edge, where power and bandwidth are scarce. Efficient realtime routing is also a challenge in a tactical edge network. We believe there is a good opportunity to leverage the realtime periodic SA messages for assisting routing services. To the best of our knowledge, little research has been done on this front. In this paper, we propose a secure and efficient routing by leveraging SA messages (SER-SA) in tactical edge mobile ad hoc networks. The SER-SA protocol utilizes realtime broadcast SA messages to not only transmit SA data but also to facilitate Multipoint Relay (MPR) node selection and route discovery for providing both realtime broadcast and unicast communication services. In SER-SA, broadcast forwarding is performed only by MPR nodes, which can reduce bandwidth usage compared to pure flooding methods such as Multicast Ad hoc On-Demand Distance Vector Routing (MAODV). In addition, we reduce bandwidth usage even further by both avoiding dissemination of specific designated routing messages in the network and enhancing the (traditionally local) MPR selection algorithm based on a global algorithm enabled by the shared global SA. We show through simulations that the proposed SER-SA protocol facilitates route discovery in a more bandwidth efficient manner. As a result, it performs better in terms of delivery ratio for providing both broadcast and unicast services in tactical scenarios compared to the existing MANET multicast routing protocols such as Multicast Optimized Link State Routing and MAODV.