| A Mobile Ad Hoc Network (MANET) is a type of network that does not require previously deployed infrastructure to operate. In such networks, every node is mobile and acts as a router and, as a consequence, MANETs can be quickly configured and ready to work. This capability suits well to scenarios in which networks only need to operate for a short period of time, and when initial investment on infrastructure is undesired or not possible. It also allowed the implementation of many applications that were not originally practical with regular networks. For instance, law enforcement missions performed by police forces into areas where the State is not well present are an example. These forces are inherently mobile and need to exchange data in a uncontrolled area in order to accomplish their mission. Another example is the use of MANETs supporting natural disaster operations. In this case, the preexisting communication infrastructure is damaged and field agents resort to MANETs as the medium for coordinating rescue missions and distribution of supplies. The military also use MANETs as a platform to perform their duties, and as a key asset supporting a number of diverse command and control activities. For instance, platoon and company level missions are very mobile and performed in areas under control of the enemy. MANETs play a major role in other domains as well, including health care and remote sensing, making mobile ad hoc networking a growing trend.;In most of the above application domains, a typical MANET implementation requires quick deployment, dynamic communications, and security assurance. However, these requirements are made difficult to attain due to MANETs' wireless nature and its lack of a fixed structure, which makes the information flow on an unconfined environment and undesired nodes able to directly interact with the network.;To prevent unauthorized access, substantial effort has been put into the design of strong encryption algorithms, secure protocols, and intrusion detection methods. Unfortunately, networks are still vulnerable to diverse factors such as rogue users, poor software design, and information leakage from social engineering, and even the most reliable network security technologies available today cannot make them invulnerable. Once a network is compromised, the enemy is able not only to eavesdrop sensitive information but also to mislead valid users and to harm the operations supported by the network.;This research addresses the security issue of MANETs from a new point of view. Instead of only trying to deny the network access to the enemy, it seeks to identify the adversary that already has the credentials to access the network before he can perform rogue actions. More formally, the hypothesis tested in this work is that the use of the location information of the tactical nodes enables the ability of detecting a passive intruder before it becomes active, and diminishes the impact of the adversary on the mission supported by the mobile network. The research focused on obtaining this ability through the use of a combination of different techniques, and resulted in the design of the Collaborative MANET Intrusion Detection System (CMIDS).;CMIDS is a novel, non-intrusive IDS that uses a secondary network of sensors to monitor and analyze the behavior of the nodes of the target network. A predictive location algorithm was created and, in combination with multilateration technique and basic mission knowledge, is able to detect misbehaving nodes. In order to test the hypothesis and evaluate the CMIDS concept, a military tactical scenario simulation was developed using three distinct software tools. The results obtained through the experiments corroborate the Dissertation hypothesis and show that the CMIDS extends the state of the art of intrusion detection systems for mobile ad hoc networks. |
