MANETs are a kind ofÂ wireless ad hoc networksÂ that usually has a routable networking environment on top of aÂ Link LayerÂ ad hoc network. Ad-hoc network consist of number of nodes that are not in already defined infrastructure to maintain the nodes connected to each other. It is a LAN or other small network, especially one with wireless connections, in which some of the network devices are part of the network only for the duration of communications session or, in case of mobile or portable devices, while in some close proximity to the rest of the network.
Using wireless radios the nodes communicate with each other. It operates on peer-to-peer network model such networks are known as mobile ad-hoc networks (MANET).They can setup anywhere without any need for external infrastructure. To provide security for an ad-hoc network is most difficult because of lack of infrastructure. Topology get change frequently with every move of the mobile node due to this route may also get changed. It leads a network partitions and in most of the time some packets get losses. The data packets are routed through intermediate nodes.
Ad-hoc network has such essential functions like packet forwarding, routing and network management that are carried out by all existing nodes. According to the current situation of network the node can make a decision independently. Due to distributed design fault detection is exceedingly difficult. Ad-hoc network does not support backbone infrastructure. It is very useful when an absent, damaged or unrealistic of infrastructure.
For example, node S can communicate with node D by using the shortest path S-A-B-D as shown in Figure 1 (the dashed lines show the direct links between the nodes). If node A moves out of node S' range, he has to find an alternative route to node D (S-C-E-B-D). A variety of new protocols have been developed for finding/updating routes and generally providing communication between end points (but no proposed protocol has been accepted as standard yet). However these new routing protocols, based on cooperation between nodes, are vulnerable to new forms of attacks. Unfortunately, many proposed routing protocols for MANETs do not consider security. Moreover their specific features -the lack of central points, the dynamic topology, the existence of highly-constrained nodes, presents a particular challenge for security.
Fig. 1.1: Communication between Nodes on MANETs
The nature of the wireless and mobile environment makes it vulnerable to an adversary's malicious attacks. Such networks are susceptible to attacks ranging from passive eavesdropping to active interfering. Unlike wired networks where an adversary must gain physical access to the network wires or pass though several lines of defense at firewalls and gateways, attacks on a wireless network can come from any direction and target all nodes. Therefore MANETs, do not have a clear line of defense, and every node must be prepared for encounters with an adversary directly or indirectly.
In MANETs, nodes are receptive to being captured, compromised, and hijacked since they are units capable of roaming independently. Since tracking down mobile nodes is difficult to achieve, attacks by compromised nodes are far more damaging and much harder to detect. Therefore, nodes and network infrastructure must be prepared to operate in a non-trusting mode. Furthermore, the lack of a centralized authority gives ground to adversaries to exploit new types of attacks and break the required for efficient operations cooperative algorithms. Figure 1.2 shows the simple view of MANET architecture.
Fig. 1.2: MANET Architecture
AÂ mobile ad-hoc networkÂ consists ofÂ mobile hostsÂ equipped with wireless communication devices. The transmission of a mobile host is received by all hosts within its transmission range due to the broadcast nature of wireless communication and omni-directional antennae. If two wireless hosts are out of their transmission ranges in the ad hoc networks, other mobile hosts located between them can forward their messages, which effectively build connected networks among the mobile hosts in the deployed area.
Due to the mobility of wireless hosts, each host needs to be equipped with the capability of anÂ autonomous system, or a routing function without any statically established infrastructure or centralized administration. The mobile hosts can move arbitrarily and can be turned on or off without notifying other hosts. The mobility and autonomy introduces a dynamic topology of the networks not only because end-hosts are transient but also because intermediate hosts on a communication path are transient.
Implementing security is become a vital factor of wireless networks. Security mechanism is classified into six components such as confidentiality, integrity, authentication, availability, non-reputability, authorization and anonymity.
Availability means the assets are accessible to authorized parties at appropriate times. Availability applies both to data and to services. It ensures the survivability of network service despite denial of service attack.
Confidentiality ensures that computer-related assets are accessed only by authorized parties. That is, only those who should have access to something will actually get that access. To maintain confidentiality of some confidential information, we need to keep them secret from all entities that do not have privilege to access them. Confidentiality is sometimes called secrecy or privacy.
Integrity means that assets can be modified only by authorized parties or only in authorized way. Modification includes writing, changing status, deleting and creating. Integrity assures that a message being transferred is never corrupted.
Authentication enables a node to ensure the identity of peer node it is communicating with. Authentication is essentially assurance that participants in communication are authenticated and not impersonators. Authenticity is ensured because only the legitimate sender can produce a message that will decrypt properly with the shared key.
Non repudiation ensures that sender and receiver of a message cannot disavow that they have ever sent or received such a message .This is helpful when we need to discriminate if a node with some undesired function is compromised or not.
Anonymity means all information that can be used to identify owner or current user of node should default be kept private and not be distributed by node itself or the system software.
This property assigns different access rights to different types of users. For example a network management can be performed by network administrator only.
1.3 MOBILE AD-HOC NETWORKS CHARACTERISTICS
A MANET consists of mobile platforms (e.g., a router with multiple hosts and wireless communications devices) herein simply referred to as "nodes" which are free to move about arbitrarily. The nodes may be located in or on airplanes, ships, trucks, cars, perhaps even on people or very small devices, and there may be multiple hosts per router. A MANET is an autonomous system of mobile nodes. The system may operate in isolation, or may have gateways to and interface with a fixed network. In the latter operational mode, it is typically envisioned to operate as a "stub" network connecting to a fixed internetwork. Stub networks carry traffic originating at and/or destined for internal nodes, but do not permit exogenous traffic to "transit" through the stub network.
MANET nodes are equipped with wireless transmitters and receivers using antennas which may be omnidirectional (broadcast), highlydirectional (point-to-point), possibly steerable, or some combination thereof. At a given point in time, depending on the nodes' positions and their transmitter and receiver coverage patterns, transmission power levels and co-channel interference levels, a wireless connectivity in the form of a random, multihop graph or "ad hoc" network exists between the nodes. This ad hoc topology may change with time as the nodes move or adjust their transmission and reception parameters. MANETs have several salient characteristics:
Nodes are free to move arbitrarily; thus, the network topology which is typically multihop may change randomly and rapidly at unpredictable times, and may consist of both bidirectional and unidirectional links.
Bandwidth-constrained, variable capacity links:
Wireless links will continue to have significantly lower capacity than their hardwired counterparts. In addition, the realized throughput of wireless communications after accounting for the effects of multiple access, fading, noise, and interference conditions is often much less than a radio's maximum transmission rate.
One effect of the relatively low to moderate link capacities is that congestion is typically the norm rather than the exception, i.e. aggregate application demand will likely approach or exceed network capacity frequently. As the mobile network is often simply an extension of the fixed network infrastructure, mobile ad hoc users will demand similar services. These demands will continue to increase as multimedia computing and collaborative networking applications rise.
Some or all of the nodes in a MANET may rely on batteries or other exhaustible means for their energy. For these nodes, the most important system design criteria for optimization may be energy conservation.
Limited physical security:
Mobile wireless networks are generally more prone to physical security threats than are fixed-cable nets. The increased possibility of eavesdropping, spoofing and denial-of-service attacks should be carefully considered. Existing link security techniques are often applied within wireless networks to reduce security threats. As a benefit, the decentralized nature of network control in MANETs provides additional robustness against the single points of failure of more centralized approaches.
The characteristics of these networks are summarized as follows:
Communication via wireless means.
Nodes can perform the roles of both hosts and routers.
No centralized controller and infrastructure.
Intrinsic mutual trust.
Dynamic network topology.
Frequent routing updates.
Autonomous, no infrastructure needed.
Can be set up anywhere.
These characteristics create a set of underlying assumptions and performance concerns for protocol design which extend beyond those guiding the design of routing within the higher-speed, semi-static topology of the fixed Internet.
1.4 MANET ROUTING PROTOCOL PERFORMANCE ISSUES
To judge the merit of a routing protocol, one needs metrics both qualitative and quantitative with which to measure its suitability and performance. These metrics should be independent of any given routing protocol.
The following is a list of desirable qualitative properties of MANET routing protocols:
This is an essential property, but it should be stated nonetheless.
Not required in light of certain quantitative measures (i.e. performance criteria), but generally desirable to avoid problems such as worst-case phenomena, e.g. a small fraction of packets spinning around in the network for arbitrary time periods. Ad hoc solutions such as TTL values can bind the problem, but a more structured and well-formed approach is generally desirable as it usually leads to better overall performance.
Instead of assuming an uniform traffic distribution within the network and maintaining routing between all nodes at all times, let the routing algorithm adapt to the traffic pattern on a demand or need basis. If this is done intelligently, it can utilize network energy and bandwidth resources more efficiently, at the cost of increased route discovery delay.
The flip-side of demand-based operation. In certain contexts, the additional latency demand-based operation incurs may be unacceptable. If bandwidth and energy resources permit, proactive operation is desirable in these contexts.
Without some form of network-level or link-layer security, a MANET routing protocol is vulnerable to many forms of attack. It may be relatively simple to snoop network traffic, replay transmissions, manipulate packet headers, and redirect routing messages, within a wireless network without appropriate security provisions. While these concerns exist within wired infrastructures and routing protocols as well, maintaining the "physical" security of the transmission media is harder in practice with MANETs. Sufficient security protection to prohibit disruption of modification of protocol operation is desired. This may be somewhat orthogonal to any particular routing protocol approach, e.g. through the application of IP Security techniques.
"Sleep" period operation:
As a result of energy conservation, or some other need to be inactive, nodes of a MANET may stop transmitting and/or receiving (even receiving requires power) for arbitrary time periods. A routing protocol should be able to accommodate such sleep periods without overly adverse consequences. This property may require close coupling with the link-layer protocol through a standardized interface.
Unidirectional link support:
Bidirectional links are typically assumed in the design of routing algorithms, and many algorithms are incapable of functioning properly over unidirectional links. Nevertheless, unidirectional links can and do occur in wireless networks. Oftentimes, a sufficient number of duplex links exist so that usage of unidirectional links is of limited added value. However, in situations where a pair of unidirectional links (in opposite directions) form the only bidirectional connection between two ad hoc regions, the ability to make use of them is valuable.
The following is a list of quantitative metrics that can be used to assess the performance of any routing protocol.
End-to-end data throughput and delay:
Statistical measures of data routing performance (e.g., means, variances, distributions) are important. These are the measures of a routing policy's effectiveness. How well it does its job as measured from the external perspective of other policies that make use of routing.
Route Acquisition Time:
A particular form of external end-to-end delay measurement of particular concern with "on demand" routing algorithms is the time required to establish routes when requested.
Percentage Out-of-Order Delivery:
An external measure of connectionless routing performance of particular interest to transport layer protocols such as TCP which prefer in-order delivery.
If data routing effectiveness is the external measure of a policy's performance, efficiency is the internal measure of its effectiveness. To achieve a given level of data routing performance, two different policies can expend differing amounts of overhead, depending on their internal efficiency. Protocol efficiency may or may not directly affect data routing performance. If control and data traffic must share the same channel, and the channel's capacity is limited, then excessive control traffic often impacts data routing performance.
1.5 VULNERABILITIES OF MANETs
First of all, the use of wireless links makes the network susceptible to attacks such as eavesdropping and active interference. Unlike wired networks, attackers do not need physical access to the network to carry out these attacks. Furthermore wireless networks typically have lower bandwidths than wired networks. Attackers can exploit this feature, consuming network bandwidth with ease to prevent normal communication among nodes.
MANET nodes can leave and join the network, and move independently. As a result the network topology can change frequently. It is hard to differentiate normal behaviour of the network from anomaly/malicious behaviour in this dynamic environment. For example, a node sending disruptive routing information can be a malicious node, or else simply be using outdated information in good faith. Moreover mobility of nodes means that we cannot assume nodes, especially critical ones (servers, etc.), are secured in locked cabinets as in wired networks. Nodes with inadequate physical protection may often be at risk of being captured and compromised.
Routing algorithms for MANETs usually assume that nodes are cooperative and nonmalicious. As a result, a malicious attacker can easily become an important routing agent and disrupt network operations by disobeying the protocol specifications. For example, a node can pose as a neighbour to other nodes and participate in collective decision-making mechanisms, possibly affecting networking significantly.
Lack of a Clear Line of Defence:
MANETs do not have a clear line of defence; attacks can come from all directions. The boundary that separates the inside network from the outside world is not very clear on MANETs. For example, there is no well defined place where we can deploy our traffic monitoring, and access control mechanisms. Whereas all traffic goes through switches, routers, or gateways in wired networks, network information in MANETs is distributed across nodes that can only see the packets sent and received in their transmission range.
Resource constraints are a further vulnerability. There can be a variety of devices on MANETs, ranging from laptops to handheld devices such as PDAs and mobile phones. These will generally have different computing and storage capacities that can be the focus of new attacks. For example, mobile nodes generally run on battery power. This has led to emergence of innovative attacks targeting this aspect, e.g. "Sleep Deprivation Torture". Furthermore, the introduction of more security features into the network increases the computation, communication and management load. This is a challenge for networks that are already resource-constrained.
1.6 SECURITY IN MANET
Network security extends computer security, thus all the things in computer security are still valid, but there are other things to consider as well. Computer security is defined as follows:
Network security is then computer security plus secures communication between the computers or other devices. Not all nodes are computers in an Ad Hoc network, thus nodes cannot be assumed to implement the security services normally existent in computers' operating systems. That is why network security should be defined as:
Making sure that the nodes enforce a proper computer security and then securing the communication between them. Different variables have different impact on security issues and design. Especially environments, origin, range, quality of service and security criticality are variables that affect the security in the network. If the environment is concerned, networks can operate in hostile or friendly environments. A battlefield has totally different requirements for security if compared with home networks. On a battlefield also physical security and durability might be needed to ensure the functionality of the network. The ways to implement security vary if the range of the network varies. If the nodes are very far from each others, the risk of security attacks increases. On the other hand, if the nodes are so close to each others that they actually can have a physical contact, some secret information (e.g. secret keys) can be transmitted between the nodes without sending them on air. That would increase the level of security, because the physical communication lines are more secure than wireless communication lines.
The last variable of Ad Hoc networks described with respect to security is security criticality. This means that before we think of the ways to implement security, we must consider carefully whether security is required at all or whether it matters or not if someone outside can see what packets are sent and what they contain. Is the network threatened if false packets are inserted and old packets are retransmitted? Security issues are not always critical, but it might cost a lot to ensure it. Sometimes there is trade-off between security and costs.
1.7 SECURITY PROBLEM IN MANET
MANETs are much more vulnerable to attack than wired network. This is because of the following reasons:
Open Medium - Eavesdropping is easier than in wired network.
Dynamically Changing Network Topology - Mobile Nodes comes and goes from the network, thereby allowing any malicious node to join the network without being detected.
Cooperative Algorithms - The routing algorithm of MANETs requires mutual trust between nodes which violates the principles of Network Security.
Lack of Centralized Monitoring - Absence of any centralized infrastructure prohibits any monitoring agent in the system.
Lack of Clear Line of Defense - The only use of I line of defense attack prevention may not sure. Experience of security research in wired world has taught us that we need to deploy layered security mechanisms because security is a process that is as secure as its weakest link. In addition to prevention, we need II line of defense, detection and response.
1.8 MOBILE AD-HOC NETWORKS APPLICATIONS
For commercial and military customers MANET provide several numbers of applications. It can be applied in many critical situations such as search and rescue operations. Sensor networks are another application of MANET. This network is composed of enormous number of small sensors. This technology is used to detect the properties such as temperature, pressure, pollution, etc. Each sensor has extremely limited capabilities and each one must depends on others with the aim of forwarding data to a central computer. Mobile ad-hoc sensor networks might be the solution for future motherland security.
There is current and future need for dynamic ad hoc networking technology. The emerging field of mobile and nomadic computing, with its current emphasis on mobile IP operation, should gradually broaden and require highly-adaptive mobile networking technology to effectively manage multihop, ad hoc network clusters which can operate autonomously or, more than likely, be attached at some points to the fixed Internet.
Some applications of MANET technology could include industrial and commercial applications involving cooperative mobile data exchange. In addition, mesh-based mobile networks can be operated as robust, inexpensive alternatives or enhancements to cell-based mobile network infrastructures. There are also existing and future military networking requirements for robust, IP-compliant data services within mobile wireless communication networks many of these networks consist of highly-dynamic autonomous topology segments. Also, the developing technologies of "wearable" computing and communications may provide applications for MANET technology. When properly combined with satellite-based information delivery, MANET technology can provide an extremely flexible method for establishing communications for fire/safety/rescue operations or other scenarios requiring rapidly-deployable communications with survivable, efficient dynamic networking. There are likely other applications for MANET technology which are not presently realized or envisioned by the authors. It is simply put, improved IP-based networking technology for dynamic, autonomous wireless networks.
Military communication and operations
Search and rescue operations
Replacement of fixed infrastructure in case of environmental disasters
Policing and fire fighting
Supporting doctors and nurses in hospitals
Commercial and civilian environments:
E-commerce: electronic payments anytime and anywhere
Business: dynamic database access, mobile offices
Vehicular services: road or accident guidance, transmission of road and weather conditions, taxi cab network, inter-vehicle networks
Sports stadiums, trade fairs, shopping malls
Networks of visitors at airports
Home and enterprise networking:
Home/office wireless networking
Conferences, meeting rooms
Personal area networks (PAN), Personal networks (PN)
Networks at construction sites
Universities and campus settings
Ad hoc communications during meetings or lectures
Wireless P2P networking
Outdoor Internet access
Home applications: smart sensors and actuators embedded in consumer electronics
Body area networks (BAN)
Data tracking of environmental conditions, animal movements, chemical/biological detection
Context aware services:
Follow-on services: call-forwarding, mobile workspace
Information services: location specific services, time dependent services
Infotainment: touristic information
Extending cellular network access
Linking up with the Internet, intranets, etc.
Originates from economics and has been applied in various fields.
Game theory deals with multi-person decision making, in which each decision maker tries to maximize his utility.
The cooperation of the users is necessary to the operation of ad-hoc networks; therefore, game theory provides a good basis to analyze the networks.
Work has been going on to introduce the fundamental concepts of game theory and its applications in telecommunications.
Crisis management services applications:
A mobile ad-hoc network can also be used to provide crisis management services
As for example in a disaster recovery where the entire communication infrastructure is destroyed and resorting communication quickly is crucial.
By using a mobile ad-hoc network, an infrastructure could be set up in hours instead of weeks, as is required in the case of wired line communication.
It is easy to imagine a number of applications where this type of properties would bring benefits. One interesting research area is inter-vehicle communications. It is one area where the ad hoc networks could really change the way we communicate covering personal vehicles as well as professional mobile communication needs. Also, it is area where no conventional (i.e. wired) solutions would do because of the high level of mobility. When considering demanding surroundings, say mines for example, then neither would the base station approach work but we must be able to accomplish routing via nodes that are part of the network i.e. we have to use ad hoc network.
Such networks can be used to enable next generation of battlefield applications envisioned by the military including situation awareness systems for maneuvering war fighters, and remotely deployed unmanned micro-sensor networks. Ad Hoc networks can provide communication for civilian applications, such as disaster recovery and message exchanges among medical and security personnel involved in rescue missions.
1.9 ADVANTAGES AND DISADVANTAGES OF MANET
The following are the advantages of MANETs:
They provide access to information and services regardless of geographic position.
These networks can be set up at any place and time.
These networks work without any pre-existing infrastructure.
Some of the disadvantages of MANETs are:
Limited resources. Limited physical security.
Intrinsic mutual trust vulnerable to attacks. Lack of authorization facilities.
Volatile network topology makes it hard to detect malicious nodes.
Security protocols for wired networks cannot work for ad hoc networks.