Enhancing the DCFM node isolation attack mechanism for OLSR protocol in Android MANETs

Abstract

Mobile Ad hoc Networks (MANETs) have recently gained wide adoption by their ability for communication amongst users without infrastructure for instance Wireless Mesh Community Networks that are setup not to rely on telecommunication infrastructure because they may be too expensive, damaged from natural disasters or simply nonexistent. However, major investigations have mainly focused on routing protocol problems with little progress in solving secure routing in MANETs. This in turn has led to the proliferation of threats and vulnerabilities like the Node Isolation attack against Optimized Link State Routing - OLSR one of the most widely used MANET protocols where a malicious node attacks by exploiting topological knowledge of the network to isolate the victim from the rest of the network and subsequently deny communication services to the victim. This project adopts the Denial Contradictions with Fictitious Node Mechanism (DCFM) which we enhance with Group Testing techniques that yield better and more efficient detection rates against node isolation attacks by employing the same tactics used by the attacker itself. This DCFM enhancement is achieved through modelling and construction of a Colored Petri Net (CPN) model of the mandatory parts of the OLSR protocol for formal verification of its behavioral correctness. The applications of Colored Petri Nets and state space analysis tool have been successful in modelling and performing analyses of the OLSR protocol with DCFM demonstrated success metrics of increase in detection rates of over 95 percent of attacks and a very high reduction in delay latency attributed to Group Testing’s disjunct matrices techniques and finally after demonstrating how the construction of executable formal models such as a CPN model can be a very effective way of systematically reviewing an industrial-size protocol specification for security verification and formal behavioral analysis which can be employed to other security attacks.