Title: Detecting Misbehavior in MANETs Through CrossLayer Analysis
1Detecting Misbehavior in MANETs Through
Cross-Layer Analysis
Jim Parker, Anand Patwardhan, Anupam Joshi
1. MANET
2. Assumptions
3. Routing Example
B
dgram_in
A
dgram_out
C
Datagram dgram_in has Source IP address, x ? U
B,C Destination IP address, y ? U B,C
MAC source, mac(u), u ? U B,C MAC
destination, mac(B) Corresponding dgram_out must
have Source IP address, x Destination IP
address, y MAC source, mac(B) MAC destination,
mac(u), u ? U B,C
- Persistent identities
- Symmetric channels
- Promiscuous snooping
- No central authority
- Limited/intermittent
- Internet connection
- Mobile Ad hoc Network
- Limited radio range (i.e. 802.11 30m)
- Self configuring
- Each node is a router
- No static infrastructure
- PDAs, cell phones, cars
Challenges
-
- Distributed detection
- Malicious vs. Selfish behavior
- Open medium of communication
- Reaction
- Forgiveness/redemption
- Colluding malicious nodes
4. Detection
Src
B to D heard by A, C D to E heard by B, C
A
Dst
E
5. Processing
B
D
Trust evolution, reputation management, recourse
C
Malicious Detection
Commendations Accusations (to other devices)
- Variables
- Accurate neighbor table
- Malicious thresholds
- Collisions
- RERR
Application
Packet dropping, mangling, injection
Transport
Routing attacks, disruptions
Link
Unfair contention, jamming
MAC/PHY
Response