09-10-2012, 03:57 PM
Security Issues in MANETs
manet report.pdf (Size: 182.57 KB / Downloads: 89)
Abstract
Mobile Ad hoc Networks (MANET) has become an exciting
and important technology in recent years because
of the rapid proliferation of wireless devices. A mobile
adhoc network consists of mobile nodes that can
move freely in an open environment. Communicating
nodes in a Mobile Adhoc Network usually seek the help
of other intermediate nodes to establish communication
channels. In such an environment, malicious intermediate
nodes can be a threat to the security of conversation
between mobile nodes. The security experience
from the Wired Network world is of little use in Wireless
Mobile Ad hoc networks, due to some basic dierences
between the two Networks. Therefore, some novel
solutions are required to make Mobile Adhoc Network
secure.
Introduction
A Mobile Adhoc Network is a group of wireless mobile
computers in which nodes cooperate by forwarding
packets for each other to allow them to communicate
beyond direct wireless transmission range. Application
such as military excercises, disaster relief, and mine
site operation may benet from adhoc networking, but
secure and reliable communication is a necessary prerequisite
for such applications.
MANETS are more vulnerable to attacks than wired
networks due to open medium, dynamically changing
network topology, cooperative algorithms, lack of centralized
monitoring and lack of clear line of defense.
Security is a process that is as secure as its weakest
link. So, in order to make MANETs secure, all its
weak points are to be identied and solutions to make
all those weak points safe, are to be considered. Some
of the weak points and solutions to strengthen them are
considered in this article. However the list is possibly
incomplete, and some more weak points of MANETs
are likely to be discovered in near future. So Security
issues in MANETs will remain a potential research area
in near future.
Dynamic Source Routing
Dynamic Source Routing (DSR) uses source routing to
deliver packets from one node in the network to some
other node. The source node adds the full path to
the destination in terms of intermediate nodes in every
packet . This information is used by intermediate
node to determine whether to accept the packet and
to whom to forward it. DSR operates on two mechanisms:
Route Discovery and Route Maintainance.
Route Discovery is used when the sender does not
know the path upto the destination. In this mechanism,
the sender broadcasts a ROUTE REQUEST message
which contains Source Address, Destination Address
, Identier. Each intermediate node adds its address
in ROUTE REQUEST message and rebroadcast it, unless
it has not rebroadcasted earlier. With this controlled
broadcast, the ROUTE REQUEST will ultimately reaches
the destination. The destination then sends a unicast
ROUTE REPLY message in reverse direction whose information
is obtained from list of intermediate nodes in
ROUTE REQUEST message.
Adhoc On-demand Distance Vector
Routing
Adhoc On demand Distance Vector rouing (AODV) is
another on-demand protocol. It has similar mechanism
of ROUTE REQUEST and ROUTE REPLY as that in DSR.
However, it does not rely on source routing, rather it
makes use of routing tables at intermediate nodes. The
nodes maintain routing table entries of all reachable
nodes in the network. The entries in routing tables are
of the form: < Destination, Next Hop, No. of hops,
Sequence Number>. Sequence number is used to maintain
freshness. The route table is used to route data
packets destined for a particular node and to respond
to ROUTE REQUEST. The advantage of AODV over DSR
is that, a data packet does not need to contain whole
route to the destination.
Repeater attack
In this attack, a malicious node I simply replays packets
of one of its neighbour A. This will result in other
side neighbour (say one of them is B) assuming that
the A is its neighbour, infact it is not. Two nodes are
said to be neighbour if they are in transmission range
of each other. Now the malicious node I can selectively
replay packets between A and B, while dropping
other packets. This would cause a Denial of Service
for the nodes A and B. This scenerio is dicult to detect
as nodes can assume that this periodic dropping
is because of noisy channel. Such types of attacks can
be detected by Secure Neighbour Detection Techniques
discussed in further sections.
Secure Neighbour Detection
The implicit neighbour detection techniques used by
routing procols, based on periodic broadcast of hello
messages by a node, allowing neighbours to detect it.
However this simple mechanism can be attacked simply
by replaying messages between nodes. Two nodes that
are at two hop distance can be made to believe that
they are neighbours, by simply replaying their messages
by the middle node. Few technique of Rushing
attack, as discussed in section 4, involves overhopping
the RREQ. So correct neighbour detection is required
to prevent such situations.
The secure neighbour detection requires to verify that
the neighbour is in normal transmission range. A simple
three way mutual authentication protocol that uses
tight delay timing can be used. For instance, the rst
message includes sender identity, a nonce5 N1, signed
by sender. The second message includes sender-id,
receiver-id, nonces N1 and N2, signed by receiver. Finally,
the third message includes sender-id, receiver-id,
nonce N2. The tight delay timing ensures that the
message has only gone through one MAC contention.
Given the delay between sending the rst message and
receiving the second message be D, the neighbour is no
farther than D=2 C, where C is the speed of light.
This is accurate if the receiver can quickly process the
rst message and respond with the second message. In
this way an upper bound of delay D can be obtained.
This makes the secure neighbour detection job complete.
Conclusion
The following colclusions are made based on the study
of MANET attacks and solutions:
The mobile nodes are considered to be resource
constrained. If public key operations are used,
care needs to be taken to limit the frequency of
these operations to prevent DOS attacks.
The two lines of defenses(Prevention and Detection)
against MANET attacks is required. However,
a proper balance between these two is necessary
to prevent much consumption of resources.
Because of mobility it is very dicult for the attacker
to keep a node victimized always.
DOS attack is very dicult to resist in any protcol.