Security in Ad Hoc Network



Similar documents
Security for Ad Hoc Networks. Hang Zhao

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

Lecture 2.1 : The Distributed Bellman-Ford Algorithm. Lecture 2.2 : The Destination Sequenced Distance Vector (DSDV) protocol

Ariadne A Secure On-Demand Routing Protocol for Ad-Hoc Networks

A Comparison Study of Qos Using Different Routing Algorithms In Mobile Ad Hoc Networks

SECURITY ASPECTS IN MOBILE AD HOC NETWORK (MANETS)

Vulnerabilities of Intrusion Detection Systems in Mobile Ad-hoc Networks - The routing problem

Security and Privacy Issues in Wireless Ad Hoc, Mesh, and Sensor Networks

A Review of Secure Ad-hoc Routing

Security Threats in Mobile Ad Hoc Networks

Tema 5.- Seguridad. Problemas Soluciones

Routing Protocols Security in Ah Hoc Networks

Modified AODV protocol for prevention of Denial of service attacks in wireless Ad hoc networks

COMPARATIVE ANALYSIS OF ON -DEMAND MOBILE AD-HOC NETWORK

All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices

Behavior Analysis of TCP Traffic in Mobile Ad Hoc Network using Reactive Routing Protocols

Wireless Mesh Networks under FreeBSD

Preventing DDOS attack in Mobile Ad-hoc Network using a Secure Intrusion Detection System

How To Write A Transport Layer Protocol For Wireless Networks

Security Scheme for Distributed DoS in Mobile Ad Hoc Networks

An Efficient QoS Routing Protocol for Mobile Ad-Hoc Networks *

International Journal of Advanced Research in Computer Science and Software Engineering

Mobile Security Wireless Mesh Network Security. Sascha Alexander Jopen

A Study of Internet Connectivity for Mobile Ad Hoc Networks in NS 2

SIMULATION STUDY OF BLACKHOLE ATTACK IN THE MOBILE AD HOC NETWORKS

Performance Analysis of Load Balancing in MANET using On-demand Multipath Routing Protocol

LIST OF FIGURES. Figure No. Caption Page No.

Study of Different Types of Attacks on Multicast in Mobile Ad Hoc Networks


IJMIE Volume 2, Issue 7 ISSN:

A REVIEW: MOBILE AD-HOC NETWORK PROTOCOLS AND SECURITY ISSUES

PERFORMANCE ANALYSIS OF AD-HOC ON DEMAND DISTANCE VECTOR FOR MOBILE AD- HOC NETWORK

Mobile Adhoc Network(MANETS) : Proposed solution to Security Related Issues

Load-balancing Approach for AOMDV in Ad-hoc Networks R. Vinod Kumar, Dr.R.S.D.Wahida Banu

Performance Evaluation of AODV, OLSR Routing Protocol in VOIP Over Ad Hoc

Design and Implementation of Ad-hoc Communication and Application on Mobile Phone Terminals

UNIT 8:- Mobile Ad-Hoc Networks, Wireless Sensor Networks

Djenouri Djamel & Nadjib Badache

An Extended AODV Protocol to Support Mobility in Hybrid Networks

SECURITY ISSUES: THE BIG CHALLENGE IN MANET

Delay aware Reactive Routing Protocols for QoS in MANETs: a Review

Optimization of AODV routing protocol in mobile ad-hoc network by introducing features of the protocol LBAR

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

Security in Wireless Local Area Network

Keywords: DSDV and AODV Protocol

CHAPTER 1 INTRODUCTION

About the Authors Preface Acknowledgements List of Acronyms

DESIGN AND DEVELOPMENT OF LOAD SHARING MULTIPATH ROUTING PROTCOL FOR MOBILE AD HOC NETWORKS

Security and Scalability of MANET Routing Protocols in Homogeneous & Heterogeneous Networks

Robust Routing in Wireless Ad Hoc Networks

III. Our Proposal ASOP ROUTING ALGORITHM. A.Position Management

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

An Implementation of Secure Wireless Network for Avoiding Black hole Attack

Comparison of Various Passive Distributed Denial of Service Attack in Mobile Adhoc Networks

Position and Velocity Aided Routing Protocol in Mobile Ad Hoc Networks

Achieving Energy Efficiency in MANETs by Using Load Balancing Approach

Comparative Study of Performance Evaluation for Mobile Ad hoc networks using a proxy node

SECURE DATA TRANSMISSION USING INDISCRIMINATE DATA PATHS FOR STAGNANT DESTINATION IN MANET

mlab: A Mobile Ad Hoc Network Test Bed

ADAPTIVE LINK TIMEOUT WITH ENERGY AWARE MECHANISM FOR ON-DEMAND ROUTING IN MANETS

ISSUES AND CHALLENGES OF QUALITY OF SERVICE IN MOBILE ADHOC NETWORK

Evaluating the performance of secure routing protocols in Mobile Ad-hoc Networks

CROSS LAYER BASED MULTIPATH ROUTING FOR LOAD BALANCING

`PERFORMANCE COMPARISON OF ENERGY EFFICIENT AODV PROTOCOLS

DSR: The Dynamic Source Routing Protocol for Multi-Hop Wireless Ad Hoc Networks

6LoWPAN Technical Overview

A Review Paper on Preventing DDOS Attack and Black Hole Attack with MANETs Protocols

ISSN: (Online) Volume 2, Issue 4, April 2014 International Journal of Advance Research in Computer Science and Management Studies

Kaur et al., International Journal of Advanced Engineering Technology E-ISSN

Study of Network Characteristics Incorporating Different Routing Protocols

NetworkPathDiscoveryMechanismforFailuresinMobileAdhocNetworks

Survey on Load balancing protocols in MANET S (mobile ad-hoc networks)

Study And Comparison Of Mobile Ad-Hoc Networks Using Ant Colony Optimization

Robust Security Solution to Countermeasure of Malicious Nodes for the Security of MANET

Dynamic Source Routing in Ad Hoc Wireless Networks

WIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006

CHAPTER 6. VOICE COMMUNICATION OVER HYBRID MANETs

ECE/CS 372 introduction to computer networks. Lecture 13

Ad hoc On Demand Distance Vector (AODV) Routing Protocol

Routing Security in Ad Hoc Wireless Networks 1

A Robust Approach to Detect and Prevent Network Layer Attacks in MANETS

Secured Data Transmissions In Manet Using Neighbor Position Verfication Protocol

QUALITY OF SERVICE SUPPORT MOBILE AD-HOC NETWORKS (MANETS): ITS CHALLENGES AND ASSOCIATED ISSUES

Denial of Service in Sensor Networks

EFS: Enhanced FACES Protocol for Secure Routing In MANET

Transcription:

Security in Ad Hoc Network Bingwen He Joakim Hägglund Qing Gu Abstract Security in wireless network is becoming more and more important while the using of mobile equipments such as cellular phones or laptops is tremendously increasing. Due to the unique characteristic of wireless network, unlike wire line networks, to achieve this goal is never a trivial challenge. Mobile ad hoc networks (MANETs) is a special wireless network which does not rely on any fixed infrastructure but depends on the cooperation between each node like a cellular phone in the network. In this essay we discuss the possible attacks in MANETs and briefly discuss the solutions aimed to these problems. This essay is produced for the course Secure Computer Systems HT2005 (1DT658) of which the lecturer is Björn Victor. 1 Introduction Wireless networks use radio waves to transmit the signals and exist in basically two different flavors, infrastructure and ad-hoc. In infrastructure mode all traffic is transmitted between the nodes via an access point which controls the network and provides it with the security mechanisms. The most commonly used standard for wireless networks is the 802.11 standard or Wi-Fi which actually is not a standard but a whole family of standards using the same protocol. The security in wireless networks using Wi-Fi consists of WEP, WPA and now recently WPA2 which is basically a finalized version of WPA. WPA was created as an intermediate security system while WPA2 was finalized and tested since the previous system (WEP) contained several serious weaknesses. Benefits and applications of ad-hoc Ad-hoc networking doesn't require any access points as opposed to wireless networks in infrastructure mode. This makes them useful in a lot of different applications. It is largely used in military applications and in rescue operations where the existing communication infrastructure has been destroyed or is unavailable, for example after earthquakes and other disasters. But ad-hoc is nowadays also being used in a lot of commercial applications, like mobile phones and PDAs using the Bluetooth protocol, since it is fast and quite easy to setup and doesn't require any extra equipment.

Characteristics and standards of ad-hoc While the wireless standard 802.11 does support ad-hoc networks, it is very restricted since it doesn't provide routing between the nodes, so a node can only reach the directly visible nodes. Instead protocols like the Ad-hoc On-demand Distance Vector protocol (AODV) or Dynamic Source Routing protocol (DSR) could be used. These routing protocols are so called reactive routing protocols, meaning it establishes a route to a destination only when needed. In contrast the more commonly used routing protocols on the Internet are proactive meaning they will set up routes independently of the traffic in the network. This means that the reactive network is silent until a connection is needed and thus lessens the congestion in the network. DSR is an even more optimized protocol which doesn't require the forwarding computers to have up to date routing tables but includes a list of network addresses in the packet. The protocol also eavesdrops the local network traffic and listens for this routing information included in the packets and adds it to its own routing table. One of the main goals when designing mobile ad-hoc networks (MANET) where the nodes move around and the topology quickly changes is to protect the network connectivity between the nodes over potentially multi-hop channels. To get multi-hop connectivity you must provide one-hop connectivity through the link-layer (e.g. 802.11) and extend that to multi-hop connectivity through routing and data forwarding protocols in the network-layer (e.g. DSR). We will discuss about the above issues in the following structure: in chapter 3 we will discuss the passive attacks and active attacks, in active attacks three kinds of attacks attacks by modification, attacks by fabrication and attacks by impersonation are introduced. In chapter 4 we will give the current security solutions mainly on network-layers, which consist of securing ad hoc route protocols and securing packet forwarding. 2 Attacks Like all kinds of networks, passive attack and active attack are two kinds of attacks which can be launched against ad hoc networks. The passive attacks only intercept the message transmitted in the network without disturbing the transmission. By doing this, the attacker will be able to analyze the valuable information like network topology to perform further attacks. For example, by eavesdropping and subsequent analyses, the attacker may notice that some particular node is used much more than the others, which means it might be the heart of this network. If this node is brought down, the whole network will be out of action as well. Then the attacker can deploy some special attacks to achieve this goal. Unfortunately, this kind of attack in wireless network is impossible to detect due to the nature of wireless network that its medium is air which is widely open to every user within the domain. The active attacks are carried out by malicious nodes which aim to disrupt transmission among other nodes or selfish nodes which may just want to save their own battery. There are mainly

three ways to perform such an attack. Attacks using modification Below we briefly talk about several modification attacks against AODV and DSR. (1) Redirection by Modified Route Sequence Numbers: Protocols such as AODV assign some value to routes to the specific destination to decide the priority. A route with a higher value is preferred. The node may change traffic through itself by advertising a route to a node with a greater value. (2) Redirection with Modified Hop Counts: Without other metrics, AODV uses the hop count field to determine a shortest path. Malicious nodes can reset the hop count field of the RREQ to zero so that increases the chance that they are included on a newly created route. Similarly, malicious nodes may be not included in the created routes if they set the hop count field of the RREQ to infinity. (3) Denial-of-service with Modified Source Routes: DSR uses source routes stating routes in data packets. These routes lack integrity checks. So denial-of-service attack can be launched by altering the source routes in packet headers so that the packet can not be delivered to the destination. Attacks using Fabrication When a node misrepresent the identity in the network such as by altering MAC or IP address in outgoing packets, spoofing can occur. It can modify the rooting of some nodes then lead to loops in the network which will increase the power consumption greatly. Attacks using Impersonation These attacks generate false routing messages which can be difficult to distinguish from invalid constructs. (1) Falsifying Route Errors in AODV and DSR: In ADOV and DSR, if the destination node or an intermediate node along the active path moves, the node upstream of the link break broadcasts a route error message to all active up stream neighbors. This message causes the corresponding route to be invalid. A denial-of-service attack can be achieved by sending route error messages indicating a broken link on the route, then prevent the source from communicating with destination. (2) Route Cache Poisoning in DSR: A node overhearing may add the routing information contained in the packet's header to its own route cache. An attacker can exploit this method of learning modify route caches by transmitting packets containing invalid routes in their headers.

3 Solutions A MANET provides its network connectivity mainly through link-layer protocols and network-layer protocols. Link-layer protocols are used to ensure one-hop connectivity while network-layer protocols extend this connectivity to multiple hops. Thus in order to achieve MANET security there are accordingly two solutions, link-layer security and network-layer security. Link-layer security is to protect the one-hop connectivity between two adjacent nodes that are within each other s communication range through secure protocols, such like the IEEE 802.11 WEP protocol [1] or the more recently proposed 802.11i/WPA protocol [2]. The network-layer security is concerned with securely delivering packets between mobile nodes through multihop ad hoc forwarding. So it tries to ensure that the routing message exchange within the packages between nodes is consistent with the protocol specification and the packet forwarding of each node is consistent with its routing states. Accordingly, the proposals can be divided into two categories: secure ad hoc routing protocols and secure packet forwarding protocols. In this essay we will mainly discuss about network-layer security. Secure ad hoc routing protocols The secure ad hoc routing protocols enhance the existing ad hoc routing protocols, such as DSR and AODV with security extensions. In these protocols, one node signs its routing messages using some cryptographic authentication method like digital signature so that each node can authenticate the legal traffic efficiently and distinguish the unauthenticated message packets from attackers and correct packets. However, there are still chances that an authenticated node has been compromised and controlled by the malicious attacker. Therefore, we have to further ensure that a node obeys the routing protocols properly even it is an authenticated node. In the following, we describe how different types of routing protocols are secured. Source Routing For source routing protocols such as DSR, the main challenge is to ensure that none of the intermediate nodes can remove already existing nodes from or add extra nodes into the route. The basic idea is to attach a per-hop authenticator for the source routing forwarder list so that any altering of the list can be detected right away. A secure extension of DSR is Ariadne, which is described in [3]. Distance Vector Routing For distance vector routing protocols such as AODV, the main challenge is that the information about the routing metric has to be advertised correctly by each intermediate node. For example, if we use hop count as the routing metric, each node has to increase the hop count only by one exactly. A hop count hash chain is used so that none of the intermediate nodes can decrease the hop count in a routing update to achieve benefits, which is described in [4].

Secure Packet Forwarding The routing message exchange is only one part of the network-layer protocol which needs to be protected. It is still possible that malicious nodes deny forwarding packages correctly even they have acted correctly during the routing discovery phase. For example, a malicious node can join the routing correctly but simply ignore all the packages passing through it rather than forwarding them, known as black hole, or selectively forward some packages, known as grey hole. The basic idea to solve this issue is to ensure that each node indeed forwards packages according to the protocol. Reactive methods should be used instead of proactive methods since attacks on package forwarding cannot be prevented. The core ideas of these solutions are a detection technique and a reaction scheme, which we have not studied too much at present but will study later. 4 Conclusion In this essay we briefly discussed the attacks in ad hoc network and some solutions on network-layer for these problems. During the study we have learned a lot about wireless networks and ad hoc networks. We have learned the routing protocols such as AODV and DSR used in ad hoc network and learned the solutions such as securing the routing protocol and securing packets forwarding. We have read some papers and searched the net quite a lot.

REFERENCES [1] IEEE Std. 802.11, Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications, 1997. [2] IEEE Std. 802.11i/D30, Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications: Specification for Enhanced Security, 2002. [3] Y. Hu, A. Perrig, and D. Johnson, Ariadne: A Secure On-demand Routing Protocol for Ad Hoc Networks, ACM MOBICOM, 2002. [4] M. Zapata, and N. Asokan: Securing Ad Hoc Routing Protocols, ACM WiSe, 2002. [5] H.Yang, H.Luo, F. Ye, S. Lu and L. Zhang, Security in Mobile Ad Hoc Networks: Challenges and Solutions, IEEE Wireless Communications, February 2002. [6] K. Sanzgin, B.Dahill, A Secure Routing Protocol for Ad Hoc Networks [7] Wikipedia

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information