Int. J. Security and Networks, Vol. 1, Nos. 3/4, 2006 Copyright © 2006 Inderscience Enterprises Ltd. 255 A novel framework for mobile attack strategy modelling and vulnerability analysis in wireless ad hoc networks Vasileios Karyotis, Symeon Papavassiliou,* Mary Grammatikou and Vasilis Maglaris Network Management and Optimal Design Lab (NETMODE), Department of Electrical and Computer Engineering, National Technical University of Athens, Zografou, Athens 15780, Greece E-mail: vassilis@netmode.ntua.gr E-mail: papavass@mail.ntua.gr E-mail: mary@netmode.ntua.gr E-mail: maglaris@mail.ntua.gr *Corresponding author Abstract: Global dissemination of information and tools for computer networks, has allowed for major system attacks affecting critical network points and resulting in significant network performance degradation. In this paper, we present a probabilistic modelling framework for the propagation of an energy-constrained mobile threat in a wireless ad hoc network. The motivation behind this approach can be found in the topology-constrained character of the ad hoc setting, its dynamic nature and the stochastic characteristics of the interactions among the involved events. The introduced formulation is used to identify and evaluate different attack strategies and approaches. Through modelling and simulation, we evaluate the impact of various parameters associated with the operational characteristics of the mobile attacker on an outbreak spreading and the network evolution. Furthermore, a new metric, which indicates the overall infection-capability of each attack strategy is proposed and used to characterise the potential of each strategy to harm the network. Keywords: wireless ad hoc networks; security; attack modelling and propagation; vulnerability analysis. Reference to this paper should be made as follows: Karyotis, V., Papavassiliou, S., Grammatikou, M. and Maglaris V. (2006) ‘A novel framework for mobile attack strategy modelling and vulnerability analysis in wireless ad hoc networks’, Int. J. Security and Networks, Vol. 1, Nos. 3/4, pp.255–265. Biographical notes: Vasileios Karyotis received an MSc in Electrical Engineering from the University of Pennsylvania, Philadelphia, USA, in 2005 and the Diploma in Electrical and Computer Engineering from the National Technical University of Athens (NTUA), Athens, Greece, in 2004. Currently, he is a PhD candidate at the National Technical University of Athens. His current research interests include the areas of topology control and security in ad hoc and sensor networks, mobility in ad hoc and sensor networks, robust networks, network modelling, queuing theory and graph theory. Symeon Papavassiliou is currently, with the Faculty of Electrical and Computer Engineering Department, National Technical University of Athens (NTUA). Before joining NTUA he was an Associate Professor at the New Jersey Institute of Technology (NJIT), USA, while from 1995 till 1999 he was a Senior Technical Staff Member at AT&T Laboratories in New Jersey. He was awarded the Best Paper Award in INFOCOM’94 and the National Science Foundation (NSF) Career Award in 2003. He has an established record of publications in the field of computer and communication networks, with more than one hundred technical journal and conference published papers. Mary Grammatikou obtained her Diploma in Electrical Engineering from the National Technical University of Athens (NTUA) in 1995 and a PhD in Electrical and Computer Engineering from NTUA in 2001. Since then she has been working as a Research Scientist at the Network Management and Optimal Design Laboratory (NETMODE) at the Computer Science Division of the Electrical & Computer Engineering Department of NTUA. She conducts research in projects funded by National and European R&D agencies in the area of management and design of data networks, e-business, distributed information and healthcare systems. She has also been a teaching assistant at NTUA in postgraduate courses for e-business and security issues. Vasilis Maglaris is currently a Professor in the Electrical and Computer Engineering Department, National Technical University of Athens. From 1979 to 1981 he was with the Network Analysis Corporation, New York, while in 1981 he joined the Department of