10.2 ISSUES AND CHALLENGES IN PROVIDING QOS IN AD HOC WIRELESS NETWORKS Providing QoS support in ad hoc wireless networks is an active research area ‘Ad hoc wireless networks have certain unique cherecteristics that pose several dif ficulties in provisioning QoS. Some of the characteristics are dynamically varying network topology, lack of precise state information, lack ofa central controller, error prone shared radio channel, limited resource availabilty, hidden terminal problem, ‘and insecure medium. A detailed discussion on how each of the above-mentioned characteristics affects QoS provisioning in ad hoc wireless nesworks is given below ‘« Dynamically varying network topology: Since the nodes in an ad hoe wireless network do not have any restriction on mobility, the network topalogy changes dynamically. Hence, the admitted QoS sessions may sulfer due to frequent path breaks, thereby requiring such sessions to be reestablished over new paths. The delay incurred in reestablishing a QoS session may cause some of the packets belonging to that session to mise their delay targets/dendlines, ‘which Is not acceptable for applications that have stringent QoS requirements. ‘+ Improcise state information: In most cases, the nodes in an ad hoe wireless network maintain both the link-specife state information and flow-specifc state information. ‘The link-specifc state information includes bandwidth, olay, delay jitter, loss rate, eror rate, stability, cost, and distance values for tach link. The flow-specifc information includes session ID, source address, destination address, and QoS requirements of the flow (such as maximum bandwidth requirement, minimum bandwidth requirement, maximam delay, ‘and maximum delay jitter). The state information is inherently imprecise due to dynamic changes in network topology and channel characteristics. Hence, routing decisions may not be accurate, resulting in some of the real-time packets missing their deadlines. ‘+ Lack of central coordination: Unlike wireless LANs and cellular networks, ‘ad hoe wireless networks do not have contral controllers to coordinate the activity ofnodes. This further complicates QoS provisioningin ad hoe wireless networks, # Error-prone shared radio channel: The radio chennel is a broadcast medium by nature. During propagation through the wireless medium, the radio waves suffer from several impairments such as attenuation, multipath propagation, and interference (from other wireless devices operating in the vicinity) as discussed in Chapter 1 ‘* Hidden terminal problem: The hidden terminal problem is inherent in fad hoc wireless networks. ‘This problem occurs when packets originating from two or more sender nodes, which are not within the direct transmisr sion range of each other, collide at a common receiver node. Tt necessitates the retransmission of the packets, which may not be acceptable for flows that 509 hhave stringent QoS requirements. The RTS/OTS control packet exchenge anechanisin, proposed in [2} and adopted later inthe IEEE 802.11 standard {2}, reduces the hidden terminal problem only to a certain extent. BTMA and DBTMA provide two important solutions for this problem, which are described in Chapter 6 Limited resource availability: Resources such as bandwidth, battery life, storage space, and processing capability are limited in ad hoe wireless not- ‘works. Out of these, bandwidth and battery life are critical resourens, the availablity of which significantly affects the performance of the QoS provi sioning mechanism. Hence, efficient resource management mechanisms are required for optimal utilization of these scarce reeources Insecure medium: Due to the broadesst nature of the wireless medium, ‘communieation through a wireless channel is highly insecure. Therefore, se” arity isan important issue in ad hoc wireless networks, especially for military and tactical applications. Ad hoc wireless networks are susceptible to attacks such as eavesdropping, spoofing, denial of service, message distortion, and im= personation. Without sophisticated security mechanisms, itis very dificult to provide secure communication guarantees,10.3 CLASSIFICATIONS OF QOS SOLUTIONS ‘The QoS solutions can be classified in two ways. One classification is based on the QoS approach employed, while the other one classifies QoS solutions based on the layer at which they operate in the network protocol stack. 10.3.1 Classifications of QoS Approaches ‘As shown in Figure 10.2, several criteria are used for classifying QoS approaches ‘The QoS approaches can be classified based on the interaction between the routing protocol and the QoS provisioning mechanism, based on the interaction between the network end the MAC layers, or based on the routing information update meche- nism. Based onthe interaction between the routing protocol and the QoS provsin- jing mechanism, QoS approaches can be clasifed into two categories: coupled and On-Demand} Tae-Devea Depentens hasificatonsof QoS “Appreastes Bised on interaction between nesta and MAC yer Todependeat Figure 10.2. Classifications of QoS approaches. Decoupled ‘Buse on interaction between ong protocol and QoS provisioning mechan sun512 Quality of Service in Ad Hoc Wireless Networks _ Chapter 10 decoupled QoS approaches. In the case of the coupled QoS approach, the routing protocol and the QoS provisioning mechanism closely interact with each other for delivering QoS guarantees. If the routing protocol changes, it may fail to ensure QoS guarantees. But in the case of the decoupled approach, the QoS provision- ing mechanism does not depend on any specific routing protocol to ensure QoS guarantees. Similarly, based on the interaction between the routing protocol and the MAC protocol, QoS approaches can be classified into two categories: independent and dependent QoS approaches. In the independent QoS approach, the network layer is not dependent on the MAC layer for QoS provisioning. The dependent QoS ap- proach requires the MAC layer to assist the routing protocol for QoS provisioning. Finally, based on the routing information update mechanism employed, QoS ap- proaches can be classified into three categories, namely, table-driven, on-demand, and hybrid QoS approaches. In the table-driven approach, each node in the net- work maintains a routing table which aids in forwarding packets. In the on-demand approach, no such tables are maintained at the nodes, and hence the source node has to discover the route on the fly. The hybrid approach incorporates features of both the table-driven and the on-demand approaches. 10.3.2 Layer-Wise Classification of Existing QoS Solutions The existing QoS solutions can also be classified based on which layer in the network protocol stack they operate in. Figure 10.3 gives a layer-wise classification of QoS solutions. The figure also shows some of the cross-layer QoS solutions proposed for ad hoc wireless networks. The following sections describe the various QoS solutions listed in Figure 10.Layer-Wise QoS Solutions a S| MAC/DLL Network Layer QoS Frameworks Solutions Solutions (cross-layer Cluster TDMA [3] ee INSIGNIA [30] 802.1¢ [4, 7-10] ; INORA [31] DBASE [11] | On-Demand | |Table-Dri Hybrid SWAN G2] MACASPR [12] Tapia} Lpeor tis} Fexne PRTMAC [33] RTMAC [13] TDR [16] CEDAR [24] QoSAODV [17] OQR (20) OLMQR [21] AQR [22, 23] Figure 10.3. Layer-wise classification of QoS solutions.10.1.2, QoS Parameters in Ad Hoc Wireless Networks As different applications have different requirements, the services required by them and the associated QoS parameters differ from application to application. For example, in case of multimedia applications, bandwidth, delay jitter, and delay are the key QoS parameters, whereas military applications have stringent security requirements. For applications such as emergency search-and-rescue operations, availability of the network is the key QoS parameter. Applications such as group communication in a conference hall require that the transmissions among nodes consume as little energy as possible. Hence, battery life is the key QoS parameter here. Unlike traditional wired networks, where the QoS parameters are mainly char- acterized by the requirements of multimedia traffic, in ad hoc wireless networks the QoS requirements are more influenced by the resource constraints of the nodes. Some of the resource constraints are battery charge, processing power, and buffer space.Intrusion Detection Techniques * Intrusion detection systems (IDSs) types — Network-based + A network-based IDS runs at the gateway of a network and “captures” and examines network packets that go through the network hardware interface, — Host-based + A host-based IDS relies on operating system audit data to monitor and analyze the events generated by programs or users on the host Architecture Overview “monitoring nodes” runs an IDS agent — every node scheme — clustering-based IDS agent detect intrusions (indi./ collectively) Internal of an IDS agent TOS agent — Data collection module — Local detection engine Deseo || eer — Cooperative detection engine { f ~ Local response module = Global response module i { — Secure communication module aati | [Perec Trt rs ler noo chante ee Bsa oe copeine een egine [>] cetcton ene— Datacollection module * Gathers streams of real-time network and user data — Local detection engine * analyzes the local data traces — Cooperative detection engine * Iflocal detection evidence is weak, it triggers a cooperative detection procedure — Local response module/Global response module — re-authenticate nodes and re-organize the network — Secure communication module + Provide a channel for secure routing el A Learning-Based Approach * The main idea — First start with a (broad) set of features — Apply data mining algorithms — Compute temporal and statistical patterns — Describe the correlations among the features and the co-occurring events, — Select consistent patterns of normal activities and the unique patterns associated with intrusions — Identify and analyze appropriate features — Construct additional features Case Study: Anomaly DetectionVulnerabilities of Mobile Ad Hoc Networks * Why MANET much more vulnerable than a wired network — Attacks can come from all directions. — Inadequate physical protection due to mobility — Lack of centralized authority MANET Security Attacks Based on Attack origin Based on Attack nature EE) IE Potential Attacks Types — External attacks + By replicating Identity — Internal attacks + By replicating Behavior = Attacks on routing layer = Attacks on routing protocols « Attacks on packet forwarding/delivery* Objectives of attacks — network partition, = routing loop, — Resource or route hijack * Examples of Attacks — Modifying a Route Reply message to inject a false route. — Generating bogus Route Error to disrupt a working route. — Suppressing Route Error to mislead others. Sophisticated routing attacks * Wormhole attacks — Create a tunnel between nodes to falsify hop-count metric. + Rushing attocks — Arrushed malicious route message may block legitimate messages that arrive later. + Sybit attacks — One malicious node takes up multiple identities seaman | MtacTvee ign Tengen Ta Far Tinea TT pa aT fomating [ihe poet ov, | al dete ond tie aside Raed torrents | SAR ots | teat attack 2-Creditable routing table Is employed detect the black Foes and eliminate therm TAmplementing digital middteattack | the packets at one signature to detect and slde of the network prevent the attack and forwards it to protocal | 2-A cooperative approach ss another sie. used among the notes to detect and mily the attack Disturbing | Malicious node pulls | Any Ad] UTrust based algorithm is The attacker records Wormhole Attack. CCommunieti | networks tthe | oc | used to minimize. snkole ticie mad | 00 towardstsefandean | roving | attack Sakae Mek fabricate or modify | protocol | 2-Mobile agents are used in a the packets technique to. detect and reduce the attack.Routing received. Security Attack | Attack Type | Brief Description of |p ctoco} Mitigation Techniques (Function) the Attack employed Grey-holeattack | S#ectvely |The atiacker drops | AODV Detection mechanism drops packets | part of the data and involves proactively invoking cheats the previous of collaborative and node. distributive algorithm involving neighbors. Reduce The Intruder floods | Any Ad] 1-Delaying the RREP from system the network with | Hoe target to source to reduce the efficiency | faked traffic to| routing | number of messages sent in damage the efficient | protocol | the network and so the functionality and the Nooding is controlled. Flooding attack smooth of the 2-A capability based network. messages are forwarded by each node to preserve the global view of throughput and hence failing the attack. False data |The malicious node | AODV | Fuzzy logic soft computing Route Insertion | sent wrong routing method is used to create a Fabrication messages into the quantifiable trust value network. among the network nodes. Tmpersonatin | The attackerassumes [Any Ad] To use secure public key Shoafing gothernodes'| the identity of | Hoc authentication which is identity another node in the | routing | based on the trust model. network. protocol Dropping of| Selfish nodes drop all | DSR, AODV | Point Detection Algorithm Packet dropping | packets the packets that they (PDA) is employed.Limitations of Prevention Techniques Designed for known attacks. Added overhead and complexity; unrealistic for MANET Better go for — Detection and response — Security policies and vulnerability analysis Proposed solution — Intrusion Detection Techniques 14-16/21Vulnerabilities of Mobile Ad Hoc Networks ¢ Why MANET much more vulnerable than a wired network — Attacks can come from all directions. — Inadequate physical protection due to mobility — Lack of centralized authoritySecurity Issues with MANETs The constantly changing nature of the network topology coupled with data transmission in open medium makes it highly susceptible to attacks. Security issues with respect to data confidentiality, availability of systems and applications, authentication, system Integrity are Just as threatening as in conventional networks. Vulnerabilities can lead to message eavesdropping, injection of fake messages, denial of service attack or poor monitoring of routing information. MANETs are susceptible to both internal and external attacks. Internal Attacks Internal attacks target the nodes directly as well as the networking interface links which facilitate seamless transmission. The routing tables which are at the core of direct node communication are prime targets. With each node hosting a copy of the routing table detecting these types of attacks can be very difficult. Incorrect routing information once broadcast and adopted around the network from the corrupt nodes, makes Isolating the culprit more difficult. External Attacks External attacks target the performance of the network. These include network congestions, denial of Service (DoS) attacks and corrupt routing information. Implementing a Secure MANET With Its lack of prior organization and centralization the security issues in a MANET differ from those found in other conventional network infrastructures and therefore require different security mechanisms. A number of ‘first line of defense’ security measures can be implemented to reduce the occurrence of attacks.Secure Routing Protocols © Both Attack prevention mechanisms are useful to authenticate MANET nodes and prevent outsiders from masquerading as internal nodes. © They however cannot prevent internal attacks such as misbehaving nodes attacking on ad-hoc routing. © This will require secure routing with hardened protocols that force every nodes to abide the rules. © Indeed, several such secure MANET routing protocols have been proposed to enhance or replace existing ones. re Secure Routing — examples ‘ © SEAD (Secure Efficient Ad Hoc Distance Vector) has been proposed to replace DSDV as a secure distance-vector-based MANET routing protocol. © Ariadne, a new secure on-demand ad-hoc routing protocol, can secure DSR and prevent its most severe attacks such as modifying the discovered routes. © ARAN and SAODV, have been proposed to secure AODV with public key cryptography.