JOURNAL OF COMPUTING, VOLUME 3, ISSUE 2, FEBRUARY 2011, ISSN 2151-9617

HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG 45

Per for mance Study of Appr oaches for Detecting Attacks in Ad

Hoc Wir eless Networ ks

Kashif Laeeq, Khalid Khan.

Abstract— The popularity graph of ad hoc networks are incredibly increasing with the increase of its utilization in all fields. No
messy wired physical infrastructure and other innumerable advantages made this technology the first choice in emergency,
disaster management, healthcare, education, business etc. some time ad hoc networks have to pay the price for their
vulnerable features. This new technology and its associated protocols have numerous loopholes which may be the honey pots
for attackers.This paper has focused three major areas of wireless communication i.e. ad-hoc network, mesh network and
sensor network. These networks are mostly at risk of denial of service (DoS) attacks initiated through compromised nodes or
intruders. To avoid such attacks some of cryptographic algorithms, key management schemes and security models are
proposed but the networks are still insecure. Our goal here is to investigate the major issues, attacks and challenges belonging
to these networks. Some proposed schemes are also discussed here that mitigate these issues with a comparative study on the
basis of their performances. In future we will analyze and compare the routing protocols in wireless ad-hoc networks.

Index Terms—Ad-hoc networks, routing protocol, security, wireless communication.

——————————  ——————————

1 INTRODUCTION

T HE deployment of ad hoc wireless networks are

quicker, low cost, and number of ease to use, move
the researcher to make sounder and robust com-
munications. Wireless set up requires no messy wired
junction, just little time and cost makes it operational.
Due to these attractions, mostly wireless networks are
the first choice for war, emergency conditions, security,
educations or intelligence zone, but at the same time,
the communication over wireless media always vul-
nerable to attacks. Inherently the ad hoc wireless
communications are prone to attacks and any node can
be attacked from any direction [13]. During war or dis-
aster, the importances of ad hoc networks are vital, but
the communication signals are subjected to jamming,
interception and highly vulnerable to security attacks.
These issues create obstruction to the deployments of
ad hoc wireless networks. The wireless channels are
completely defenseless to various security attacks [15].
Every nodes participating in mobile ad hoc network
act like a router. The dependability on nodes may dis-
rupt the network. Some time a node within a network
involves in malicious activities without any victimiza-
————————————————
• Kashif Laeeq is with the Department of Computer Science, Federal Urdu
University of Arts, Science & Technology, Karachi, Pakistan.
• Khalid Khan is with the Department of Computer Science, College of Com-
puter Science and College of Engineering Karachi Institute of Economics
and Technology, Karachi, Pakistan.
tion, and the detection of this malicious node is diffi-
cult. This type of attack is called inside attacks. It is
possible that an attacker attacks from outside the net-
work, called outside attacker. An outside attacker has
no particular access to the network but only concernes
in gathering sensitive data, breaching the privacy and
secrecy of data. In contrast an inside attacker’s goal is
to interrupt the functionality of the network and has
access to the encryption keys or other codes used by
the network. Most of the time the intention of an attack
is to disrupt the network communication; the most
frequent and dodgy attack, experienced by wireless ad
hoc network is denial of service (DOS) attack. DOS is
forced by other fields, such as security, dependability,
performance and software engineering [20].
Although there are number of schemes proposed to
secure the wireless communication but the technology
is still apprehensive and vulnerable to attacks. Nearly
all the proposed solutions concentrate on specific secu-
rity issues but pay no attention to others, those which
pull off low energy and memory utilization, compro-
mise on the level of security. Majority of the protocols
associated with ad hoc networks are vulnerable, espe-
cially on demand routing protocols, such as AODV, are
at high risk during route discovery [13]. Thus there is a
need for a model which combats all these challenges
with low cost and high security.
In this paper some vital issues related to ad-hoc net-
works are studied and revealed some proposed solu-
tions for mitigating these issues. A comparative study
of these proposed schemes is finally provided that of-
JOURNAL OF COMPUTING, VOLUME 3, ISSUE 2, FEBRUARY 2011, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG
fers a new direction for researchers.
2 ISSUES AND PROBLEMS
Wireless communication has emerged as a major
breakthrough in conventional wired communications.
It has altered messy wired world into a smooth and
flexible ambiance. According to a well known adage,
there is no unmixed good in this world; execution of wire-
less network particularly ad-hoc network, sensor net-
work and mesh network carries various security and
performance issues. These issues include:
2.1 Current Security Models and Prevailing
Attacks:
Different performance, administration and manage-
ment issues of a wireless network encountered due to
improper security model. Many security methods
don’t guard against a number of prevailing threats.
Therefore Wireless networks shows lack of satisfactory
guarantees on security, during communications. Some
of proposed solutions for these issues are discuss be-
low:
Majority of at hand wireless network security models
are highly insecure and defenseless to active and pas-
sive attackers. The hybrid Wireless Intrusion System
(WIDS) provides a model to combat the attackers. The
model is based on three phases; data-set generation,
IDS creation and test phases. For data-set generation,
various types of files, for regular and attack types will
be created. For IDS creation, a simple agent with five
modules is designed. The first module sniffs the traffic
and sends it either Anomaly or Misuse detection en-
gines. If inputs are not handled by both engines, it
sends it to probable attack module for more precise
examination. If the attack is detected the engine call
the alarm module. Finally in test phase, used the data-
set collected in the first phase to test the wireless intru-
sion detection agent in phase two [1].
Due to distributed nature and short of globally trusted
central establishment, the WMNs shows lack of satis-
factory guarantees on security. Li Gao et al. [2] has deal
with low-computational and scalable key managing
model for WMNs. This key management model has
three levels of key management, including key man-
agement protocols for mesh router pattern (RR), mesh
client pattern (CC) and mesh router & mesh client pat-
tern (RC). RR pattern is required highest level of secu-
rity, may use efficient cryptography such as PKI, two-
party Diffie-Hellman schemes. CC pattern is required
low computation and reasonable level of security. Thus
low computational cryptographic such as symmetric
cryptography and threshold secrete sharing schemes
may be use. RC pattern can be in between RR and CC
pattern. These three models fit in to group communi-
cation models [2].
Ana Paula [3] proposed a decentralized Intrusion De-
tection System (IDS) model that fits the demands and
limitations of WSNs. The model is based on three
phases. Phase-1 perform data acquisition. Only those
messages are filtered and store which useful to the rule
application phase. Phase- 2 is rule application, each
extracted messages from phase 1 is estimated accord-
ing to a sequence of rules precise to each message type.
If a message unsuccessful in one of the rules, failure
counters is incremented and discard the message, oth-
erwise message is discarded from data-structure list.
Intrusion detection is perform in Phase-3, that checks if
round-failure value is greater than cumulative value or
not, in case of greater value, then signal attack indica-
tion is generated [3].
Sidra et al [4] defined distributed dynamically confi-
gurable firewall architecture for Mobile Ad-hoc Net-
works (MANETs). The model has three internal data
structures that are firewall table, Reject list & black list.
Firewall table is used to maintain the entries of data
flow for each new establish connection with five col-
umns containing source & destination address, num-
ber of packets arrived, threshold and life time of each
entry. If number of packets crosses the threshold limit
then incoming packets for that entry will be blocked by
the firewall, which will be deleted from table if life
time exceeds. If for any entry in the firewall table,
number of packets arrived is greater than threshold
and lifetime exceeds then it will be place it in the reject
list with double lifetime and threshold value will de-
crease. Blacklist hold entries of those nodes which
maintain its entry in the reject list five times [4].
Another security model for MANETs is proposed by
L.Prema [5], named Enhancement on Intrusion Detec-
tion Systems for Ad-hoc Networks (EIDAN). The EI-
DAN architecture model has four logical components.
First component is Traffic Interception Module, con-
fines the incoming traffic from the network & selects
which of these packets should be more examines.
Event Generation Module is accountable for abstract-
ing the necessary information essential for the attack
JOURNAL OF COMPUTING, VOLUME 3, ISSUE 2, FEBRUARY 2011, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG
analysis module. Attack Analysis module checks the
presence of attacks, if attack is present then send these
malicious packets to counter measure module. Finally
the Counter Measure Module is responsible for taking
any further action on packets. Either the packets are
dropped or taking some actions on malicious packets
comes from the attack analysis module [5].
Figure 1: Enhancement of Intrusion Detection System for
AD HOC Networks [5].
2.2 Current Wireless Protocols and Their
Limitations:
The wireless communication survivability relates to
the protection mechanism and robustness of their pro-
tocols. Majority of protocols associated with wireless,
prone to attacks especially in hostile environments.
Intruder easily breaks their security schemes. Some of
proposed solutions for these issues are discuss below:
Current communication protocols of routing, MAC
and physical layers are not fulfilling major communi-
cation issues in WMNs. Sahil Seth et al. [6] studied and
suggested to redesign the protocols at each layer, keep-
ing current research issues in mind. The author has
deduced the research issues of physical layer as new
wideband transmission scheme is required to achieve
high transmission rate. New signal processing algo-
rithms are required; optimize the hardware design so
as to decrease cost. The MAC layer issues are describe
as an effective channel allocation in multi-hop is
needed. Advanced bridging functions must be devel-
oped for heterogeneous environment in MAC layer.
The current research issues in routing layer are de-
scribe as the scalable routing is a critical requirement
for WMNs. Lightweight but efficient routing protocols
are required. Integrate routing and network coding is
still a challenge for researchers [6].
Multicast protocols for ad hoc networks undergo se-
curity challenges. In [7], P.Sankareswary proposed a
security extension to deal with the selfish nodes attack
on MAODV. He explains that, the Source node broad-
47
cast the RREQs packet that goes by on all the ways
from that source node. The RREQs received by target
node, forwards the RREPs by using the reverse route.
If the RREPs arrive from the trustworthy intermediate
node, starts to send data. Otherwise ask for further
request. If the node is detected to be wicked node by
the two hop acknowledgement mechanism then to
provide solution to attack, perform secure message
transmission [7].
Ms. Divya [8] has proposed modified Hybrid Wireless
Mesh Protocol (HWMP), to overcome the issue of au-
thentication and integrity. Proposed routing protocol
guarantees that the communication between any two
ends should be secure enough. HWMP routing infor-
mation element comprises of two types of fields, mut-
able and non-mutable. In customized HWMP the exist-
ing key allocation is used and mutable fields are valid
in the hop-by-hop manner using the hash tree concept.
To protect non-mutable fields symmetric encryption is
used [8].
The reliable transport layer protocols for wireless
communications are not ensure reliability in harsh en-
vironment. Pump slowly Fetch Quickly Protocol
doesn’t deal with the lost full message problem. Also
nodes cancel their scheduled transmission of given
fragment if they listen by their neighbor that the frag-
ment being transmitted 4 times. Weaknesses in Distri-
buted TCP Caching is if a SACK list several lost frag-
ments, so an invader can forge and infuse another
SACK that acknowledges all lost fragments. With this
particular packet, he can provoke several fragment
losses. Reliable Bursty Convergecast protocol is sup-
ported block ACK; it is probable to acknowledge each
fragment piled up by a node in one ACK. Upon the
reception of packet, the node will fully empty its cache,
which can direct to fragment losses with high probabil-
ity [9].
Dr.Sami et al [10] defined Path Redundancy based Se-
curity Algorithm (PRSA) for securing routing proto-
cols in WSNs. The PRSA algorithm first read network
topology and find the optimum routing path. Check
for disjoint paths. If no disjoint path found, remove
every other node in the path and its link otherwise re-
move the nodes of previous path. Now select a sus-
pected node and removes the suspected node and its
links. Find optimum routing path, if number of routing
paths less than the maximum numbers of routing path,
JOURNAL OF COMPUTING, VOLUME 3, ISSUE 2, FEBRUARY 2011, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG
then increment number of paths and again check for
disjoint paths [10].
2.3 Security Issues and Attacks in Wireless
Communications
Attack is a crack to achieve illegal access to resources,
or the attempt to cooperation reliability, availability, or
confidentiality [20]. As the deployment of wireless
networks are not follow any particular infrastructure,
due to the flexible topology wireless communication
suffer varieties of security attacks. Some of these at-
tacks are as follows:
2.3.1 Wormhole Attack:
In a wormhole attack, adversaries collaborate to offer a
low-latency side-channel for communication. The
wormhole attack can disrupt the wireless networks,
particularly location-based wireless security system
and ad-hoc network routing protocols. Few proposed
solutions are discussed below:
Mahdi Taheri et. al [11] proposed a mechanism named
Multipath Routing, for detecting and defending
against wormhole attacks. He considers two types of
channel, one for signaling with one link and other for
user data with n-1 link. The original message is di-
vided into n-1 parts with unique identifier. Generate a
random number X such that 1<X<= (n-1), to be sent on
one of n-channel. The codes parts in pairs using XOR
technique associated to X. Every arrangement is sent
over one of the channel, the Xth part is sent in simple
text that will be the begin point for receiver to uncover
other parts [11].
Other proposed scheme for the same problem is
Wormhole Attack Prevention (WAP) [12]. In this
scheme neighbor node monitoring is used to find out
the neighbors. Suppose node A sends RREQ, which
initiates a wormhole prevention timer, node B attains
the RREQ, B have to broadcast to its neighbors as B is
not a target. A check whether the RREQ arrives at
within the timer. If A obtains the message after the ti-
mer ends, it considers B or one of B’s next nodes may
be wormhole nodes. In order to keep away from
wormhole, nodes watch the malicious activities of
neighbors and maintain it into their own neighbor
node table [12].
2.3.2 Black-hole Attack:
The wicked node abuse the ad-hoc routing protocol
such as AODV, to announce itself as having a legiti-
mate route to a destination node, although the route is
false, with the objective of interrupting and pertaining
to the packets that never forward. Black-hole attacks
especially disrupt the routing protocols to upsets net-
work performance and reliability. Few techniques are
discussed below, to mitigate Black hole attack.
Intrusion Detection using Anomaly Detection (IDAD)
scheme is proposed to handle Black hole attacks [13].
The Source node broadcasts route request then receive
route replay. If route replay is different from audit da-
ta, save route to routing table and start to sending
packets while the size of buffer is not zero. But if route
replay is same as audit data, discard route replay and
check for another route replay. The pre-collected set of
glitch activities, termed as audit data. The audit data is
composed and is supply to the IDAD system that is
competent to evaluate every action of a host with audit
data on a fly. If any action of a host be alike to the ac-
tions listed in the audit data, then the IDAD system
separates the particular node by forbidding further
interaction [13].
S.Bajwa and Khalid Khan et al. [14] has proposed
GBHASM scheme for mobile ad-hoc networks. The
model is based on two components, the first compo-
nent has the explanation regarding how new node will
become a part of network also performs the operation
of communication. Server entertains request packet
from new joining node. It responds with relationship
acknowledgement to node and stay for the approval
from the node. If node doesn’t replay within a time
then the server rejects the joining request if not it
throws its information. The received information as of
new-joining node is kept in the database also allocates
Node Code (NC) Pkk1 and Pkk2. The second compo-
nent handles the communication action within the
network. Later than becoming a part of the network,
node make request for shortest path through pkk2
with packet. Each node will match pkk1 to pkk2, if its
key matches within a time than the information will be
released, otherwise time to live (TTL) of packet, force it
to become meaningless [14].
2.3.3 Flooding Attack:
A flooding attack overcomes a victim’s inadequate re-
sources, whether bandwidth, memory or processing
cycles. Majority of the reactive protocols can easily get
flooding attacks during their route finding process.
Few proposed schemes for handling this attack, are
discussing below.
In [15] defined a scheme based on three threshold val-
ues i.e. friends, acquaintances & strangers. If a node
sent or received plenty of messages to or from any
node X, then it’s consider as friend node of X & put the
highest value of threshold. If a node sent/received few
messages from node X, consider this node as acquain-
tance and place it threshold value less than friend. And
if a node never sent/received any message to/from
node X, its consider as stranger and put its threshold
value very low. Now suppose a node sends RREQ to
its friend node, if RREQ value is less than the maxi-
mum threshold value, then RREQ is forwarded other-
wise it discarded. If a node sends RREQ to its acquain-
JOURNAL OF COMPUTING, VOLUME 3, ISSUE 2, FEBRUARY 2011, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG
tance node, if RREQ value is less than its threshold, the
RREQ forwards otherwise discards. Same rule will be
applied in case of Stanger node. The threshold values
are considered as friend > acquaintance > stranger [15].
Ping Yi et al. [16] Proposed Flooding Attack Prevention
(FAP), a general defense against the Ad Hoc Flooding
Attack. The scheme based on neighbor suppression.
The main idea of neighbor suppression is that each
neighbor calculates the rate of RREQ originated by
intruder. If the rate exceeds some threshold, all neigh-
bors will not receive and forward packets from intrud-
er. Every node has to maintain two tables Rate-RREQ
& Blacklist. The Rate-RREQ has two columns: Node-ID
and RREQ-time. If a node receives a RREQ, it looks up
the node ID in the table of Rate-RREQ, to ensure who
is requesting. Find node ID and increment RREQ-time
field by 1. If RREQ-time is greater than the threshold
value, put node ID into Blacklist [16].
As in AODV the node set outs RREQ packet according
to FIFO rule. In flooding attack prevention scheme
[17], the FIFO has changed with rule of priority. Nodes
maintain the priority & threshold for its neighbor
node. The node priority is inversely proportion with
RREQ frequency. If RREQ frequency of attacker in-
creases by threshold value, the node will not entertain
further RREQ from the attacker node. This technique is
called Neighbor Suppression, which uses to mitigate
RREQ flooding attack. For data flooding attack, path
cutoff scheme is uses. The attacker has established a
path from the invader to victim node ahead. Once the
victim locates the DATA Flooding Attack, the path can
be cut off from the attacker [17].
Fig. 2: neighbor nodes isolate attacker [17]
S. Li et al. [18] proposed Avoiding Mistaken Transmis-
sion Table (AMTT) scheme to combat Flooding attack.
Each node establishes an AMTT table to record re-
ceived RREQ packages and other fields. When one
node wants to send package to any other node, it
floods RREQ package. Each node receiving this RREQ
fills the fields of its AMTT table, sets the RREQ Num
field as 1. Now whenever receives a RREQ with the
same node, the RREQ Num value increases by 1. The
destination node receive RREQ, it fills AMTT table &
sends RREP package. Other node checks it validity and
49
if found legitimate, they start to search their AMTTs,
and put equivalent item’s validity indication as 1 or
else they discard this RREP. When two nodes finish
their communication, source node will send RANC
(route announcement) to other intermediate nodes, all
nodes receives RANC will delete corresponding items
in their AMTTS table [18].
Flooding attack mitigation scheme present [19] de-
scribe as for every node, it observes the neighbor’s
packets generated during an interval. The Packets are
dropped if the rates of transmission packets are ex-
ceeded from threshold limit i.e. ‘α’. But if the same
neighbor exceeds ‘α’ by blacklist-threshold ‘β’ then it is
consider as flooding node. Now put this node to black-
list as a flooder and discarded all packets comes from
flooded neighbor node. The node continuous monitors
the behavior of blacklisted neighbor node in the suc-
cessive periods. The blacklisted node has to show gen-
tle behavior for ‘γ’ interval or whitelist-threshold to
turn into white-listed. Given the blacklisted neighbor is
experienced to be gentle, the observing node then whi-
telists the neighbor and starts to forward the packets
for the neighbor [19].
2.3.4 DOS Attack:
Denial of service attack can attempt to flood a network,
thereby preventing legitimate network traffic and pre-
vent a particular individual from accessing a service.
With the inherent resource limitations and vulnerabili-
ties of WSN devices, they can easily catch attacks spe-
cially Denial-of-Service (DOS) attack.
In [20] author survey different attack especially DOS
attack to discover the attacker, his capabilities, purpose
of the attack and the end result. He studied that Jam-
ming is intentional intrusion with radio reception to
deny the target. Spread-spectrum techniques can be
used to overcome jamming problem. The intruder can
damage, destroy or tamper the sensor nodes, camouf-
laging the packaging & using low-probability of inter-
cept radio techniques, can mitigate these problems. An
attacker can deliberately cause collisions, error correct-
ing codes can be use to avoid attack. In selective for-
warding sensor device can only neglect to forward cer-
tain messages, multiple disjoint routing paths and di-
versity coding can be use to overcome this problem. In
wormhole attack, enemies collaborate to offer a low-
latency side-channel for communication packets are
totally controlled by these two adversaries. Packet
leashes scheme can be use to overcome this problem
[20].
The following table provides a dash board in under-
standing the effectiveness of above IDS schemes.
JOURNAL OF COMPUTING, VOLUME 3, ISSUE 2, FEBRUARY 2011, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG

Table 1. Comparitive Study of Different IDS Schemes in Ad Hoc Networks

Attributes of an ideal Intrusion Detection System in Ad Hoc Networks
Proposed Scheme Overheads Fault-tolerant Scalability Types of attacks detect Simulation

Wireless Intrusion Detection Yes. The use of agents Yes Yes Impersonation, net- Yes. using
system (WIDS) [Ref. 1] will slow down the work discovery, man-in- the Yazd
communication. the-middle, DOS. university
test bed
Distributed dynamically confi- Yes. To maintain extra No. Single point of Yes Data flooding attacks No.
gurable firewall architecture [4] attributes of a table. failure possible
Enhancement on Intrusion De- No. without interfer- Yes Yes Resource Consumption Yes.
tection Systems for Ad-hoc ing routing operations. Attacks, Packet Drop- Using NS-2
Networks (EIDAN) [5] ping attacks, Fabrica-
tion Attack.
Security extension to deal with No. Scheme has no yes yes Dropping of data pack- Yes.
the selfish node attack [7] cryptography or ets, selfish behavior of Using NS-2
agents. nodes.
Multipath Routing [11] Yes. Multipath in- Yes Yes Wormhole attack Yes.
creases transmission Using NS-2
overhead.
Wormhole Attack Prevention No. scheme has no Yes Yes Wormhole attack Yes.
(WAP) [12] special hardware or Using
cryptography. only QualNet
energy inefficient
Intrusion Detection using Ano- No. scheme minimizes Yes Yes black hole attack Yes.
maly Detection (IDAD) scheme the number of extra Using NS-2
[13] routing packets.
The extent of friendship be- No. scheme increases No. malicious pack- No Flooding attack No. Only
tween the nodes [15] throughput ets are still present in used AODV
network protocol.
Flooding Attack Prevention Yes. Scheme has little No. fail to resist cor- yes Ad-hoc Flooding attack Yes.
(FAP) [16] overload. porative work of two Using NS-2
or more attacking
nodes
Avoiding Mistaken Transmission Yes. The use of tables Yes. But within li- No. fail to Flooding attack No
Table(AMTT) [18] will slow down the mited links. work on
communication more link
process.
Novel technique to deal with No. Yes yes Flooding attack Yes.
flooding attacks [19] Using NS-2

4 CONCLUSION AND FUTURE WORK tion attacks but still have limitations which raise ques-
tions on their usability. The protocols associated with
In this paper, we investigate some very common but
MANETs require more research; especially reactive
challenging issues experienced by ad-hoc wireless
protocols may be traped by intruders at the time of
communication. We have divided our studies into
route discovery process. Our comparative study on
three sub-domains i.e. Security Models, Vulnerability
the basis of proposed IDS, may provide a direction and
in Current Protocols and Attacks. Security attacks are
thinking towards solution space. The role of this paper
major issue of ad hoc networks which can be mitigated
is to spell out the severity of current security chal-
by adopting some proposed schemes. Here we ex-
lenges and other correlated issues in ad hoc wireless
plored the proposed methodologies and security
communications.
schemes that guard against large number of attacks
including DOS, Wormhole, Blackhole and Flooding
attacks. Indeed these schemes are effective for detec-
JOURNAL OF COMPUTING, VOLUME 3, ISSUE 2, FEBRUARY 2011, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG
• Future research in the area of vulnerabilities in
current security models in wireless networks
would concentrate on intelligent agents to en-
hance the precision of intrusion detection rate
and replace static threshold values with dy-
namic values.
• Future research in the area of current wireless
protocols would concentrate on higher trans-
mission with low-cost, flexible and lesser
energy consumption, which is still a challeng-
ing open issue. Also all current intrusion de-
tection schemes discover attacks only by in
view of the single layer but no robust intrusion
detection method exists for wireless mesh en-
vironments.
• Future research in the area of security issues
and attacks would concentrate on network-
based IDS as majority of proposed IDS uses
host-based IDS schema.
REFERENCES
[1] Haddadi, F.; Sarram, M.A: “Wireless Intrusion Detection Sys-
tem Using a Lightweight Agent”computer and network technology
(ICCNT), second international conference on digital object identifi-
er,2010 pp.84-87
[2] Li Gao; Chang, E.; Parvin, S.; Song Han; Dillon, T: “A Secure
Key Management Model for Wireless Mesh Networks” Ad-
vanced Information Networking and Applications (AINA), 2010 24th
IEEE International Conference on Digital Object Identifier, 2010
pp.655 – 660
[3] Ana Paula R. da Silva. Marcelo H.T. Martins. Bruno P.S. Rocha.
Antonio A.F. Loureiro: “Decentralized Intrusion Detection in
Wireless Sensor Networks” Q2SWinet, 05, October 13, 2005,
Montreal, Quebec, Canada. ACM, 2005
[4] Sidra Akram, Izza Zubair, M. Hasan Islam: “Fully Distributed
Dynamically Configurable Firewall to Resist DOS Attacks in
MANET” Networked Digital Technologies, 2009. NDT '09. First In-
ternational Conference on Digital Object Identifier, 2009 pp.547 -
549
[5] Rajeswari, L. Prema; Annie, R. Arockia Xavier; Kannan, A:
“Enhanced Intrusion Detection Techniques for Mobile Ad Hoc
Networks” Information and Communication Technology in Electric-
al Sciences (ICTES 2007), 2007. ICTES. IET-UK International Con-
ference , 2007 , Page(s): 1008 - 1013
[6] Seth, S.; Gankotiya, A.; Jindal, A.: “Current State of Art Re-
search Issues and Challenges in Wireless Mesh Networks”
Computer Engineering and Applications (ICCEA), 2010 Second In-
ternational Conference 2010 , Page(s): 199 – 203
[7] Sankareswary, P.; Suganthi, R.; Sumathi, G.: “Impact of Selfish
Nodes in Multicast Ad-hoc on demand Distance Vector Proto-
col” Wireless Communication and Sensor Computing, 2010.
ICWCSC 2010. International Conference, 2010 , Page(s): 1 - 6
[8] Bansal, Divya; Sofat, Sanjeev.: “Securing IEEE 802.11 based
Hybrid Wireless Mesh Networks” E-Health Networking, Digital
Ecosystems and Technologies (EDT), 2010 International Conference
on Volume: 1, Publication Year: 2010 , Page(s): 431 – 435
51
[9] Buttyan, L.; Csik, L.: “Security Analysis of Reliable Transport
Layer Protocols for Wireless Sensor Networks” Pervasive Com-
puting and Communications Workshops (PERCOM Workshops),
2010 8th IEEE International Conference, Publication Year: 2010 ,
Page(s): 419 - 424
[10] Al-Wakeel, S.S.; Al-Swailemm SA.: “PRSA: A Path Redundancy
Based Security Algorithm for Wireless Sensor Networks” Wire-
less Communications and Networking Conference, 2007.WCNC
2007. IEEE , Publication Year: 2007 , Page(s): 4156 - 4160
[11] Taheri, Mahdi; Naderi, Majid; Barekatain, Mohammad Bagher:
“New Approach for Detection and defending the Wormhole
Attacks in Wireless Ad Hoc Networks” Electrical Engineering
(ICEE), 2010 18th Iranian Conference on, 2010 , Page(s): 331 - 335
[12] Sun Choi; Doo-young Kim; Do-hyeon Lee; Jae-il Jung: “WAP:
Wormhole Attack Prevention Algorithm in Mobile Ad Hoc
Networks” Sensor Networks, Ubiquitous and Trustworthy Compu-
ting, 2008. SUTC '08. IEEE International Conference ,2008 pp.343 -
348
[13] Alem, Yibeltal Fantahun; Xuan, Zhao Cheng: “Preventing Black
Hole Attack in Mobile Ad-hoc Networks Using Anomaly De-
tection” Future Computer and Communication (ICFCC), 2010 2nd
International Conference , 2010 , Page(s): V3-672 - V3-676
[14] Shahid Shehzad Bajwa, M. Khalid Khan:“Grouped Black hole
Attacks Security Model(GBHASM) for Wireless Ad-Hoc Net-
works” Computer and Automation Engineering (ICCAE), 2010 The
2nd International Conference Vol.1 , 2010 pp. 756-760
[15] Revathi Venkataraman, M. Pushpalatha, and T. Rama Rao,
SRM University:“ Performance Analysis of Flooding Attack
Prevention Algorithm in MANETs” worldacademy of science, en-
gineering and technology , 2009
[16] Ping Yi; Zhoulin Dai; Yiping Zhong; Shiyong Zhang:“ A New
Routing Attack in Mobile Ad Hoc Networks” International jour-
nal of information technology Vol. 11 No.2
[17] Ping Yi; Zhoulin Dai; Yiping Zhong; Shiyong Zhang: “Resisting
Flooding Attacks in Ad-hoc Networks” Information Technology:
Coding and Computing, 2005. ITCC 2005. International Conference ,
2005 Page(s): 657 - 662 Vol. 2
[18] Shaomei Li; Qiang Liu; Hongchang Chen; Mantang Tan.: “A
New Method to Resist Flooding Attacks in Ad Hoc Networks”
Wireless Communications, Networking and Mobile Computing,
2006. WiCOM 2006.International Conference, 2006 , Page(s): 1 – 4
[19] Balakrishnan, V.; Varadharajan, V.; Tupakula, U.; Moe, M.E.G.:
“Mitigating Flooding Attacks in Mobile Ad-hoc Networks Sup-
porting Anonymous Communications” Wireless Broadband and
Ultra Wideband Communications, 2007. AusWireless 2007. The 2nd
International Conference, 2007 , Page(s): 29 – 29
[20] Anthony D. Wood and John A.Stankovie..: “A Taxonomy for
Denial-of-Service Attacks in Wireless Sensor Networks” Com-
puter Engineering and Applications (ICCEA), 2010 Second Interna-
tional Conference 2010 , Page(s): 199 – 203
AUTHORS’ PROFILES
Kashif Laeeq is a lecturer at the department of
Computer Science in Federal Urdu University of
Arts, Science & Technology, Karachi. He ob-
tained his first master degree (M.Sc) in Mathe-
matics from University of Karachi and did his
second master (MCS) in computer science from
JOURNAL OF COMPUTING, VOLUME 3, ISSUE 2, FEBRUARY 2011, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG

the same University. He is also doing MS in computer networking &

telecommunication from PAF-KIET Karachi. Currently he has sub-
mitted his research paper on the topic of wireless security in IEEEP
conference. His area of interest is computer networking, datacom-
munication and wireless communication specially MANETs. His
major area of research is attacks on MANETs.

Khalid Khan is a director MS program in

College of Computer Science and College of
Engineering Karachi Institute of Economics
and Technology, Karachi. He has obtained
master degree in computer science (MCS),
MBA, MS and his Ph.D work is in final stage.
He also teaches different master level subjects.
He has published numerous papers in different conferences and
journals. His area of interest is wireless communication, MANET,
and network security.