1

Secure Routing in MANET and its Issues

Shahzad Ahmad M.phil (C.S) Roll # 10021719-004 Dept. of Computer Science, University of Gujrat. E-mail:pathfinderjak@yahoo.com Abstract Mobile ad hoc networks (MANET) are considered to be exemplary
networks for group communications. Mobile adhoc networks are always in threat of attacks due to their elastic structure. As their atmosphere is wireless so the hazard of these attacks is multiplied. Their mobile topology is one of basic reason of the attacks on them. Whenever these networks exchanged any kind of data they become more open for attacks. Most of the attacks are on the routing protocol of these networks. This paper throw light on this core issue of security and tell how these attacks may be minimized. It also tell different solutions to avoid these attacks. This paper also presents a systematic view about those attacks that are internally in MANET. Different applications that use MANET are exposed to these attacks. This paper give some feasible solutions for breaking attacks on mobile adhoc networks.

1-INTRODUCTION
In this section we take a birds eye view of the contemporary work that has been done in the field of the secure routing in the previous decades. Mobile adhoc networks has main aim to get the maximum security in a network. It need access to network with integrity, and availability of all time. This access should also be confidential with best control over entire network. MANET also grade the different applications of the network according to their compassion and importance MANET has to face the different type of attacks These attacks are of different kinds and types and they also depend on the topology of the network. For example they may be Gray Hole Attacks, the Black Hole Attacks [2]. Some attacks are active and some are Passive. These Passive attacks are more difficult to find out. Different papers has explore these attacks in their own way. And different solutions are proposed in by different research scholars. [7][8]

2-Comparitve Work in Secure Routing

MANET are a special type of networks. In MANET all nodes in which laptops, PDAs etc are included are always in motion. In network they no fixed place. Researchers always work hard and try to find methods to make these networks secure. As these networks may be developed in emergency and usually no formal planning is make to construct them so their place of installation may dynamic.

In adhoc networks the protocol function is find new routes to the destination for nodes. As the nodes are mobile so topology is always changing with time. The chances of outside attacks on these networks is maximum due to their open topology. These attacks are maximum when data exchanging is in progress. To maintain the routing protocol at this stage became difficult. Because these protocols are designed without keeping in mind any security concerns. Generally it is assumed that when we change the design of topology to reduce the external intruders the effectiveness of these networks is reduced. Sometime even denial of service may occur. These networks does not use any extra hardware so they seemed fit for military services and disaster management. For example for operating in battlefield these networks should have strong privacy and security of information. So we need strong motives to make these networks secure [3]. Different suggestions are given by different computer scientist in this regard. Some of them are ARAN[10],SAODV[11] and SRAODV[12]. Countless research activities are carried on in the field of Mobile Ad hoc networks and many new protocols has been discussed by different persons for routing in MANET keeping in mind the security issues. The proposals that keep tracks of safe routing. [1] use cryptographic technique. But these proposals are expensive due to large computation that is involved in cryptography. These proposals become too much costly when power supporting devices batteries are used. Different researchers proposed different solutions for discovering a safe route in MANET. For example secret key signature authentication. These researchers are BASAGNI[11], ARIDANE SEAD & HUE, PERIG [16],[17]. Different layers are set to maximize the protection and reduce the hazard of intruders.

3-Attacks and Vulnerabilities

We first analyze the security problems concerning MANETs. Here some issues are listed below that are commonly faced by the MANET. A node is vulnerable to attacks if it can not prove its authenticity as legitimate node of cluster. In MANET when one security Issue is tried to solve some new issues arise In the following some issue are cited.

Easy holdup of nodes: Some node may totally disappear from the network. Its
reason may be that they have been out of order or may be stolen. In this way in protocols where every node is working as server and transmitting data further this issue can create serious problem. This issue may break the link of the topology and even data loss may occur. This effect the performance of those nodes too which are working in a best condition. This problem can be solved with the help of key proof. Tampered node can be identified and may be replaced.

Vulnerability to tampering. This difficulty is just like the problem of theft. It must not
be trivial for example to recover private keys from the device. Tampered node can be distinguished from others.

Limited computational abilities. In network power difference of different node may

affect the performance of the network. Some node has less battery timing and some have low data storing capacity. This issue create problem.

Battery powered operation. Often nodes are powered by battery because they are
often in continous moment. Sometime attackers may increase the computation of nodes so more battery powers is consumed and in case a node becomes dead in short time.

Passive attacks: Passive attacks are very brutal issue in MANET. These attacks
does not disturb the normal functionality of the network. They listen the topology silently and gather information and then at the base of this information they disturb the network.

Active attacks: Active attacks change the total modification of data in improper way.
They put false data packet into the network traffic. These have two types external and internal attacks. Internal attack is caused by those nodes which are not part of the topology and internal attack is caused by those nodes which take part in network traffic. These are more difficult to overtake. [1]

Black hole: An attacker can shows the topology as having shortest route to a
destination whose data packets it wants to approach; thereby source began to send data through this node. When a route request is received to this suspicious node it immediately sends the route reply to the origin. Now if this Rout Reply is received to the source from this suspicious node first it begins to send all its traffic via this node. This node as a route discards all the data packets which result in the loss of data. So an attacker forwards the route requests and route reply but does not forward the required amount of data. Such attacks are called gray hole attacks. Another kind of attack is wormhole when two or more nodes in a topology set a private connection between them. They both belong to the adhoc network and this may be an internal attack. If two nodes A and B form a wormhole then B receive all data through A and also forwards through A. In this way whole network is disturbed as a consequence denial of service may occur. Such kind of attack may be on the bandwidth of the network of flooding the whole network. A wormhole node may generate millions of route request and may flood the network and network service may be unavailable to other nodes.

Energy consummation: It is also a big issue in MOBILE AD HOC networks. As

nodes are powered by batteries and power of batteries is limited. It decrease with time. This issue create problem for mobile nodes.

Security Shield Proposed for SAODV

SAODV is further extension in the working of AODV. Two points are very important about the security of the AODV. One is its sending side or source should be completely secure and other is its message should be integrated. Message integrity is most important in AODV routing. Moreover some other security measures are taken for different kind of attacks. Generally it uses the Key Management Scheme. SAODV routing messages are given the digital signature as name of the node to check if the node is reliable or not. When ever a node generates a message it signs it. The main drawback of this practice is use of Public Key Cryptography which needs a lot of dispensation power [4]. In SAODV external nodes are given authentication password to enter in the network. All nodes of a network are given the same password and every node check the authenticity of the node before forwarding a route request and if it found to be legal then request is forwarded. So in this way any node which has not this authenticity is excluded from the network. If a table is updated after 70ms then table overflow does not occur. If the nodes between origin and destination are inactivate and RREQ is only forward to the destination nodes. If the reply comes from the intermediate nodes then the source node sends an enquiry to check whether this node exists or not. If this exists then packets are sends via these nodes. If source node receives packets from other then these nodes then these packets are discarded and an alarm message is send to the network. In this ways security measurements are fulfilled.

MAODV and its Flaws in Security

Multicast operation of AODV is called MAODV. It has many similarities with AODV.It discovers routes on demand. It multicast data in the form of a tree which join all group fellows. These group members are attached through forwarding nodes. In MAODV it is not sure that packets has reached on destination or not due to absence of acknowledgement. So following type of attacks may suffer MAODV. [18] Impersonation: A node may take the place of other node by sending RREQs with its address and may declare itself an originator node. Specious routes: A node speciously changes its hop count information and shows a short route to himself by sending RREP. Denial of Service: A node may get repeated RREQs and do not forward it and thus it result a wrong path failure. Flooding: A node can flood the network by sending repeated RREQs.

Altering DSN: A node can change its sequence number to a node by just sending at least two Route Request packets. ATTACKS IN MAODV There are two types of attacks on MAODV.
BLACKHOLE ATTACK

In this kind of attack a fake node may send the RREP for a y RREQ message by deceiving the originator node.
Wormhole Attack

In such kind of attacks attackers may rebroadcast the message by changing the location in their own high speed network. Trust Based Solution for both Black Hole Attack and Wormhole Attack This solution ensures that data is delivered to all multicast group although attacker are in vicinity of the network. It also guarantees that only approved node can perform certain kind of actions. This solution prevents nodes from establishing new multicast tree for RREQs and RREPs. A parameter known as TV (Trust Value) is used to choose the new path which makes the path trustworthy. Every time a node sends RREQs to become part of the Multicast group to which it has no path. An immediate node after receiving a RREQ packet updates its path in the routing table and adds the trust value TV of its link and forwards it to the next node. The trust level can be calculated based on the events recorded in table.

Security Shield Proposed for DSR

DSR is a proactive routing protocol which seeks for paths between at least two nodes when there are actual packets waiting to be transmitted from source S to destination D. It therefore initiates a route discovery, flooding the network with a route request. During this flooding process the nodes create a list of traversed nodes in the packets. As starting point for developing a secure MANET routing protocol. [18]

The security problems faced DSR

Selfish Behavior: Resources are very limited in most mobile device so DSR use the MANET resources only for transmitting own traffic. It adopts the strategy of using only known nodes for avoiding the suspicious nodes. They use only the chosen routes and refuse the request by altering the route requests. Malicious Behavior: Some time there may be some malicious nodes in the network which may attack the network due to different reasons. As these nodes are part of the network so these attacks may be very dangerous. Due to these attacks DOS or rerouting or forge routing may be occurring.

Information leakage: DSR based mobile adhoc networks contain information which may be precious for intruders. The main aim of these attackers is to get this precious information that is present in MANET. This may be profile of users or data transmitted in the network. When attackers attack the network they misuse this information. It affect the reliability of the network or change the bandwidth of the network. So it become worse need to develop such security system which shield the all such attackers.

Secure Routing is DSR (SDSR)

A secure routing criterion is proposed for DSR Secure DSDSR with the following aims. 1) Ensuring route integrity: Route is secure in such a way that no node which is unidentifiable cannot enter in the network. DOS or black hole attacks that break the route are stopped. Route freshness is maintained. 2) Ensuring route freshness: old and replaying packets can be discarded with route freshness that may guide to wrong routes. 3) Verification of sharing nodes: After the establishment of the route both destination and source check the route and verify the participant node the if any node is taking the place of other of spoofing the other node. 4) Interchange of session keys: When a link is established between source and destination they use the session keys exchange method to block the interference of stranger nodes in the network. 5) Low Overhead: Since SDSR have to normally work on small devices like palm tops or Mobil phones, and normally these devices produce less overhead in the network. So a network is designed in such a way the it does not use the cryptography or use the less memory.

Conclusion and Future Work

This review paper throw a brief light on all hazard that mobile ad hoc networks has to face while working. Those hazard have been discussed briefly and a case study of three Protocols like AODV, MAODV and DSR in the context of attacks on these protocols is also discussed. We also discuss how these attacks are initiated. We also discuss the most common types of attacks on MANET when it is connected to network. Different type of attacks are also categorize in this paper. It is also discussed how these attacks affect the overall performance of the network The security issue is most likely same in all of above cited protocols. As the types of the attacks is almost same so it can be concluded that some similarity is also found in their protective shield.. There are many loops in MANET which make it most vulnerable to external attacks. When we make a

comparison of these different protocols we come to the result there are many similarities in security hazard faced to these protocols. Hence, security cognizance setups should be built-in features for all sorts of applications based on ad hoc network. Every tomorrow has its own issues. When we design new scenarios for secure routing new issues come in our fate. So such networks should be part of system which consume smaller amount of energy which are hand picking and whose independency will be minimal. If they will be handled from central system then the chances to hijack them will be low For checking their performance we can use the simulators so that actual environment does not affect then at initial stage.

References
[1] Implementation of Routing Security Aspects in AODV

Suman Deswal and Sukhbir Singh [2] Y. C. Hu, D. Johnson, and A. Perrig. SEAD: Secure Efficient Distance Vector Routing for Mobile Wireless Ad [3] Lidong Zhou and Zygmunt J.Haas Securing Ad Hoc networks IEEE Network,November/December 1999. Hoc Networks (pdf). In 4th IEEE Workshop on Mobile Computing Systems and Applications (WMCSA 02), June 2002, pages 3-13, June 2002. [a] Yih-Chun Hu, David B.Johnson and Adrian Perrig SEAD: secure efficient distance vector routing for mobile wireless Ad Hoc networks IEEE fourth workshop (SMCSA02) June 2002 Calicoon NewYork. [5] Seung Yi, Prasad Naldurg, Robin Kravets A security-aware routing protocol for wireless Ad Hoc networks 4-Securing AODV for MANETs using Message Digest with Secret Key Mr. Kamaljit Lakhtaria1, Prof. Bhaskar N. Patel2, Mr. Satish G. Prajapati3, Dr. N. N. Jani4 313. [b] Seung Yi, Prasad Naldurg, Robin Kravets A security-aware routing protocol for wireless Ad Hoc networks http://www-sal.cs.uiuc.edu/~rhk/pubs/ SCI2002.pdf. [7] Panagiotis Papadimitratos and Zygmunt J. Haas Secure routing for mobile Ad hoc networks Wireless Networks Laboratory, School of Electrical and Computer Engineering, Cornell University,395 and 323 F.T. Rhodes Hall, Ithaca NY 14853 [8] Varaprasad, G.; Venkataram, P. The analysis of secure routing in mobile Ad Hoc network Conference on Computational Intelligence and Multimedia Applications, 2007. International Conference on Volume 4, Issue , 13-15 Dec. 2007 Page(s):393 397 [10] K. Sanzgiri, B. Dahill, B. Levine, C. Shields, & E. Belding-Royer, A secure routing protocol for ad hoc networks, Proc. 10th IEEE International Conference of. Network Protocols (ICNP 02), 2002, 7887. [11] M. Zapata, N. Asokan, Securing ad hoc routing protocols, Proc. ACM Workshop on Wireless Security (WiSe), 2002, 110. [12] A. Pirzada, C. McDonald, Secure routing with the AODV protocol, Proc. the Asia-Pacific Conference on Communications, 2005, 57-61.

8 [13] P. Papadimitratos and Z. J. Haas, \Secure routing for mobile ad hoc networks," in Proc. of the SCS Communication Networks and Distributed Systems Modeling and Simulation Conference, pp. 27 { 31, Jan 2002. [14] S. Basagni, K. Herrin, D. Bruschi, and E. Rosti, \Secure pebblenets," in Proc. of ACM MobiHoc 2001, pp. 156{163, 2001. [15] Y. Hu, A. Perrig, and D. V. Johnson, \E_cient security mechanisms for routing protocols," in Proc. of the 10th Annual Network and Distributed System Security Symposium, 2003. [16] S. Yi, P. Naldurg, and R. Kravets, \Security-aware routing protocol for wireless ad hoc networks," in Proc. of ACM MobiHoc 2001, Oct 2001. [17] Y. Hu, A. Perrig, and D. B. Johnson, \Ariadne: A secure on-demand routing protocol for ad hoc networks," in Proc. of (MobiCom 2002), Sept. 2002. [3] Y.-C. Hu, D. B. Johnson, and A. Perrig, \SEAD: Secure e_cient distance vector routing for mobile wireless ad hoc networks," in 4th IEEE Workshop on Mobile Computing Systems and Applications, June 2002. [18] S. Buchegger and J. L. Bo [17] Routing Security in Ad Hoc Networks Janne Lundberg Helsinki University of Technology Telecommunications Software and Multimedia Laboratory Janne.Lundberg@hut.fi 18-SECURE MEASURES FOR THE VULNERABILITIES IN MAODV Mr. A. Amuthan Associate Professor Department of Computer Science & Engineering Pondicherry Engineering College amuthan@pec.edu [18]Secure Dynamic Source Routing Frank Kargl, Alfred Gei, Stefan Schlott, Michael Weber University of Ulm, Germany {givenname.surname}@informatik.uni-ulm.de