A True and Private Security Monitor for Wireless Ad Hoc Networks

In a multi-hop wireless ad hoc network, there are two reasons why packets could be lost: malicious packet dropping and link errors. In this study, we observe a series of packet losses in the network and wish to ascertain if the losses result from malicious drop mixed with link failures, or from link errors alone. We are particularly interested in the insider-attack scenario, in which a few malicious nodes on the route use their understanding within the context of communication to discard a few packets that are crucial to the network's operation. Conventional techniques based on detecting the packet loss rate cannot achieve adequate detection accuracy in this scenario because the packet dropping rate is similar to the channel error rate. We suggest taking benefiting from dropped packet correlations in order to increase the detection accuracy. Additionally, in order to guarantee accurate computation of these correlations, we create a public auditing architecture based on homomorphic linear authenticators (HLAs) that enables the detector to verify whether the packet loss data that nodes are providing is accurate report. This design has minimal communication and storage overheads, protects privacy, and is resistant to collusion. A packet-block-based technique is also proposed to minimise the computation cost of the baseline scheme, allowing one to exchange computation complexity for detection accuracy. We confirm via extensive simulations that the suggested mechanisms yield far higher detection accuracy compared to traditional approaches like maximum-likelihood based detection.