Scientific knowledge map · Paper #7
ALARM: Anonymous Location-Aided Routing in Suspicious MANETs
2007 · IEEE International Conference on Network Protocols (ICNP)
- Theory
- Applied
- protocol
Research question
What does the paper try to establish?
Can a link-state mobile ad hoc routing protocol authenticate topology information and deliver to geographic destinations without exposing stable node identities or readily linkable location histories?
Central answer
What is the proposed answer?
ALARM has every member periodically flood a group-signed location announcement containing a timestamp, temporary public key, and one-time pseudonym. Nodes construct a location topology and route to locations rather than long-term identities. The paper informally analyzes passive-insider and active-outsider security and simulates privacy under several mobility models.
Evidence profile
Six dimensions, kept separate
The chart summarizes documented evidence and process. It is not a correctness probability, confidence score, or ranking, and no composite score is calculated.
LowMediumHighN/A = not assessed
A smaller value means less documented support for that dimension, not that the paper is false or unimportant.
- Epistemic evidence Medium
-
The protocol, threat boundaries, informal analysis, privacy metric, and mobility simulations are documented, but no formal proof, implementation, or independent reproduction is supplied.
LAM generation, flooding, pseudonyms, and delivery Threat model and informal security analysis Average Node Privacy definition Mobility-model simulation results - Auditability High
-
A fixed author-hosted full text is checked in with page count and hash, making the protocol and evidence directly inspectable.
Author-copy provenance Mobility-model simulation results - Production provenance Medium
-
Named authorship, author-copy provenance, and official metadata are documented; roles, revisions, tool use, and simulation lineage are not.
Author-copy provenance Official publication metadata - External scrutiny Medium
-
The work has an official full-conference publication record; public reviews, formal verification, and independent reproduction were not located.
Official publication metadata - Reception Low
-
No citations were verifiably located in the constrained dated search. Under the author's 0-8 rule this is low, but it is not a claim that the paper has no citations.
Citation search attempted - Contribution significance High
-
ALARM combines a concrete routing protocol, anonymity mechanism, insider/outsider analysis, and an explicit privacy metric, while making its mobility and insider assumptions visible.
Goals, contributions, and routing choice LAM generation, flooding, pseudonyms, and delivery Average Node Privacy definition Overhead, insider protection, and deployment boundaries
Assessment: Ai draft author review pending · 2026-07-11 · rubric 0.2. These dimensions describe documented support and process, not truth, correctness, or a universal ranking. No composite score is calculated.
Top-down and bottom-up view
Hierarchical knowledge map
Collapse a branch for a top-level reading, or follow its source links and child nodes to audit the evidence and boundaries underneath it.
ALARM
A location-aided link-state routing protocol that combines group signatures, rotating pseudonyms, and temporary encryption keys to reduce identity and movement disclosure.
Goals, contributions, and routing choice Official publication metadata-
question Research question
research questionCan nodes authenticate a mobile topology and route by location while remaining anonymous and difficult to track?
Goals, contributions, and routing choice -
contribution Central answer
proposed and simulatedAuthenticate unlinkable per-slot location announcements with group signatures, derive a common topology snapshot, and address encrypted traffic to a location-bound temporary key and pseudonym.
LAM generation, flooding, pseudonyms, and delivery Mobility-model simulation results -
scope Environment and trust assumptions
explicitly scopedNodes know location and time, share a bounded radio range, move enough to create ambiguity, and obtain group credentials from an offline group manager; the analysis assumes a passive insider or active outsider.
System assumptions and group-signature interface Threat model and informal security analysis -
protocol Location Announcement Message protocol specified
Each slot, a node floods its location, timestamp, temporary public key, and group signature. Recipients verify and deduplicate LAMs, build a geographic connectivity graph, and use the signature as a one-slot pseudonym.
LAM generation, flooding, pseudonyms, and delivery-
component Location-addressed delivery
specifiedA sender selects the current pseudonym at the destination location and encrypts under that LAM's temporary key, avoiding a stable identity in route establishment.
LAM generation, flooding, pseudonyms, and delivery
-
-
claim group Security and privacy claims informally argued
Group-signature verification authenticates membership without naming the signer; timestamps resist replay, while randomized movement and fresh signatures are intended to frustrate linking across topology snapshots.
Threat model and informal security analysis-
limitation Active-insider boundary
conditionalOrdinary group signatures do not stop a malicious member from multiple-location Sybil announcements; self-distinguishing signatures or tamper-resistant location/signing hardware is required for that stronger threat.
LAM generation, flooding, pseudonyms, and delivery Overhead, insider protection, and deployment boundaries
-
-
metric Average Node Privacy
definedANP measures, across two topology snapshots, the average fraction of later nodes to which an earlier node can remain plausibly mapped; it ranges from complete traceability to full ambiguity.
Average Node Privacy definition -
evidence group Mobility simulations
simulationRandom-walk, random-waypoint, and reference-point group mobility experiments vary speed and evaluate ANP; privacy deteriorates when motion is slow, predictable, or preserves relative group positions.
Mobility-model simulation results -
limitation group Protocol boundaries
materialJamming and DoS, physical observation, and strongly correlated movement are outside the claimed protection. Periodic network-wide LAM flooding costs bandwidth and power and reveals topology and network size.
Threat model and informal security analysis Mobility-model simulation results Overhead, insider protection, and deployment boundaries -
artifact Artifacts
paper available no codeA fixed author copy is available locally; protocol code, group-signature integration, simulator configuration, and result data were not located.
Mobility-model simulation results Author-copy provenance -
scrutiny Scrutiny
peer reviewedALARM appeared at IEEE ICNP 2007. The paper provides an informal analysis and simulations, but no formal security proof or independent reproduction was located.
Threat model and informal security analysis Official publication metadata
Audit trail
Source index
Locators state the depth of the current audit. PDF page numbers, where present, are one-based file pages; metadata-, summary-, and abstract-bounded records explicitly identify their limitations.
- Goals, contributions, and routing choice Abstract and Sections I-II, PDF pages 1-3
- System assumptions and group-signature interface Section IV, PDF pages 4-5
- LAM generation, flooding, pseudonyms, and delivery Section IV, PDF pages 5-6
- Threat model and informal security analysis Section V, PDF pages 6-7
- Average Node Privacy definition Section VI, PDF pages 7-8
- Mobility-model simulation results Section VI and Figures 3-6, PDF pages 7-9
- Overhead, insider protection, and deployment boundaries Section VII, PDF pages 9-10
- Author-copy provenance Public UCI author-hosted PDF
- Official publication metadata DOI 10.1109/ICNP.2007.4375861
- Citation search attempted Exact-title search, 2026-07-11; no verified count retrieved