An Overview Of security Problems in MANET

Kuldeep Sharma, Neha Khandelwal, Prabhakar.M

AbstractMobile ad hoc networks (MANETs) can be defined

as a collection of large number of mobile nodes that form temporary network without aid of any existing network infrastructure or central access point. Each node participating in the network acts both as host and a router and must therefore is willing to forward to packets for other nodes. The characteristics of MANETs such as: dynamic topology, node mobility, provides large number of degree of freedom and self-organizing capability of that make it completely different from other network. Due to the nature of MANETs, to design and development of secure routing is challenging task for researcher in an open and distributed communication environments.

Authentication Integrity Confidentiality Non-Repudiation A mobile ad hoc network has following features: A. Autonomous Terminal In MANET, each mobile terminal is an autonomous node, which may function as both a host and a router. In other, since there is no background network words, besides the basic processing ability as a host, the mobile nodes can also perform switching functions as a router. So usually endpoints and switches are indistinguishable in MANET. B. Distributed Operation For the central control of the network operations, the control and management of the network is distributed among the terminals. The nodes involved in a MANET should collaborate amongst themselves and each node acts as a relay as needed, to implement functions e.g. security and routing. C. Multihop Routing Basic types of ad hoc routing algorithms can be single-hop and multihop, based on different link layer attributes and routing protocols. Single-hop MANET is simpler than multi hop in terms of structure and implementation, with the cost of lesser functionality and applicability. When delivering data packets from a source to its destination out of the direct wireless transmission range, the packets should be forwarded via one or more intermediate nodes. D.Dynamic Network Topology Since the nodes are mobile, the network topology may change rapidly and unpredictably and the connectivity among the terminals may vary with time. MANET should adapt to the traffic and propagation conditions as well as the mobility patterns of the mobile network nodes. The mobile nodes in the network dynamically establish routing among themselves as they move about, forming their own network on the fly. E. Light-weight Terminal In most cases, the MANET nodes are mobile devices with less CPU processing capability, small memory size, and low power storage. Such devices need optimized algorithms and mechanisms that implement the computing and communicating functions.

Keywords MANETs, Security, Cryptography. I. INTRODUCTION cellular system has been in use since 1980s. Wireless system operates with the aid of a centralized supporting structure such as an access point. These access points assist the wireless users to keep connected with the wireless system, when they roam from one place to other. In wireless system the device communicate via radio channel to share resource and information between devices. Due to presence of a fixed supporting structure, limits the adaptability wireless system is required easy and quick deployment of wireless network. Recent advancement of wireless technologies like Bluetooth [3], IEEE 802.11 [4] introduced a new type of wireless system known as Mobile ad-hoc network (MANETs) [1, 2, 5, 6], which operate in the absence of central access point. It provides high mobility and device portabilitys that enable to node connect network and communicate to each other. It allows the devices to maintain connections to the network as well as easily adding and removing devices in the network. User has great flexibility to design such a network at cheapest cost and minimum time. MANETs has shows distinct characteristics, such as: Weaker in Security Device size limitation Battery life Dynamic topology Bandwidth and slower data transfer rate MANETs has shows distinct security goals, such as:
IRELESS Kuldeep Sharma is a Research Scholar (CSE) with Anna University, coimbatore(TN).(E-mail-Sharma.kuldeep3@gmail.comv) Neha Khandelwal is working as a Sr. S/W Engineer, with Aricent Technology, Bangalore. (E-mail-kneha02@gmail.com, neha.khandelwal@aricent.com) Prabhakar.M is Asst. Prof, with Dept of CSE, Sambhram Institute of Technology, Bangalore. E-mail-laxmi.prabakar@gmail.

II. APPLICATION With the increase of portable devices as well as progress in wireless communication, ad hoc networking is gaining importance with the increasing number of widespread applications. Ad hoc networking can be applied anywhere where there is little or no communication infrastructure or the existing infrastructure is expensive or inconvenient to use. Ad hoc networking allows the devices to maintain connections to the network as well as easily adding and removing devices to and from the network. The set of applications for MANETs is diverse, ranging from large-scale, mobile, highly dynamic networks, to small, static networks that are constrained by power sources. Besides the legacy applications that move from traditional infrastructure environment into the ad hoc context, a great deal of new services can and will be generated for the new environment. It includes: Military Battlefield Sensor Networks Commercial Sector Medical Service Personal Area Network III. ROUTING IN MANETS Routing in mobile ad hoc networks faces additional problems and challenges when compared to routing in traditional wired networks with fixed infrastructure. There are several well-known protocols in the literature that have been specifically developed to cope with the limitations imposed by ad hoc networking environments. The problem of routing in such environments is aggravated by limiting factors such as rapidly changing topologies, high power consumption, low bandwidth and high error rates. Most of the existing routing protocols follow two different design approaches to confront the inherent characteristics of ad hoc networks, namely the table-driven and the source-initiated on-demand approaches. The following sections analyze in more detail these two design approaches, and briefly present example protocols that are based on them. Table-driven Ad hoc Routing Protocols Destination-Sequenced Distance-Vector Routing (DSDV) Optimized Link State Routing (OLSR) Source-initiated On-demand Ad hoc Routing Protocols Ad hoc On-demand Distance Vector Routing (AODV) Dynamic Source Routing (DSR) IV. PRACTICAL IMPLEMENTATIONS OF MANET DESIGNS Mobile Adhoc Networks can be practically classified into four major categories: Table-Driven (Proactive) On-Demand (Reactive)

Dynamic Source Routing Protocol Adhoc On-Demand Distance Vector Routing

V. SECURITY PROBLEM WITH EXISTING AD HOC ROUTING PROTOCOLS The main assumption of the previously presented ad hoc routing protocols is that all anticipating nodes do so in good faith and without maliciously disrupting the operation of he protocol [19]. However, the existence of malicious entities cannot be disregarded in any system, especially in open ones like ad hoc networks. In ad hoc network the routing function can be disrupted by internal or external attackers. An internal attacker can be any legitimate participant of the routing protocol. An external attacker is defined as any other entity. Cryptographic solutions can be employed to prevent the impact of external attackers by mutual authentication of the participating nodes through digital signature schemes [14]. However, the underlying protocols should also be considered since an attacker could manipulate a lower level protocol to interrupt a security mechanism in a higher level. Internal attackers having capability to complete access the communication link they are able to advertise false routing information at will and force arbitrary routing decisions on their peers. A. Security Goals Authentication Confidentially Integrity Availability Non-repudiation Access Control VI. VULNERABILITY IN MANETS Malicious and selfish nodes are the ones that fabricate attacks [14] against physical, link, network, and applicationlayer functionality. Current routing protocols are exposed to two types of attacks: Active attacks Passive attacks
TABLE I CLASSIFICATION OF SECURITY ATTACKS

Active attacks Passive Attacks

Spoofing, Fabrication, Wormhole Attack, Modification, Denial of Service, Sinkholes, Sybil Attack Eavesdropping, traffic analysis, monitoring

A. Active Attacks Active attacks are the attacks that are performed by the malicious nodes that bear some energy cost in order to perform the attacks. Active attacks involve some modification of data stream or creation of false stream. These attacks can be

classified into further following types: 1. Spoofing: Spoofing occurs when a malicious node misrepresents its identity in order to alter the vision of the network topology that a benign node can gather [2].

attacks can also be implemented on Adhoc networks such as AODV by using flaws such as maximizing the sequence number or minimizing the hop count, so that the path presented through the malicious node appears to be the best available route for the nodes to communicate. The problem of sinkhole attack can be much.

Fig. 1 Spoofing (Man in the middle)

2. Fabrication: The notation fabrication is used when referring to attacks performed by generating false routing messages. Such kind of attacks can be difficult to identify as they come as valid routing constructs, especially in the case of fabricated routing error messages, which claim that a neighbor can no longer be contacted [5]. 3. Wormhole Attack: An attacker records packets at one location in the network and tunnels them to another location. Routing can be disrupted when routing control messages are tunneled. This tunnel between two colluding attackers is referred as a wormhole. Wormhole attacks are severe threats to MANET routing protocols.

Fig. 4 Sink Hole

Fig. 2 Wormholes

4. Modification: The attacker performs such attacks is targeted to integrity of data, by altering packet or modifying packets. 5. Denial of Service: This active attack aims at obstructing or limiting access to a certain resource. The resource can be a specific node or service or the whole network. The nature of ad-hoc networks, where several routes exist between nodes and routes are very dynamic gives ad hoc a built-in resistance to Denial of Service attacks, compared to fixed networks.

7. Sybil Attack s: Malicious nodes in a network may not only impersonate one node, they could take up the identity of a group of nodes, and this attack is called the Sybil attack. Since ad hoc networks depend on the communication between nodes, many systems apply redundant algorithms to ensure that the data gets from point A to point B. A consequence of this is that attackers have harder time to destroy the integrity of information. However, if a single malicious node is able to represent several other nodes, the effectiveness of these measures is significantly degraded. The attacker may get access to all the data or may alter all packets in the same transmission so that the destination node/s cannot detect the change in packets anymore. In trust-based routing environments, representing multiple identities can be used to deliver fake recommendations about the trustworthiness of a certain party, hereby attracting more traffic to it; in ideal starting point for further attacks. Amplified if the malicious node exists within or around the centre of the network so that it hears every communication happening inside the network. However, in the case of Multipath protocols which send data redundantly, not relying on one path only, the problem of sinkholes can be reduced. Probabilistic protocols which measure the trustworthiness of a network can help detecting sinkholes within the network.

Fig. 5 the Sybil Attack

Fig. 3 Denial of Service Attack

6. Sinkholes: In a sinkhole attack, a compromised node tries to attract the data to it from all neighboring nodes. So, practically, the node eavesdrops on all the data that is being communicated between its neighboring nodes. Sinkhole

B. Passive Attacks In passive attacks the attacker does not perturb the routing protocol, instead try to extract the valuable information like node hierarchy and network topology from it. Passive attack is in nature of eavesdropping on, or monitoring of, transmission. The goal of opponent is to obtained information that is being transmitted [5]. Passive attacks are very difficult to detect because they do not involve any alteration of data.

C. Other Advanced Attacks We will now discuss several specific attacks that can affect the operation of a routing protocol in ad hoc network. Black hole attack Byzantine attack Rushing attack Replay attack Location disclosure attack VII. SECURE AD HOC ROUTING There exist several proposal that attempt to architect a secure routing protocol for mobile ad hoc network , in order to offer protection against the attacks mentioned in the previous section. There are several solutions proposed by researcher they are either completely new stand-alone protocol or in some cases incorporation of security mechanism into existing one like DSDV and AODV [17]. Since routing is an essential function for ad hoc networks, the integrated security procedures should not hinder its operation. Another important part of analysis is the examination of assumption and the requirements that each solution depend on. Although a protocol might be able to satisfy certain security constraints, its operational requirements might thwart its successful employment. In order to analyze exiting solution in structure way we have classified them into three categories; Solution based on Symmetric cryptography, solution based on Asymmetric cryptography and Hybrid solution. However, this classification is only indicative since a lot of solution can be classified into more than one category. A. Symmetric Cryptography Solutions Secure Efficient Ad hoc Distance Vector (SEAD) Secure Routing Protocol (SRP) Ariadne Authenticate routing for ad hoc network (ARAN) SAR Secure Ad hoc On-demand Distance Vector (SAODV)

DoS

Yes

Yes

Yes

Yes

Yes

Yes

Tunneling

Yes

Yes

Yes

Yes

Yes

Yes

Spoofing

Yes

No

No

No

No

No

Blackhole

Yes

No

No

No

No

No

Wormhol e

Yes

Yes

Yes

Yes

Yes

Yes

Routing table overflows Yes No No No No No

REFERENCES
[1] B. Dahill, B. N. Levine, E. Royer, and C. Shields, A secure routing protocol for ad hoc networks, in Proceedings of the International Conference on Network Protocols (ICNP), pp. 78-87, 2002. [2] Y. Hu, A. Perrig and D. Johnson, Ariadne: A Secure On-demand Routing Protocol for Ad Hoc Networks, in Proceedings of ACM MOBICOM02, 2010. [3] Janne Lundberg, Routing Security in Ad Hoc Networks. Tik-110.501 Seminar on Network Security, [4] http://citeseer.nj.nec.com/400961.html.2000.H. Dang,W. Li, and D. P. Agrawal, Routing security in wireless ad hoc networks, IEEE Communications Magazine, 0163-6804, pp. 70-75, October 2009. [5] Jean-Pierre Hubaux, Levente Buttyan, Srdjan Capkun. The Quest for security in Mobile Ad Hoc Networks. Proceedings of the 2010 ACM International Symposium on Mobile ad Hoc networking & computing, Long Beach, CA. 2001. [6] F. Stajano and R. Anderson, The Resurrecting Duckling: Security Issues for Ad Hoc Wireless Networks, Security Protocols, 7th International Workshop, LNCS, Springer-Verlag, 2009. [7] L. Zhou and Z.J. Haas, Securing Ad Hoc Networks, IEEE Network Magazine, vol. 13, no.6, November/December 2008. [8] Secure routing protocols for mobile ad-hoc wireless networks, in Advanced Wired and Wireless Networks, T.A.Wysocki, A.Dadej, and B. J. Wysocki, Eds. Springer, 2009. [9] Y.C. Hu, D.B. Johnson and A. Perrig, SEAD: Secure efficient distance vector routing for mobile wireless ad hoc networks, IEEE, Proceedings of the Fourth IEEE Workshop on Mobile Computing Systems and Applications (WMCSA02), 0-7695-1647-5, 2010. [10] P. Papadimitratos and Z.J. Haas. Secure routing for mobile ad hoc networks, SCS Communication Networks and Distributed Systems Modeling and Simulation Conference (CNDS 2002), Jan 2008. [11] D.B. Johnson, D.A Maltz, and J. Broch, DSR: The Dynamic Source Routing Protocol for Multi-Hop Wireless Ad hoc Networks, Ad Hoc Networking, C.E. Perkins, Ed., Addison-Wesley, 2006, 139-172. [12] Nor Surayati Mohamad Usop, Azizol Abdullah and Ahmad Faisal Amri Abidin, Performance Evaluation of AODV,DSDV & DSR Routing Protocol in Grid Environment, IJCSNS International Journal of Computer Science and Network Security, pp. 261-268,2009

B. Asymmetric Cryptography Solutions

C. Hybrid Solutions

TABLE II MAPPING BETWEEN THE ATTACK PATTERNS AND PROTOCOLS Protocols SEAD Attack Ariad ne SRP AR AN SAR SOA DV

[13] Abdul Hadi Abd Rahman and Zuriati Ahmad Zukarnain, Performance Comparison of AODV,DSDV and I-DSDV Routing Protocols in Mobile Ad Hoc Networks, European Journal of Scientific Research, pp.566576, 2009 [14] TEMPORALLY-ORDERED ROUTING ALGORITHMhttp://en.wikipedia.org/wiki/Temporallyordered_routing_algorithm [15] Vincent D. Park and M. Scott Corson, THE TEMPORALLYORDERED ROUTING ALGORITHM, http://www.ietf.org/proceedings/40/slides/manet-tora/sld001.htm [16] N.Shanthi, Dr.Lganesan and Dr.K.Ramar,Study of Different Attacks on Multicast Mobile Ad-hoc Network, Journal of Theoretical and Applied Information Technology, pp.45-51 [17] Monis Akhlaq, M. Noman Jafri, Muzammil A. Khan and Barber Aslam,Addressing Security Concerns of Data Exchange in AODV Protocol, World Academy of Science, Engineering and Technology 16, pp. 29-33, 2006 [18] Mohd Anuar Jaafar and Zuriati Ahmad Zukarnain, Performance Comparisons of AODV, Secure AODV and Adaptive Secure AODV Routing Protocols in Free Attack Simulation Environment, European Journal of Scientific Research, pp. 430-443, 2009.