This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
The Mobile Adhoc Networks have applications in the practical situations where the possibility of providing infrastructure networking is difficult. With this development they have been submitted to several security threats which require a serious attention, remedies and dependable deployment of secure protocols. In general, the protocols assure that the neighboring nodes in the network are reliable and trustworthy. In practical situations, this assumption might not hold good due to presence of intruders who might mal-function or paralyze MANETs by manipulating the messages flowing in the network creating various security hazards. The issue require keen analysis due to the fact that the MANET do not satisfy security concepts in wired networks, especially, due to leakages because of the routing protocols in MANET. This paper analyses various security issues like challenges, requirements etc. Further it gives their classification, OSI layered analysis and finally surveys various secure protocols available with their technologies.
KEYWORDS: MANET, OSI Layer, Protocols, AODV, DSR
In order to get an assured secure communication in MANET the network must ensure basic requirements .The routing messages are not altered in communication chain. There is no formation of communication loop in the transit. The route Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Fake and fabricated routing messages are not injected into the network. The routs are not redirected to an attacker node The intruder and unauthorized nodes if any are immediately identified and excluded from the safe nodes as well as the route computation tables. The nodes, which are authorized in the network, but have been modified by intruders or viruses to malfunction are rather identified and secluded. The stability against attack by resuming normal safe operation is achieved within a short time span. Confidentiality of the nodes and the networks topology is maintained .
CHALLENGES TO MANET SECURITY:
The security issues in MANET becomes more complicated, because of the several compelling situations, as indicated Below Scarcity of resources - The mobile nodes are often at limited resources availability including the battery power, computational power, memory, speed etc. Due to this restrictions the security solutions consuming higher resources e.g. public key cryptography, are not deployable practically. Physical security threats- The mobile wireless networks are more open to physical security threats. Due to small size of nodes and permitted mobility, they are more prone to stealing and physical mishandling . Topological variations - Due to the transient and moving nature of nodes the locational dependency is less assured. Lack of regulating authorities - Unlike the infrastructure-based network in MANET the central regulating authorities do not exist in MANET. Shared wireless medium - In MANET the wireless based of communication is broadcast based, hence all data is available to all the nodes for tempering, resulting more complexity & challenges to security.. Insufficient rules for association - The MANET lacks proper authentication rules and mechanisms for associating nodes in the network.
MAJOR ATTRIBUTES FOR SECURE PROTOCOLS:
To achieve the laid down objectives of security, protocols are expected to fulfill the following attributes:
Confidentiality- To ensure that the information is accessible only to the intended destinations the routing and packet, the information must also remain confidential to safeguard from intruders.
Availability- It relates ensuring the availability of resources to the genuine nodes in the network. A possible security hazards is consuming the resources to disable or jam the network due to shortage of the resources.
Authenticity - It ensures that the supply or access of the resources is done only to the authorized parties. Without this authentication, an intruder can gain unauthorized access to resources or information.
Scalability- The security mechanisms must be able to handle the designated size of the network. This is essential as an natural outcome of the fact that the networks have tendency to expand over time.
Ownership - Neither the sender nor receiver should deny the ownership of message sent or received.
Generosity ââ‚¬" Nodes must be available to invest their resources for relaying the packets for assisting the other nodes in the network, rather than being miser in saving expensive resources for own usage.
CLASSIFICATION OF SECURITY ATTACKS ON MANETS:
Grayhole attack - In this type, the attacker drops the data packets, but allows control of messages to be routed in the network. The process makes it very challenging to detect the attacker.
Blackhole attack- In this type a malicious node enters the path finding process by falsely advertising as shortest path to the destination mode. This result into failure of data packets delivery to the destination node. The attacker can also monitor and analyze the data flow, to find activity patterns for further enhance the insecurity.
Misrouting attack- A non-legitimate node which direct a routing message or data to incorrect destinations.
Detour Attack- It adds a number of virtual nodes in route, diverting the traffic through a longer/ malicious node. The attacking node itself can save energy by forwarding packets.
Denial-of-service attack ââ‚¬" It can affect denial-of-service to legitimate and authorized users.
Blackmail attack - It causes false identification of a good node as malicious node. An attacker may blackmail a good node and tell other nodes in the network to add that node to their blacklists as well, thus avoiding the victim node in future routes.
Byzantine attack- This type creates routing loops or longer paths or packet dropping misroute attack. Here a compromised intermediate node or a set of compromised intermediate nodes collectively carry out attacks such as creating routing loops, routing packets on non-optimal paths and selectively dropping packets. Since in such attacks the network would seem to operate normally Byzantine failure are hard to detect.
The absence of authentication mechanism for data packets can lead to impersonation of a malicious node by misrepresenting its identity in the network . Say by IP altering the network topology is prone to spoofing.
ILLUSTRATION OF ROUTING PROTOCOLS:
AODV (Ad hoc On Demand Distance Vector) Routing Algorithm is a Reactive algorithm which routs only towards nodes which needs to communicate. The routing messages do not contain information about the entire route path, but only about the source and destination resulting into constant size. Its uses destination sequence number to ensure absence of loops. The protocol has less memory requirements and less traffic load along the links. An intruder may advertise a route with small distance metric than the original distance or advertise a routing update with large sequence number, effectively invalidating all routing update from other nodes.
The DSR (Dynamic Source Routing) protocol is an on-demand protocol. The source sending a packet includes complete sequence of nodes in the packet header through which the packet is to be forwarded. These routes lack integrity check, leading to denial-ofservices attack due to the altering the sources route in packet header. The route maintenance mechanism involves forwarding node to ensure confirmation of the packet received by the next hop, along with path in case the confirmation of receipt after defined maximum attempts is not received, which creates an error message. This leads the possibility of loops creation due to insufficient safeguards.
SECURITY ANALYSIS WITH RESPECT TO OSI LAYERS:
2.Data Link Layer
SECURE PROTOCOLS FOR MANETS:
Secure Routing Protocol (SRP) is based on Secure Certificate Server Technology. It provides prevention against attacks that disrupt the route discovery process and guarantees to identify the correct topological information. It lack of validation mechanism for route maintenance messages and is also prone to wormhole and invisible node attacks It is convenient to be implemented with DSR & ZRP protocols.
WORMHOLE ATTACKS AND DEFENSES PROTOCOL (WADP):
is based on Packet Leashes, Merkle Hash Tree & One way Hash Chains technologies. When implemented with packet leaches, effectively stops wormhole and DoS attacks. It is not feasible in resource constraint networks due to the expensive cryptographic mechanisms implemented.
Cooperation Of Nodes - Fairness in Distributed Adhoc
RUSHING ATTACKS AND DEFENSES PROTOCOL (RADP):
is based on Randomized Route Request Forwarding , Secure Neighbor Detection & Secure Route Delegation mechanisms. It prevents rushing attack to a certain level by limiting the total number of requests sent by a node and random forwarding. The network is still prone to rushing attacks if an attacker can compromise k nodes. It exerts higher overhead than other protocols. This is the only protocol that can defend against rushing attacks. It is used with DSR & ARIADNE protocols.
Though the Mobile Adhoc Networks (MANETs) have been the hot topic for the researchers since several years, but their practical implementations have failed to expand in the quantum that was envisaged. There have been compelling issues mainly related to security of the network. In this paper a detailed survey on the important aspects of MANET security has been performed. It covers various challenges to MANET security, technical requirements and attributes of security. Further the paper covers detailed classification of security attacks and explores various secure protocols along with their technical basis, advantages and applications. The security issues related to different OSI layers of the MANETs has also been analyzed along with the counter measures to be taken.