MOBILE AD HOC NETWORKS SECURITY

Transcription

1 MOBILE AD HOC NETWORKS SECURITY DRAGAN MLADENOVIĆ The Guard, Serbian Army Forces, Belgrade, DANKO JOVANOVIĆ Logistics Department J-4, Serbian Army Forces General Staff, Belgrade, Abstract: Mobile ad hoc networks (MANET) are becoming increasingly popular wireless networking model in various areas of technology usage from every-day to specific military purposes. Security in ad hoc networks is a key concern in order to provide protected communication between mobile nodes in an unknown and heterogeneous environment. The main challenge of MANETs is their vulnerability to security attacks and how to operate securely and efficiently while preserving its own resources. This paper discusses the most common type of attack on MANET and their security challenges. There are a lot of existing solutions in this field which propose increasing of MANETs security by new protocol design, evaluate existing protocols and their abilities, propose new routing protocols, find solutions and prevention measures for existing attacks or improving specific characteristics of MANET such as the packet drop rate, the overhead, end-to-end packet delays, network throughput etc.this paper attempts to provide an overview of MANET security challenges.the paper finishing by presenting current and possible solutions as a problems requiring for further research in the future. Key words: Ad Hoc Networks, MANET, Security. 1. INTRODUCTION The era of wireless communication began at the end of the 19th century with the first successful wireless radio transmission performed by an American scientist of Serbian origin Nikola Tesla in This form of information transfer has become predominant in everyday life, owing to the development of mobile telephony and technology for digital data transfer of greater capacity. The advantages of wireless communication are smaller demands for infrastructure equipment, reduced average cost, shorter time for establising the connection and increased user mobility. This kind of network communication development is in line with the famous Theory of Inventive Problem Solving (TRIZ) formulated by a Russian engineer and scientist Genrikh Altshuller, stating one of the key laws of the evolution of technical systems: All technical systems are developed in the direction of an ideal final solution. An ideal system is a system that performs its main function, while the technical system itself does not exist [1]. For example, an ideal information network is the one performing its function of data, service and process communication from one point to another and fulfills all the requests of the clients (network nodes), in the required time and space, where the network itself does not exist. For now such an ideal network is unattainable, but the researchers obtain from its definition the key data for construction of the future, more efficient networks. The closest to such an ideal form of a computer network are mobile ad hoc networks (MANET). All this leads to new technological possibilities for clients themselves (devices, servisces, persons, systems). On the other hand, the development of technology increases the demands for construction of specific autonomous devices that must be able to independently provide sufficient energy for networking and the necessary level of data processing in order to fulfill its basic purpose, good networking services, necessary level of connection security and other. The demand for MANET networks stands in opposition to the achieved level of security, significantly influencing their application in specific envirnments such as military environment. 2. WHAT IS MOBILE AD HOC NETWORK? Mobile ad hoc network is a wireless self-configuring network consisting of, theoretically, infinite number of mobile processor devices temporarily structurally interconnected into a network by any number of wireless connections. They dynamically self-organize in arbitrary and temporary network topologies, maning that their elements may independently or in groups form ad hoc networks, leave them, smaller networks may merge into larger and vice versa. Each MANET device may independently move in any direction and thus, often change its connections to other devices within the network. Each of the nodes may forward traffic, not 538

2 necessary for its needs, to other nodes (with which it does not necessarily have to be connected directly), so thus, every node within the network may be a router. This is why they are not dependent on network infrastructure (and can exist even in areas without preexisting communication infrastructure or when the use of such infrastructure requires wireless extension), since their structure is created by own networking capacities of network elements. However, the mobility of nodes in an ad hoc network is not a requirement, since there are also static (wired and wireless) ad hoc networks, that may use services provided by a fixed network infrasructure (such as Wireless Mesh Networks). The primary importance in MANET networking is not in network hardware and software applications, but the ability of application of the same networking technology. Therefore, mobility limitations within a MANET are not imposed by outside networks, but inherent characteristics of devices (nodes) and characteristics of connection signals stemming from relations established between network members. Figure 1. Schematic overview of wireless networks Increase in one characteristic of a technical system (efficiency, range, energy, speed of operation) leads to decrease of another characteristic (security), it is obvious there is a contradiction. The energy available to nodes in a network is used on processor work, establishing network communication, establishing connection, quality of service, reliabilty and security of work. On the other hand, the requirement for mobility of nodes requires limitation of their physical dimensions and greater autonomy, resulting in smaller dimension of devices and, therefore, smaller dimensions of energy source. Thus, the energy available to nodes is limited and represents the most important inherent resource, so the academic community makes enormous efforts in research and development of different types of protocols to answer the demands for both efficiency and security. In these contradictions make for the characteristic issues of mobile ad hoc networks: Unreliable wireless communication between nodes. Mobile nodes are not consistent communication participants, since their energy resource is extremely limited. Network toology is highly variable (they have no infrastructure). Nodes are constantly moving within the network, going in and out of range of other nodes, leading to frequent changes of routing information within an ad hoc network. Security of wireless mobile ad hoc networks is low. Protocols and procedures used in wireless static infrastructure networks are not applicable in ad hoc mode of operation. Due to the lack of energy of network nodes and dynamic and constant changes in network topology, the procedure of provision of trust between nodes and ensuring their communication must be implemented every time communication between any two network nodes is established (either for direct traffic between them - single hop connection, or in rerouting the traffic to a third node - multi hop connection). Limited physical security. The consequence of these issues is high vulnerability of mobile ad hoc networks to attacks, making the issue of security one of the most important problems that has yet to be solved in an efficient manner. This is especially prominent in military application of MANETs, since the security requirement is primary in this case. This is why it is important to name basic vulnerabilities of mobile ad hoc networks, attacks using these vulnerabilities and provide an overview of the existing security solutions. 3. MANET SECURITY REQUIREMENTS Security is the combination of processes, procedures and systems used to ensure confidentiality, authentication, integrity, availability, access control, and nonrepudiation. [2]. What do these requirements represent in the case of MANETs? Confidentiality represents the capability to prevent access to information by unauthorized users or nodes. Since MANETs use open medium, all users of this medium (free nodes) have the access to information within certain transmission range. The basic way to preserve confidentiality is encryption and alternative is to limit the emission of data through the use of directional antennas. Authentication is the ability of an unambiguous confirmation of node identity and simultaneously the ability to prevent taking false identity, a frequent case in wireless networks. However, in infrastructure wireless networks it is possible to establish a central authority (functioning as a router, base station or access point), which is not the case for MANETs, so this requirement must be fulfilled through other methods, primarily through routing protocols and inbuilt access control mechanisms. Integrity represents the ability to prevent an unauthorized change or destruction of messages being transmitted within MANET, as well as prevent subsequent messages from the attacker after the unauthorized change. Interception and change of data in a wireless medium is very frequent. Non-repudation is the inability of any node within a 539

3 MANET to negate the fact that it is a sender of a message. This requirement is provided by producing a signature for every message. In an usual encryption procedure by the public key method, every node in a MANET signs a message by application of a private key. All other nodes verify the signed message with this node s public key, therefore he cannot negate that his signature is attached to the message. Availability represents the availability of all network services and resources to legitimate network users, which is essential for preserving the network structure during the attacks. Access control is a procedure for prevention of unauthorized access and use of network systems and resources. Different mechanism are used in order to provide these security requirements. The first line of defense are conventional mechanisms such as authentication, access control, encryption and digital signature. The second line of defense are intrusion detection systems and different cooperation enforcement mechanisms enabling the defense from attacks, improving the cooperation within the network and eliminating selfish behaviour of nodes [2]. Security requirements in MANET are primarily provided by preventive and reactive mechanisms. Preventive mechanisms represent all the procedures, actions and measures taken for the purpose of preventing incidents by removing the opportunity for the attacker to attack. The most important preventive mechanism is encryption, symmetric and asymmetric. Encryption assembly functions such as hash functions may improve the integrity of messages during their transmission. Treshold encryption may be used to hide data by dividing it to great number of smaller parts [2]. Important preventive measures must include physical security of the devices, especially in combat environment during military application. Physical loss of any node (device which is a part of a MANET), may cause an insider attack capable of disturbing the work of the entire network [3]. Reactive mechanisms are necessary in cases when preventive mechanisms fail in preventing the attacks, which happens often in practice. The first among the reactive mechanisms are intrusion detection systems and their basic function is discovery of irregularities in the operation of a network, most often achieved by comparing with patterns of proper states or well known attacks (misuse detection systems). If the attack for which patterns do not exist occurs, systems for anomaly detection, statistically defining normal or expected behavior of the system, are used. 4. TYPES OF ATTACKS ON AD HOC NETWORKS The advantages of MANETs enabling the ease of establishment, functioning without infrastructure and a dynamic topology are at the same time their main disadvantages regarding security. As a result, there is a wide range of possible attacks on different levels, including routing protocols, nodes in routing process and others. Many of these attacks are not characteristic only for MANETs, but are used on wired networks as well. These attacks may be grouped by type, manner of execution, undertaken activity, by OSI layer being attacked, etc. Most attacks, however, do not fall under one isolated category, but may be grouped under several different categories depending on criteria used. On principal, the most frequent classification of MANET security attacks is according to mode of attack, where most researchers classifies the attacks to active and passive. MANETs are highly dependent on energy that is available to their nodes. Since they are mobile devices, their energy is not renewable and is stored in batteries. It is spent on maintenance of the network itself and any excess routing of information within the network for the purpose of providing network services, transfer of information from one part of the network to another during multi-hop traffic or provision of security for the network may rapidly make many individual nodes to stop working. Having this in mind, any attack on the network is simultaneously an attack on its energy resources. An active attack is any attack that causes expenditure of energy of network members used to remove the threat of attacks or to mitigate anomalies in normal network operation (if it is an external attack) or requiring the node whose disturbance in work is endangering the network to expend the energy in order to perform an attack on the rest of the network (internal attacks). Active attacks cause change, destruction or generation of data that is transferred throught the network, thus disturbing normal functioning of nodes or the network. External attacks may be prevented by all the standard protection mechanisms such as encryption, firewalls and application of security protocols (IPSec, ESP, SAR, AODV, DSR, ARAN, ARIADNE, SENCAST, SEAMAN, etc). Internal attacks are initiated by compromised nodes in the network which have the status of authorized parts of the network. Besides being hard to discover, internal attacks may cause much more serious consequences to network functioning. According to the same criterion, external passive attacks do not require expenditure of energy of the attacked parts of the network (do not disturb their work), or, if it is the case of internal attacks, they relate to selfish behavior of certain nodes that reject network cooperation in order to preserve their own energy, which indirectly leads to disturbance in the network work. Passive attacks are attacks initiated with the sole purpose of unauthorized monitoring of data traffic in the network, without data change or disturbance in the network work. If the attacker has the ability to interpret discovered data on the network operation, we talk about breach of confidentiality. Since the attacker does not change the operation of the network, these attacks are the hardest to discover. Although they do not have any direct consequences to the attacked network, passive attacks may have serious indirect consequences, since they may represent a precondition for an active attack by previous provision of information [4]. These attacks are most often directed against data link and physical layers. Prevention mainly consists of application 540

4 of complex traffic encryption, application of protection protocols and methods of radio signal transmission, such as Frequency-hopping spread spectrum (FHSS) or Directsequence spread spectrum (DSSS). A specific passive attack is snooping, consisting of an unauthorized access to network data, or generally to any utility, method or software that performs a monitoring function. Snooping is an attack similar to eavesdropping, but unlike eavesdropping it does not have to be limited to access to monitored data during a transmission. According to the technique used during the attack, the greatest and most frequent threats to MANET operation are attacks that perform modification, impersonation and fabrication Modification attacks These attacks include deletion, insertion, or alteration of information in an unauthorized manner usually represented to the client as legitimate. This means that the unauthorized side must access the subject of the attack, and then change a certain value, such as a change of values in routing messages or inject them with false values. Most MANET routing protocols, such as AODV, use the hop count parameter in order to determine the shortest route. A malicious code within the network may set the false hop counts or false value of route sequence numbers. Any of these mentioned or similar actions leads to disturbances in network operation due to redirection of network traffic. Many types of attacks are performed by application of this method. For example, by changing the source routes in routing messages (modifying the routing message headers or forwarding routing message with false values) DoS attacks may be realized by redirecting the network traffic to the attack target, traffic may be redirected for the purpose of listening or redirected to a longer route to cause communication delay or energy waste. communication interruption. Figure 3 shows the shortest route between (e) and (f) nodes, (e, c, a, 1, b, d, f), leading through the malicious node (1). Let us suppose that node couples (a) and (b), as well as (b) and (f) are not in direct range of one another, but can only communicate solely through node (1). Figure 3. Modification attack causes network communication interruption. Also, let us suppose that a session between (e) and (f) is underway and that node (e) has a valid route to (f) in its route cache. In accordance to this, (e) sends a data packet to (f) whose header contains a source route (e, c, a, 1, b, d, f). When the data packet reaches node (1) it may change its source route by erasing node (d) from the route and forwarding it to (b). When (b) receives the data packet with changed header, it will unsuccessfully try to forward it directly to (f), since these two nodes are not in direct range and cannot hear each other. This is how the transmission becomes unsuccessful [5] Impersonation attacks With impersonation technique (spoofing, masquerading) it is possible to undertake a large number of attacks in MANET environment. A malicious node may overtake identities of several different nodes in the network and thus completely disturb its work. These attacks are enabled by a lack of or bad authentication during data packet transfer in ad hoc networks. The malicious node misrepresents its identity within the network, most often by changing MAC or IP address in outgoing data packets and misleads other nodes in the network on parts of network they can establish a connection with. For example, traffic belonging to impersonated node may be rerouted to the malicious node, or loops in the network can be created, further resulting in partitioning the network. Figure 2. Modification attack Figure 2 shows a malicious node (1) that may propagate messages to other nodes in the network with false claims on the length of a route. It redirects traffic in the part of the network on the route between (a) and (f) nodes by propagating forwarding messages with false values claiming that the route between (a) and (f) going through it, (1), is shorter than claimed by node (b) [5]. In this manner the traffic is rerouted through the attacking node (1) that enables taking over the session, listening to traffic, creating communication delay and provokes energy expenditure in the network. Other possibility is to apply the modification attack for the purpose of network a c 1 b d Figure 4. Taking over of identity phase In the case illustrated in Figure 4, five nodes (a), (b), (c), (d) and (e) relate to each other: node (a) has a range connection with (b) and (c), node (b) has a range e t 541

5 connection with (a) and (d), node (c) has a range connection (a) and (d). The malicious node (1) may hear nodes (a), (b), (c) and (d) and by analyzing discovery packets may determine network topology in its environment, after which it creates a loop preventing any of the nodes in the environment to reach node (t). It can achieve this through change of its own MAC address and misrepresent itself as node (a), move closer to node (c) and goes out of range (a). After that, it sends a false message to node (c) where hop count to node (t) is smaller than the one emitted by node (d). Than node (c), wishing to reach node (t) changes its route to node (t), so that it goes through node (a) (since it receive a false message from (1) that (a) is closer to (t) than (d)). As in the previous step the malicious node (1) changes its MAC address taking over node (c) address, moves closer to node (d) and out of range of (c) and sends a message to count to (t) smaller than through (e). node (d) that the route through node (c) contains hop example, false route error messages (RERR) and routing updates that incite network activities and increase expanding of node resources (energy). Figure 7 shows situation where node (e) has a route to (f) through nodes (c), (a), (b) and (d). The malicious node (1) can undertake an attack (DoS) on node (f) by constant sending of route error messages to (a), thus discrediting node (b) with information that connection between (b) and (f) has been interrupted. Node (a) receives false route error messages, accepts they came from node (b) and as a consequence updates (erases) its own routes table entry for node (f) and forwards route error message to (c), that also updates its route tables [5]. Node (1) can constantly listen to the connection and each time, upon recognizing the request of node (a) to establish a connection with node (f), can broadcast spoofed route error message and this prevent communication between these two nodes in the network. a c 1 b d Figure 5. Misrepresentation phase Finally, node (d) changes its route to (c) thus created a loop separating nodes (a), (b), (c), (d) from the rest of the network to which they were previously connected by node (e). a c b d Figure 6: Separating part of network 4.3. Fabrication attacks In this type of attack, the attacker (an unauthorized party) gains access and generates different false routing information and broadcasts them within network. For 1 e e t t t t Figure 7. Fabrication attack Some of the best known fabrication attacks are blackhole, grayhole and wormhole attacks. Blackhole attack. This is type of attack where the malicious node sends false replies to route requests of other nodes even if it does not have the real information on routes to request destinations. In this way it constantly tends to become a part of active traffic route in the network if the opportunity arises. By doing so it interrupts the flow of data packets legitimately sent to the destination node or disturbs route discovery process. These attacks may be external or internal. There is a possibility of several neighboring black holes to join in a common attack. Grayhole attack. During grayhole attack the attacker performs the same activity as in blackhole attacks, but there are performed selectively on determined nodes. This means that he properly forwards data packets of certain nodes, but prevents sending of data packets to end from other nodes. Also the malicious activity may be implemented in a limited period of time, while the rest of time the gray hole behaves normally. Cooperative attacks of several neighboring attackers may be undertaken in this case as well. Due to the cover up of illegitimate behavior, grayhole attacks are harder to discover than blackhole attacks. Wormhole attack. In this attack the attacker disturbs routing by shortening the usual packet routing flow. Although it is possible to undertake this attack with only one note, it is most often performed by two or more attackers connected in the so-called wormhole link. They collect data packets on one end and replay them at the other end by using their own direct high-speed connection (tunnel). These attacks are relatively easy to undertake, and on the other hand they can cause serious consequences on the network, even if encryption or 542

6 authentication techniques are used in routing. The attacker can tunnel request packet RREQ directly to the destination without the increase of hop-count value. In this way it prevents all other routes from being discovered. The MANET routing protocol can thus be prevented from functioning properly, since it would not be able to find routes longer than one or two hops. Since they have a direct channel of communication the attackers are able to easily provide higher speed of data packet flow than they would usually flow in a normal multi-hop route longer than a typical single-hop tunneled distance. Two wormhole attacks may be merged with message dropping attack in order to prevent the destination node to receive data packets. RREP route (d)-(h)-(2)-(1)-(a)-(s). Upon receiving the message, the source (S) decides to send the data on a faster route, through the malicious nodes. Besides the already mentioned attacks focusing on endangering the network layer activities there are many other types of MANET attacks, such as Internet connectivity attacks (bogus registration, replay attack, forged FA), snooping, byzantine attack, information disclosure, resource consumption attack, routing attacksrouting table overflow, routing table poisoning, packet replication, route cache poisoning, rushing attack, transport layer attacks (session hijacking, application layer attacks-repudiation, multi-layer attacks, denial of service), as well as many other, such as impersonation, SYN flooding, jamming etc. a) b) Figure 8. a) Propagation of route request RREQ packet from source node, b) Shorter path taken by destination node to send RREP packet As previously mentioned, a wormhole attack most often requires two malicious nodes (Figure 9 node (1) and (2)). They are interconnected by a wormhole link and their goal is to attack source (s). During the path discovery activity, (s) broadcasts RREQ message to destination node (d). Nodes (a) and (b), first neighbors of the source (s) receive RREQ messages and forward them to their neighbors, including node (1). It records and tunnels RREQ through the wormhole link to node (2). The second malicious node forwards RREQ to its neighbor (h), which forwards the message to the destination node (d). The route for this RREQ message is (s)-(a)-(1)-(2)-(h)-(d). The second RREQ packet has reached the destination through the (s)-(b)-(c)-(e)-(f)-(g)-(d) route. Since nodes (1) and (2) are connected by a fast tunnel link, their RREQ packet arrives to destination much sooner than the packet taking a different route. Thus the destination node (d) ignores the message arriving late, chooses the message which arrived along the faster route and decides to send an unicast message on a Figure 9. Wormhole attack on AODV protocol in MANET In relation to which layer is being attacked (according to the Internet Model), MANET attacks may be classified as follows: Application layer: Repudiation, Data corruption; Transport layer: Session hijacking, SYN flooding; Network layer: Wormhole, Blackhole, Byzantine, Routing attacks (Routing table overflow, Routing table poisoning, Packet replication, Route cache Poisoning, Rushing attack, flooding, Resource consumption, Location disclosure attacks, IP Spoofing, State pollution attack, Sybil attack, Fabrication, Modification; Data link layer: Traffic analysis, Monitoring, Disruption MAC (802.11), WEP weakness; Physical layer: Jamming (Interference), Spoofing, Interceptions, Eavesdropping; Mixed (Multi layer): DoS, Impersonation, Replay, Manin-the-middle, Location disclosure attack, Flooding attack, Colluding misrelay attack, Device tempering, Link spoofing, Neighbor attack, Jellyfish attack, Packet dropping attacks, Sleep deprivation torture. 5. DISCUSSION AND CONCLUSIONS ON SECURING MANET In order to make the routing protocols in MANET secure, it is necessary to know the characteristics of all types of MANETs and mechanisms of their work. Safety is provided by application of security processes, procedures 543

7 and systems that provide authentication, confidentiality, integrity, availability, access control, and non repudiation. MANETs do not depend on the fixed network, but all nodes may access the data within the network, where the only limitation is their communication range. This is why it is necessary to achieve trust and confidentiality, which is primarily achieved by prevention of unauthorized nodes to access data. Mere authentication must be undertaken to determine the identity of source and neighboring nodes, primarily for the purpose of prevention of their access to unauthorized resources and information, as well as malicious interference in the routing processes significant to other nodes in the network. By protection of integrity malicious nodes are prevented from data change and distribution of changed routing messages back into the network. By non repudiation measures any node is prevented from sending messages to the network to negate authorization of a sent message. Since the functioning of MANET networks depends on collaboration between nodes, a large number of security protocols has been developed so far, like WEP, ARAN, SSL, SEAD and others. None of these protocols is capable of solving all possible security vulnerabilities. This is why MANETs use distributed intrusion detection systems that often have the task of observing misbehaving and selfish nodes. The best defense from passive attacks are traditional protection procedures, such as application of digital signature, encryption (asymmetric and symmetric cryptography), access control and authentication. Efficient defense from active attacks to MANET primarily consists of se intrusion detection systems application and provision of mandatory network cooperation mechanisms. Although traditional, these mechanisms (digital signature, hash chains mechanisms and others) are increasingly used as an upgrade to the existing MANET routing protocols, such as Secure Ad hoc On Demand Distance Vector (SAODV), that upgrades AODV. Hash chains are used for the purpose of securing hop-count mechanisms, while each MANET node uses a digital signature for basic routing messages (RREQ, RREP and RRER), that must be verified by its network neighbor. Many researchers have been developing in recent years their own proposals for the improvement of the existing and development of new protocols to achieve a higher level of security within a MANET. However, many security vulnerabilities remain in the design of the modern routing protocols since their mechanisms mainly provide the security of routing messages, not the content exchanged by nodes during communication within the network. Besides this, the application of new procedures in routing processes and introduction of digital signature increase the size of routing messages which additionally burdens the network traffic and leads to faster spending of limited energy resources. For example, in order to prevent frequent wormhole attacks, new techniques are being developed, such as Packet Leash mechanism, in which every node in the network receives an authenticated symmetric key from each node in the network, used by the message recipient to verify the truthfulness of objective information in messages, such are time of sending and location of the sender. Apart from this, other techniques are developed, such as Time of Flight, serving to prevent wormhole attacks, by calculating the expected travel time of the routing message from the source to the destination and back, comparing it with the estimated distance between nodes in the network, and concluding whether the estimated distances are within the possible communication range. Other significant improvements of MANET operation are directional antennas than may be used to detect wormhole nodes. This procedure is based on the fact that each pair of nodes determines the direction of the signal received from the neighboring node. If the calculated direction of both nodes match, routing communication is established. Besides these, there are other methods and techniques, such as Network Visualization, LiteWorp, Localization etc. References [1] Altshuller, G., And Suddenly the Inventor Appeared: TRIZ, the Theory of Inventive Problem Solving, Worcester : Technical Innovation Center, Inc.; 2nd edition, [2] Wu, B., Chen, J., Wu, J., Cardei, M. A Survey of Attacks and Countermeasures in Mobile Ad Hoc Networks. [book auth.] X. Shen, and D.-Z. Du (Eds.) Y. Xiao, Wireless/Mobile Network Security, Spinger, [3] Peterson, S., Faramarzi, P. Exclusive: Iran hijacked US done, says Iranian engineer (Video). csmonitor.com. [Online] The Christian Science Monitor, December 15, [Cited: June 26, 2012.] East/2011/1215/Exclusive-Iran-hijacked-US-dronesays-Iranian-engineer-Video. [4] Djenouri, D., Khelladi, L., and Badache, A.N., A survey of security issues in mobile ad hoc and sensor networks 4, 2005, IEEE Communications surveys & tutorials, Vol. 7, pp [5] Secure routing protocol for ad hoc networks. Sanzgiri, K., Dahil, B., Levine, B.N., Shields, C., Belding-Royer, E.M. Santa Barbara : Departmenet of Computer Sciences, California University, Santa Barbara, 2002, Proceedings of 10th IEEE International Conference onmnetwork Protocol. pp , [6] Lauf, A., Distributed Sensing With Fault-Tolerant Resource Reallocation For Disaster Area Assessment, Dissertation. Nashville, Vanderbilt University, [7] Abramsson, N., The ALOHA system - another alternative for computer communications. AFIPS Conf. Proc., FJCC. 1970, Vol. 37, pp [8] Xiao, Y., Shen, X., and Du D.Z. (Eds.). A Survey on Attacks and Countermeasures in Mobile Ad Hoc Networks, Wireless/Mobile Network Security. s.l. : Springer, [9] Chlamtac, I., Conti, M., Liu, J. [Online], [Cited: July 1,2012], 544