This paper presents a systematic analysis of insider attacks against mobile ad-hoc routing protocols, using the Ad hoc On-Demand Distance Vector (AODV) protocol as an example. It identifies a number of attack goals and then study how to achieve these goals through misuses of the routing messages. To facilitate the analysis, this paper classifies the insider attacks into two categories: atomic misuses and compound misuses. Atomic misuses are performed by manipulating a single routing message, which cannot be further divided; compound misuses are composed of combinations of atomic misuses and possibly normal uses of the routing protocol. The analysis results in this paper reveal several classes of insider attacks, including route disruption, route invasion, node isolation, and resource consumption. This paper also includes simulation results that demonstrate the impact of these attacks.