由於無線網路技術持續性地成長，行動隨意網路(MANETs)已經被廣泛地使用在軍用以及民用的應用上。基於它動態且靈活的特性，即使在沒有任何事先建立的基礎架構之下，也可以很容易的部署出一個行動隨意網路。不過，也由於它不受限制的動態拓撲性質，它很容易遭受到各種攻擊，特別是路由攻擊。例如像黑洞攻擊，它是一種可以輕易瓦解路由運作的一種攻擊。又如暴衝攻擊，即使是能力很薄弱的攻擊者也可以利用此攻擊對網路的運行造成損害。而蟲洞攻擊是一個較精密且複雜的攻擊，它也可以很容易地破壞整個網路的連結。
而這些路由攻擊也常會伴隨著封包丟棄的行為，這些攻擊者宣稱他們有路由可以幫忙傳遞資料封包，而就在資料封包經過這些攻擊者時，他們很輕易地就把這些資料封包丟棄掉。這樣的行為嚴重地影響到網路的效能，甚至可能對網路造成分割，而影響整個網路的連通性。
所以我們提出一個強韌的機制用來防禦這些路由攻擊，為了提升網路的整體效能。在此機制中，我們設計了一個比以往更好的偵測系統，可以有效地偵測出惡意節點，即使這些惡意節點互相合作，想試著去躲避偵測，我們的偵測系統也可以偵測出來。另外，為了有效地利用網路上其他節點的觀察結果，我們設計了一個安全且有效率的名譽系統，此系統可以防範惡意節點的惡意指控，並能有效地分享觀察到的資訊給網路上的其他節點。然後，我們還提出了兩種懲處方式，用來防範阻斷服務攻擊。最後，針對多種路由攻擊做了許多的模擬實驗，實驗的結果顯示我們所提出機制是可以有效地抵擋這些路由攻擊，且大幅度地提升網路整體的效能。

Wireless network technology is demanding and continually growing. Mobile ad hoc networks (MANETs) are extensively used in military and civilian applications. Their dynamic and flexibility allow the networks to be easily set up without the requirement of a predetermined infrastructure.
However, unconstrained dynamic nature of the topology of mobile ad hoc networks makes them vulnerable to various types of attacks including routing attacks. Black hole attacks belong to one such type of attacks which disrupt the routing functions in MANETs. Rushing attacks also enable the attackers with limited resources and no cryptographic material to destroy the operation in MANETs. Wormhole attacks which are more sophisticated attacks still can easily crumble the connection in MANETs.

The packet-dropping problem usually accompanies these routing attacks.
The attackers claim that they have routes to forward data packets.
However, when the data packets are routed through them, they drop these data packets that are supposed to be forwarded. These attacks greatly reduce the performance of the networks. Moreover, they are able to partition the network and degrade the connectivity of the network.

So, we propose a robust scheme to defense these routing attacks in MANETs and improve the performance of the networks. In our scheme, we design a strong detection system to effectively detect malicious nodes in the networks. It can work properly even if multiple malicious nodes are collusive and try to circumvent the detection. For effectively utilization of the observation in the networks, we design a secure and cooperative reputation system. The proposed reputation system can prevent false accusation created by malicious nodes. Finally, we propose two mechanisms to defense various types of routing attacks. Our experiments show that the proposed mechanisms can successfully improve the throughput of the network.

[1] S. Marti, T.J. Giuli, K. Lai, and M. Baker, “Mitigating Routing Misbehavior in Mobile Ad Hoc Networks,” International Conference on Mobile Computing and Networking − MOBICOM 2000, pp. 255−265, ACM Press, 2000.
[2] F. Anjum, and R. Talpade, “LiPaD: Lightweight Packet Drop Detection for Ad hoc Networks,” Vehicular Technology Conference − VTC2004, vol. 2, pp. 1233−1237, IEEE Computer Society Press, 2004.
[3] Y. Rebahi, V. Mujica, C. Simons, and D. Sisalem, “SAFE: Securing pAcket Forwarding in ad hoc nEtworks,” International Workshop on Applications and Services in Wireless Networks −ASWN 2005, 2005.
[4] R. Rao, and G. Kesidis, “Detecting malicious packet dropping using statistically regular traffic patterns in multihop wireless networks that are not bandwidth limited,” Global Telecommunications Conference − GLOBECOM’03, pp. 2957−2961, IEEE Computer Society Press, 2003.
[5] M. Just, E. Kranakis, and T. Wan, “Resisting Malicious Packet Dropping in Wireless Ad Hoc Networks,” International Conference on AD-HOC Networks and Wireless − ADHOCNOW’03, vol. 2865, pp. 151−163, Springer-Verlag, 2003.
[6] Y. Rebahi, and D. Sisalem, “Malicious Packet Dropping with Bottleneck Consideration in Ad Hoc Networks,” International Workshop in Wireless Security Technologies − IWWST 2005, pp. 77−81, 2005.
[7] S. R. Medidi, M. Medidi, and S. Gavini, “Detecting Packet-dropping faults in Mobile ad-hoc networks,” Asilomar Conference on Signals, Systems and Computers − ASILOMAR, pp. 1708−1712, IEEE Computer Society Press, 2003.
[8] Y. C. Hu, A. Perrig, and D. B. Johnson, “Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols,” ACM Workshop on Wireless Security − WiSe 2003, pp. 30−40, ACM Press, 2003.
[9] J. Kong, X. Hong, and M. Gerla, “Modeling Ad-hoc Rushing Attack in a Negligibility-based Security Framework,” International Conference on Mobile Computing and Networking, pp. 55−64, ACM Press, 2006.
[10] T. Thumthawatworn, T. Yeophantong, and P. Sirikriengkrai, “Adaptive Sinkhole Detection on Wireless Ad Hoc Networks,” Aerospace Conference, pp. 1−10, IEEE Computer Society Press, 2006.
[11] H. Deng, W. Li, D. P. Agrawal, “Routing Security in Wireless Ad Hoc Networks,” IEEE Communications Magazine, Vol. 40, pp. 70□75, IEEE Computer Society Press, 2002.
[12] S. Ramaswamy, H. Fu, M. Sreekantaradhya, J. Dixon, and K. E. Nygard, “Prevention of Cooperative Black Hole Attack in Wireless Ad Hoc Networks,” International Conference on Wireless Networks − ICWN’03, pp. 570−575, CSREA Press, 2003.
[13] B. Sun, Y. Guan, J. Chen, and U. W. Pooch, “Detecting Black-hole Attack in Mobile Ad Hoc Networks,” European Personal Mobile Communications Conference, pp. 490−495, IEEE Computer Society Press, 2003.
[14] A. Patcha, and A. Mishra, “Collaborative Security Architecture for Black Hole Attack Prevention in Mobile Ad Hoc Networks,” Radio and Wireless Conference − RAWCON’03, pp. 75−78, IEEE Computer Society Press, 2003.
[15] S. Lee, B. Han, and M. Shin, “Robust Routing in Wireless Ad Hoc Networks,” International Conference on Parallel Processing Workshops − ICPPW, pp. 73, IEEE Computer Society Press, 2002.
[16] B. J. Culpepper, and H. C. Tseng, “Sinkhole Intrusion Indicators in DSR MANETs,” International Conference on Broadband Networks − BROADNETS'04, pp. 681−688, IEEE Computer Society Press, 2004.
[17] M. AI-Shurman, S. M. Yoo, and S. Park, “Black Hole Attack in Mobile Ad Hoc Networks,” ACM Southeast Regional Conference, pp. 96−97, ACM press, 2004.
[18] X. Wang, “Intrusion Detection Techniques in Wireless Ad Hoc Networks,” International Computer Software and Applications Conference − COMPSAC'06, vol. 2, pp. 347−349, IEEE Computer Society Press, 2006.
[19] Y. C. Hu, A. Perrig, and D. B. Johnson, “Packet Leashes: A Defense against Wormhole Attacks in Wireless Ad Hoc Networks,” INFOCOM 2003, vol. 3, pp. 1976−1986, IEEE Computer Society Press, 2003.
[20] L. Hu, and D. Evans, “Using Directional Antennas to Prevent Wormhole Attacks,” Symposium on Network and Distributed Systems Security − NDSS 2004, pp. 144−154, Internet Society Press, 2004.
[21] N. Song,L. Qian, and X. Li, “Wormhole Attacks Detection in Wireless Ad Hoc Networks: A Statistical Analysis Approach,” International Workshop on Parallel and Distributed Processing Symposium, pp. 8−16, IEEE Computer Society Press, 2005.
[22] L. Xu, Z. Lin, and A. Ye, “Analysis and Countermeasure of Selfish Node Problem in Mobile Ad Hoc Networks,” International Conference on Computer Supported Cooperative Work in Design −CSCWD, pp. 1027−1030, IEEE Computer Society Press, 2006.
[23]B. Wang, S. Soltani, J. K. Shapiro, and P. N. Tan, “Local Detection of Selfish Routing Behavior in Ad Hoc Networks,” International Symposium on Parallel Architectures,Algorithms and Networks − ISPAN, pp. 392−399, IEEE Computer Society Press, 2005.
[24] S. Yokoyama, Y. Nakane, O. Takahashi, and E. Miyamoto, “Evaluation of the Impact of Selfish Nodes in Ad Hoc Networks and Detection and Countermeasure Methods,” International Conference On Mobile Data Management −MDM’06, pp. 95−101, IEEE Computer Society Press, 2006.
[25] K. Paul, and D. Westhoff, “Context Aware Detection of Selfish Nodes in DSR based Ad-hoc Networks,” Global Telecommunications Conference − GLOBECOM’02, Vol. 1, pp. 178−182, IEEE Computer Society Press, 2002.
[26] S. Buchegger, and J. Y. Le Boudec, “Nodes Bearing Grudges: Towards Routing Security, Fairness, and Robustness in Mobile Ad Hoc Networks,” Euromicro Workshop on Parallel, Distributed and Network-based Processing, pp. 403−410, IEEE Computer Society Press, 2002.
[27] L. Buttyan, and J. P. Hubaux, “Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks,” Mobile Networks and Applications, vol. 8, pp. 579−592, Springer-Verlag, 2003.
[28] H. S. Chiu, and K-S. Lui, “DelPHI: Wormhole Detection Mechanism for Ad Hoc Wireless Networks,” International Symposium on Wireless Pervasive Computing, pp. 6-, IEEE Computer Society Press, 2006.
[29] A. Deshpande, A. Hegde, and A. Shetty, “CVS: Collaborative Voting System to detect Routing misbehavior in Wireless Ad Hoc Networks,” International Computer Engineering Conference New Technologies for the Information Society − ICENCO'2004, EGYPT Press, 2004.
[30] S. Buchegger, C. Tissieres, and J. Y. Le Boudec, “A Test-Bed for Misbehavior Detection in Mobile Ad-hoc Networks- How Much Can Watchdogs Really DO?,” Mobile Computing Systems and Applications − WMCSA 2004, pp. 102−111, IEEE Computer Society Press, 2004.
[31] S. Buchegger, and J. Y. Le Boudec, “Performance Analysis of the CONFIDANT Protocol (Cooperation Of Nodes – Fairness In Dynamic Ad-hoc NeTworks),” International Symposium on Mobile Ad Hoc Networking & Computing, pp. 226−236, ACM Press, 2002.
[32] P. Michiardi, and R. Molva, “CORE: A Collaborative Reputation Mechanism to enforce node cooperation in Mobile Ad hoc Networks”, Proceedings of the IFIP TC6/TC11 Sixth Joint Working Conference on Communications and Multimedia Security: Advanced Communications and Multimedia Security, pp.107−121, 2002.
[33] C. Y. Tseng, P. Balasubramanyam, C. Ko, R. Limprasittiporn, J. Rowe, and K. Levitt, “A Specification-based Intrusion Detection System for AODV,” Workshop on Security of ad hoc and Sensor Networks, pp. 125−134, ACM Press, 2003.
[34] Y. C. Hu, A. Perrig, and D. B. Johnson, “Wormhole Attacks in Wireless Networks,” IEEE Journal on Selected Areas in Communications, vol. 24, pp. 370−380, IEEE Computer Society Press, 2006.
[35] K. Fall, and K. Varadhan, editors. The Ns Manual (formerly called "ns Notes and Documentation"). The VINT Project, UC Berkeley, LBL, USC/ISI, and Xerox PARC, June 2007. Available from http://www.isi.edu/nsnam/ns/
[36] CMUMonarchGroup,CMUMonarchExtensions to theNS-2Simulator 1998. Available from http://monarch.cs.cmu.edu/cmu-ns.html/
[37] S. Das, C. E. Perkins, and E. M. Royer, “Ad Hoc On Demand Distance Vector (AODV) Routing”, Mobile Ad-hoc Network (MANET) Working Group, IETF, 1999.
[38] J. Broch, D. A. Maltz, D. B. Johnson, Y.-C. Hu, and J. Jetcheva, “A performance comparison of multi-hop wireless ad hoc network routing protocols,” International Conference on Mobile Computing and Networking, pp. 85−97, ACM Press, 1998.
[39] D. Johnson, D. A. Maltz, and J. Broch, “The Dynamic Source Routing Protocol for Mobile Ad Hoc Networks,” Mobile Ad-hoc Network (MANET) Working Group, IETF, 1999.
[40] E. M. Royer, and C. K. Toh, “A review of current routing protocols for Ad Hoc mobile wireless networks,” IEEE Personal Communications, vol. 6, pp. 46□55, IEEE Computer Society Press, 1999.
[41] Z. J. Haas, M. R. Pearlman, and P. Samar, “The Zone Routing Protocol (ZRP) for Ad Hoc Networks,” Mobile Ad-hoc Network (MANET) Working Group, IETF, 2002.
[42] A. Rawat, P. D. Vyavahare, and A. K. Ramani, “Evaluation of rushing attack on secured message transmission (SMT/SRP) protocol for mobile ad-hoc networks,” International Conference Personal Wireless Communications □ ICPWC, pp. 62□66, IEEE Computer Society Press, 2005.
[43] M. G. Zapata, “Secure ad hoc on-demand distance vector routing,” ACM SIGMOBILE Mobile Computing and Communications Review □ (MC2R), vol. 6, pp. 106□107, ACM Press, 2002.
[44] R. W. Wolff, “Stochastic modeling and the theory of queues,” Prentice-Hall International, 1989.