Security and monitoring in ad-hoc and peer-to-peer networks

This dissertation focuses on five key security issues in the widely growing areas of peer-to-peer, ad-hoc, and wireless computer networks. (1) First, the dissertation identifies several security vulnerabilities in one of the reputation management protocols for the Gnutella peer to-peer network. It also proposes an updated protocol, that is resilient to the attacks. (2) The dissertation presents a fully self-organized bootstrapping protocol for establishing authenticated channels in wireless ad-hoc networks. The protocol also assigns secure identifiers to network nodes. It operates using unreliable broadcast communication medium, thus being well suited for ad-hoc wireless scenarios. The identification framework provided by the protocol has good resilience against impersonation attacks. (3) The dissertation also presents a method to identify a wireless transceiver using inexpensive off-the-shelf hardware. The method used is to measure the time it takes for the transceiver to process certain radio frames, and to construct its fingerprint based on that data. Techniques developed are easily applicable to the task of monitoring a wireless network. The classification procedure used to identify wireless devices has an average success rate of 86%. (4) The fingerprinting method is then used as a basis for an Intrusion Detection System (IDS). The network-based IDS for wireless networks that the dissertation proposes, employs the anomaly detection approach. It is able to identify impersonation and Sybil attacks, that are hard to detect using traditional approaches. (5) The dissertation also presents an anonymous routing protocol. The protocol is original in allowing existing routes to adapt to shorter routes resulting from node mobility. More specifically, if the network topology changes after the route is established in a way that creates a shorter route, that route should be made available for forwarding data messages. The dissertation shows how the protocol preserves anonymity in the face of both internal and external adversaries.