Isolation For Manet Routing Attacks Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

The characteristics of self-organization, wireless medium, and the absence of fixed infrastructure make Mobile Ad hoc NETwork (MANET) easy to set up, and thus attractive to users. However, the open and dynamic operational environment of MANET makes it very vulnerable to attacks such as denial of service attacks, radio-jamming attacks, impersonation attacks and fabrication attacks. Another common type of attacks at MANET targets at the underlying routing protocols. Because every network node in a MANET can be a router for data transmission, malicious nodes have opportunities to modify or discard routing information or even to advertise fake routes in an attempt to attract user data to go through themselves. It is understandable that the most efficient and easiest way of attacking MANET is to attack routing protocols. To address the security issues in routing in MANET, we need to bring some secure communications for protecting ourselves from the intruders. The Robust communication to hide the information from the malicious nodes in our network. The proposed system is based on the ALERT protocol (Anonymous Location based Efficient Routing Protocol in MANETs) in which the network is partitioned into zones. This will create a non-traceable network path. The ALERT will hide the node routes from the observers. It provides high protection in the network. Here the GPSR (Greedy Perimeter Stateless Routing) protocol is implemented to provide a high efficiency.

Index Terms -Mobile Adhoc Network, Intrusion Detection, Anonymous Location Based Efficient Routing Protocol in Manets(ALERT), Greedy Perimeter Stateless Routing(GRSR), Distribution Coordination Function(DCF).


A wireless ad-hoc network is a collection of mobile/semi-mobile nodes with no pre-established infrastructure, forming a temporary network. Each of the nodes has a wireless interface and communicates with each other over either radio or infrared. A mobile ad hoc network consists of a collection of wireless mobile nodes that are capable of communicating with each other without the use of a network infrastructure or any centralized administration. MANET is an emerging research area with practical applications. However, wire-less .MANET is particularly vulnerable due to its fundamental characteristics, such as open medium, dynamic topology, distributed cooperation, and constrained capability. Routing plays an important role in the security of the entire net-work. Hence, any compromised nodes under an adversary's control could cause significant damage to the functionality and security of its network since the impact would propagate in performing routing tasks In general, routing security in wireless MANETs appears to be a problem that is not trivial to solve.

Proposed a risk-aware response mechanism to systematically cope with the identified routing attacks Our risk-aware response mechanism is divided into the following four steps.

Evidence collection: In this step, Intrusion Detection System (IDS) gives an attack alert with a confidence value, and then Routing Table Change Detector (RTCD) runs to figure out how many changes on routing table are caused by the attack.

Risk assessment: Alert confidence from IDS and the routing table changing information would be further considered as independent evidences for risk calculation and combined with the extended D-S theory. Risk of countermeasures is calculated as well during a risk assessment phase. Based on the risk of attacks and the risk of countermeasures, the entire risk of an attack could be figured out

.Decision making: The adaptive decision module provides a flexible response decision-making mechanism, which takes risk estimation and risk tolerance into account. To adjust temporary isolation level, a user can set different thresholds to fulfil her goal.

Intrusion response: With the output from risk assessment and decision-making module, the corresponding response actions, including routing table recovery and node isola-tion, are carried out to mitigate attack damages in a distributed manner..

In this paper, we propose a risk-aware response mechanism to systematically cope with routing attacks in MANET, proposing an adaptive time-wise isolation meth-od. The proposed system is based on the ALERT protocol (Anonymous Location based Efficient Routing Protocol in MANETs) in which the network is partitioned into zones. This will create a non-traceable network path. The ALERT will hide the node routes from the observers. It provides high protection in the network. Here the GPSR (Greedy Perimeter Stateless Routing) protocol is implemented to provide a high efficiency.


In this section,Routing protocols and Routing security in Manet.


Many different routing protocols [4] have been developed for MANETs. They can be classified into two categories:

Table-driven: Table driven routing protocols essentially use proactive schemes. They attempt to maintain consistent up-to-date routing information from each node to every other node in the network. These protocols require each node to maintain one or more tables to store routing information, and any changes in network topology need to be reflected by propagating updates throughout the network in order to maintain a consistent network view

.On demand: A different approach from table-driven routing is source-initiated on-demand routing. This type of routing creates routes only when desired by the source node. When a node requires a route to a destination, it initiates a route discovery process within the network. This process is completed once a route is found or all possible route permutations have been examined.


Security always implies the identification of potential attacks, threats and vulnerabilities of a certain system. Attacks can be classified into passive and active attacks. A passive attack does not disrupt the operation of a routing protocol, but only attempts to discover valuable information by listening to routing traffic, which makes it very difficult to detect. Active attack can be further divided into external attacks and internal attacks .An external attack is one caused by nodes that do not belong to the network. An internal attack is one from compromised or hijacked nodes that belong to the network. Next, we describe some types of active attacks easily performed against a MANET in the net-work layer.

Black hole: In this attack, a malicious node uses the routing protocol to advertise itself as having the shortest path to the node whose packets it wants to intercept. We provide a detailed description herein.

Denial of service: The DoS attack results when the network bandwidth is hijacked by a malicious node. It has many forms: the classic way is to flood any centralized resource so that the network no longer operates correctly or crashes. For instance, a route request is generated whenever a node has to send data to a particular destination .A malicious node might generate frequent unnecessary route requests to make the network resources unavailable to other nodes. Routing table overflow: The attacker attempts to create routes to non-existent nodes. The goal is to have enough routes so that creation of new routes is prevented or the implementation of routing protocol is overwhelmed.

Impersonation: A malicious node may impersonate another node while sending the control packets to create an anomaly update in the routing table.

Energy consummation: Energy is a critical parameter in the MANET. Battery-powered devices try to conserve energy by transmitting only when absolutely necessary. An attacker can attempt to consume batteries by requesting routes or forwarding unnecessary packets to a node. Information disclosure: The malicious node may leak confidential information to unauthorized users in the network, such as routing or location information. In the end, the attacker knows which nodes are situated on the target route.

Routing table overflow: The attacker attempts to create routes to non-existent nodes. The goal is to have enough routes so that creation of new routes is prevented or the implementation.


Intrusion detection and response in MANET. Some research efforts have been made to seek preventive solutions [21], [22], [23], [24] for protecting the routing protocols in MANET. Although these approaches can prevent unauthorized nodes from joining the network, they introduce a significant overhead for key exchange and verification with the limited intrusion elimination. Besides, prevention-based techniques are less helpful to cope with malicious insiders who possess the legitimate credentials to communicate in the network. Numerous IDSs for MANET have been recently introduced. Due to the nature of MANET, most IDS are structured to be distributed and have a cooperative architecture. Similar to signatured-based and anomaly-based IDS models for the wired network, IDSs for MANET use specification-based or statistics-based approaches. Specification-based approaches, such as DEMEM [25] and [26], [27], [28], monitor network activities and compare them with known attack features, which are impractical to cope with new attacks. On the other hand, statistics-based approaches, such as Watchdog [29], and [30], compare network activities with normal behaviour patterns, which result in higher false positives rate than specification-based ones. Because of the existence of false positives in both MANET IDS models, intrusion alerts from these systems always accompany with alert confidence, which indicates the possibility of attack occurrence .Intrusion response system (IRS) [31] for MANET is inspired by MANET IDS. In [1] and [2], malicious nodes are isolated based on their reputations.

Their work fails to take advantage of IDS alerts and simple isolation may cause Unexpected network partition. Wang et al. [4] brought the concept of cost-sensitive intrusion response which considers topology dependency and attack damage. The advantage of our solution is to integrate evidences from IDS, local routing table with expert knowledge, and countermeasures with a mathematical reasoning approach Risk-aware approaches. When it comes to make response decisions [32], [33], there always exists inherent uncertainty which leads to unpredictable risk, especially in security and intelligence arena. Risk-aware approaches are introduced to tackle this problem by balancing action benefits and damage trade-offs in a quantified way. Cheng et al. [3] presented a fuzzy logic control model for adaptive risk-based access control. Teo et al. [34] applied dynamic risk-aware mechanism to determine whether an access to the network should be denied or permitted. However, risk assessment is still a nontrivial challenging problem due to its involvements of subjective knowledge, objective evidence, and logical reasoning. Wang et al. [4] proposed a naïve fuzzy cost-sensitive intrusion response solution for MANET. Their cost model took subjective knowledge and objective evidence into account but omitted a seamless combination of two properties with logical reasoning. Mu et al. [7] adopted Dempster-Shafer theory tomeasure the risk of attacks and responses. However, as identified in [8], their model with Dempster's rule treats evidences equally without differentiating them from each other. To address this limitation, we propose a new Dempster's rule of combination with a notion of importance

factors in D-S evidence model.


The proposed system is based on the ALERT protocol (Anonymous Location based Efficient Routing Protocol in MANETs) in which the network is partitioned into zones. This will create a non-traceable network path. The ALERT will hide the node routes from the observers. It provides high protection in the network. Here the GPSR (Greedy Perimeter Stateless Routing) protocol is implemented to provide a high efficiency. The ALERT protocol provides high anonymity protection with the low cost. The data transmitter will partition the network into two zones. Then it will randomly choose a node which is in another zone as the relay node and by using the GPSR it will send the data to the relay node.

We have also analyzed the anonymity and the efficiency of the ALERT protocol. It uses the hierarchical zone partitions of the network. The ALERT strengthens the protection of the network by hiding the data in the network. It also provides a high routing efficiency.

Architectural Modal

Route Discover

Alert Protocol


GPSR Routing

Next Hop Node Selection

Transmission of Data


Attack Check

Fig .Proposed Block Diagram.


The simulation work has been done with The Network Simulator ns-2, Version 2.29. In the simulation 300 nodes are randomly distributed within the network field of size 1000m * 1000m.


In route discovery phase, source needs to establish a route for forwarding the packets from the source node to the destination node. This is the process of the route discovery.


The ALERT protocol is implemented which enhances the anonymity protection to the source and the destination nodes in the network. It hides the data from the observers.


In this route maintenance if any node link failure takes place means another route should be described for sending the data packets without any drop of data.


Let us focus on the performance of this routing protocol. We evaluated the performance using ns2. We will analyze packet delivery ratio, packet overhead and routing cost.


Provides anonymity protection to the network.

Low cost is required.

Enhances high routing efficiency.

Protection to the source and the destination.


NS-2 is n event driven packet level network simulator developed as a part of the VINT project (Virtual Internet Test bed).Version 1 of NS was developed in 1995 and with version 2 in 1996 Ns-2 with C++/OTCL integration feature. Version 2 included a scripting language called Object oriented Tcl (OTCl). It is an open source software package available for both Windows 32 and Linux platforms.


software tools used with ns-2

In the simulation, there are the two tools are used.

NAM(Network Animator) and xGraph

NAM (Network Animator):

NAM provides a visual interpretation of the network topology created. The application was developed as part of the VINT project. Its feature is as follows.

Provides a visual interpretation of the network created

Can be executed directly from a Tcl script

Controls include play; stop fast forward, rewind, pause, a display speed controller button and a packet monitor facility.

Presented information such as throughput, number packets on each link

X Graph:

X- Graph is an X-Window application that includes:

Interactive plotting and graphing Animated and derivatives To use Graph in NS-2 the executable can be called within a TCL script. This will then load a graph displaying the information visually displaying the information of the file produced from the simulation. The output is a graph of size 800 x 400 displaying information on the traffic flow and time. In NS-2 ALERT protocol can be implemented by modifying OLSR and AODV with ALERT protocol and by using GPSR routing in simulation tool acoustic modem characteristics can be viewed


Thus a risk-aware response solution for mitigating MANET routing attacks is considered. Especially, we considered the potential damages of attacks and countermeasures. The ALERT protocol is implemented which provides the anonymity protection to the source and destination in the network with a low cost.

It enhances a high efficient routing. It hides the data in the network to protect the datas from getting affected by the routing attacks.

The future work is to enhance the reinforcing ALERT in order to attempt against more stronger and active attackers.