Authentication in the Taos operating system
ACM Transactions on Computer Systems (TOCS) - Special issue on operating systems principles
Implementing a distributed firewall
Proceedings of the 7th ACM conference on Computer and communications security
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
DARWIN: distributed and adaptive reputation mechanism for wireless ad-hoc networks
Proceedings of the 13th annual ACM international conference on Mobile computing and networking
Capability-Based Defenses Against DoS Attacks in Multi-path MANET Communications
Wireless Personal Communications: An International Journal
Hi-index | 0.00 |
Mobile Ad-hoc Networks (MANETs) are susceptible to both insider and outsider attacks more than wired and base station-based wireless networks. This is because of the lack of a well-defined defense perimeter in MANETs, preventing the use of defenses including firewalls or intrusion detection systems. This lack of perimeter calls for implementation of security in a distributed, collaborative manner. We recently introduced a novel deny-by-default distributed security policy enforcement architecture for MANETs by harnessing and extending the concept of network capabilities. The deny-by-default principle allows compromised nodes to access only authorized services, limiting their abiUty to disrupt or even interfere with end-to-end connectivity and nodes beyond their local communication radius. The enforcement of policies is done hop-by-hop, in a distributed manner. In this paper we present preliminary results evaluating our architecture. Through simulation, we show that our solution Incurs minimal overhead in terms of network bandwidth and latency even in the presence of cryptographic operations. Furthermore, we show that the protection remains effective even in the presence of misbehaving nodes and routing changes due to mobility. While further work is needed to fully evaluate our scheme, we believe that the notion of collaborative security in MANETs is a promising direction for future research.