Professional Documents
Culture Documents
I. INTRODUCTION
Wireless mobile nodes, that group together for networking
build an Ad hoc network. Such networks operate without any
centralized control. Communication between nodes in such a
network is dependent on the specific network characteristics.
Lack of centralized administration together with the limited
transmission capabilities of wireless devices makes it necessary
for the nodes to cooperate with other nodes in transmitting the
packets from source to destination. Thus each node contributes
towards the network as a host as well as, a routing device for
the purpose of forwarding network packets. This forms a
cooperated communication path between the nodes that are not
in direct transmission range of each other. This transmission is
governed by Ad hoc routing protocols that allow the nodes to
discover paths throughout the network to any other node by
dynamically establishing routes among themselves.
In a Mobile Ad hoc Network (MANET), a collection of
mobile devices with wireless network interfaces that wish to
communicate build a dynamic network without any central
infrastructure or preplanned routing links. For this reason, a
MANET is often referred to as an autonomous and
infrastructure-less network with self-configuring and selfmaintenance capabilities. Two kinds of transmission scenarios
are formed in MANETs.
Firstly, the nodes that are in communication range of
each other directly send and receive messages from each other.
Secondly, the nodes that are not within communication
range of each other rely on other intermediate nodes for
delivery of packets.
J. Mobile Nodes
At times the mobile nature of nodes may even create
network error. Since nodes can freely join or leave a network
so it is easy for nodes to behave maliciously.
K. Scalability
Due to mobility of network the scale of the network is
changing all the time.
L. Variation in nodes
Each node has different transmission and receiving
capabilities. In addition each mobile node has different
software/hardware configurations which cause trouble in
operating in a network.
M. Security
It is one of the major issues in MANETs. All major
networking tasks such as routing and packet formatting are
done by nodes itself which are mobile. Any attacker can easily
attack on the network and can acquire the data.
N. Resource Availability
For MANETs providing secure communication in such a
challenging environment where the network is mobile and is
vulnerable to attacks requires various resources and
architectures.
III. SECURITY GOALS IN ADHOC NETWORKS
The goals of security mechanism of MANETs are similar to
that of other network [5]. Security is a great issue in network
especially in MANETs where security attacks can affect the
nodes limited resources and consume them or waste the time
before rote chain broke. Security is a vectored term of multi
systems, procedures and functions that works together to reach
certain level of security attributes. Table 2 below shows those
attributes.
A. Availability
The main goal of availability is to node will be available to
its users when expected, i.e. survivability of network services
despite denial of service attack. For example, on the physical
and media access control layers, an adversary could employ
jamming to interfere with communication on physical channel
while on network layer it could disrupt the routing protocol
and continuity of services of the network. Again, in higher
levels, an adversary could bring down high-level services such
as key management service, authentication service.
B. Confidentiality
The goal of confidentiality is to keeping information secret
from unauthorized user or nodes. In other words, ensures
payload data and header information is never disclosed to
unauthorized nodes. The standard approach for keeping
information confidential is to encrypt the data with a secret
key that only intended receivers possess, hence achieving
confidentiality.
C. Integrity
The goal of integrity is to message being transmitted is
never corrupted. Integrity guarantees the identity of the
messages when they are transmitted. Integrity can be
compromised mainly in two ways.
Malicious altering: - A message can be removed, replayed or
revised by an adversary with malicious goal.
Accidental altering:- , if the message is lost or its content is
changed due to some benign failures, which may be
transmission errors in communication or hardware errors such
as hard disk failure.
D. Authentication
The goal of authentication is too able to identify a user and to
able to prevent impersonation. In infrastructure-based wireless
network, it is possible to implement a central authority at a point such
as base station or access point. But in MANETs, there is no central
administration so it is difficult to authenticate an entity.
E. Non repudiation
The main goal of non-repudiation is to the origin of a message
cannot deny having sent the message. This is useful when for
detection and isolation of compromised nodes. When node P receives
an erroneous message from Q, non-repudiation allows P to access Q
using this message and to convince other nodes that Q is
compromised.
F. Authorization
Authorization is a process in which an entity is issued a
credential, which specifies the privileges and permissions it has and
cannot be falsified, by the certificate authority. Authorization is
generally used to assign different access rights to different level of
users.
in packet delivery
degradation.
and
network
performance
E. Blackhole attack
BLACKHOLE attack is one of the attacks in which
attacker node advertises itself as having a good route to the
destination and tries to attract traffic towards itself. Once a
source node receives the route advertised by attacker node, it
selects the same route for data transmission and starts sending
data packets. When attacker node receives traffic from source,
it drops all of received packets which it had to forward further.
Due to this, packet delivery ratio gets decreased and all
resources utilization is wasted [4].
H. Rushing Attack
Many demand-driven protocols such as ODMRP, MAODV,
and ADMR, which use the duplicate suppression mechanism
in their operations, are vulnerable to rushing attacks. When
source nodes flood the network with route discovery packets
in order to find routes to the destinations, each intermediate
node processes only the first non-duplicate packet and
discards any duplicate packets that arrive at a later time.
Rushing attackers, by skipping some of the routing processes,
can quickly forward these packets and be able to gain access
to the forwarding group.
VII. DATA LINK LAYER ATTACKS
The dependability and security aspects of a MANET,
including reliability and availability, are of great importance
for mission-critical and other information-sensitive
applications. As a major threat to MANET security, quite a
few Denial of Service (DoS) attacks have been discovered and
discussed in the literature. According to their goals, DoS
attacks can be broadly classified into two classes: routing
disruption attacks and resource consumption attacks.
A. Disruption attack
F. Byzantine attack
Here, a compromised intermediate node or a set of
compromised intermediate nodes works in collusion and
carries out attacks such as creating routing loops, routing
packets on non-optimal paths, and selectively dropping
packets as in . Byzantine failures are hard to detect. The
network would seem to operate normally in the viewpoint of
nodes, though it may actually be exhibiting Byzantine
behavior [9].
Causes of Byzantines Failures
The Byzantine nodes in the selected active path set will
degrade the performance of the secure message transmission.
The malicious nodes may attack the transmission by 1) non
forwarding 2) traffic deviations and route modifications 3)
frequent route updates
G. Flooding attack
A malicious node, also called compromised node, can
sabotage the other nodes or even the whole network, by
launching a denial of service attack, by either dropping
packets or by flooding the network with a large number of
RREQs to invalid destinations in the network, thus jamming
the routes of communication. Flooding attack is one such type
of DoS attack, in which a compromised node floods the entire
network by sending a large number of fake RREQs to
nonexistent nodes in the network or by streaming large
volumes of useless DATA packets to the other nodes of the
network [12]. This results in network congestion, thus leading
to a Denial of Service.
B. Eavesdropping
Eavesdropping attack is the process of gathering information
by snooping on transmitted data on legitimate network.
Eavesdrop secretly overhear the transmission. However, the
information remains intact but privacy is compromised. This
attack is much easier for malicious node to carry on as
evaluate to wired network. Eavesdropping attack in MANET
shared the wireless medium, as wireless medium make it more
vulnerable for MANET malicious nodes can intercept the
shared wireless medium by using promiscuous mode which
allow a network device to intercept and read each network
packet that arrives.
[4]
[5]
[6]
[7]
[10]
[2]
[3]
[8]
[9]
[11]
[12]
[13]
[14]
[15]
[16]
[17]