A trust-based security architecture for tactical MANETS

Security is a main concern in the establishment of tactical MANETs. Literature is abundant in defining protocol extensions to provide more secure MANET communications. Also many techniques have been developed to identify different types of network attacks, such as the wormhole attack, for example. However, all these security solutions are designed for specific routing protocols. In the absence of a generic security architecture, nodes from different MANET domains cannot cooperate and benefit from security advantages across the entire network, such as secured inter-domain routing, etc. In this paper, we present a general architecture for a security trust monitoring layer that runs on top of routing protocols. This security layer can be applied to different MANET routing protocols and provide monitoring of different network attacks by adding specific plug-ins. Our modular security approach allows nodes, running different routing protocols and equipped with different security solutions, to inter-operate by exchanging security information with each other. The idea is to have a security layer monitor MANET communications and construct a trust representation model of member nodes of the MANET. The trust information gathered can be communicated to MANET nodes (upon request), and such nodes can modify their routing tables accordingly. We show that this security architecture can be implemented on a real MANET test bed. As an example of security attack, we also show the integration of wormhole detection and counter-measure with the security trust monitoring layer performed on this same test bed.