JOURNAL OF COMPUTING, VOLUME 3, ISSUE 2, FEBRUARY 2011, ISSN 2151-9617 HTTPS://SITES.GOOGLE.

COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG 45

Per for mance Study of Appr oaches for Detecting Attacks in Ad Hoc Wir eless Networ ks
Kashif Laeeq, Khalid Khan.
Abstract— The popularity graph of ad hoc networks are incredibly increasing with the increase of its utilization in all fields. No messy wired physical infrastructure and other innumerable advantages made this technology the first choice in emergency, disaster management, healthcare, education, business etc. some time ad hoc networks have to pay the price for their vulnerable features. This new technology and its associated protocols have numerous loopholes which may be the honey pots for attackers.This paper has focused three major areas of wireless communication i.e. ad-hoc network, mesh network and sensor network. These networks are mostly at risk of denial of service (DoS) attacks initiated through compromised nodes or intruders. To avoid such attacks some of cryptographic algorithms, key management schemes and security models are proposed but the networks are still insecure. Our goal here is to investigate the major issues, attacks and challenges belonging to these networks. Some proposed schemes are also discussed here that mitigate these issues with a comparative study on the basis of their performances. In future we will analyze and compare the routing protocols in wireless ad-hoc networks. Index Terms—Ad-hoc networks, routing protocol, security, wireless communication.

——————————  ——————————

1 INTRODUCTION
HE deployment of ad hoc wireless networks are quicker, low cost, and number of ease to use, move the researcher to make sounder and robust communications. Wireless set up requires no messy wired junction, just little time and cost makes it operational. Due to these attractions, mostly wireless networks are the first choice for war, emergency conditions, security, educations or intelligence zone, but at the same time, the communication over wireless media always vulnerable to attacks. Inherently the ad hoc wireless communications are prone to attacks and any node can be attacked from any direction [13]. During war or disaster, the importances of ad hoc networks are vital, but the communication signals are subjected to jamming, interception and highly vulnerable to security attacks. These issues create obstruction to the deployments of ad hoc wireless networks. The wireless channels are completely defenseless to various security attacks [15]. Every nodes participating in mobile ad hoc network act like a router. The dependability on nodes may disrupt the network. Some time a node within a network involves in malicious activities without any victimiza————————————————

T

tion, and the detection of this malicious node is difficult. This type of attack is called inside attacks. It is possible that an attacker attacks from outside the network, called outside attacker. An outside attacker has no particular access to the network but only concernes in gathering sensitive data, breaching the privacy and secrecy of data. In contrast an inside attacker’s goal is to interrupt the functionality of the network and has access to the encryption keys or other codes used by the network. Most of the time the intention of an attack is to disrupt the network communication; the most frequent and dodgy attack, experienced by wireless ad hoc network is denial of service (DOS) attack. DOS is forced by other fields, such as security, dependability, performance and software engineering [20]. Although there are number of schemes proposed to secure the wireless communication but the technology is still apprehensive and vulnerable to attacks. Nearly all the proposed solutions concentrate on specific security issues but pay no attention to others, those which pull off low energy and memory utilization, compromise on the level of security. Majority of the protocols associated with ad hoc networks are vulnerable, especially on demand routing protocols, such as AODV, are at high risk during route discovery [13]. Thus there is a need for a model which combats all these challenges with low cost and high security. In this paper some vital issues related to ad-hoc networks are studied and revealed some proposed solutions for mitigating these issues. A comparative study of these proposed schemes is finally provided that of-

• Kashif Laeeq is with the Department of Computer Science, Federal Urdu University of Arts, Science & Technology, Karachi, Pakistan. • Khalid Khan is with the Department of Computer Science, College of Computer Science and College of Engineering Karachi Institute of Economics and Technology, Karachi, Pakistan.

JOURNAL OF COMPUTING, VOLUME 3, ISSUE 2, FEBRUARY 2011, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

fers a new direction for researchers.

2

ISSUES AND PROBLEMS

Wireless communication has emerged as a major breakthrough in conventional wired communications. It has altered messy wired world into a smooth and flexible ambiance. According to a well known adage, there is no unmixed good in this world; execution of wireless network particularly ad-hoc network, sensor network and mesh network carries various security and performance issues. These issues include: 2.1 Current Security Models and Prevailing Attacks: Different performance, administration and management issues of a wireless network encountered due to improper security model. Many security methods don’t guard against a number of prevailing threats. Therefore Wireless networks shows lack of satisfactory guarantees on security, during communications. Some of proposed solutions for these issues are discuss below: Majority of at hand wireless network security models are highly insecure and defenseless to active and passive attackers. The hybrid Wireless Intrusion System (WIDS) provides a model to combat the attackers. The model is based on three phases; data-set generation, IDS creation and test phases. For data-set generation, various types of files, for regular and attack types will be created. For IDS creation, a simple agent with five modules is designed. The first module sniffs the traffic and sends it either Anomaly or Misuse detection engines. If inputs are not handled by both engines, it sends it to probable attack module for more precise examination. If the attack is detected the engine call the alarm module. Finally in test phase, used the dataset collected in the first phase to test the wireless intrusion detection agent in phase two [1]. Due to distributed nature and short of globally trusted central establishment, the WMNs shows lack of satisfactory guarantees on security. Li Gao et al. [2] has deal with low-computational and scalable key managing model for WMNs. This key management model has three levels of key management, including key management protocols for mesh router pattern (RR), mesh client pattern (CC) and mesh router & mesh client pattern (RC). RR pattern is required highest level of security, may use efficient cryptography such as PKI, twoparty Diffie-Hellman schemes. CC pattern is required

low computation and reasonable level of security. Thus low computational cryptographic such as symmetric cryptography and threshold secrete sharing schemes may be use. RC pattern can be in between RR and CC pattern. These three models fit in to group communication models [2]. Ana Paula [3] proposed a decentralized Intrusion Detection System (IDS) model that fits the demands and limitations of WSNs. The model is based on three phases. Phase-1 perform data acquisition. Only those messages are filtered and store which useful to the rule application phase. Phase- 2 is rule application, each extracted messages from phase 1 is estimated according to a sequence of rules precise to each message type. If a message unsuccessful in one of the rules, failure counters is incremented and discard the message, otherwise message is discarded from data-structure list. Intrusion detection is perform in Phase-3, that checks if round-failure value is greater than cumulative value or not, in case of greater value, then signal attack indication is generated [3]. Sidra et al [4] defined distributed dynamically configurable firewall architecture for Mobile Ad-hoc Networks (MANETs). The model has three internal data structures that are firewall table, Reject list & black list. Firewall table is used to maintain the entries of data flow for each new establish connection with five columns containing source & destination address, number of packets arrived, threshold and life time of each entry. If number of packets crosses the threshold limit then incoming packets for that entry will be blocked by the firewall, which will be deleted from table if life time exceeds. If for any entry in the firewall table, number of packets arrived is greater than threshold and lifetime exceeds then it will be place it in the reject list with double lifetime and threshold value will decrease. Blacklist hold entries of those nodes which maintain its entry in the reject list five times [4]. Another security model for MANETs is proposed by L.Prema [5], named Enhancement on Intrusion Detection Systems for Ad-hoc Networks (EIDAN). The EIDAN architecture model has four logical components. First component is Traffic Interception Module, confines the incoming traffic from the network & selects which of these packets should be more examines. Event Generation Module is accountable for abstracting the necessary information essential for the attack

JOURNAL OF COMPUTING, VOLUME 3, ISSUE 2, FEBRUARY 2011, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG 47

analysis module. Attack Analysis module checks the presence of attacks, if attack is present then send these malicious packets to counter measure module. Finally the Counter Measure Module is responsible for taking any further action on packets. Either the packets are dropped or taking some actions on malicious packets comes from the attack analysis module [5].

cast the RREQs packet that goes by on all the ways from that source node. The RREQs received by target node, forwards the RREPs by using the reverse route. If the RREPs arrive from the trustworthy intermediate node, starts to send data. Otherwise ask for further request. If the node is detected to be wicked node by the two hop acknowledgement mechanism then to provide solution to attack, perform secure message transmission [7]. Ms. Divya [8] has proposed modified Hybrid Wireless Mesh Protocol (HWMP), to overcome the issue of authentication and integrity. Proposed routing protocol guarantees that the communication between any two ends should be secure enough. HWMP routing information element comprises of two types of fields, mutable and non-mutable. In customized HWMP the existing key allocation is used and mutable fields are valid in the hop-by-hop manner using the hash tree concept. To protect non-mutable fields symmetric encryption is used [8]. The reliable transport layer protocols for wireless communications are not ensure reliability in harsh environment. Pump slowly Fetch Quickly Protocol doesn’t deal with the lost full message problem. Also nodes cancel their scheduled transmission of given fragment if they listen by their neighbor that the fragment being transmitted 4 times. Weaknesses in Distributed TCP Caching is if a SACK list several lost fragments, so an invader can forge and infuse another SACK that acknowledges all lost fragments. With this particular packet, he can provoke several fragment losses. Reliable Bursty Convergecast protocol is supported block ACK; it is probable to acknowledge each fragment piled up by a node in one ACK. Upon the reception of packet, the node will fully empty its cache, which can direct to fragment losses with high probability [9]. Dr.Sami et al [10] defined Path Redundancy based Security Algorithm (PRSA) for securing routing protocols in WSNs. The PRSA algorithm first read network topology and find the optimum routing path. Check for disjoint paths. If no disjoint path found, remove every other node in the path and its link otherwise remove the nodes of previous path. Now select a suspected node and removes the suspected node and its links. Find optimum routing path, if number of routing paths less than the maximum numbers of routing path,

Figure 1: Enhancement of Intrusion Detection System for AD HOC Networks [5].

2.2 Current Wireless Protocols and Their Limitations: The wireless communication survivability relates to the protection mechanism and robustness of their protocols. Majority of protocols associated with wireless, prone to attacks especially in hostile environments. Intruder easily breaks their security schemes. Some of proposed solutions for these issues are discuss below: Current communication protocols of routing, MAC and physical layers are not fulfilling major communication issues in WMNs. Sahil Seth et al. [6] studied and suggested to redesign the protocols at each layer, keeping current research issues in mind. The author has deduced the research issues of physical layer as new wideband transmission scheme is required to achieve high transmission rate. New signal processing algorithms are required; optimize the hardware design so as to decrease cost. The MAC layer issues are describe as an effective channel allocation in multi-hop is needed. Advanced bridging functions must be developed for heterogeneous environment in MAC layer. The current research issues in routing layer are describe as the scalable routing is a critical requirement for WMNs. Lightweight but efficient routing protocols are required. Integrate routing and network coding is still a challenge for researchers [6]. Multicast protocols for ad hoc networks undergo security challenges. In [7], P.Sankareswary proposed a security extension to deal with the selfish nodes attack on MAODV. He explains that, the Source node broad-

JOURNAL OF COMPUTING, VOLUME 3, ISSUE 2, FEBRUARY 2011, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

then increment number of paths and again check for disjoint paths [10]. 2.3 Security Issues and Attacks in Wireless Communications Attack is a crack to achieve illegal access to resources, or the attempt to cooperation reliability, availability, or confidentiality [20]. As the deployment of wireless networks are not follow any particular infrastructure, due to the flexible topology wireless communication suffer varieties of security attacks. Some of these attacks are as follows: 2.3.1 Wormhole Attack: In a wormhole attack, adversaries collaborate to offer a low-latency side-channel for communication. The wormhole attack can disrupt the wireless networks, particularly location-based wireless security system and ad-hoc network routing protocols. Few proposed solutions are discussed below: Mahdi Taheri et. al [11] proposed a mechanism named Multipath Routing, for detecting and defending against wormhole attacks. He considers two types of channel, one for signaling with one link and other for user data with n-1 link. The original message is divided into n-1 parts with unique identifier. Generate a random number X such that 1<X<= (n-1), to be sent on one of n-channel. The codes parts in pairs using XOR technique associated to X. Every arrangement is sent over one of the channel, the Xth part is sent in simple text that will be the begin point for receiver to uncover other parts [11]. Other proposed scheme for the same problem is Wormhole Attack Prevention (WAP) [12]. In this scheme neighbor node monitoring is used to find out the neighbors. Suppose node A sends RREQ, which initiates a wormhole prevention timer, node B attains the RREQ, B have to broadcast to its neighbors as B is not a target. A check whether the RREQ arrives at within the timer. If A obtains the message after the timer ends, it considers B or one of B’s next nodes may be wormhole nodes. In order to keep away from wormhole, nodes watch the malicious activities of neighbors and maintain it into their own neighbor node table [12]. 2.3.2 Black-hole Attack: The wicked node abuse the ad-hoc routing protocol such as AODV, to announce itself as having a legitimate route to a destination node, although the route is false, with the objective of interrupting and pertaining to the packets that never forward. Black-hole attacks especially disrupt the routing protocols to upsets network performance and reliability. Few techniques are discussed below, to mitigate Black hole attack.

Intrusion Detection using Anomaly Detection (IDAD) scheme is proposed to handle Black hole attacks [13]. The Source node broadcasts route request then receive route replay. If route replay is different from audit data, save route to routing table and start to sending packets while the size of buffer is not zero. But if route replay is same as audit data, discard route replay and check for another route replay. The pre-collected set of glitch activities, termed as audit data. The audit data is composed and is supply to the IDAD system that is competent to evaluate every action of a host with audit data on a fly. If any action of a host be alike to the actions listed in the audit data, then the IDAD system separates the particular node by forbidding further interaction [13]. S.Bajwa and Khalid Khan et al. [14] has proposed GBHASM scheme for mobile ad-hoc networks. The model is based on two components, the first component has the explanation regarding how new node will become a part of network also performs the operation of communication. Server entertains request packet from new joining node. It responds with relationship acknowledgement to node and stay for the approval from the node. If node doesn’t replay within a time then the server rejects the joining request if not it throws its information. The received information as of new-joining node is kept in the database also allocates Node Code (NC) Pkk1 and Pkk2. The second component handles the communication action within the network. Later than becoming a part of the network, node make request for shortest path through pkk2 with packet. Each node will match pkk1 to pkk2, if its key matches within a time than the information will be released, otherwise time to live (TTL) of packet, force it to become meaningless [14]. 2.3.3 Flooding Attack: A flooding attack overcomes a victim’s inadequate resources, whether bandwidth, memory or processing cycles. Majority of the reactive protocols can easily get flooding attacks during their route finding process. Few proposed schemes for handling this attack, are discussing below. In [15] defined a scheme based on three threshold values i.e. friends, acquaintances & strangers. If a node sent or received plenty of messages to or from any node X, then it’s consider as friend node of X & put the highest value of threshold. If a node sent/received few messages from node X, consider this node as acquaintance and place it threshold value less than friend. And if a node never sent/received any message to/from node X, its consider as stranger and put its threshold value very low. Now suppose a node sends RREQ to its friend node, if RREQ value is less than the maximum threshold value, then RREQ is forwarded otherwise it discarded. If a node sends RREQ to its acquain-

JOURNAL OF COMPUTING, VOLUME 3, ISSUE 2, FEBRUARY 2011, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG 49

tance node, if RREQ value is less than its threshold, the RREQ forwards otherwise discards. Same rule will be applied in case of Stanger node. The threshold values are considered as friend > acquaintance > stranger [15]. Ping Yi et al. [16] Proposed Flooding Attack Prevention (FAP), a general defense against the Ad Hoc Flooding Attack. The scheme based on neighbor suppression. The main idea of neighbor suppression is that each neighbor calculates the rate of RREQ originated by intruder. If the rate exceeds some threshold, all neighbors will not receive and forward packets from intruder. Every node has to maintain two tables Rate-RREQ & Blacklist. The Rate-RREQ has two columns: Node-ID and RREQ-time. If a node receives a RREQ, it looks up the node ID in the table of Rate-RREQ, to ensure who is requesting. Find node ID and increment RREQ-time field by 1. If RREQ-time is greater than the threshold value, put node ID into Blacklist [16]. As in AODV the node set outs RREQ packet according to FIFO rule. In flooding attack prevention scheme [17], the FIFO has changed with rule of priority. Nodes maintain the priority & threshold for its neighbor node. The node priority is inversely proportion with RREQ frequency. If RREQ frequency of attacker increases by threshold value, the node will not entertain further RREQ from the attacker node. This technique is called Neighbor Suppression, which uses to mitigate RREQ flooding attack. For data flooding attack, path cutoff scheme is uses. The attacker has established a path from the invader to victim node ahead. Once the victim locates the DATA Flooding Attack, the path can be cut off from the attacker [17].

if found legitimate, they start to search their AMTTs, and put equivalent item’s validity indication as 1 or else they discard this RREP. When two nodes finish their communication, source node will send RANC (route announcement) to other intermediate nodes, all nodes receives RANC will delete corresponding items in their AMTTS table [18]. Flooding attack mitigation scheme present [19] describe as for every node, it observes the neighbor’s packets generated during an interval. The Packets are dropped if the rates of transmission packets are exceeded from threshold limit i.e. ‘α’. But if the same neighbor exceeds ‘α’ by blacklist-threshold ‘β’ then it is consider as flooding node. Now put this node to blacklist as a flooder and discarded all packets comes from flooded neighbor node. The node continuous monitors the behavior of blacklisted neighbor node in the successive periods. The blacklisted node has to show gentle behavior for ‘γ’ interval or whitelist-threshold to turn into white-listed. Given the blacklisted neighbor is experienced to be gentle, the observing node then whitelists the neighbor and starts to forward the packets for the neighbor [19]. 2.3.4 DOS Attack: Denial of service attack can attempt to flood a network, thereby preventing legitimate network traffic and prevent a particular individual from accessing a service. With the inherent resource limitations and vulnerabilities of WSN devices, they can easily catch attacks specially Denial-of-Service (DOS) attack. In [20] author survey different attack especially DOS attack to discover the attacker, his capabilities, purpose of the attack and the end result. He studied that Jamming is intentional intrusion with radio reception to deny the target. Spread-spectrum techniques can be used to overcome jamming problem. The intruder can damage, destroy or tamper the sensor nodes, camouflaging the packaging & using low-probability of intercept radio techniques, can mitigate these problems. An attacker can deliberately cause collisions, error correcting codes can be use to avoid attack. In selective forwarding sensor device can only neglect to forward certain messages, multiple disjoint routing paths and diversity coding can be use to overcome this problem. In wormhole attack, enemies collaborate to offer a lowlatency side-channel for communication packets are totally controlled by these two adversaries. Packet leashes scheme can be use to overcome this problem [20]. The following table provides a dash board in understanding the effectiveness of above IDS schemes.

Fig. 2: neighbor nodes isolate attacker [17] S. Li et al. [18] proposed Avoiding Mistaken Transmission Table (AMTT) scheme to combat Flooding attack. Each node establishes an AMTT table to record received RREQ packages and other fields. When one node wants to send package to any other node, it floods RREQ package. Each node receiving this RREQ fills the fields of its AMTT table, sets the RREQ Num field as 1. Now whenever receives a RREQ with the same node, the RREQ Num value increases by 1. The destination node receive RREQ, it fills AMTT table & sends RREP package. Other node checks it validity and

JOURNAL OF COMPUTING, VOLUME 3, ISSUE 2, FEBRUARY 2011, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

Table 1. Comparitive Study of Different IDS Schemes in Ad Hoc Networks
Attributes of an ideal Intrusion Detection System in Ad Hoc Networks
Proposed Scheme Overheads Fault-tolerant Scalability Types of attacks detect Simulation

Wireless Intrusion Detection system (WIDS) [Ref. 1]

Yes. The use of agents will slow down the communication. Yes. To maintain extra attributes of a table. No. without interfering routing operations.

Yes

Yes

Impersonation, network discovery, man-inthe-middle, DOS. Data flooding attacks Resource Consumption Attacks, Packet Dropping attacks, Fabrication Attack. Dropping of data packets, selfish behavior of nodes. Wormhole attack

Distributed dynamically configurable firewall architecture [4] Enhancement on Intrusion Detection Systems for Ad-hoc Networks (EIDAN) [5] Security extension to deal with the selfish node attack [7] Multipath Routing [11]

No. Single point of failure possible Yes

Yes Yes

Yes. using the Yazd university test bed No. Yes. Using NS-2

Wormhole Attack Prevention (WAP) [12]

Intrusion Detection using Anomaly Detection (IDAD) scheme [13] The extent of friendship between the nodes [15] Flooding Attack (FAP) [16] Prevention

No. Scheme has no cryptography or agents. Yes. Multipath increases transmission overhead. No. scheme has no special hardware or cryptography. only energy inefficient No. scheme minimizes the number of extra routing packets. No. scheme increases throughput Yes. Scheme has little overload.

yes

yes

Yes. Using NS-2 Yes. Using NS-2 Yes. Using QualNet Yes. Using NS-2 No. Only used AODV protocol. Yes. Using NS-2

Yes

Yes

Yes

Yes

Wormhole attack

Yes

Yes

black hole attack

Avoiding Mistaken Transmission Table(AMTT) [18]

Novel technique to deal with flooding attacks [19]

Yes. The use of tables will slow down the communication process. No.

No. malicious packets are still present in network No. fail to resist corporative work of two or more attacking nodes Yes. But within limited links.

No

Flooding attack

yes

Ad-hoc Flooding attack

No. fail to work on more link yes

Flooding attack

No

Yes

Flooding attack

Yes. Using NS-2

4

CONCLUSION AND FUTURE WORK

In this paper, we investigate some very common but challenging issues experienced by ad-hoc wireless communication. We have divided our studies into three sub-domains i.e. Security Models, Vulnerability in Current Protocols and Attacks. Security attacks are major issue of ad hoc networks which can be mitigated by adopting some proposed schemes. Here we explored the proposed methodologies and security schemes that guard against large number of attacks including DOS, Wormhole, Blackhole and Flooding attacks. Indeed these schemes are effective for detec-

tion attacks but still have limitations which raise questions on their usability. The protocols associated with MANETs require more research; especially reactive protocols may be traped by intruders at the time of route discovery process. Our comparative study on the basis of proposed IDS, may provide a direction and thinking towards solution space. The role of this paper is to spell out the severity of current security challenges and other correlated issues in ad hoc wireless communications.

JOURNAL OF COMPUTING, VOLUME 3, ISSUE 2, FEBRUARY 2011, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG 51

Future research in the area of vulnerabilities in current security models in wireless networks would concentrate on intelligent agents to enhance the precision of intrusion detection rate and replace static threshold values with dynamic values. Future research in the area of current wireless protocols would concentrate on higher transmission with low-cost, flexible and lesser energy consumption, which is still a challenging open issue. Also all current intrusion detection schemes discover attacks only by in view of the single layer but no robust intrusion detection method exists for wireless mesh environments. Future research in the area of security issues and attacks would concentrate on networkbased IDS as majority of proposed IDS uses host-based IDS schema.

[9]

Buttyan, L.; Csik, L.: “Security Analysis of Reliable Transport Layer Protocols for Wireless Sensor Networks” Pervasive Computing and Communications Workshops (PERCOM Workshops), 2010 8th IEEE International Conference, Publication Year: 2010 , Page(s): 419 - 424

[10] Al-Wakeel, S.S.; Al-Swailemm SA.: “PRSA: A Path Redundancy Based Security Algorithm for Wireless Sensor Networks” Wireless Communications and Networking Conference, 2007.WCNC 2007. IEEE , Publication Year: 2007 , Page(s): 4156 - 4160 [11] Taheri, Mahdi; Naderi, Majid; Barekatain, Mohammad Bagher: “New Approach for Detection and defending the Wormhole Attacks in Wireless Ad Hoc Networks” Electrical Engineering (ICEE), 2010 18th Iranian Conference on, 2010 , Page(s): 331 - 335 [12] Sun Choi; Doo-young Kim; Do-hyeon Lee; Jae-il Jung: “WAP: Wormhole Attack Prevention Algorithm in Mobile Ad Hoc Networks” Sensor Networks, Ubiquitous and Trustworthy Computing, 2008. SUTC '08. IEEE International Conference ,2008 pp.343 348 [13] Alem, Yibeltal Fantahun; Xuan, Zhao Cheng: “Preventing Black Hole Attack in Mobile Ad-hoc Networks Using Anomaly Detection” Future Computer and Communication (ICFCC), 2010 2nd International Conference , 2010 , Page(s): V3-672 - V3-676 [14] Shahid Shehzad Bajwa, M. Khalid Khan:“Grouped Black hole Attacks Security Model(GBHASM) for Wireless Ad-Hoc Networks” Computer and Automation Engineering (ICCAE), 2010 The 2nd International Conference Vol.1 , 2010 pp. 756-760 [15] Revathi Venkataraman, M. Pushpalatha, and T. Rama Rao, SRM University:“ Performance Analysis of Flooding Attack Prevention Algorithm in MANETs” worldacademy of science, engineering and technology , 2009 [16] Ping Yi; Zhoulin Dai; Yiping Zhong; Shiyong Zhang:“ A New Routing Attack in Mobile Ad Hoc Networks” International journal of information technology Vol. 11 No.2 [17] Ping Yi; Zhoulin Dai; Yiping Zhong; Shiyong Zhang: “Resisting Flooding Attacks in Ad-hoc Networks” Information Technology: Coding and Computing, 2005. ITCC 2005. International Conference , 2005 Page(s): 657 - 662 Vol. 2 [18] Shaomei Li; Qiang Liu; Hongchang Chen; Mantang Tan.: “A New Method to Resist Flooding Attacks in Ad Hoc Networks” Wireless Communications, Networking and Mobile Computing, 2006. WiCOM 2006.International Conference, 2006 , Page(s): 1 – 4 [19] Balakrishnan, V.; Varadharajan, V.; Tupakula, U.; Moe, M.E.G.: “Mitigating Flooding Attacks in Mobile Ad-hoc Networks Supporting Anonymous Communications” Wireless Broadband and Ultra Wideband Communications, 2007. AusWireless 2007. The 2nd International Conference, 2007 , Page(s): 29 – 29 [20] Anthony D. Wood and John A.Stankovie..: “A Taxonomy for Denial-of-Service Attacks in Wireless Sensor Networks” Computer Engineering and Applications (ICCEA), 2010 Second International Conference 2010 , Page(s): 199 – 203

REFERENCES
[1] Haddadi, F.; Sarram, M.A: “Wireless Intrusion Detection System Using a Lightweight Agent”computer and network technology (ICCNT), second international conference on digital object identifier,2010 pp.84-87 Li Gao; Chang, E.; Parvin, S.; Song Han; Dillon, T: “A Secure Key Management Model for Wireless Mesh Networks” Advanced Information Networking and Applications (AINA), 2010 24th IEEE International Conference on Digital Object Identifier, 2010 pp.655 – 660 Ana Paula R. da Silva. Marcelo H.T. Martins. Bruno P.S. Rocha. Antonio A.F. Loureiro: “Decentralized Intrusion Detection in Wireless Sensor Networks” Q2SWinet, 05, October 13, 2005, Montreal, Quebec, Canada. ACM, 2005 Sidra Akram, Izza Zubair, M. Hasan Islam: “Fully Distributed Dynamically Configurable Firewall to Resist DOS Attacks in MANET” Networked Digital Technologies, 2009. NDT '09. First International Conference on Digital Object Identifier, 2009 pp.547 549 Rajeswari, L. Prema; Annie, R. Arockia Xavier; Kannan, A: “Enhanced Intrusion Detection Techniques for Mobile Ad Hoc Networks” Information and Communication Technology in Electrical Sciences (ICTES 2007), 2007. ICTES. IET-UK International Conference , 2007 , Page(s): 1008 - 1013 Seth, S.; Gankotiya, A.; Jindal, A.: “Current State of Art Research Issues and Challenges in Wireless Mesh Networks” Computer Engineering and Applications (ICCEA), 2010 Second International Conference 2010 , Page(s): 199 – 203 Sankareswary, P.; Suganthi, R.; Sumathi, G.: “Impact of Selfish Nodes in Multicast Ad-hoc on demand Distance Vector Protocol” Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International Conference, 2010 , Page(s): 1 - 6 Bansal, Divya; Sofat, Sanjeev.: “Securing IEEE 802.11 based Hybrid Wireless Mesh Networks” E-Health Networking, Digital Ecosystems and Technologies (EDT), 2010 International Conference on Volume: 1, Publication Year: 2010 , Page(s): 431 – 435

[2]

[3]

[4]

[5]

[6]

[7]

AUTHORS’ PROFILES
Kashif Laeeq is a lecturer at the department of Computer Science in Federal Urdu University of Arts, Science & Technology, Karachi. He obtained his first master degree (M.Sc) in Mathematics from University of Karachi and did his second master (MCS) in computer science from

[8]

JOURNAL OF COMPUTING, VOLUME 3, ISSUE 2, FEBRUARY 2011, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

the same University. He is also doing MS in computer networking & telecommunication from PAF-KIET Karachi. Currently he has submitted his research paper on the topic of wireless security in IEEEP conference. His area of interest is computer networking, datacommunication and wireless communication specially MANETs. His major area of research is attacks on MANETs. Khalid Khan is a director MS program in College of Computer Science and College of Engineering Karachi Institute of Economics and Technology, Karachi. He has obtained master degree in computer science (MCS), MBA, MS and his Ph.D work is in final stage. He also teaches different master level subjects. He has published numerous papers in different conferences and journals. His area of interest is wireless communication, MANET, and network security.