Professional Documents
Culture Documents
Researcher Forum
(JGRCST)
Vol-II, Issue-I, September 2014
ISSN: 2349 - 5170
Ravindra Jogekar
PJLCOE, RTMNU, Nagpur University, Nagpur, Maharashtra
Pratibha Bhaisare
AGPCOE, RTMNU, Nagpur University, Nagpur, Maharashtra
Abstract: Mobile ad-hoc network (MANET) is one of the most promising fields for
research and development of wireless network. As the popularity and usage of mobile
device and wireless networks significantly increased over the past years, wireless adhoc networks has now become one of the most vibrant and active field of
communication and networks. Although the ongoing trend is to adopt ad hoc
networks for commercial uses due to their certain unique properties, the main
challenge is its vulnerability to security attacks. A number of challenges like open
peer-to-peer network architecture, stringent resource constraints, shared wireless
medium, dynamic network topology etc. are posed in MANET. As MANET is
quickly spreading for the property of its capability in Sforming temporary network
without the aid of any established infrastructure or centralized administration, security
challenges has become a primary concern to provide secure communication. In this
paper, various vulnerabilities, security attributes and security issues affecting
MANET and possible solutions to counter these security issues have been discussed.
Keywords: MANET, Security issues, vulnerabilities.
Introduction
Global Research
Researcher Forum
(JGRCST)
Vol-II, Issue-I, September 2014
ISSN: 2349 - 5170
MANET Vulnerabilities
Global Research
Researcher Forum
(JGRCST)
Vol-II, Issue-I, September 2014
ISSN: 2349 - 5170
2.2
Because of the limited energy supply for the wireless nodes and the mobility of the
nodes, the wireless links between mobile nodes in the ad hoc network are not
consistent for the communication participants.
2.3
Lack of Secure Boundaries
The meaning of this vulnerability is self-evident. There is not such a clear secure
boundary in the mobile ad hoc network, which can be compared with the clear line of
defense in the traditional wired network. This vulnerability originates from the nature
of the mobile ad hoc network: freedom to join, leave and move inside the network. In
the wired network, adversaries must get physical access to the network medium, or
even pass through several lines of defense such as firewall and gateway before they
can perform malicious behavior to the targets However, in the mobile ad hoc network,
there is no need for an adversary to gain the physical access to visit the network: once
the adversary is in the radio range of any other nodes in the mobile ad hoc network, it
can communicate with those nodes in its radio range and thus join the network
automatically. As a result, the mobile ad hoc network does not provide the so-called
secure boundary to protect the network from some potentially dangerous network
accesses. Lack of secure boundaries makes the mobile ad hoc network susceptible to
the attacks. The mobile ad hoc network suffers from all-weather attacks, which can
come from any node that is in the radio range of any node in the network, at any time,
and target to any other node(s) in the network. To make matters worse, there are
various link attacks that can jeopardize the mobile ad hoc network, which make it
even harder for the nodes in the network to resist the attacks. The attacks mainly
include passive eavesdropping, active interfering, leakage of secret information, data
tampering, message replay, message contamination, and denial of service [2].
2.4
Dynamic topologies
Nodes are free to move arbitrarily. Thus, the network topology which is typically
multi hop may change randomly and rapidly at unpredictable time. Because the
topology of the ad hoc networks is changing constantly, it is necessary for each pair
of adjacent nodes to incorporate in the routing issue so as to prevent some kind of
potential attacks that try to make use of vulnerabilities in the statically configured
routing protocol.
2.5
Restricted Power Supply
Some or all of the nodes in a MANET may rely on batteries or other exhaustible
means for their energy. For these nodes, the most important system design criteria for
optimization may be
energy conservation. The problem that may be caused by the restricted power supply
is denial-of-service attacks [4]. Since the adversary knows that the target node is
battery restricted, either it can continuously send additional packets to the target and
ask it routing those additional packets, or it can induce the target to be trapped in
some kind of time consuming computations. In this way, the battery power of the
target node will be exhausted by these meaningless tasks, and thus the target node will
be out of service to all the benign service requests since it has run out of power.
Global Research
Researcher Forum
(JGRCST)
Vol-II, Issue-I, September 2014
ISSN: 2349 - 5170
2.6
Since mobile nodes are autonomous units that can join or leave the network with
freedom, it is hard for the nodes themselves to work out some effective policies to
prevent the possible malicious behaviors from all the nodes it communicate with
because of the behavioral diversity of different nodes. Furthermore, because of the
mobility of the ad hoc network, target and perform malicious behavior to different
node in the network, thus it is very difficult to track the malicious behavior performed
by a compromised node especially in a large scale ad hoc network. Therefore, threats
from compromised nodes inside the network are far more dangerous than the attacks
from outside the network, and these attacks are much harder to detect because they
come from the compromised nodes, which behave well before they are compromised.
2.7
Scalability:
Scalability is a major issue concerning security. Security mechanism should be
capable of handling a large network as well as small ones [2]. When vulnerabilities in
the mobile ad hoc network are discussed, the scalability problem also needs to be
addressed. Unlike the traditional wired network in that its scale is generally
predefined when it is designed and the use, the scale of the ad hoc network keeps
changing all the time: because of the mobility of the nodes in the mobile ad hoc
network, you can hardly predict how many nodes there will be in the network in the
future. As a result, the protocols and services that are applied to the ad hoc network
such as routing protocol and key management service should be compatible to the
continuously changing scale of the ad hoc network.
Security means the security mechanism for all protocols involved in this (MANET)
service to protect the basic function of MANET. To understand the security issues in
MANET, it is important to first know the security attributes linked with the MANET.
Some of the security criteria are as follows:
3.1
Availability
The term Availability means that a node should maintain its ability to provide all the
designed services regardless of the security state of it. Availability applies both to
data and to services. This security criterion is challenged mainly during the denial-ofservice attacks, in which all the nodes in the network can be the attack target and thus
some selfish nodes make some of the network services unavailable, such as the
routing protocol or the key management service.
3.2
Confidentiality
Confidentiality ensures that message information is kept secure from unauthorized
party. Confidentiality means that certain information is only accessible to those who
have been authorized to access it. In other words, in order to maintain the
confidentiality of some confidential information, we need to keep them secret from all
entities that do not have the privilege to access them.
Global Research
Researcher Forum
3.3
Integrity
Integrity means that assets can be modified only by authorized parties or only in
authorized way. Modification includes writing, changing status, deleting and creating.
Integrity assures that a message being transferred is never corrupted.
3.4
Authentication
In this, correct identity is known to the communicating partner. It enables a node to
ensure the identity of the peer node it is communicating with. Without which an
attacker would impersonate a node, thus gaining unauthorized access to resource and
sensitive information and interfering with operation of other nodes.
3.5
Non-repudiation
It is essential to ensures that the origin of a message dont deny having sent the
message. This is useful especially when we need to discriminate if a node with some
abnormal behavior is compromised or not. If a node recognizes that the message it has
received is erroneous, it can then use the incorrect message as evidence to notify other
nodes that the node sending out the improper message should have been
compromised.
3.6
Anonymity
Anonymity means that all the information that can be used to identify the owner or
the current user of the node should default be kept private and not be distributed by
the node itself or the
system software. This criterion is closely related to privacy preserving, in which we
should try to protect the privacy of the nodes from arbitrary disclosure to any other
entities
3.7
Authorization
Authorization is generally used to assign different access rights to different level of
users. Authorization is a process in which an entity is issued a credential, which
specifies the privileges and permissions it has and cannot be falsified, by the
certificate authority. Hence we need to ensure that network management function is
only accessible by the network administrator. Therefore there should be an
authorization process before the network administrator accesses the network
management functions.
Security Issues
There are many security issues relating to MANET. However, we shall discuss few
important issues in this paper which affect the MANET most.
4.1
Secure Routing
As we have seen earlier, most MANET routing protocols are vulnerable to attacks
that can freeze the entire network. Hence there is need to find a solution that work
even if some nodes have been compromised. Some of the attacks, such as Worm
Hole Attack and Rushing Attack are more sophisticated and harder to detect than
others. It is therefore essential to discuss the above two attacks and find its solutions
using localized selfhealing communities [4].
Global Research
Researcher Forum
A.1 Defense Method against Wormhole Attacks in Mobile Ad -hoc NetworksWormhole attack is a threatening attack against routing protocols for the mobile ad
hoc networks [5] [6]. In the wormhole attack, an attacker records packets (or bits) at
one location in the network, tunnels them (possibly selectively) to another location,
and replays them there into the network. The replay of the information will make
great confusion to the routing issue in mobile ad hoc network because the nodes that
get the replayed packets cannot distinguish it from the genuine routing packets.
Moreover, for tunneled distances longer than the normal wireless transmission range
of a single hop, it is simple for the attacker to make the tunneled packet arrive with
better metric than a normal multi-hop route, which makes the victim node more likely
to accept the tunneled packets instead of the genuine routing packets. As a result, the
routing functionality in the mobile ad hoc network will be severely interfered by the
wormhole attack. For example, most existing ad hoc network routing protocols,
without some mechanism to defend against the wormhole attack, would be unable to
find routes longer than one or two hops, severely disrupting communication. A
packet leash is a general mechanism for detecting and defending against wormhole
attacks. A leash is any information that is added to a packet designed to restrict the
packets maximum allowed transmission distance. There are two main leashes, which
are:
Geographical leashes
Temporal leashes.
A geographical leash ensures that the recipient of the packet is within a certain
distance from the sender. A temporal leash ensures that the packet has an upper bound
on its lifetime, which restricts the maximum travel distance, since the packet can
travel at most at the speed-of-light.
Either type of leash can prevent the wormhole attack, because it allows the receiver of
a packet to detect if the packet traveled further than the leash allows. A geographical
leash in conjunction with a signature scheme (i.e., a signature providing non
repudiation), can be used to catch the attackers that pretend to reside at multiple
locations: when a legitimate node overhears the attacker claiming to be in different
locations that would only be possible if the attacker could travel at a velocity above
the maximum node velocity v, the legitimate node can use the signed locations to
convince other legitimate nodes that the attacker is malicious. In practice, the paper
presents the design of TIK protocol that implements the temporal leashes. The TIK
protocol implements temporal leashes and provides efficient instant authentication for
broadcast communication in wireless networks. TIK stands for TESLA with instant
key disclosure, and is an extension of the TESL protocol [7]. When used in
conjunction with precise timestamps and tight clock synchronization, TIK can prevent
wormhole attacks that cause the signal to travel a distance longer than the nominal
range of the radio, or any other range that might be specified. The TIK protocol has
been proved to be efficient since it requires just public keys in a network with nodes,
and has relatively modest storage, per packet size, and computation overheads. Thus,
this paper first introduces the wormhole attack, a rather dangerous attack that can
have serious consequences on many proposed ad hoc network routing protocols. To
detect and defend against the wormhole attack, the paper then introduces the concept
of packet leashes, which may be either geographic or temporal leashes, to restrict the
maximum transmission distance of a packet. Finally, to implement temporal leashes,
Global Research
Researcher Forum
(JGRCST)
Vol-II, Issue-I, September 2014
ISSN: 2349 - 5170
the paper presents the design and performance analysis of a novel, efficient protocol,
called TIK, which also provides instant authentication of received packets.
A.2 Defense Mechanism against Rushing Attacks in Mobile Ad Hoc Networks
Rushing attack is a new attack that results in denial-of-service when used against all
previous on-demand ad hoc network routing protocols [8]. This attack is also
particularly damaging because it can be performed by a relatively weak attacker. The
implementation details of rushing attacks are shown in Figure shown below.
Global Research
Researcher Forum
Global Research
Researcher Forum
(JGRCST)
Vol-II, Issue-I, September 2014
ISSN: 2349 - 5170
4.2
Secure Multicasting
Global Research
Researcher Forum
(JGRCST)
Vol-II, Issue-I, September 2014
ISSN: 2349 - 5170
In this architecture, every node in the mobile ad hoc networks participates in the
intrusion detection and response activities by detecting signs of intrusion behavior
locally and independently, which are performed by the built-in IDS agent. However,
10
Global Research
Researcher Forum
rate TCPtargeted DoS attacks [14], brings new challenges to the network services. In
MANETs, nodes act as both routers and ordinary nodes.
Due to dynamic network topology and lack of centralized infrastructure, network
security has brought a new challenge to networking communities. Unlike traditional
networks, MANETs are more vulnerable to DoS attacks due to limited resources that
force nodes to be greedy in resource utilization. When there is no cooperation,
activities of even a small number of nodes may significantly decrease the
performance of the network. For example, a misbehaving node that discards any
packets passing through it can result in repeated retransmissions, which in turn cause
network congestions. Also, a wireless link does not provide the same protection for
data transmissions as does its wired link counterpart. Hence, any user or receiver
within the transmissions range can eavesdrop or interfere with data packets or routing
information. Battery power is another Critical resource for mobile nodes. If the
battery power has been used up due to malicious attacks such as the sleep deprivation
attack, the victim will not be able to provide network services. Since all nodes can be
mobile, changes in network connectivity and resource availability also expose a
network to various attacks. This calls for detection and prevention of attacks in the
network. Some intrusion prevention measures, such as cryptograph and
authentication, can reduce the threats against MANETs. However, these mechanisms
either cause greater overhead and latency or cannot defend against malicious internal
nodes. The deployment of a Public Key Infrastructure (PKI) requires certification
authority, but such an entity must always be available. Most current research on
MANET security focuses mainly on secure routing. Enforcing cooperation among
nodes is one of the strategies for tackling security and improving MANET
performance. Popular web-based services such as Amazon and eBay use reputation
rating systems for buyers and sellers to rate each other; however, this mechanism
relies on a centralized server to store and manage data. In eBays reputation system,
buyers and sellers can rate each other after each service, and the overall reputation of
a participant is computed as the sum of these ratings over a period of months provides
reputation information is usually a server with high computational and storage
capability.[13] Although MANETs are based on the fundamental assumption that the
nodes will cooperate in providing services or sharing available resources, noncooperation is a critical problem when deploying these networks for civilian
applications. Lack of cooperation in MANETs can be a result of misbehaving nodes
or lack of sufficient resources. Misbehaving nodes can either be malicious or selfish.
Selfish nodes are nodes that participate in the network to maximize their own benefit
by using network resources while saving their own resources. Malicious nodes
directly attack a network by disrupting its normal operation. The absence of a trusted
third party in ad hoc networks necessitates the development of protocols for
collecting, storing, and distributing reputations. Enhancing cooperation among nodes
in the network can help in detecting and mitigating DoS attacks caused by the
misbehaving nodes. In this paper, both DoS attack caused by a selfish node that drops
packet and a wormhole attack caused by a malicious node is considered. A reputationbased incentive mechanism for encouraging nodes to cooperate both in resource
utilization and preventing DoS attacks is proposed. The DoS attacks that target
resources can be grouped into three broad scenarios [13]
11
Global Research
Researcher Forum
(JGRCST)
Vol-II, Issue-I, September 2014
ISSN: 2349 - 5170
The first attack scenario targets Storage and Processing Resources. This is an attack
that mainly targets the memory, storage space, or CPU of the service provider.
The second attack scenario targets energy resources, specifically the battery power
of the service provider.
The third attack scenario targets bandwidth.
5
5.1
DoS attacks are of two types. The first is packet dropping. This may involve dropping
all received packets or selected packets. We characterize this as an attack generated
by selfish nodes. A node is selfish if it drops messages to save its resources. The
second type of attack is a wormhole attack. In this attack, a mobile node advertises a
short routing path to its neighbours, tunnels the data and control packets it receives
through the wormhole link, and replays them at the destination. Nodes that engage in
this type of attack are called malicious nodes [13].
5.2
Dealing with Misbehaving Nodes
Nodes in each cluster collaborate in the detection of malicious nodes and the
prevention of DoS attacks. This is achieved through information exchange at various
levels. For DoS attack management purposes, each node periodically performs the
following operations:
1. Computes reputation ratings based on its own observations and second hand
information obtained from neighbours. This is used to detect node misbehavior. If the
reputation falls below a predefined threshold, we may proceed to step 2.
2. Marks the node as selfish and broadcasts the new reputation rating to all neighbours
and to the CH. All neighbours update their reputation information and decide the
status of the node.
3. Periodically evaluates the reputation information of the node. Nodes are first
warned and later excluded if they fail to cooperate in future communications. If they
do cooperate, they are re-integrated. Their packet is not forwarded until their
reputation rating reaches a threshold. After detecting a misbehaving node, the
information is used to prevent any further occurrence of DoS attacks by forwarding
packets via other nodes. This can be achieved because each node maintains multiple
routing paths based on reputation ratings. The reputation threshold values are
dynamically selected and adaptive to the network condition as described in [15]. The
system rewards nodes with high reputation rating.
Conclusions
To sum up, we may conclude that- DOS attack is very difficult to resist in any
protocol.
Since mobile nodes are resource constrained, if public key operations are used, care
needs to be taken to limit the frequency of these operations to prevent DOS attacks.
The two lines of defenses (Prevention and Detection) against MANET attacks are
12
Global Research
Researcher Forum
(JGRCST)
Vol-II, Issue-I, September 2014
ISSN: 2349 - 5170
required. Because of mobility it is very difficult for the attacker to keep a node
victimized always. There is tremendous research scope in this area.
References
[Marco, 2003] Marco Conti, Body, Personal and Local Ad Hoc Wireless Networks, in Book
The Handbook of Ad Hoc Wireless Networks (Chapter 1), CRC Press LLC, 2003.
[Amitabh, 2003] Amitabh Mishra and Ketan M. Nadkarni, Security in Wireless Ad Hoc
Networks, in Book The Handbook of Ad Hoc Wireless Networks (Chapter 30), CRC Press
LLC, 2003.
[Priyanka, 2011] MANET: Vulnerabilities, Challenges, Attacks, Application by Priyanka
Goyal1, Vinti Parmar2, Rahul Rishi in IJCEM International Journal of Computational
Engineering & Management, Vol. 11, January 2011 ISSN.
[Sergio, 2000] Sergio Marti, T. J. Giuli, Kevin Lai and Mary Baker, Mitigating routing
misbehavior in mobile ad hoc networks, in Proceedings of the 6th annual international
conference on Mobile computing and networking (MobiCom00), pages 255265, Boston, MA,
2000. Jiejun Kong, Xiaoyan Hong, Yunjung Yi, JoonSang Park, Jun Liu and Mario Gerlay
[Y. Hu,2003] Y. Hu, A. Perrig and D. Johnson, Packet Leashes: A Defense against Wormhole
Attacks in Wireless Ad Hoc Networks, in Proceedings of IEEE INFOCOM03, 2003.
[Y. Hu,2006] Y. Hu, A. Perrig and D. Johnson, Wormhole Attacks in Wireless Networks, IEEE
Journal on Selected Areas in Communications, Vol. 24, No. 2, February 2006.
[Perrig, 2000] A. Perrig, R. Canetti, J. D. Tygar and D. Song, Efficient Authentication and
Signature of Multicast Streams over Lossy Channels, In Proceedings of the IEEE Symposium
on Research in Security and Privacy, pages 5673, May 2000.
13
Global Research
Researcher Forum
[Y. Hu,2003] Y. Hu, A. Perrig and D. Johnson, Rushing Attacks and Defense in Wireless Ad
Hoc. Network Routing Protocols, in Proceedings of ACM Mobi Com Workshop - WiSe03,
2003
[Jiejun, 2005] Jiejun Kong, Xiaoyan Hong, Yunjung Yi, JoonSang Park, Jun Liu and Mario
Gerlay, Secure Ad-hoc Routing Approach Using Localized Self-healing Communities, in
Proceedings of the 6th ACM International Symposium on Mobile Ad Hoc Networking and
Computing, Champaign, Illinois, 2005.
[Kaya]Secure Multicast Groups on Ad Hoc Networks by T. Kaya, G. Lin, G. Noubir, A.
Yilmaz College of Computer and Information Science Northeastern University,USA.
[Y. Hu,2002] Y. Hu, A. Perrig and D. Johnson, Ariadne: A Secure Ondemand Routing Protocol
for Ad Hoc Networks, in Proceedings of ACM MOBICOM02, 2002.
[Fei] Understanding Dynamic Denial of Service Attacks in Mobile ad Hoc Networks Fei Xing
Wenye Wang.
[Wood, 2002] A.D. wood and J.A. Stankovic, Denial of Service in Sensor Networks, IEEE
October 2002.
[Kuzmanovic, 2003] A. Kuzmanovic and E.W. Knight, Low-Rate TCP-Targeted Denial of
Service Attacks,SIGCOMM03, August 25-29
14