• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.13-19
• /
• 2019

MANET has many security vulnerabilities because it consists of only mobile nodes using wireless. In particular, it is a very important factor determining network performance that excludes the participation of malicious nodes through accurate reliability measurements and authentication of nodes participating in the network. In this paper, we proposed a technique applied with blockchain technology in order to prevent forgery of authentication information for nodes participating in the network. And, an area-based hierarchical structure was applied to increase the efficiency of authentication for nodes and apply the optimal technique of block generation and exchange protocol. In addition, four data payloads were added to the block header in order to add authentication information for nodes in block. To improve the reliability by applying the blockchain technique to the hop-by-hop data transfer method between mobile nodes, blockchain exchange protocol through transaction creation, block packaging and verification processes were implemented. We performed the comparative experiment with the existing methods to evaluate the performance of the proposed method and confirmed the excellent performance by the experiment results.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.7
• /
• pp.1367-1372
• /
• 2007

This paper suggests One-time Password key exchange authentication technique for a strong authentication based on MANET and through identify wireless environment security vulnerabilities, analyzes current authentication techniques. The suggested authentication technique consists of 3 steps: Routing, Registration, and Running. The Routing step sets a safe route using AODV protocol. The Registration and Running step apply the One-time password S/key and the DH-EKE based on the password, for source node authentication. In setting the Session key for safe packet transmission and data encryption, the suggested authentication technique encrypts message as H(pwd) verifiers, performs key exchange and utilizes One time password for the password possession verification and the efficiency enhancement. EKE sets end to end session key using the DH-EKE in which it expounds the identifier to hash function with the modula exponent. A safe session key exchange is possible through encryption of the H(pwd) verifier. The suggested authentication technique requires exponentiation and is applicable in the wireless network environment because it transmits data at a time for key sharing, which proves it is a strong and reliable authentication technique based on the complete MANET.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.3
• /
• pp.69-77
• /
• 2015

MANET is composed of only the mobile nodes have a limited transmission range. The dynamic topology by the frequent movement of nodes makes routing difficult and is also cause exposed to security vulnerabilities. In this paper, we propose the security routing technique consisted of mechanism of two steps in order to respond effectively to attack by the modification of the routing information and transmit secure data. The hierarchical structure is used and the authentication node that issues the key of the nodes within each cluster is elected in this proposed method. The authentication node manages key issues and issued information for encrypting the routing information from the source node. The reliability value for each node is managed to routing trust table in order to secure data transmission. In the first step, the route discovery is performed using this after the routing information is encrypted using the key issued by the authentication node. In the second step, the average reliability value of the node in the found path is calculated. And the safety of the data transmission is improved after the average reliability value selects the highest path. The improved performance of the proposed method in this paper was confirmed through comparative experiments with CBSR and SEER. It was confirmed a better performance in the transmission delay, the amount of the control packet, and the packet transmission success ratio.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.12 no.1
• /
• pp.71-79
• /
• 2016

The main security threats in MANET are integrity and non-repudiation. In the meantime, a lot of secure routing protocols have been designed in order to block these security threats. In this paper, partnership-based authentication technique is proposed in order to provide participation exclusion of network and non-repudiation for the nodes. The proposed technique is a technique that participates in data communication for only the nodes receiving the authentication through the authentication process for the nodes. For this, the proposed technique is largely consists of two steps. The first step is the process that issued the certificate after the reliability for the nodes participating in the network is evaluated. And in the second step, the key exchange agreement with the neighbor nodes is performed and data communication is made after setting security path with responding nodes. The level of security in data transmission is improved because the process of path setting is performed through cooperation with a neighboring nodes having high reliability during the course of these two steps. The superiority of proposed technique in this paper was confirmed through the comparative experiment.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2004.05a
• /
• pp.1299-1302
• /
• 2004

본 연구에서는 MANET(Mobile Ad Hoc Network)에서 분산 PKI(Public Key Infrastructure) 메커니즘을 라우팅 프로토콜에 적용하기 위한 방법을 제안한다. 이를 위해 MANET이 사용하는 라우팅 프로토콜로 CBRP(Cluster Based Routing Protocol)를 고려한다. 제안하는 프로토콜은 CBRP의 기능과 분산 PKI 메커니즘을 활용하여 효율적으로 인증서 체인을 찾을 수 있고, 이를 통해 통신노드 상호간의 세션키 설정과 송수신하고자 하는 데이터에 대한 암호화를 지원한다. 또한, 라우팅 프로토콜의 안전한 동작을 위해 제안하는 프로토콜은 전자서명된 HELLO 메시지를 교환하여 악의적인 공격자들에 대해 신뢰성을 제공하고, 안전한 라우팅을 가능하게 한다.

• International Journal of Computer Science & Network Security
• /
• v.22 no.4
• /
• pp.131-138
• /
• 2022

A Mobile Ad-hoc Network (MANET) is a collection of moving nodes that communicate and collaborate without relying on a pre-existing infrastructure. In this type of network, nodes can freely move in any direction. Routing in this sort of network has always been problematic because of the mobility of nodes. Most existing protocols use simple routing algorithms and criteria, while another important criterion is path selection. The existing protocols should be optimized to resolve these deficiencies. 'Particle Swarm Optimization (PSO)' is an influenced method as it resembles the social behavior of a flock of birds. Genetic algorithms (GA) are search algorithms that use natural selection and genetic principles. This paper applies these optimization models to the OLSR routing protocol and compares their performances across different metrics and varying node sizes. The experimental analysis shows that the Genetic Algorithm is better compared to PSO. The comparison was carried out with the help of the simulation tool NS2, NAM (Network Animator), and xgraph, which was used to create the graphs from the trace files.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.8 no.2
• /
• pp.41-47
• /
• 2012

MANET has vulnerable structure on security owing to structural characteristics as follows. MANET consisted of moving nodes is that every nodes have to perform function of router. Every node has to provide reliable routing service in cooperation each other. These properties are caused by expose to various attacks. But, it is difficult that position of environment intrusion detection system is established, information is collected, and particularly attack is detected because of moving of nodes in MANET environment. It is not easy that important profile is constructed also. In this paper, conformal predictor - support vector machine(CP-SVM) based intrusion detection technique was proposed in order to do more accurate and efficient intrusion detection. In this study, IDS-agents calculate p value from collected packet and transmit to cluster head, and then other all cluster head have same value and detect abnormal behavior using the value. Cluster form of hierarchical structure was used to reduce consumption of nodes also. Effectiveness of proposed method was confirmed through experiment.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.9 no.1
• /
• pp.87-93
• /
• 2013

MANET has the advantage of having the flexibility to build easily a network in a difficult situation that builds a wired network. But, data transmission errors by movement of nodes and eavesdropping by wireless communications have become a problem of security. Authentication service is the most essential in order to overcome these problems and operate network stably. In this paper, we propose 3-tiers authentication structure to exclude of malicious node and operate stable network through more systematic and thorough node authentication. After network is composed into a cluster, cluster head which play CA role is elected. Among these, the highest-CA is elected. The highest-CA receives certificates to cluster head and the cluster head evaluates trust value of their member nodes. Authentication technique which issues member node key is used. We compared PSS and experimented to evaluate performance of proposed scheme in this paper and efficiency of the proposed technique through experience was confirmed.

• Journal of Electrical Engineering and Technology
• /
• v.13 no.5
• /
• pp.2086-2098
• /
• 2018

Security plays a vital role and is the key challenge in Mobile Ad-hoc Networks (MANET). Infrastructure-less nature of MANET makes it arduous to envisage the genre of topology. Due to its inexhaustible access, information disseminated by roaming nodes to other nodes is susceptible to many hazardous attacks. Intrusion Detection and Prevention System (IDPS) is undoubtedly a defense structure to address threats in MANET. Many IDPS methods have been developed to ascertain the exceptional behavior in these networks. Key issue in such IDPS is lack of fast self-organized learning engine that facilitates comprehensive situation awareness for optimum decision making. Proposed "Intelligent Behavioral Hybridized Intrusion Detection and Prevention System (IBH_IDPS)" is built with computational intelligence to detect complex multistage attacks making the system robust and reliable. The System comprises of an Intelligent Client Agent and a Smart Server empowered with fuzzy inference rule-based service engine to ensure confidentiality and integrity of network. Distributed Intelligent Client Agents incorporated with centralized Smart Server makes it capable of analyzing and categorizing unethical incidents appropriately through unsupervised learning mechanism. Experimental analysis proves the proposed model is highly attack resistant, reliable and secure on devices and shows promising gains with assured delivery ratio, low end-to-end delay compared to existing approach.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.4 s.346
• /
• pp.13-21
• /
• 2006

An mobile ad hoc network(MANET) is a collection of wireless computers (nodes), communicating among themselves over multi-hop paths, without the help of any infrastructure such as base stations or access points. Prior research in MANET has generally studied the routing problem in a non-adversarial setting, assuming a trusted environment. In this paper, we design and evaluate the Secure Zone Routing Protocol(T-ZRP), a secure ad hoc network routing protocol is based on the design of the hash chain. In order to support use with nodes of limited CPU processing capability, and to guard against Denial-of-Service attacks in which an attacker attempts to cause other nodes to consume excess network bandwidth or processing time, we use efficient one-way hash functions and don't use asymmetric cryptographic operations in the protocol. Proposed algorithm can safely send to data through authentication mechanism and integrity about routing establishment.