Enhancing the DCFM node isolation attack mechanism for OLSR protocol in Android MANETs
Abstract
Mobile Ad hoc Networks (MANETs) have recently gained wide adoption by their ability for
communication amongst users without infrastructure for instance Wireless Mesh Community
Networks that are setup not to rely on telecommunication infrastructure because they may
be too expensive, damaged from natural disasters or simply nonexistent.
However, major investigations have mainly focused on routing protocol problems with little
progress in solving secure routing in MANETs. This in turn has led to the proliferation
of threats and vulnerabilities like the Node Isolation attack against Optimized Link State
Routing - OLSR one of the most widely used MANET protocols where a malicious node
attacks by exploiting topological knowledge of the network to isolate the victim from the
rest of the network and subsequently deny communication services to the victim.
This project adopts the Denial Contradictions with Fictitious Node Mechanism (DCFM)
which we enhance with Group Testing techniques that yield better and more efficient detection
rates against node isolation attacks by employing the same tactics used by the attacker
itself. This DCFM enhancement is achieved through modelling and construction of a Colored
Petri Net (CPN) model of the mandatory parts of the OLSR protocol for formal verification
of its behavioral correctness.
The applications of Colored Petri Nets and state space analysis tool have been successful in
modelling and performing analyses of the OLSR protocol with DCFM demonstrated success
metrics of increase in detection rates of over 95 percent of attacks and a very high reduction
in delay latency attributed to Group Testing’s disjunct matrices techniques and finally after
demonstrating how the construction of executable formal models such as a CPN model can
be a very effective way of systematically reviewing an industrial-size protocol specification for
security verification and formal behavioral analysis which can be employed to other security
attacks.