ABSTRACT
Contents 16.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478 16.2 Network Environments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 482 16.3 Secure Routing Table in AODV . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 482
16.3.1 Secure Table Entry Protection (STEP) . . . . . . . . . . . . . . . . . . . . 483 16.3.2 Route Discovery with STEP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 484
16.3.2.1 RREP from the Destination. . . . . . . . . . . . . . . . . . . . . 485 16.3.2.2 RREP from the Intermediate Node. . . . . . . . . . . . . 485
16.3.3 Route Discovery with Efficient STEP (ESTEP) . . . . . . . . . . . 486 16.3.4 Extension against Colluding Attackers . . . . . . . . . . . . . . . . . . . 486 16.3.5 Integrating STEP with Secure Routing Protocol . . . . . . . . . 487 16.3.6 Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487
16.4 Secure AODV (SeAODV) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487 16.4.1 Secure Route Discovery against Message Tampering. . . . 488 16.4.2 Secure Route Maintenance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489 16.4.3 Consideration of Control Message Dropping Attacks . . . 490 16.4.4 Consideration of Replay Attacks . . . . . . . . . . . . . . . . . . . . . . . . . 490 16.4.5 Consideration of DoS Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . 490 16.4.6 Secure Data Forwarding (SDF) Based on SeAODV . . . . . 491 16.4.7 Extension of SeAODV . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491 16.4.8 Comparison with Other Schemes . . . . . . . . . . . . . . . . . . . . . . . . 492
16.5 Performance Comparisons. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 492
16.5.1 STEP versus AODV without Attackers . . . . . . . . . . . . . . . . . . . 493 16.5.2 SeAODV versus AODV without Attackers . . . . . . . . . . . . . . . 499 16.5.3 SeAODV versus AODV with Blackhole Attackers . . . . . . . 500
16.6 Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501
16.1 Introduction Most of the current ad hoc routing protocols [1,2] proposed for mobile ad hoc networks (MANETs) assume that there is an implicit trust-yourneighbor relationship in which all the neighboring nodes behave properly. However, in practice, many MANETs are subject to attacks by rogue users who try to paralyze the network by manipulating the messages (e.g., dropping all data or control packets, sending incorrect route advertisement messages). This problem is further complicated by a lack of centralized management control, error-prone multi-hop wireless channels, and the dynamic changes in network topology due to node mobility.
