Mobile Ad hoc Network Security Issues By Sheraz Salim Student ID 20388626

Presented to Faculty of School of Computing, Engineering and Physical Sciences University of Central Lancashire

In Partial Fulfilment Of the Requirements For MSc Computer Networking

Name: Sheraz Salim

Page 1

Master Project CO4804

Acknowledgement
I always thank to ALL-MIGHTY ALLAH, who gave me power and courage to complete this project. I would like to thank Zaki-El-Haroun for his supervision during this project and Helen Campbell for supporting and gaudiness during this tough time. I also have good regards for the facility of school of Computing, Engineering and Physical Science, University of Central Lancashire including Chris, who always support us for the simulation software problems. I would also like to express my sincere thank to my friends who support me all this time during thesis first and foremost, Noman Qazi and Hamid Khan. Finally, I would like to dedicate this thesis to my parents, brother and sister. Without their support it wasn’t possible to complete this project.

Name: Sheraz Salim

Page 2

Master Project CO4804

Abstract
Mobile ad hoc network also know as MANET is a promising technology which give connectivity where existing technologies communication like infrastructure failed or unable to provide the services due to catastrophic failure. MANET technology received a huge attention from the exciting researchers and industry sectors to make them more affordable better and valuable in communication environment, where as MANET nodes are highly self organized even with a collection of few mobile node. All these fantasizing features, and marvellous connectivity with other mobile node and making a enormous network, despite when it come to security it pose a large threats to the existing network which formed by MANET nodes. Here in this project we implemented Pulse Jammer, Misbehaving nodes and Byzantine attack on AODV routing protocol on MANET simulation environment. To perform the simulations we used OPNET MODELLER 15.0 as network simulator for our proposed work. The result showed MANET posed a high security risk attack either from internal or from external attack.

Name: Sheraz Salim

Page 3

Master Project CO4804

Table of Contents
Table of Contents.............................................................................4 Introduction......................................................................................9 CHAPTER 1.....................................................................................10 Mobile Ad hoc Wireless Network..........................................................10 Introduction.........................................................................................10 Background.........................................................................................11 Aim of thesis........................................................................................13 Related Work.......................................................................................13 Research Object..................................................................................14 Work Plan............................................................................................14 Scope 14 Chapter No. 2.................................................................................17 Physical Layer Attacks....................................................................17 Jammer Attack.....................................................................................17 Interference Problem...........................................................................18 De-Packaging Attack...........................................................................18 Eavesdropping Attack..........................................................................19 Defence against Physical layer Attack.................................................19 Summary.............................................................................................20 Chapter No. 3.................................................................................21 Data Link Layer Attacks.................................................................21 IEEE 802.11 attack..............................................................................21 Virtual Jamming attack 802.11............................................................21 Traffic Monitoring and Analysis Attack................................................22 IEEE 802.11 WEP weakness.................................................................22 Single adversary attack (SAA).............................................................23 Colluding adversaries attack (CAA).....................................................23 Defence against Data link layer...........................................................24 Summary.............................................................................................24 Chapter No. 4.................................................................................25 Network Layer Attack.....................................................................25 Routing Protocol..................................................................................25 Proactive (Table Driven Routing Protocols).........................................26

Name: Sheraz Salim

Page 4

Master Project CO4804

............................29 Routing table poisoning attack.............................................................................................................37 Replaying acknowledgement..............................................................................................Reactive (On..........................................................................30 Packet forwarding attacks or Advance attacks......................................................................................................................................................................................................................................................................................................................................................................................35 Defence against Network layer attacks....................................28 Routing attacks.........................................................................................31 Classification of wormhole attack.................31 Wormhole using out of band channel...............................................................34 Jellyfish attack......................................38 Summary................................................................................................37 SYN flooding attack...........................................27 Comparison of Proactive.......................................................................................................................................................34 Byzantine attack...5 .................................................................................................................................................................................................30 Black hole attack................38 Defence against Transport layer attacks................................................36 Chapter No...................34 Wormhole with high power transmission......................................................................................................................37 Changing sequence number.............................Demand Routing Protocols) ....35 SUMMARY..............................39 Name: Sheraz Salim Master Project CO4804 Page 5 ......................................33 Half open wormhole attack....36 Transport layer Attack...............................35 Rushing attack...............................................35 Packet Replication......29 Routing table overflow attack.......................30 Wormhole Attack...........................................................................................................................30 Route cache poisoning attack.....................27 Other Routing Protocol.....................................................34 Gray holes attacks....................32 Open wormhole attack......33 Closed wormhole attack..........37 Session hijacking.........31 Wormhole using Encapsulation.......................................................36 Transport layer acknowledgement spoofing............................................................ Reactive and Hybrid Routing Protocol in MANET 28 Attack on Network Layer....................................................

...................................................................................................................51 Name: Sheraz Salim Page 6 Master Project CO4804 ..................................................50 Construction of Model in OPNET MODELER............................................................................................................49 Continuous simulation..................................................................................................................50 The Architecture of OPNET.........................44 Location Disclosure......................................47 Summary.47 Non-Repudiation...........................................................................42 Cross layer security Attack...................................................................................................40 Malicious attack .......................................................................................................................................................................................................................................49 Test bed Labs........................................................................................................................42 Internal attack.....................................................................................45 Summary...............................................................................................................................................40 Application layer Attacks............49 Discrete Event Simulator (DES).......................44 Information Discloser attacks.................... 8.....................40 Application layer attacks MANET....................46 Authentication..................................................41 Chapter No................................46 Integrity 47 Availability............................42 Modification attack....... 6.....................................................43 Fabrication attack..........................43 Man-in-middle attack................................................................49 Simulation tool...................................41 Defence against application layer attack.................................46 Confidentiality...............................................................................40 Repudiation attack..........................................................................................................................................................................................................7 .....................49 Simulation Modelling and Implementation.......................................................................................45 Chapter No........................................41 Summary.....46 MANET Security Services.....42 Passive attack....................................................................................................................................................48 Chapter No 9............................................42 External attack................................................................................................................................................................................Chapter No..........................................

....52 Building a simulation environment in OPNET MODELER.......................................51 Process 52 OPNET MODELER wireless support.....................................52 Research Methodology........................54 Application configuration ...................................................................................................54 MANET Node.............................................................53 Network Model....................................13 Name: Sheraz Salim Page 7 Master Project CO4804 ........75 Conclusion and Future directions..........................Network Level................................................................................66 Attack on Different Scenarios........................................................65 Chapter 10... Pulse Jammer Attack Setup and Results............................66 Scenario 2......................................................................................................... Byzantine Attack and Experimental Result ......53 Byzantine attack Scenario.......................................63 Performance Metrics.........................................................................................................................................................................................................................................................66 Scenario 1..54 Traffic Model................1 Mobile Ad hoc Network…………………………………………….....................................................................................................................................................53 Pulse Jammer attack Scenario..................................72 Chapter 11...................................................................63 Mobility Configuration.......................................................51 Node level...........................53 Misbehaviour Nodes Scenario........................................52 Research Design and Problem Identification...........................................................75 References..........................77 List of Figures Figure 1.................................................................................................................................... Misbehaving Nodes and Experimental Results..................................................................54 MANET Traffic...64 Normal Traffic Response Results........................................55 Profile Configuration...............................................................................69 Scenario 3.........

.4 Network Model with AODV routing protocol………………………….....Figure 2....34 Figure 4.65 Figure 10.62 Figure 9....71 Figure 10.59 Figure 9...63 Figure 9.5 MANET node model……………………………………………………..2 Normal Network Delay……………………………………………….63 Figure 9.7 Byzantine attack nodes dropping the routing table……………………......2 Throughput result of Jammer attack on network………………………...21 Figure 3.1 Normal Network Throughput………………………………………..10 showing the values set for mobility of nodes in network………………..4 SYN flooding attack……………………………………………………...72 Name: Sheraz Salim Page 8 Master Project CO4804 ....2 OPNET MODELER Documentation…………………………………….11………………………………………….11.3 Time average response time on AODV……………………………….53 Figure 9.3 Black hole attack in MANET…………………………………………….1 Virtual Jamming attack 802..6 Throughput result of Byzantine attack………………………………….63 Figure 9...60 Figure 9.1: Waveguide Directional Wireless Antenna………………………………...4 Throughput result of Misbehaving node on network………………….3 Misbehaving node configurations………………………………………68 Figure 10..24 Figure 4...66 Figure 10....40 Figure 5..6 show the parameter set for traffic model…………………………………61 Figure 9....1 MANET malicious node access attack on network……….35 Figure 5.....72 Figure 10..11.4 Wormhole attack………………………………………………………….....5 Session Hijacking…………………………………………………………40 Figure 9.........2 MANET malicious node attack on network……………………………...1 Jammer node configurations……………………………….....31 Figure 4.11..31 Figure 4.......63 Figure 10.5 Byzantine nodes configuration…………………………………………....... ....9 showing the detail parameters of Profile configuration…….69 Figure 10.

List of Tables Table 1.16 Table 2.Comparison of Routing Protocols………………………………………….A Review of Security Parameters in Mobile Ad-hoc networks…………….Security issues in Mobile Ad hoc Network…………………………………17 Table 3 Defence line prevention against Mobile Ad hoc Network…………………..50 Introduction Mobile Ad hoc network is the new advancement in field of telecommunication technology which changes the entire concept of communication.Attack on Mobile Ad hoc Wireless Network……………………………….18 Table 4.30 Table 5. This technology is Name: Sheraz Salim Page 9 Master Project CO4804 .

due to the help of this technology we can not relay on access point and traditional wired networks or on infrastructure. It helps soldier in the battle field ground to communicate with command control centre and disaster relief. perhaps this technology revolve around us and make us excited to get deeper look at in. As many number of paradigm like Wireless Mesh Network and wireless sensor network are tested and implement successfully around the world. Since last few years. this technology give us a freedom of move around. the MANET has a bright future prospective. industry. Infrastructure and infrastructure less.formed as a collaboration of self organized node which formed few hundred to thousand of nodes. emergency operations. where as infrastructure need to connect with wired network in order to provide transmission as MANET infrastructure less doesn’t need any wired network. MANET node act as router and host at the same time to forward the packet for other nodes. Name: Sheraz Salim Master Project CO4804 Page 10 . military. There is no doubt. As an example in real life VANET which based on Mobile Ad hoc Network are commonly used in motor vehicle to prevent road accident. and research etc. education. MANET is infrastructure less. These mobile nodes formed a temporary network where infrastructure failed or damaged by a natural disaster. MANET gain popularity from all sectors. MANET are easy to deploy in all condition. Wireless network are of two kinds. This technology enables the users to utilize the freedom of movement and the use of the equipment while on the move. earth quack etc. Initially the use of wireless technology was restricted for the military purposes to provide cutting edge to the defence forces. CHAPTER 1 Mobile Ad hoc Wireless Network Introduction The advent of wireless technology is one of the biggest breakthroughs of modern technology.

For general public the first interaction with the wireless technology was the mobile phone. Wireless communication gives a freedom for routers and host to move freely in wireless communication zone network. thus due to limited transmission range on radio wireless medium. This functionality is also known as infrastructure less. This technology has come with its own flavour as they are easy to deploy in disaster areas and for emergency operations due to its nature of design and operation. The Access Point (AP) acts as a middle man between the wireless user and the fixed network. But with the rapid advancement in this field the technology became affordable and with the implementation of fourth generation of wireless networks the entire concept has changed. without the use of wires. such as an environment where a collection of few mobile nodes can form a temporary network without a need of any centralized networks. as wireless users are on the move from one place to another AP keeps Name: Sheraz Salim Page 11 Master Project CO4804 . Wireless network can be combination of switches. Rappaport.S. during the 1980s there was an explosive growth of this technology. Background Wireless network provide connectivity between end nodes like PDA. To accompany this freedom wireless communication relay on channel know as radio frequency RF. In recent year Mobile Ad hoc Network (MANET) seek much attention from industry and academic researchers from all around the globe. Mobile phones etc. Notebooks. routers and hosts without any wired connected to each other. A router is responsible for packet forwarding in the network and host are source or destination of the data flow. The transmission occurs on electromagnetic waves. Mobile Ad hoc Network do not relay on wired network routing protocols.However. To function properly in radio wireless medium Mobile Ad hoc Network use a Ad hoc routing protocols. they must functional wirelessly. Each node act host and router at the same time to forwards the packet. these protocols are entirely different than tradition wired network as routing path breaks and connected due to self organized nodes to discover multi hop routes through network to any other node. Initially the technology was expensive to use and difficult to maintain. 1996] Wireless networks are attached with a centralized fixed network such as Access Point (AP). know as radio waves. Wireless network giving edge compare to traditional networks as there is no physical cable required for data transfer. with the collaboration of each other nodes they carry forwarding packets to destination nodes. however the detail of wireless communication is not a scope of this project go to [T.

 The wireless medium has no complete or no certainty visible limitations outside of which stations are known to be incapable to obtain network frames. 2003] focused the MANET communication threats that pose the radio wireless medium of Mobile Ad hoc network are. 2003] While Mobile Ad hoc network have many advantages over the traditional wired network. Firstly Mobile Ad hoc network face the dispute of secure communication in wireless medium.1 Mobile Ad hoc Network. and easy to deploy. The speciality of this technology is that it could be managed even in lack of fixed infrastructure. In recent advancement technologies such as Bluetooth and 802. Therefore this technology is not reliable where no fixed infrastructure is present like rural areas. MANET consists of independent mobile nodes connected by wireless medium. This forms a relationship of different kind of links to become a part of the same network [H. 2004] Figure 1.11 launched a paradigm of wireless system called as Mobile Ad hoc Networks (MANET). The existence of these networks are not feasible as fixed network also know as infrastructure. This technology is efficient. [Imrich et al. each mobile node acts host and operates as an end system. but when it come to security it pose a immense set of disputes. MANET are heterogeneous as path between each single pair may have multiple links.[Mishra et al. each mobile node is free to roam while communicate with other nodes and self organize. Bakht. and also acts as router for all nodes in the network. Name: Sheraz Salim Master Project CO4804 Page 12 .them connected to a wireless network. quick. it limited support to the adaptability of wireless network. effective.

Related Work A lot of research has already been published regarding Mobile Ad hoc Network security. Secondly. This section presents some of the research literature related of MANET security. This thesis briefly provides the detail information regards into MANET attacks. Nevertheless. they come with a new approach and form a novel route discovery algorithm and named “enairA”. [Yannick et al. 2008] have proposed security trust monitoring layer which let other MANET domain or individual node to cooperate and substitute security information. As result the network is destroyed and the motive of attack will be successful. The wireless medium is considerably less undependable then wired media The phenomena of hidden terminal and exposed terminal may occur. Aim of thesis It is try to provide as much as information in regards of malicious node. Likewise. 2006] define a threshold cryptography which consists of three requirements of ring signature. methodology and tools which are assume as attacker approach to harm or hijack the network resources in light of few attacks that are analysis on OPNET MODELER 15. [Junfang et al. nodes having no security on the network may face threats from active attack as impersonation to passive attacks as eavesdropping which lead network to deceased and degrade the performance and resources. 2009] claim’s the algorithms SRP and Ariadne are insecure and subject to hidden channel attack. various attacks Denial of Service could be launch easily to start sending packets through vulnerable nodes which give false update information to disturbed and poison the routing information in the network. the techniques. correctness. Name: Sheraz Salim Page 13 Master Project CO4804 . [Mike and Breno. Vulnerable malicious node attempts to intercept the radio wireless transmission and modify the packets without the knowledge of authorized nodes. can help to investigate future more and bring them into the light of the weakness of the network and having better understanding to secure the network. We believe implementing few number of attacks on MANET with having enough knowledge of the attack as prospective of attacker thinking. in response to prevent from the misbehaving nodes.   The wireless medium is defenceless from outside the channel signals.

transport layer. As a matter of fact. [Claude et al. Each single layer provides detail information of the attacker prospective that can be launch attack on network. unfortunately. the emphasis is given on the OSI layer model which identities the loophole in security issues. In this project.anonymity and security against malicious node in network. 2007] have focused on routing security issues in MANET and describe solution of Byzantine behaviours attacks problem. namely as application layer. a security defence lines always must be taken at early Name: Sheraz Salim Page 14 Master Project CO4804 . Research Object During the research vulnerabilities and security issues are focus which posed a great thread to MANET security. Scope It is tried to define the security measurement precisely which could reflect MANET attacks. It is hope the study of this project gives a good understanding of security challenges and solution in MANET. network layer. 2007] proposed a technique to secure a routing protocol for MANET. Rubin logic to analyze non-repudiation of protocols. this protocol is based erroneous assumption. It is believe that taking this approach will identify with the concept and methodology of attacks on OSI layer as a reference model. [Yang and Xiaoyao.  What are the potential severe threats in MANET security? Which threats are dangerous in term of network resources attacks?  What are the precaution and how to protect security to make it secure as using state of the art security mechanism?   How simulation attacks are realistic and their impact on practical network? What are the future directions which take the MANET security to compromise with malicious and vulnerabilities? Work Plan OSI (Open System Interconnect) divide networking concept as a guide line to understand the function of each single layer. data link layer and physical layer. Giving a brief account of security issues which will be analyzed individual OSI layer reference model for MANET to elaborate it.

Wormhole and Malware. This thesis high-lighted the security threats which serious harm the MANET network topologies in terms of each layers as show in table 1 [B. Security issues in Mobile Ad hoc Network Name: Sheraz Salim Page 15 Master Project CO4804 . 2004a] table 3 show the defence line against to prevent from these layers. Resource consumption attack. Trojan. and in table 2 security issue in MANET [H. interceptions. Black hole attack. Session hijacking. Routing attack. eavesdropping analysis and monitoring.stages of any basic design of network either its traditional wired network or wireless ad hoc network. Data link Layer Physical Layer Traffic disruption Jamming. Link layer Securing the MAC protocol and give link layer a security mechanism Physical layer Securing the signal from denial of service (DoS) jamming attack Table 2. 2006a]. Network Layer Byzantine attack. vulnerable exploitation code and application Transport layer Securing the data reliability by using authenticating and secure communication. location disclosure attack. Wu et al. Layer Application Layer Transport Layer Attacks Repudiation. Table 1. SYN flooding Wormhole attack. Trojan virus. Yang et al. Network layer Securing the ad hoc routing protocol as well as forwarding protocols.Attack on Mobile Ad hoc Wireless Network Layer Application layer Security issues Identifying and stop viruses.

Secure Socket Layer (SSL). Trojan.Layer Application layer Defence line Identifying and stop viruses. vulnerable exploitation code and application Transport layer Use of Transport Layer Security (TLS).1X and NAV field for encryption Physical layer Use of different spread spectrum techniques Table 3 Defence line prevention against Mobile Ad hoc Network Name: Sheraz Salim Page 16 Master Project CO4804 . and Private Communications Transport (PCT) as public key cryptography Network layer Use of secure routing protocols. Link layer Use of 802. IPSec and Packet leashes.

data transmission. Launching attacks on physical layers are Jamming transmission. interference. reception and physical network design. consequently node on network can’t access the wireless medium due to the noise jammer created in wireless medium. Jammer function on physical layer to generate the packet at a high constant rate on wireless medium to keep the medium busy. In this attack. When physical layer receive the single it pass it to other lower layer. 2 Physical Layer Attacks Physical layer is the lowest layer of OSI reference model. the malicious node hire a device called Jammer which is later used to observing the wireless radio frequency. The physical layer function is encoding. signalling.Chapter No. Jammer attack responsibility is to prevent nodes from sending and receiving packets on network.. Attacker goal is to weak the strength of radio signal but also jamming the transmission to bring the network resources down. As many attacks are executed and widely discussed in literature on wireless network. is mostly applied and in common practice on this layer. as wireless radio signals travel throughout the open air as having their limited frequency range. until Name: Sheraz Salim Master Project CO4804 Page 17 . On wireless networks it functions as radio transceiver. The function of physical layer on wireless is to transmit the single in the radio wireless waves to its destination or to finding path with collaboration of other nodes which are present in the network. Radio wireless signal in MANET are highly vulnerable on physical layer. The physical layer has a priority compare to other layer of OSI/ISO reference model as it is the only layer where data is physically moved across the network. and packet transmission through physical medium. Consequently radio wireless communication is easy to jam or intercept as its nature of using open airwaves. Jammer Attack Jammer attack is commonly used to wipe out the transmission on the target wireless networks. eavesdropping etc. Any malicious node can hear the wireless signal and disrupt the transmission in the network. This is commonly shortened as “PHY”. thus physical layer is one of important layers of OSI reference model to secure in order to protect the radio signal from many malicious attacks that can launch attack on this layer.

[L. Gavrilovsak and R. Jammer attacks are considered as brutal force attack.11 protocol defined by IEEE get interfering Radio Frequency single of sufficient amplitude and frequency which can appear as bogus 802. By dissolving the chip in resin silicon fuming acid which is the first step towards decode the chip. MANET which share the spectrum and frequency are already facing the problem of crowded bandwidth boldering for spectrum etc. ROM cell etc can obtain easily. De-Packaging Attack Attack on MANET node can take place by de-packaging [Amitabh. deceptive jammer and random jammer. The sources of Radio Frequency Interface which may cause the problem are 2. Subsequently messages are lost due to high noise in the spectrum. Jammer attacks can be classified as constant jammer. If any other node happens to sending packet.11 station to wait for indefinite periods of time until interfering signal goes away. Attacker matches the frequency with the help of Jammer frequency device of the targeted networks and transmits radio signals with generating a continuous high radio frequency (RF) which is powerful signal that overwhelmed within the range of network transmission.4GHZ this could be any interference single including microwaves. he emphasis the technologies Wi-Fi. by using micro probing or electro-beam microscopy to read the ALU in processor.attacker match the frequency at which receiving node receiving the signal from the sender in the network. and Bluetooth devices. wireless phones.11 network card to transmits packet in the network when no other node transmitting the packets. it occurs when set of nodes clash with other devices which are using the same Radio Frequency (RF). 2008] Depackaging is the process of removal of chip which is mostly attached in nodes for transmitting signal. Name: Sheraz Salim Page 18 Master Project CO4804 . Physical attack on chip is relatively hard cause of the expensive infrastructure requirements. radio interface design. Prasad. dynamic frequency and network topologies selection. other node will have to wait to get the wireless medium free.11 nodes transmitting a packet. Radio Frequency (RF) occupies the unwanted interference Radio Frequency signals that interrupt the normal operations as 802. This cause genuine 802. Each MANET node station use 802. Interference Problem In wireless network interference has seen commonly. 2006] discuses the wireless devices interference coexistence with different technologies using the same frequency band and the sharing the spectrum are problem for researcher.

To avoid signal jamming communication Denial-of-Service (DoS) attack on physical layer is to Name: Sheraz Salim Page 19 Master Project CO4804 . Eavesdropping attack in MANET shared the wireless medium. There are number of hardware tools that allow promiscuous mode. This attack is much easier for malicious node to carry on as evaluate to wired network. The attacker node intercepts the transmission as every MANET node is equipped with transceiver in range of the communication which can be decode by means of malicious node to target the authorized node on the network.One the process of de-packaging chip is done it can give useful information for launching attack to the network. the information remain intact but privacy is compromised. malicious node can obtain the sensitive information etc.1: Waveguide Directional Wireless Antenna Defence against Physical layer Attack Physical layer security has a primary concern in MANET due to the signal broadcast. such as Prisme2 network card with using eavesdropping and high power antenna to intercepting wireless traffic as shown in figure 2. as wireless medium make it more vulnerable for MANET malicious nodes can intercept the shared wireless medium by using promiscuous mode which allow a network device to intercept and read each network packet that arrives. Eavesdropping Attack Eavesdropping attack is the process of gathering information by snooping on transmitted data on legitimate network. Eavesdrop secretly overhear the transmission.1 Figure 2. however. modify the routing route or poison the routing table. This can seriously harm the network resource and degrade the network performance.

Links are discovered and break often. Name: Sheraz Salim Page 20 Master Project CO4804 .change the spread spectrum such as direct-sequence CDMA if attack is launched on physical medium in order to protect point to point wireless link. Other technique is to employ over come to this problem without spread spectrum in jamming attack is to use a high transmission power or use high redundancy low rate channel code. These entire drawbacks give the advantage to malicious attacker opportunity to attack on legitimate networks. Summary MANET nodes are easy to deploy due to its design as all the transmission is based on radio frequency on wireless medium. radio frequency is much easier to interference with other device on the network. Physical layer play a vital role to transmit data on entire network if physical layer is attack all the communication paralyse. The security of physical layer on MANET is an issue for providing the secure communication as well interference of other device using the same frequency on the network can exploit the communication to place on. The disadvantage of this technique is nodes have to pre-exchange for spreading code.

Data Framing. It ensures the reliable communication link between neighbour nodes. Malicious nodes can launch attack on link layer by distracting the collaboration of protocol of this layer. data link layer define the different network and protocol characteristics. and Error Detection and Handling.11 attack The vulnerability on DoS attacks in link layer IEEE 802. Their connectively is maintain by one hop among to the entire network by using link layer protocol and the network layer protocol extent the connectivity to other nodes in the network. Addressing.Chapter No. [B. 2006b] IEEE 802. Malicious node keep the wireless medium busy and start loaded frames transmitting which tend to capture the wireless channel by sending data non-stop as result neighbours nodes back-off endlessly. Therefore other nodes find the wireless medium busy and keep back-off so the performance of the network degrades this way. This attack is much effective than physical layer jamming as this attack consume less battery power compare to the other physical layer jamming attack. In wireless networks like MANET nodes provide multipoint peer-to-peer network architecture. The mechanism of this procedure is understood when IEEE 802.11 has been investigated malicious node has to keep the most of binary exponential back off scheme.11 node transmit the binary exponential each node wait for it term and get back-off until the transmission is in progress. During this entire process malicious node effectively jam the transmission with a large segment of transmission on the wireless channel with small expenditure of power. Virtual Jamming attack 802. Media Access Control (MAC). Like Logical link control (LLC). When nodes G and H receive packet Name: Sheraz Salim Page 21 Master Project CO4804 . Wu et al. it is commonly known as link layer.11 In virtual jamming attack malicious node sent RTS packets continuously on the transmission with unlimited period of time. In order to happen as expected malicious node damage frame easily by putting few extra bits on the frame and overlook the ongoing communication. For example node M is a malicious node and it starting sending a false RTS packet to node R with a large frame. 3 Data Link Layer Attacks Data link layer is second lowest layer of OSI reference model.

number of nodes in the network. channel frequency and spread spectrum etc. This attack identify the communication nodes and their physical location. 2006] RTS M CTS R G BUSY BUSY H BUSY BUSY Figure 3.11 Traffic Monitoring and Analysis Attack These attacks are to identify the characteristics of communication on radio wireless transmission which could lead it for future useful information for malicious attacker to launch attack against the targeted network. weakness Name: Sheraz Salim Page 22 Master Project CO4804 .on wireless channel they both become blocked for a certain amount of time as apply for node M as figure show in 3. WLAN.1. These attacks are not considerable for MANET but they are fall into other WLAN attacks IEEE 802. unfortunately it suffer from many back draws.1 Virtual Jamming attack 802. [Ashikur and Pawel. information like the amount of data transmitted.11 which is known as Wired Equivalent Privacy WEP.11 WEP weakness IEEE 802.11 introduce the security in 1999 for 802. cellular network and even satellite network suffer from these vulnerabilities.

• Poor ICV algorithm WEP cryptography algorithm is based on CRC-32. Colluding adversaries attack (CAA) In this attack two or more malicious nodes involve having understanding to contribute using 802. This attack is known as single adversary attack. it may put the security on the edge and cause privacy integrity attacks. IEEE 802. it didn’t define key management lacking interoperable key management of poor quality and key tend to be long lived. it is use for distinguish noise and general error in transmission.11 releases the WEP standard.11 do not specify WEP key size other than 40 bits. the goal of malicious node is to drain the battery power of authorized nodes and to reduce the available channel capacity of authorized nodes on network.777. If synchronize the key it is difficult to change all over the network have to compromised. Therefore wireless network which come with WEP security key have to share key between each single node on network. CRC-32 works well for checksum but not good in cryptography perspective.216 different RC4 cipher sent in clear and lead to randomly cipher key recovery which is also called as analytical attack.11 massive flow signals to authorized nodes on the target network. [Jim Geier. Hence the channel get busy for other nodes therefore the targeted nodes in the network cannot Name: Sheraz Salim Page 23 Master Project CO4804 . few are. • Small Initialization Vector Initialization vector used in WEP size 24 which provides 16.11 signal and start generating the signals to each other. 802. It was a big problem as it has to be programmed with the same key on other nodes in network. the attack can decrypt consequent packet which were encrypted in same IV.11 WEP security criticized due to many reasons. 2003] Single adversary attack (SAA) In this attack malicious node intrude into an authorized target network and starting generating IEEE 802. • Key management and key size When IEEE 802.like RC4 chipper etc.

11 [A. As MAC has its own mechanism to transfer data on network. This attack is called colluding adversaries attack. Name: Sheraz Salim Page 24 Master Project CO4804 . 2004] Defence against Data link layer End to end services are provided by encryption which reply on lower layers of OSI function. Summary Data link layers provide MANET connectivity from one hop communication between direct neighbours through media access control (MAC) protocols. therefore vulnerable activities could happen on this layer by violating the NAV field of RTS/CTS frames.11X is it protect upper layer attacks by rejecting access to network resources before authentication completed [Andreas et al.11 WEP apparently which fails. [Yihong et al.1X should be use it will protect the frames over the air portion of connection between nodes. 2000]. such as data link layer which gives the security mechanism of 802. however the NAV filed is still challenging as many proposed schemes such as ERA-802. Perrig et al. 2006]. To secure the link layer security such as 802. Security vulnerabilities are exponential back off mechanism scheme. the advantage of using 802.communication to each other. Many security mechanisms are proposed to prevent attacks on MANET like AES/CCMP and RSN.

The function of network layer in OSI layer model is to provide the services for exchanging the individual piece of data/information over the network between identified end devices. infrastructure uses the traditional wired routing and in Mobile Ad hoc wireless network nodes are connected by wireless link through physical layer and data link layer. BGP. Routing protocols that are used in traditional wired network finding a path to Name: Sheraz Salim Master Project CO4804 Page 25 . In MANET the nodes act as host and router.Chapter No. 4 Network Layer Attack Network layer is the third lowest layer of OSI reference model. which use different routing algorithm due to the nature of it use. Routing protocols use a routing algorithm which is a mathematical formula to forward the packet to its destination. Routing Protocol Routing is process of moving packets from source network to a destination network in internetworking devices. Therefore router discovery and router maintains in the MANET is effectively concern. 1998] • • • • Addressing Encapsulation Routing De-capsulation The main network layer process in MANET is ad hoc routing and packet forwarding. To achieve the integrity four basic processes are involved in it. a security in network layer plays a vital role to ensure the secure data communication in the network. [Cisco System. Thus attacking on MANET routing protocol not only disrupt the communication on the network even worst it paralyzed the whole communication all over the network. Therefore. thus the network topology may keep changing randomly due to the movement of nodes. The routing algorithm varies from one routing algorithm to another etc OSPF. threats in network layer are classified as: • Routing protocols • Attacks on network layer. In wireless network two types of communication paradigm exists. To evaluate the security threats in network layers.

The aims of these routing protocols are to provide a reliable and secure communication and remove fault in existing protocols. as frequent path breaks during ongoing sessions. The protocols from this class are not feasible for large number of network as this cause more overhead in their routing tables and consume more bandwidth.route the data flow. Many routing protocols have been proposed in MANET. for example packets from a source node to destination node. Traditional wired network protocol find path easily when path break. Proactive (Table Driven Routing Protocols) Proactive protocols maintain up-to-date routing table information in their routing tables and regularly update the changes in the topologies as appears. The examples of different varieties of table driven protocols are given below: • Topology Dissemination Based on Reverse Path Forwarding (TBRPF) • Destination Sequenced Distance vector routing (DSDV) • Optimised Link State Routing Protocols (OLSR) • Cluster Gateway switch Routing Protocols (CGSR) • Fish eye State Routing Protocol (FSR) • Wireless Routing Protocol (WRP) Name: Sheraz Salim Page 26 Master Project CO4804 . disruption commonly occur during transmission/receiving. Convergence is slow in wired networks. Situation like them are not reliable links in traditional wired network where all node are fixed. RIP2. Therefore. When a topology changes occurs then nodes on the network broadcast the update routing table throughout the entire network to maintain up-to-date routing information. cannot be apply directly due to the nature of Ad hoc wireless network. routing protocols for ad hoc network must be able to perform effective and efficient mobility as they are dynamic and no centralized infrastructure present. They work similar to the traditional wired network routing protocols etc RIP.

Proactive and reactive protocol are mostly discussed in MANET however there are two other routing classes of protocol called Hybrid and Hierarchical. a number of routing protocols are invented according to network requirements and according to their hierarchical routing. They do not maintain the routing information of the network topology. The examples of different varieties of proactive protocols are given below: • Dynamic Source Routing Protocol (DSR) • Ad Hoc On Demand Distance Vector Routing Protocol (AODV) • Temporally Ordered Routing Algorithm (TORA) • Associativity Based Routing (ABR) • Location aided Routing (LAR) Other Routing Protocol Routing protocols function as a backbone of the network.Demand Routing Protocols) Reactive protocols are also known as On-Demand Routing Protocols. their function is entirely different than proactive routing protocols. they get necessary information of the topology when they are required. The Hierarchical routing protocols used for scalable routing scheme and set up a hierarchy which is fallow in way of anti trail. • Hazy Sighted Link State HSR • Zone Routing Protocol ZRP • Distributed Dynamic Routing Algorithm DDR Name: Sheraz Salim Page 27 Master Project CO4804 . The Hybrid routing protocol is a combination of reactive and proactive protocols.Reactive (On. The example of Hierarchical routing protocol is. Additionally these protocols do not share routing information frequently.

limited search cost and scalable Required more resources for larger size zones. Table 4. To understand this situation we shall look at the example as given below. Reactive and Hybrid Routing Protocol in MANET Routing Protocol Proactive Advantages Rapid establishment of routes and less delay.2 shows the malicious node successfully gets into a network with false RREQ. Figure 4. resources amount is used heavily.1. X and D are formed node M is malicious node and it trying to broadcast false RREQ packet to node X to get control of the network. 2005] Disadvantage Convergence time is slow. Attack on Network Layer In network layer. network of three nodes S.Comparison of Proactive. This example shows with X having S route security between nodes therefore any malicious D no node disturb the traffic on MANET. Routing information flooded in whole network. Routes are not up-to-date. Figure 4. Reactive Obtain the required path when necessary. Hybrid Up-to-data routing information.Comparison of Routing Protocols [Hasnaa and Houda. saving resources. Arbitrary proactive scheme within zones. Routing information is upto-data periodically. attacker injects a malicious packet between the source and the destination nodes trying to get control of the network. do not exchange routing table periodically and Loop free. the attackers aim is to disturb the network traffic by attacking on network layer. Name: Sheraz Salim Page 28 M Master Project CO4804 . large delay. Once the network is hijack attacker can easily misguide the network and absorb the traffic.

[H. The purpose of these attacks is to spoil the current routing tables that has been built up by intermediate nodes and which are handling smoothly around the network topologies.2 MANET malicious node attack on network Yang proposed that two kind of attack fall in network layer. Routing table overflow attack In routing table overflow attack vulnerable node or group of nodes advertise route to particular none existing node. which does not exist at all. the aim is to emphasis the legitimate nodes on the network to join the advertise route. The goal of this attack is to originate overflow of routing table that creates a large Name: Sheraz Salim Page 29 Master Project CO4804 . 2004b] Routing attacks There are different numbers of attacks in MANET routing that can be launch against the legitimate network by employing malicious nodes.Figure 4. routing attacks and packet forwarding attacks.1 MANET malicious node access attack on network S X M D Figure 4. Following are the few of them which are commonly launched to trigger the routing protocols. Yang et al.

Route cache poisoning are mostly used in on demand routing protocols. In these attack many routing protocol for MANET are proposed to enhance to solve the problem. In term of MANET black hole means swallow the data packets. Name: Sheraz Salim Master Project CO4804 Page 30 . this attack is much similar to eavesdropping attack. [Patroklos G et al. as selfish node or set of misbehaving node implement this attack for purpose to save the battery life or exploit the routing. The black hole performed two steps to accomplish this. 2003] Routing table poisoning attack Routing table poisoning attack is classified as internal attack.amount of routes by vulnerable node to stop creating new routes from genuine node in the network. As a result network becomes inaccessible to use. as each node had a cache route that has the information regarding the route it has been routed to know nodes in the network. In MANET routing protocol maintain the information regarding the routes they learn of different network topologies. it is area of interest for researcher to find the loop hole for MANET security. Therefore. Packet forwarding attacks or Advance attacks Many new attacks on network layer have been identified which are brutal against legitimate network and complicated to understand the attacker intelligence new advance techniques are employing to attack on networks. which mean swallow. The black hole uses the concept of generating false route and dropping data. [Siddhatha and Mukesh. Misbehaving or selfish nodes create fabricated routing updates and modifies the original routing route and re-broadcasting the modified original packet to other nodes on the network. 2005] Route cache poisoning attack Malicious nodes use the advantage of route information using technique promiscuous mode where node can hear all the raw packet transmitted on the network and can easily overhearing the packet and change the routing information enclose in the packet header route cache. Proactive protocol is easy to attack as proactive protocol use discover routing information before they send route to other node on the network. Black hole attack The black hole word is driven from the physics phenomenon.

Secondly. As shown in the figure 4. once black hole node attract the traffic toward itself and when the flow of traffic come to node its start dropping the forwarding packet and do not forward the packet as result all packet through malicious node is lost. only the difference in wormhole work with a collision with other nodes. 2007]. The goal of wormhole attack is to affect the MANET routing protocols etc AODV and DSR route discovery. As shown in the figure 4. First attack record the packet at one location and tunnels it to another location by employing the techniques using wired network or using an off link wireless channel at different radio frequency.4 Name: Sheraz Salim Master Project CO4804 Page 31 .3 [Dagmara spiewak et al. 2007] Wormhole Attack Wormhole attack is similar to black hole attack both attack share the similar phenomena.First black hole malicious node advertises itself having a valid fresh routing paths etc. The request is transmitted quicker than the request from node S to node A1. The tunnel between these two colluding is called wormhole. On the other side node S choice route S-H-D which pass through A1 and A2. Nodes A1 records the RREQ request as forward from node C. [Marianne et al. 2009] • Wormhole using Encapsulation • Wormhole using out of band channel • Open wormhole attack • Closed wormhole attack • Half open wormhole attack • Wormhole with high power transmission Wormhole using Encapsulation When nodes S broadcast for the RREQ to its neighbours node C and node D. Node A1 tunnels the RREQ to its partner A2. and rebroadcast to its neighbours H. Classification of wormhole attack Wormhole can be classified into further five categories as proposed [Houda and Mohamad. shortest and stable path to the destination node. As a result node D decide a route D-H-C-S and delete the route it had it before in its routing table. where as node A1 and node A2 are colluding attacker.

B. D. node X1 and X2 are malicious nodes and using a out of band channel between them. When node S send a RREQ to node C and D neighbours.B C A M E D RREQ Data RREQ Malicious Node (M) A. [Rashid. Malicious node X1 forward RREQ to malicious node X2. 2008] Name: Sheraz Salim Page 32 Master Project CO4804 . there X2 rebroadcast the packet to next neighbours so S get three route request X1-X2-G compare to other route B-C-E-F-G where as the first route is shorter than the second. C. The goal is to accomplish using a wired link or using out of band high bandwidth channel between malicious nodes wireless link using a long range directional antenna.3 Black hole attack in MANET Wormhole using out of band channel This stage the attack used a band channel which is in different frequency as compare to the target network. E Node Figure 4.

4 Wormhole attack Redraw [Rashid et al. Closed wormhole attack The attacker does not modify the capture packet nor did it modify the packet field head. The attacker take the advantage when the packets are in the process to find a route know as route discovery. 2008] Open wormhole attack In this attack malicious node keep examine the wireless medium to process the discovering RREQ packets. in the presence of malicious node in the network other node on the network suppose that malicious node are present on path and they are their direct neighbours.A X 1 Attacker1 X 2 Attacker 2 I S D Target B C E F G RREQ RREQ through worm hole RREP Wireless link Wormhole link Figure 4. At route discovery process attack tunnel Name: Sheraz Salim Master Project CO4804 Page 33 .

the packet from one side of the network to another side of the network and rebroadcast packets. Jellyfish first invade on the forwarding packet once it get hold of the packet it start delaying the data packet for a certain amount of time before forwarding them. In jellyfish attack malicious node send/receive route request and route reply normally. It could drop coming packet from destination while forwarding packets for other nodes on network. Wormhole with high power transmission In this attack malicious node use maximum level of energy transmission to broadcast a packet. Jellyfish attack Jellyfish attack is much similar to black hole attack. Shanthi et al. Half open wormhole attack In this attack only one side of the packet is modify from the malicious node and the other side of the malicious node do not modify the packet subsequently route discovery procedure. [N. it broadcast the Route Request (RREQ) at a maximum level of energy of it power so the other node on the network which are on the normal power transmission and lack of high power capability hears the maximum energy power broadcast they rebroadcast the packet towards the destination. Jellyfish attack employing the same techniques as black hole does. Other different approach Gray holes malicious node can do is to drop Name: Sheraz Salim Page 34 Master Project CO4804 . 2010] Gray holes attacks Gray holes attacks have two characteristics. Rajaram and Palaniswami. Secondly the node drops the intercepted packets. first a malicious node broadcasting falsely having a valid route to destination node with goal of intercepting packets. The main mechanism of jellyfish is to delay packet without any reason. By doing this malicious node get more chances to create a route between source and destination without using colluding node. 2010] explains Gray hole reveal its malicious behaviour in many means. [A. By doing this network performance significantly end to end delay and delay jitter occurred. When malicious node received a Route Request (RREQ) by using route discovery process.

The compromised nodes create routing loops and may drop packets. Network layer not only route the packet for source or destination but also forward the packet for other nodes at the same time on the network by using the routing tables. in result the nodes on the network get overload of these packets and it will consume the bandwidth of the network and start consuming the battery of the nodes as well. Rushing attack The authorized node in on-demand routing protocol require a RREQ packet in attempt to find a path to destination. Securing this layer is most effective and value able for the survival of the network. When a malicious node receives a RREQ packet from a source node it rapidly broadcast it throughout the network topology before the other nodes on the network topology receives RREQ packets. Many attacks are launched on this layer as mention earlier on the other hand using a secure routing protocol make the chance less for malicious node to attack on MANET. to safeguard the network layer from wormhole and black hole attacks MANET node Name: Sheraz Salim Master Project CO4804 Page 35 . Attacks like active such as modification can prevent using integrity mechanism. Packet Replication In this attack malicious node generate the replicates stale packets and start sending it to a trigger network. Byzantine attacks are hard to detect. Byzantine attack These are vulnerable Byzantine attacks as set of few or numerous node work as cooperation to launched the attack against the target network. The compromised intermediate nodes or set of nodes worked as collusion to form an attack. Using IPSec can give a maximum security to the network layer while give a confidentiality to each node on the network to transmit data securely. When nodes on the network received the original packet they assume those packet are duplicate as they already received the packet form the malicious node and discard the original packet. Defence against Network layer attacks Like any other layer of OSI Model network layers have its own value in OSI layer.all forwarding packet for some time may behave malicious but switch to normal behaviour later.

More sophisticated attacks are implemented and being studied in order to prevent and to maintain the security level in network layer. Chapter No. [Yih-Chun Hu et al. In this thesis we try to focus and bring up all the network layer attack as possible. MANET Transport layer can be categorized in to connection oriented and connection less protocols which maintains the end-to-end flow connection. In geographical leashes each node must have to know the location of all nodes and have synchronized clocks where as in temporal leashes all nodes have tightly synchronized clock.5 Transport layer Attack Transport layer is the fourth layer of OSI layer model. Transport layers DoS attacks are vulnerable as TCP does not have mechanism to differentiate whether it loss data was a Name: Sheraz Salim Master Project CO4804 Page 36 .should use the packet leashes. As network layer perform the function of routing protocols. Packet leashes are the general mechanism for defending and detecting against wormhole attack. 2002] SUMMARY As Network layer encapsulate the IP address and send it to lower layers to transmit the data therefore there a number of attack which launch on this layers. end-to-end delivery and congestion control of communication among nodes on the network.

This action causing the congestion on the network and the transmission on the network medium is lost. [Erdal and Chunming. malicious node start sending fake packets through wireless medium on the trigger network. the communication between node break and reconnected. which are as fallow. Malicious nodes take the advantage and start replying acknowledgment multiple times to make the source node consider that packets are not transmitting successfully.Reno are vulnerable on this layer. Name: Sheraz Salim Master Project CO4804 Page 37 . Fallowing attacks are classified on this layer. Changing sequence number In this attack a malicious node change the sequence number when the three way handshake is in process to assure the destination node that few of the sequence number fragments are lost during the transmission.congestion error or malicious attack. Once the attack is launch the malicious node generating vast amount of SYN data packets to faulty node. Replaying acknowledgement Replaying attacks are more vulnerable than any other attack on transport layer. The MANET transport layer protocols TCP. As like traditional network do. in response to this victim node could configure it out when and how the attack invade on it as MANET node on the network are mobile therefore. Transport layer acknowledgement spoofing Due to lack of security in transport layer by default malicious node take the advantage and attack on the trigger network. Due to nature of this attack malicious node never open the full connection to handshake. In transport layer acknowledgement spoofing attack. SYN flooding attack In this attack the malicious node sent a large amount of TCP connection is created via a victim node by only opening a half window through. two nodes must establish TCP connection using three way handshakes to process the communication. In MANET protocols RMST and PSFQ are easily target for this attack. as the function of this protocol is to acknowledgement of the same segment multiple times signify negative acknowledgment. 2009] enlighten transport layer attacks. The malicious sends a large amount of acknowledgement window with false acknowledgement to network nodes in response to this a source node send more segments than the network can handle.

Session hijacking giving a opportunity to a malicious node to act as a authorized node.4 SYN flooding attack Hijacking [Kamanshis and Md. these attacks engage sending large connection request to target node. 2007a] Session hijacking In session hijacking the malicious node spoofs the IP address of the victim and concludes the right sequence number and implements a DoS attack.5 Session Hijacking [Kamanshis and Md. Transport layer attacks exist in wired and wireless networks. Liakat. To implement a secure transport layer the use of Transport Layer Security (TLS) and Secure Socket Layer (SSL). and Private Communications Transport (PCT) are design for secure communication between nodes based public key cryptography [Cisco Systems] Name: Sheraz Salim Page 38 Master Project CO4804 . Liakat. 2007b] Defence against Transport layer attacks Every OSI layer has its own security challenges. These attacks are effective and difficult to trace because of IP spoofing. Transport layer in MANET provide the communication between end to end nodes. However there is no single approach to fix the problems and to monitor to reduce the network damage. Figure 5. Many attacks have being studied on this layer. The malicious node masquerades as one of end nodes of the session and hijack the session.Figure 5. Once the DoS attack is performed the target nodes become occupied for time being.

Summary Transport layer in MANET have high rate error compare to traditional wired network it is due to TCP that does not have any mechanism to differentiate either data lost or change of topology from one place to another and re-establishing the connection. Name: Sheraz Salim Page 39 Master Project CO4804 . congestion error etc.

Many application layer attacks has identified in MANET as traditional wired network and MANET share the elements and parameters to function and to perform the application interference to share the same similarities. Trojan virus infects the operation system however Malware code copy itself on Name: Sheraz Salim Page 40 Master Project CO4804 . Once get attacked node not only suffer from degrading the network it also effect on it Operating System (OS). The functionality of application layer is to identifying communication protocols like HTTP. These attacks are severe and cause victim node to stop using the network resources. Like HTTP attack flood hundreds of page request to web server which bring down the capability of the processing time. Malicious attack In this attack a malicious node attack on the operation system (OS) of the other host node on the network. it could be accomplished by attack start sending a large amount of request to application layer. An attack can launch application Denial-of-Service attack (DoS). 6 Application layer Attacks Application layer is upper last OSI layer the function of this layer is to provide the end to end communication between nodes. FTP.Chapter No. Application layer attacks MANET The application layer interacts with software application of the OSI layers closest to end user. This process highly build computational load on MANET server and may degradation the network of loss of availability of the application. application layer represents the software application that provides the network services and connection to lower layer of OSI model. Malicious node sent a Malware or Trojan virus in to a victim node. Application layer faced vulnerable activities like other OSI layers does. Malicious code attacks are a vulnerable programme that attack on host nodes. SMTP and TELNET etc and maintaining by direction flow of communication between end nodes on the network. However the attacks launch attack on network through malicious code and repudiation attack because this layer supports varieties of protocol. Trojan and Malware are the common examples of application layer attacks. As MANET is selforganised nodes therefore they are mostly like to get attack from malicious nodes.

Repudiation attacks refer as denial of participation in the communication. Despite firewall polices can define in the network and Intrusion Detection System (IDS) can be adopted which is quite effective to prevent such attack on MANET.the network and keep spreading around the network. Repudiation is the attack which is by passed by a attacker from transport and network layer. network filtering etc. Application layer provide authentication. Name: Sheraz Salim Page 41 Master Project CO4804 . transport layer and application layer are more challenging and difficult to protect compare to any other layer on OSI. Number of attack can be launched on application layer which are execute on OS on nodes without any prior notice. As it been understood MANET nodes are self-organised and highly moveable node due to nature of its design it is not possible to place a physical firewall in network. Application layer not only provide end to end connectively but also filter the network packets. it has commonly seen in traditional wired network employing a hardware firewall to protect the network as well as a software wall. Repudiation attack Transport layer and network layer security is not enough to prevent the attacker to attack on the nodes in network. Defence against application layer attack MANET nodes may face large number of thread than any other network. Repudiation attack can be seen as Malware where as an attacker node keep accessing the system as a selfish node and deny any conducting operation which is coming from system in order to communication on the network. Summary In this chapter we analyse the application layer attack on MANET. To prevent from application layers attacker node on legitimate network use firewall to block the unauthorized node access to network. However. the end to end communication as like network layer. the aim of these attack are to constrain itself on the network and whenever a new nodes get IP access it start itself on the operation system on the node without giving any notice to node. These attacks mostly seek the specific information on the legitimate node and sent information to malicious node which will be used to collection personal information and specifics information to attack on other nodes.

Chapter No. Active and passive give a better understanding of attack which are implemented from malicious node to legitimate networks.7 Cross layer security Attack Attack on MANET exist on number of OSI reference model. These attacks on network are hard to detect compare of external attacks as attacker is inside of the network and damage the resource of network by not cooperation. A malicious node can modify the packet by setting up false information into packet header. the purpose of selfish node is to save the battery life or its own purpose and not forwarding packet to other nodes. However MANET attacks are distinguish in to active and passive attacks.1 Active attack In active attack the packet transmitted over the wireless radio frequency could be modified or corrupt during the data exchanged among network nodes from intercepting of malicious node to trigger network. Passive attack The function of the passive attack is to listening the radio frequency channel and get as much as information on the network traffic before launch any attack whist the passive attacks are launched to steal the important information regarding to target Name: Sheraz Salim Page 42 Master Project CO4804 . External attack These attacks are take place from outside the network from those node that do not are part of the legitimate network. Active attacks can be classified in two categories internal attack and external attack Internal attack Internal attack are took place inside the network. To prevent these attacks as a caution to use an encryption technique mechanism and using firewall to block that access of unauthorised node from network resources. but many of few attacks can be launched are not specifically according to OSI reference model they are know as cross layer attacks. selfish nodes misbehave against the network accordance to be faithful to network. as result routing events puzzled and degrades the network performance. 7.

Therefore it’s easy to loophole to masquerade on the network for malicious nodes. impersonation attack are easy to implement on ad hoc network environment because of the current routing protocols do not authenticate the routing packets. Razak et al. Attacker start receiving the routing information packets and forwarding them fake routes.A. 2003] Further explain the Modification attacks which can be classified as packet misrouting attacks and impersonation attacks a) Packet misrouting attacks In this attack the malicious node successfully divert the legitimate network traffic into a false path from their original path route. Malicious nodes take the advantage of this phenomenon and participate in packet forwarding process and launched the message modification attack. the attacker take control of the transmission between the source and destination by intercepting them. [S. Attack gets control on the transmission staying in the network longer than its lifetimes by advertising false routes. Due to the nature of the MANET they are mobile nodes new path are discover and break frequently.network such as eavesdropping and traffic analysis. The Name: Sheraz Salim Page 43 Master Project CO4804 . Once the required information is gather malicious node create changes in the routing table of the target network and broadcasting it. However in response to this it consume lot of bandwidth and increase overhead in the network. Modification attack In this attack the malicious node gather the requirement information on which routing protocol network is running this can be accomplish by using eavesdropping to hear the raw packet transmission. On the other side the source node retransmits the lost packets in order to keep the transmission maintain. b) Impersonation attack In this attack the attack steal the identity of another node in the network known as spoofing. These attacks are also harder to detect. Man-in-middle attack This attack is also known as Tunnel attack.

sleep deprivation attack can be launched by flooding the unnecessary routing packets in order to make the node unable to participate in the network and unreachable by other nodes on the network. These attacks not only consume unnecessary bandwidth but also drain off the resources of the other intermediate and destination nodes. a) Route salvaging attacks This attack is launched by internal nodes such as misbehaving nodes the purpose of this attack is misbehaving node salvage their own packets duplicate them and rebroadcast them on the network with no error messages. Location Disclosure A location disclosure attack can expose information about the network topology and the location of nodes and structure which are set place. in this attack malicious node do not interrupting or modifying any routing table thus the attacker fabricate its own packets and transmit it on the network to create a chaos to bring down the network. Hence routing protocol. by keep sending the route request to the trigger nodes. Name: Sheraz Salim Page 44 Master Project CO4804 . Routing hop limit is used to measure the distance and sending ICMP error is recorded. This attack could be more dangerous for the network if this attack is implementing with the collaboration of other misbehaving nodes. energy power. Using these techniques attack can find out the target nodes.intension of attack is to either to change sent messages or gain the useful information on the intermediate nodes on network. Fabrication attack Fabrication attack is also called as tampering attack. The information of location disclosure may be very helpful in regards to adjacent to the target or physical location. Fabrication attacks can also be launched from the internal misbehaving nodes like route salvaging attacks. b) Sleep deprivation attacks The aim of this attack is to drain off limited resources in MANET nodes etc.

Secure communication involves the secure transmission on the wireless medium and the communication mechanisms among nodes. Name: Sheraz Salim Page 45 Master Project CO4804 .Information Discloser attacks In this attack a node can disclose the confidential information to malicious node. MANET deal with a lot of security threats. and each attack has its own specification that damage or destroyed the MANET node infrastructure. like location or structure of the network topology which is useful for the malicious node to launch a attack on a specific network in result malicious node gather all the information which it need and which node is suitable to implement a attack. Summary The security of MANET depends on the secure communication using the secure routing protocols.

this process of communication is authentic. as confidentiality could be compromised by other means through malicious nodes. To avoid this problem is used a technique called data encryption. confidentiality. In mobile ad hoc network confidentiality is vital part for securing the transmission on wireless radio as sensitive of data. MANET pose several security threats and challenges when it comes to security. Security is a critical issue as MANET are dynamically move able nodes. As an example the transmitted messages send on mobile ad hoc network can be caught by adversary appearing as authenticated mobile node by using a spoofing attack. Authentication stop the access of other malicious node to function or to duplicating data to assure the recipient that message is from that source node sent to other node in network. as result this vulnerable activity s/he may get access to that data. Confidentiality Confidentiality purpose is to ensure the access to legitimate nodes on data. shared wireless radio frequency and highly dynamic network topology.Chapter No. Without authentication malicious nodes get access on the network and data can be modify without any prior notice to authorized nodes. Authentication Authentication is the mechanism that node use to validate the data when transmission is taking place by authorized nodes. 8 MANET Security Services Security in MANET has been an active research area from past few years. there is a probability that message can be intercepted by intruder node. and non-repudiation are the basic requirement of the secure communication on the radio frequency medium. Name: Sheraz Salim Page 46 Master Project CO4804 . security is a big challenge to make the communication reliable and secure from eavesdropping as wireless medium is more susceptible to attack. integrity. MANET data that send to other nodes have to be comprehensible to receiving node only. In respect to MANET security the goal is to provide a ultimate security among node to communicate such as authentication. There’s only one of its kind features of MANET bring new set of security plan as its open network architecture.

Additionally. Availability Availability proceeds the survivability and functioning of network to provide guaranteed services at all the times despite malicious or misbehaviour nodes on the network. By doing this kind of attacks the adversary may change or duplicate the data packet information message or could redirect the network traffic to other routes or to a different destination node. 2004] Characteristic Confidentiality Aim Prevent the information to unauthorized access Integrity avoid illegitimate deletion modification Availability Network resources accessible to nodes within the network Non-repudiation Stopping malicious nodes Using of signature on Tackling MANET Hash function Remarks Data encryption Name: Sheraz Salim Page 47 Master Project CO4804 . Therefore to combat these challenges key management is fundamental for implementation of any security framework. The nodes does not deny of information that be transmitted or received by using a special mechanism called digital signature know as cryptography which functions unique identifiers for each other. or data link layer to disable the back off mechanism or on network layer to halt routing by disturbing route discovery process. Siva Ram Murthy. [C. A malicious node use jammer to obstruct the transmission on physical layer. a massage can be corrupted by malicious nodes.Integrity Integrity ensures the process of changing or to interception of modifying the information by authorized nodes in MANET other task of integrity is to make sure the message transmitted on the wireless medium never corrupted. Non-Repudiation Non repudiation ensures the process of sending information among nodes on wireless medium by sending nodes and receiving nodes. where DoS attack can be launched at any layer of OSI model on MANET. If a malicious node or denial-of-service (DoS) attacks launch against the network. malicious node brings down network resources.

These are the first stage of any common security services that are describe above.to access the network packets/messages Table 5.A Review of Security Parameters in Mobile Ad-hoc networks. [Ola Mohamad et al. ca 2010 no date] Summary To secure the communication on MANET network security must be a solid to giving all the secure measurement to provide the communication. Name: Sheraz Salim Page 48 Master Project CO4804 . However security design for MANET challenging task as nodes is moveable therefore achieving a maximum security mechanism is challenging in MANET.

It can be used in many disciplines in the field of computer sciences and in the field of telecommunication purposes. which are combine the mathematical formulas like algebraic equation. and technology method which employs according to user requirement. Continuous simulation Continuous simulation is the system performance which can be characterized by different equations and the simulation consists in solving the equation. 2003] [Jerry Banks et al. 2010] There are many kind of simulator that we can distinguish for example by protocol. [Helena et al.Chapter No 9 Simulation Modelling and Implementation Simulation is a set of parameters which is a combination of mathematical formulas and programming languages C. Simulators in networking are employing for the method to understand the performance of network. Discrete event simulator are mostly used for a packet by packet model of the network topology in networking scenarios . It is a simulation of a system of liner or non-liner differential equations. stochastic process or differential equations to solve the model requirements. In the computing communication there are two kinds of simulators exits discrete event simulator and continuous simulator. C++.While the simulation models are measured or analysed by numbers to a certain extent of analytical methods. Analytical simulator. [Ricardo and Mario. Java etc. 1990] Test bed Labs Sometime the term test bed used for experimental purposes in labs where real systems are placed in lab to get the outcome of the selected protocol or application to measure them for future purpose or analyse the traffic of point to point delay. processing. Discrete Event Simulator (DES) In discrete event simulator (DES) the modelling of system which is define inconsistent value changes on the condition of discrete set of point in time. This set of equations could be represented in time domain or transform domain. However due to the implementation of selective protocol and Name: Sheraz Salim Master Project CO4804 Page 49 .

The Architecture of OPNET The methodology and the concept which make the OPNET user friendly is it simple architecture. applications and devices.Our work is based on OPNET MODELER 15. The OPNET software suits come with a number of tools.0. academic and industry purposes. Highly rich modelling environment for modelling and perform the evaluation of communication and distributed system are the most appealing features.applications are harder to implement they have their own drawback like the cost of the hardware to install is expensive in terms of use and to monitor these system [Luc Hogie et al. it has a leading atmosphere for network design and modelling simulation. The OPNET environment includes the study of all phases etc. Glomosim. 2006]. 2008] claim the OPNET MODELER generally produces accurate result compare to other discrete simulators. simulation and analysis. each single suite emphasis on particular characteristic of modelling task. the reason for using this software is because of it highly rich features. These tools are classified in to three parts as shown in Figure 9. Simulation tool To conduct a research on MANET security issues there are different variety simulator available. Specification 2). OPNET is recognized largely from many IT organizations. These three phases of modelling and simulation projects are 1). QualNet. OMNet++ . Data collection and simulation 3). all these three parts are inter-connected to make to flow of simulation data to generate. In response to that most widely simulator are used for research. Analysis Name: Sheraz Salim Page 50 Master Project CO4804 . Such as NS-2. Model design.2. [Gunnar and Olav. it support all most all industry standards network protocols. OPNET. In addition to that. There are many kind of simulation application present which are available for doing these tasks. data collection. it’s programming library help researchers and professionals to modify the network component to measure the performance in the OPNET simulation.

Modules are responsible and have the ability to generate sending and receiving packets from other modules to perform the function between nodes. Network Level In Network level topologies are design or model using network level elements like routers.2 Resource: OPNET MODELER Documentation The phases are accepted to execute in sequence path and form and simulation cycle. Packet format editor. density function editor. Network level is created by using project editor tool in OPNET MODELER. Construction of Model in OPNET MODELER OPNET MODELER use the concept model network topologies using graphical editors or Network editing.Re-Specification Initial Specification Data Collection and Simulation Analysis Figure 9. hosts and links. Node and Process models. The functional element are called modules. there are many more editor for example. It used to define the network topology of communication network. Name: Sheraz Salim Page 51 Master Project CO4804 . Node level It defines the internal structure of the network level in terms of functional element in node and the data flow. Interface Control Information editor.

Process It define the actions of processes like protocols and algorithms and application used in it uses a Finite State Machine (FSM) to support the protocols. Each process models using C. C++ programming code to support the extensive library for protocol programming. One tool is wireless modules that OPNET provides. it represents steps and stages as whole work that implemented for security issues for MANET simulation. On the other hand. Qualitative research is knowledge of researcher through participatory perspectives. applications. Name: Sheraz Salim Page 52 Master Project CO4804 . resources. algorithms and queuing policies. It comes as a scalable including broad range of powerful technologies • • • • • • Transmitter/receiver Node mobility Radio Frequency propagation Modulation MANET/Routing MAC protocols Research Methodology In order to understand the work that is been carried out on OPNET MODELER simulation it generalizes to help us to understand the security issues in MANET environment. 2002] Enlighten the research methods as Quantitative and Qualitative. Research Design and Problem Identification Conducting literature review and identifying the selective problem in MANET and getting familiar with simulation software which also requires a time to learn to understand the configuration parameters and simulation. W. OPNET MODELER wireless support OPNET MODELER is a powerful tool that comes with many verities tools. Creswell. Quantitative research is a inquiry strategies by mean of certain experiments and simulation work that carry out to produce a statistical data for analysis purpose. [J. According to him.

In all three scenarios. Misbehaving Node attack. each single scenario gives the attacker specific techniques which are used to placed in for simulation tool.Regarding the problem identification. As jammer attack generates noise on the wireless radio frequency medium to stop the communication in order to the trigger network. and Byzantine attack as due to wireless nature of MANET there is need for you understand these attacks which could harm a normal network by malicious means. I decide to carry the research on Pulse Jammer attack. The jammer attack generates noise much stronger that it overwhelms the signal and disrupts the transmission which occurred during the time among network nodes. Byzantine attack Scenario Third scenario is Byzantine attack it is to carry out attack on network where Byzantine adversary dropping the packets the number of Byzantine attacker Name: Sheraz Salim Page 53 Master Project CO4804 . Misbehaviour Nodes Scenario Second attack is misbehaving node attack. Pulse jammer attack is implemented on a normal network. AODV protocol is implemented on all three attacks. Misbehaving node attack is implemented on normal network with 50 nodes.11. Dropping packet occurs for many reasons. it causes packet lost or corrupt of packet. Pulse Jammer attack Scenario First attack is a Jammer attack. The number of pulse jammer is place as two in the network of 50 nodes at different location in network respectively. It consuming a lot of bandwidth and not collaborating with other nodes in the network. Misbehaving node might want to reserve the battery power of its own. where the numbers of misbehaving nodes are kept as 5 nodes. The result of each simulation scenario showed that MANET are highly vulnerable if no security mechanism is implementing on the network. The purpose of misbehaving node is to drop the packets and stop forwarding packet for other nodes in network. Building a simulation environment in OPNET MODELER Three scenarios are taken place in OPNET MODELER simulator by using MANET node with IEEE 802.

However is it essential to define a trajectory especially where nodes in the network are constantly moving. and Mobility are configured to work the network according to our requirements. Simulation Kernel is set as optimization. MANET process model is used as default no changes are taken place. Seed value is set as 300. The figure 9.TCP/IP) where the frame encapsulation opens and the packet is forward to network layer. Traffic Model Traffic model is used to generate traffic on the network. As it has shown in figure 9. The wireless LAN receiver (wlan_port_rx_0_0) accept the transmission on physical layer and pass it to (ARP. All these kind of malicious activities degrade the network routing services. The network model is shown in figure 9.4. Mobile Ad Hoc nodes are deployed in the area.UDP is analyse the format of the packet weather its TCP or UDP once clear its routed to MANET gateway (man_rt_mgr). Scenario two is misbehaving attack with routing implementation AODV. Profile configuration. The MANET node consists of WLAN MAC layer (wireless_lan_mac). A traffic which is a set of application which generates the packet both exponential and constant when the simulation time starts with random destination or selected destination packet delivery. The simulation run time is set as 600 seconds which is equal to 30 minutes. and the third scenario is a Byzantine attack about the routing implementation on AODV. Application profile.5. MANET Node To simulate the formed network. Each MANET node has a receiver and a transmitter to communicate on the network with other nodes. network layer look at the IP address hence TCP.node is one in network. The network model consists of three scenarios. Scenario one is Jammer attack with routing implementation AODV. The wireless transmitter (wlan_port_tx_0_0) receives the Name: Sheraz Salim Master Project CO4804 Page 54 .6 show the parameter set for traffic model. Network Model For experiment purpose a normal network is formed with a 50 MANET node on the area of 80x80. MANET Traffic MANET node is a set of functional element which processes the communication throughout the node itself and on network which are of similar specifications.

and FTP. In order to simulate the OPNET MODELER simulation for each new project in the software there is a need to configure the application configuration. Application configuration Application configuration in OPNET MODELER is a set of rules which has varieties of libraries to generate the traffic on the network according to the user requirement. The MANETs node make use of source module (traf_src) to stimulate IP layers and generate packet which are sent to random destination addresses. For the network of 50 nodes in our network model application configuration is configured. HTTP is configured as a heavy browsing and FTP is configured as high load. HTTP. Two applications are defined in application configuration. Figure 9. The reason for generation high load on both application are to generate more traffic on the network as the load on network will heaver it will be a good practice to understand the result and having analysis on them.4 Network Model with AODV routing protocol Name: Sheraz Salim Page 55 Master Project CO4804 .packet from MAC layers and passes it to physical layer.

Name: Sheraz Salim Page 56 Master Project CO4804 .

Name: Sheraz Salim Page 57 Master Project CO4804 .

Name: Sheraz Salim Page 58 Master Project CO4804 .

Name: Sheraz Salim Page 59 Master Project CO4804 .

Name: Sheraz Salim Page 60 Master Project CO4804 .

Figure 9.5 MANET node model Name: Sheraz Salim Page 61 Master Project CO4804 .

6 show the parameter set for traffic model Name: Sheraz Salim Page 62 Master Project CO4804 .Figure 9.

10 Name: Sheraz Salim Page 63 Master Project CO4804 . First define the HTTP and second define the FTP. Figure 9. It is essential to define profile configuration in the network otherwise there is no possibility of simulate the network. Further details are shown in the figure 9.9. Profile configuration attributes are set as two numbers of rows. Mobility configuration attributes are set as default random waypoint as shown in figure 9. Mobility Configuration The mobility configuration required to create the mobility option for Mobile Ad hoc nodes.Profile Configuration Profile configuration is a profile of the nodes which they act according to define parameters in application configuration.9 showing the detail parameters of Profile configuration.

10. showing the values set for mobility of nodes in network. Performance metric are well organized in light of security attack against MANET network. Performance Metrics Performance metrics are essential feature which help to understand and evaluate the attributes and performance of the network. Name: Sheraz Salim Page 64 Master Project CO4804 . performance metrics bring up a better understanding of understand the network.Figure 9. Throughput To analyse the network we use the throughput of each scenario for each attack which will help understanding the results.

11.3 Time average response time on AODV Name: Sheraz Salim Page 65 Master Project CO4804 .11.2 Normal Network Delay Figure 9.1 Normal Network Throughput Figure 9.11.Normal Traffic Response Results Figure 9.

jammer bandwidth set 100. Pulse jammer attack transmit noise in wireless medium hence the pulse jammer nodes cause DoS attack with in the wireless channel. Mobile and satellite in project editor. Jammer band base frequency is set to 2.402. As shown in diagram 10. transmitter power 0.000.Chapter 10 Attack on Different Scenarios Scenario 1.1 Figure 10. Pulse Jammer nodes transmit on a single frequency marked by a periodic pulse train in time. Pulse Jammer Attack Setup and Results Pulse Jammer Node Configuration Pulse Jammer attack can be deployed as fixed.001 and pulse width 1.0. Pulse jammer default values are change as default value shall not work well in our network.1 Jammer node configurations Name: Sheraz Salim Page 66 Master Project CO4804 . Trajectory of the pulse jammer is configure as “vector” altitude is change to 12 instead of 0 because on 0 altitude the surface of the earth is curves on it and it will affect the pulse jammer to transmits signal. To perform a jammer attack on the network two jammers are deployed in the 50 nodes network area of 80x80.

There is significant traffic destruction of packets transmission on network when employing a Pulse Jammer attack. The values of run time simulation are kept as it is as mention in network model.2 Throughput result of Jammer attack on network Throughput Pulse Jammer attack showed a traffic drop when jammer is implemented on the network it not only disturbs the packet forwarding on nodes on network but also degrade the network traffic.Experimental Result The Pulse Jammer attack is implemented on the 50 nodes network with routing implementation of AODV after configuration the Jammer node.00000 compare to the normal network Name: Sheraz Salim Page 67 Master Project CO4804 . To analysis the traffic between normal network and Pulse jammer network significant network packet dropping notice as pulse jammer activation on the network keep the traffic at 20. The throughput of the Jammer attack reduced the traffic on the network compare to the normal network traffic. The result of the Pulse Jammer attack is taking from the Jammer scenario and is compared with the normal network scenario. Figure 10.

On the other hand on the traffic on normal network showed peak at 12 minutes 30.00000. The minimum low traffic with pulse jammer attack is less than 20.00000 at time of 25 minutes. Name: Sheraz Salim Page 68 Master Project CO4804 .00000. With small amount of power jammer can spoil the atmosphere of the network and network bandwidth and resources suffer from it. and the maximum traffic at peak was notice at 12 minutes 2500000 packets. A jammer attack is a severe attack on physical layer.00000 and the average packet forwarding on the network is 28.28. Summary The experiment of Pulse Jammer attack showed that jammer attack is harmful for network as jammer can easily break down the communication in network nodes.

AODV routing protocol is implement with default values. In order to deploy the misbehaving node on the network. As shown in the figure 10. whereas packet inter-arrival time second and packet size is changed.3 Misbehaving node configurations Name: Sheraz Salim Page 69 Master Project CO4804 . Trajectory is set as vector. Start time on the misbehaving nodes is set as 100. Misbehaving Nodes and Experimental Results Five Misbehaving nodes are placed on in the network to misbehave the network traffic.3 Figure 10.Scenario 2. The misbehaving node will drop the packets and stop forwarding it to other nodes. a change of attributes is needed of the misbehaving MANET nodes.

At the stage of 15 minutes the packet forwarding for misbehaving node and normal network rate keep constant than suddenly as time passes the packet rate of each network keep dropping for misbehaving node and packet rate keep constant for normal network nodes.Throughput Result The throughput result showed in the presence of misbehaving nodes the transmission degrade as misbehaving nodes drop the data and are not coloration in the network. however analysis showed the average packet forwarding on normal network is 28.00000 packet where as compare to normal network at 10 minutes time the packet forwarding to other nodes on the network was maximum of almost 30. At the stage of 25minutes onward the misbehaving nodes forwarding packet to other nodes on the network.00000 packet duration time of 30 minutes on the other hand the misbehaving nodes in the network showed the packet Name: Sheraz Salim Page 70 Master Project CO4804 .00000 packet. the misbehaving nodes dropping packet reach it minimum packet dropping delay at 10 minutes where packet dropping rate is 18. As the throughput shows the misbehaving node start dropping the packet when simulation start compare to the normal network.

Thus misbehaving node reach the 28. Name: Sheraz Salim Page 71 Master Project CO4804 .000 packet forwarding at 25 minutes and start dropping. As results showed the network traffic effected badly when malicious misbehaving node start dropping the forwarding packet to other nodes on the network.4 Summary The misbehaving nodes showed that network performance degrade if they start act malicious and not forwarding packet on time to other nodes.4 Throughput result of Misbehaving node on network forwarding is not stable and its keep degrading with the passage of time. As shown in the figure 10.00.Figure 10.

Scenario 3, Byzantine Attack and Experimental Result
To implement Byzantine attack on MANET nodes network one Byzantine node is deployed in the network this malicious node drop the packet and drop the routing packets. Before deployed the Byzantine node in the network in order to start it function there is a need to change the attributes of the node. As the network is operating on AODV routing protocols and its using a trajectory vector. To make a node malicious we change the parameters of the AODV setting as shown in the figure 10.5.

Figure 10.5 Byzantine nodes configuration Throughput Comparison with normal network and Byzantine node attack show a throughput result in diagram. The malicious node drops the packets and not forwarding packet for other nodes is clearly seen in the network result. As the run time of this simulation is for 30 minutes the Byzantine node in network throughput is slightly higher than the normal network however it shows the network is having malicious activity on the network. The overall run time simulation can be observed from the comparison of normal network and Byzantine attack scenario. The average packet rate to forwarding packet on normal network is 80 on the other hand the Byzantine network the packet

Name: Sheraz Salim

Page 72

Master Project CO4804

forwarding is 50. Which signify proves the network is under gone to a malicious attack shown in figure 10.6

Figure 10.6 Throughput result of Byzantine attack

AODV Routing Table Dropping The function of Byzantine attack is to drop the packet and also drop the routing table which are forward to other nodes to find a short route to other destination. The Byzantine attack in this scenario showed that it is dropping the routing table for other nodes and behaving malicious on purpose. AODV routing table forwarding for normal network is 32,000 but when a malicious node attack on the network with Byzantine activities it start dropping the routing table route to forwarding for other nodes. The average response forwarding routing table route to other nodes is 26,000 which is significantly less and clearly showed the dropping of routing route of nodes in network as shown in figure 10.7.

Name: Sheraz Salim

Page 73

Master Project CO4804

Figure 10.7 Byzantine attack nodes dropping the routing table

Summary The Byzantine attack on AODV routing protocol showed the network routing table dropped when malicious node activate itself, the attack spoil the transmission and network traffic suffer badly.

Name: Sheraz Salim

Page 74

Master Project CO4804

Chapter 11
Conclusion and Future directions
Significant research on MANET has done so far and are most likely to grow more and get bigger presence in future communication infrastructure. As the use of MANET technology is increase there’s become a security concern as a large number of research showed that MANET are vulnerable when it come to security DoS attacks are launched against nodes easily. Each layer of OSI model attack are identified in project. One of the biggest issues in MANET technology is MANET routing due to topologies moving around link get break and re-establish. Existing routing protocol are subject to many different kind of attack which get influence from a malicious node. On the other hand the advantage of this technology is giving a cheap communication with self organised nodes which can be formed anyways. Due to time constrain it was not possible to look at the other aspect of the security issues, cryptography and intrusion detection system etc. As only few attacks are implemented on this project. If we have given more time we look at the other attack and try to implement in the project with more nodes and make the network bigger. Jammer attack model which effect the transmission on network by making noise and degrade the network performance. Misbehaving nodes attack stop forwarding packet to other nodes and start misbehaving in the network. And Byzantine attack drops the routing forwarding table or drops the forwarding packet to other nodes give a significant result to understand the MANET in vulnerable scenarios.

Name: Sheraz Salim

Page 75

Master Project CO4804

Name: Sheraz Salim Page 76 Master Project CO4804 .

edu/jchen8/web/papers/SurveyBookchapter. http://www. [Accessed Feb – April 2010] 6 B. Pawel Gburzynski. M.wireless. Dr. J.” 3 Amitabh Mishra. 2008. 2006.enggjournals. 2-Level Mechanism in an Internet connected MANET.365&rep=rep1&type=pdf. Wu. Wu. Security and quality of services in ad hoc wireless networks.kth. Chen. A secure MANET routing protocol with resilience against byzantine behaviours of malicious or selfish nodes. Architectures and Protocols. & D.1. The Trust-Based MAC-Layer Security for Mobile Ad hoc Networks. Perrig. 2000. Name: Sheraz Salim Page 77 Master Project CO4804 .pdf [Accessed Feb – April 2010] 9 Claude. Cardei. J. Manoj. page no 476.61.edu/viewdoc/download? doi=10. 2007. 2006.pdf [Accessed Feb – April Authentication http://www. Carlton R. http://citeseerx. Song. . Rajaram.com/warp/public/707/cisco-sa-20091109-tls. 8 Cisco Networking http://www. 2004.ist. Protocol 2010] 2 A.fau. A Survey of Attacks and in Mobile Ad Hoc Networks. “The TESLA Broadcast Authentication Protocol.pdf [Accessed Feb – April 2010] 5 Node Ashikur Rahman.psu. Hidden Problems with the Hidden Problem. R. Canetti. S. Crepeau. page 57.com/ijcse/doc/IJCSE10-02-02-51. chapter 9. Siva Ram Murthy and B. J. Ad Hoc Wireless Network.References 1 A. Palaniswami. 2006. Thales Norway AS. 4 Andreas Hafslund and Jon Andersson. S. 2010. Cambridge press.pdf [Accessed Feb – C.cisco. Countermeasures April 2010] 7 http://student. Davis and Muthucumaru Maheswaran. Tygar.1.se/adhoc06/submissions_final/05_02Andreas_Hafslund.

Liu. 38-47. http://netlab18.psu. Understanding Mobile Ad hoc Network.pdf [Accessed Feb – April 2010] 11 Dinesh Mishra. 2003. H.lu/secan-lab/docs/Spiewak2007a. Mobile ad hoc networking: imperatives and challenges. http://wiki. page 116.11.scribd. Security in Mobile Ad 1.tw/html/AdHoc_Network/slides/Chapter3-1-Security %20in%20Mobile%20Ad%20Hoc%20Networks. 18 Houda Labiod.edu/viewdoc/download? doi=10.nctu.computingunplugged. http://www. 2004. 2005. 2008. Marco Conti.pdf [Accessed Feb – April 2010] 16 Hasnaa Moustafa and Houda Labiod. Book Security in wireless Ad Hoc and Sensor Network. Zhang. 13 Model Gunnar Ronneberg and Olav Lysne. mobility and security. IEEE wireless Communication. Bakht. hoc Networks: Challenges and Solutions. 2007. 2003. N. 12 Erdal Cayirci. Chunming Rong. Yang. Mohamad Badra.16. springer. Ye.edu. Discrete Event Simulation with Application to Computer Communication Systems Performances. 2007. Lu. Source Routing-based Multicast Protocol for Mobile Ad hoc Networks. Sudhir Agrawal. 2004. Unmasking in Mobile Wireless Ad-Hoc Network Settings.com/issues/issue200406/00001301001. Luo.1. An OPNET-based Simulation of SCInodes. University of Oslo. 17 Helena Szczerbicka.1. F. 2009. S.com/doc/19471793/MobileAdHocNetworkingImperativesa ndChallenges [Accessed Feb – April 2010] Name: Sheraz Salim Page 78 Master Project CO4804 .cis. Jennifer J. Kishor S. Behavior Analysis of Malicious Node in the Different Routing Algorithms in Mobile Ad Hoc Network. pp. 2009. http://citeseerx. New technologies. and Volker Fusenig. 19 Imrich Chlamtac. Yogendra Kumar Jain.html [Accessed Feb – April 2010] 15 Issue H. John Wiley & Sons Ltd. and L. Trivedi and Pawan K.uni.777&rep=rep1&type=pdf [Accessed Feb – April 2010] 14 H.10 Threats Dagmara Spiewak. Choudhary. Vol. Thomas Engel.ist. 20 http://www.

R. Lganesan and Dr. Nicol.pdf [Accessed Feb – April 2010] 24 Junfang Xiao. 2010. Dr. Frederic Guinand. Ramar. A Full Image of the wormhole attaks.. David M. Jian Liao and Peiwei. Carson II. Research Design: Qualitative. Magdy El-Soudani. Blekinge Institute of Technology. page 49. W. Name: Sheraz Salim Page 79 Master Project CO4804 . 802. 23 Jim Geier.edu/viewdoc/download? MANETs doi=10. 2002. 2006. 25 Kamanshis and Md. Gavrilovska.trainingcamp.21 J. 2006.106. 2009. 2006. Shanthi. Prasad. IEEE. NO. Sherif El. Chapter No 1. and Breno de Medeiros Member. 2010. Creswell.1245. http://www. John S. 2009.library. and Ilyas Mohammad. Liakat. Pascal Bouvry. 29 http://arxiv4. Ad Hoc Networking Towards Seamless Communications. the handbook of Ad hoc wireless network”.“Chapter 30: Security in wireless ad-hoc networks. 2nd Ed. 32 N.edu/ftp/arxiv/papers/0906/0906. Fifth Edition. CRC PRESS Publisher. Springer.1. California.ist. Signals and Communication Technology.pdf [Accessed Feb – April 2010] 30 Mike Burmester. 2003. Nelson. An Overview of Simulation. K. Quantitative and Mixed Methods Approach. http://citeseerx. 22 Jerry Banks. 26 L. On the Security of Route Discovery in MANET’s. Huang Improved Threshold Ring Signature for Ad-hoc Group. . Guihua Zeng. Study of Different attack on multicast mobile ad hoc network.3553&rep=rep1&type=pdf [Accessed Feb – April 2010] 28 Marianne Azer. Nadkarni Ketan M. 2003. Sage Publication Inc. Security Threats in Mobile Ad hoc Network. Pearson. 2006. page no 16.psu.11 WEP: Concepts and Vulnerability.Kassas. Barry L.cornell. IEEE TRANSACTION ON MOBILE COMPUTING. 31 Mishra Amitabh. 2007.1. VOL 8. Member. DiscreteEvent System Simulation.com/usa/preclass/ceh/Reading/WEP. Master Thesis.9. 27 Luc Hogie. towards Introducing Complex Wormhole Attacks in wireless ad hoc networks.

my/8213/1/NgadiMA2008_AReviewCurrentRoutingAttacksInMobi leAd-hocNetworks. A Review Current Routing Attacks in Mobile Ad Hoc networks.monarch. 1996.1663&rep=rep1&type=pdf [Accessed Feb – April 2010] 40 T.edu/viewdoc/download? Mobile Ad Hoc Networks. Rappaport.org/volumes/research-papers/Vol10No1/8Vol10No1. 1996. Razak.brooke/b/Razak+04a. Upper Saddle River. Deparment of computer science. Secure Routing For http://citeseerx. Chapter 1. 41 Ye. 2004. 2002.jatit. S. Review http://www. David B. Garzia. Network Modeling. 2010. Mario R. Garzia. Rozilawati Razali.ac.ist.ukm.1.uk/p.utm.cs. Brooke.117. http://eprints. Dekker. Johnson. and Analysis.edu/monarch-papers/tikreport.psu. page no 9.pdf [Accessed Feb – April 2010] 37 Ricardo F.scm. Networks https://www. Rosilah Hassan.A.pdf [Accessed Feb – April 2010] 34 Ola Mohamad. 38 S.psu. and L.rice.pdf [Accessed Feb – April Name: Sheraz Salim Page 80 Master Project CO4804 . Secure routing in mobile wireless 40508. Lu. wireless communications Principles & Practice. Simulation.pdf [Accessed Feb – April 2010] 39 KY Siddhartha Gupte.81. S. Furnell. Attacks against Mobile Ad Hoc Routing Protocols. Zhang. Security in Mobile Ad hoc Networks: Challenges and Solutions. doi=10. doi=10.j. 2003. 2003. 2005.edu/viewdoc/download? ad hoc network. 1990. M. P. Md Asri Ngadi and Satria Mandala.1.1. Ahmed Patel. university of Plymouth.ftsm. Argyroudis and Donal O Mahohy.1.4598&rep=rep1&type=pdf [Accessed Feb – April 2010] 36 of Rashid Hafeez Khokhar. New Jersey. university of Kentucky. 2008. http://citeseerx.S. Defence 2010] http://www.ist. 2005. A of Security Parameters in Mobile Ad-Hoc Networks.pdf [Accessed Feb – April 2010] 35 Patroklos G. Packet Leashes: A against Wormhole Attacks in Wireless Ad Hoc Network. J. Lexington.tees.33 http://www. Mukesh Singhal. 42 Yih-Chun Hu. Adrian Perrig.my/rosilah/files/OLA_ICICS.

Member. Dang Quan Nguyen.ece. 44 Yihong Zhou. 2010] http://www.edu/publications/conferences/UKC06. 2004. and Louise Lamont.43 Yang Xu.194.pdf [Accessed Feb – April Name: Sheraz Salim Page 81 Master Project CO4804 . Security analysis of routing protocol for MANET based on extended Rubin logic.pdf [Accessed Feb – Yannick Lacharite. http://202. MAC-Layer April 2010] 45 46 2008. 2007.20. Scott M. IEEE. Analyzing and Preventing Denial of Service Attacks for Stock 802. Dapeng Wu.11 Systems.vt. Xiaoyao Xie. A Trust-Based Security Architecture For Tactical MANETs.arias.8/proc/MILCOM08/Milcom08/pdfs/654. Maoyn Wang. Nettles.

Sign up to vote on this title
UsefulNot useful

Master Your Semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master Your Semester with a Special Offer from Scribd & The New York Times

Cancel anytime.