Research On Manet Mobile Ad Hoc Network Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

In modern years the concern over the security of computer networks has been widely discussed and popularized. The emergence of the mobile ad-hoc network (MANET) sets new challenges for the fundamentals of routing protocol, since the mobile and ad-hoc networks (MANET) are significantly different from the wired networks. In ad hoc net work, there is no fixed infrastructure, mobile nodes can relay messages for others, that is to say, and the node has the ability of routing. Moreover, the traditional routing protocols of the Internet have been designed for routing the traffic between wired hosts connected to a static backbone, thus applying relatively static routing fabrics without any support for mobility or dynamic ad-hoc networking. Therefore, the well-known and traditional approaches to routing are inadequate in MANET environments. This implies that the security mechanisms applied within the routing protocols also require completely new approaches in the design. In addition, even if some routing protocols supported integrated security mechanisms, they have often offered only partial protection mechanisms such as authentication services. The security mechanisms have often been fitted to the original routing protocol, since the designers of the protocol have not originally envisioned any demand for such mechanisms. Finally, these are not, however, the only concerns related to MANET routing. The problem of unpredictable failures, inflicted by malicious nodes is an essential issue to be noted within MANET networking. Vehicular (VANETs) are used for communication among vehicles and between vehicles and roadside equipment. Intelligent (InVANETs) are a kind of artificial intelligence that helps vehicles to behave in intelligent manners during vehicle-to-vehicle collisions, accidents, drunken and driving. Internet Based Mobile Ad hoc Networks (iMANET) are ad hoc networks that link mobile nodes and fixed Internet-gateway nodes. In such type of networks normal ad hoc routing algorithms don't apply directly.


Ad-hoc networks are the poor wireless channel security of the mobile nodes and the trust on any centralized resource which affects MANET Routing. Potential attacks against routing can be divided into two groups: passive attacks typically involve only eavesdropping of the routing messages, while active attacks involve actions performed by adversaries such as routing message replication and deletion. External attacks are typically active attacks that may e.g. lead to the sending of false routing information, generation of routing loops, network partitioning and merging and congestion.Thus it is evident that,potential attacks may lead to volatile failures and inflicted by malicious nodes is an essential issue.


It is mandatory to prevent internal attacks which are more severe attacks, since the malicious nodes sending incorrect routing traffic and the external attacks. It is needed to washout the malicious insiders who may even operate in a group may use the standard security means to actually protect their attacks. Moreover it is recommended to check the ad hoc network dynamic nature and trust relationship .


External attacks can typically be prevented by using standard security mechanisms. Internal attacks are more severe attacks, since the malicious nodes sending incorrect routing traffic are already protected with the security mechanisms the routing homework offers. Thus such malicious insiders who may even operate in a group may use the standard security means to actually protect their attacks. Thirdly, due to the frequent changes in its topology and membership, the ad hoc network is highly dynamic. Trust relationship among nodes change accordingly.


Standard Security Mechanisms:-The fundamental aspects of computer security such as confidentiality, integrity, authentication and non-repudiation are valid when the protection of routing in MANET networks.

Standard schemes such as digital signatures to protect information authenticity and integrity .

Secure Routing & Key Management Service:- A Certification Authority(CA) is set to help establishing the secure routing of the MANET. The primary server is a bottle neck of the system. A method called Security

Management Service helps the CA, and present us a distributed key server method. Security management needs to provide encryption to protect data, routing, and management information. Confidentiality has to be also ensured.


Standard Security Mechanisms

Confidentiality of routing information is important so that not only the payload data but also the routing message headers carrying e.g. the location information of the MNs can be exchanged securely. It ensures the survivability of network services in case of the DOS(denial of service) attacks. Integrity guarantees that a message being transferred is never corrupted. A message could be corrupted because of beginning failures because of the malicioous attacks. Authentication guarantees every piece of routing information, which can always be confirmed to be valid and to have originated from the correct sender. Non-repudiation means that the node cannot deny having sent or handled certain piece of routing information in the past. Authentication mechanisms allow partial non-repudiation, but typically additional means like time-stamping services are also required to protect the routing traffic from tampering attacks such as the replaying or delaying of routing messages. Finally, it should be noted that authentication gets often confused with authorization issues that involve more or less the control of policy and that are typically implemented only in the application layer and not in the network layer.

Secure Routing & Key Management Service

Security management needs to provide encryption to protect data, routing, and management information. Confidentiality has to be also ensured. Any critical information cannot be given to unauthorized entities. One solution can be a public key infrastructure, which can offer integrity and non-repudiation. In public key infrastructure each node has a public-private key pair. Also a trusted third party i.e. Certification Authority (CA) for key management is needed or the keys have to be delivered in advance. These pre-delivered keys are preferable because in ad-hoc networks the usage of a single service point or even replicated service brings some flaws. If there is a group of trusted nodes, the management responsibility can be shared amongst them. In this way some flaws can be avoided but still the on-line service is a risk and add management traffic.A singe CA in ad hoc networks implemented in key management service is danger. Because the CA is a target of the malicious attack, once it is compromised, the whole network will surrender. Imagine the CA is compromised, the attacker can use the private key of the CA to sign illegal certificate to impersonate node and revoke certificates.There is a simple way to solve this problem. That is the replication. But replication alone can not solve the problem, because any replication compromised will lead the system into hell.The security management service center i.e the Certification Authority (CA) must be organized in a distributed form. Lidong Zhou&Zygmunt J.Haas have provided a trust-distributed model and threshold cryptography in detail . The main point of their paper is that the private key is shared and distributed by a group of server. {sl, s2, ..-, sn} is a trusted server set, and they share the private key (KIM, K2M, . .., Kn/kn} accordingly Kn is the public key and kn is the private 644 key. With the threshold cryptography, the distribution of trust in key management server is accomplished. The (n, t + 1) threshold cryptography scheme allows n parties to share the ability to perform a cryptographic operation, only t+l or more parties can perform this operation jointly. They also provide a proactive security and adaptability method to tolerate mobile adversaries and to adapt its configuration to changes in network.




Although the trust distributed security management mechanism can eliminate the "bottleneck' of CA in ad hoc network, it did not implicitly tell us how the set of n server is organized, that is to say the topology management of the server. Someone may not think it is an important factor in implementing the security management mechanism. We have two reasons in taking account of the topology management of the security management servers.The first reason is the time delay. In ad hoc network, every node roams freely and randomly. If the server did not organize well, there may be a very long system delay when a node requests to send a packet waiting for certification. It is especially serious in the case of large-scale network and there is a large amount of moving hosts in it. In most cases the network topology is unbalanced, that is, most of the nodes conglomerate in one area, and the others are roaming lonely in a large scale of area. This kind of unbalanced topology can also

make the time delay unbearable.The second reason is the distance between severs. If the servers are roaming very closly, it is another lund of vulnerability. Because the compromised server can easily affect other

servers in very short time, if the key refresh time is not short enough, the security management may not guarantee the safety of the system.

System recoveIy is another chance of problem if one node is compromised and it is detected by other nodes [2], who will take the responsibility of it is not definitly described. The system just simply detracts the compromised node and set the threshold cryptographyinto (n - 1, t + 1 - l), and wait for new nodes to be added. That is to say only the new added node can take the work of compromised node.The essence of the proposed solution is again shared refreshing. It must run a another key distributed program again, which may cost some valueable time in the system.