03-08-2012, 03:14 PM
Current Routing Attacks in Mobile Ad Hoc Networks
Current Routing Attacks.pdf (Size: 133.91 KB / Downloads: 31)
Abstract
A mobile ad hoc network (MANET) is a dynamic wireless network that can be
formed without any pre-existing infrastructure in which each node can act as a
router. MANET has no clear line of defense, so, it is accessible to both legitimate
network users and malicious attackers. In the presence of malicious nodes, one
of the main challenges in MANET is to design the robust security solution that
can protect MANET from various routing attacks. Different mechanisms have
been proposed using various cryptographic techniques to countermeasure the
routing attacks against MANET. However, these mechanisms are not suitable for
MANET resource constraints, i.e., limited bandwidth and battery power, because
they introduce heavy traffic load to exchange and verifying keys. In this paper,
the current security issues in MANET are investigated. Particularly, we have
examined different routing attacks, such as flooding, blackhole, link spoofing,
wormhole, and colluding misrelay attacks, as well as existing solutions to protect
MANET protocols.
Keywords: MANET security, Routing protocols, Cryptography, Communications and data security, Shared
wireless channel.
INTRODUCTION
A MANET is a collection of mobile nodes that can communicate with each other without the use
of predefined infrastructure or centralized administration. Due to self-organize and rapidly deploy
capability, MANET can be applied to different applications including battlefield communications,
emergency relief scenarios, law enforcement, public meeting, virtual class room and other
Rashid Hafeez Khokhar, Md Asri Ngadi & Satria Mandala
International Journal of Computer Science and Security, volume (2) issue (3) 19
security-sensitive computing environments. There are 15 major issues and sub-issues involving
in MANET [6] such as routing, multicasting/broadcasting, location service, clustering, mobility
management, TCP/UDP, IP addressing, multiple access, radio interface, bandwidth
management, power management, security, fault tolerance, QoS/multimedia, and
standards/products. Currently, the routing, power management, bandwidth management, radio
interface, and security are hot topics in MANET research. Although in this paper we only focus on
the routing protocols and security issues in MANET. The routing protocols in MANET may
generally be categorized as: table-driven/proactive and source-initiated (demand-driven)/reactive.
In proactive routing protocols, such as the optimized link state routing (OLSR) [4], nodes obtain
routes by periodic exchange of topology information. In reactive routing protocols, such as the ad
hoc on demand distance vector (AODV) protocol [19, 20], nodes find routes only when required.
The overall goal of the security solutions for MANET is to provide security services including
authentication, confidentiality, integrity, anonymity, and availability to the mobile users. In order to
achieve to this goal, the security solution should provide complete protection spanning the entire
protocol stack. We can categories MANET security in 5 layers, such as Application layer,
Transport layer, Network layer, Link layer, and Physical layer. However, we only focus on the
network layer, which is related to security issues to protect the ad hoc routing and forwarding
protocols. From the security design perspective, the MANETs have no clear line of defense.
Unlike wired networks that have dedicated routers, each mobile node in an ad hoc network may
function as a router and forward packets for other peer nodes. The wireless channel is accessible
to both legitimate network users and malicious attackers. There is no well defined place where
traffic monitoring or access control mechanisms can be deployed. As a result, the boundary that
separates the inside network from the outside world becomes blurred. On the other hand, the
existing ad hoc routing protocols, such as (AODV) [19, 20], (DSR) [11], and wireless MAC
protocols, such as 802.11 [14], typically assume a trusted and cooperative environment. As a
result, a malicious attacker can readily become a router and disrupt network operations by
intentionally disobeying the protocol specifications.
Recently, several research efforts [8, 9, 13, 23, 26] introduced to counter against these malicious
attacks. Most of the previous work has focused mainly on providing preventive schemes to
protect the routing protocol in a MANET. Most of these schemes are based on key management
or encryption techniques to prevent unauthorized nodes from joining the network. In general, the
main drawback of these approaches is that they introduce a heavy traffic load to exchange and
verify keys, which is very expensive in terms of the bandwidth-constraint for MANET nodes with
limited battery and limited computational capabilities. The MANET protocols are facing different
routing attacks, such as flooding, blackhole, link withholding, link spoofing, replay, wormhole, and
colluding misrelay attack. A comprehensive study of these routing attacks and countermeasures
against these attacks in MANET can be found in [7]
The rest of this paper is organized as follows. In next section, we discuss routing protocols in
MANET. Section 3 discusses current routing attacks as well as countermeasures against such
attacks in existing MANET protocols. Finally, we summarize the paper.
ROUTING PROTOCOLS IN MANET
MANET routing protocols can be categorized into 2 classes as: table-driven/proactive and
source-initiated (demand-driven)/reactive. In the following sections, we present the overview of
these protocols.
Table-driven routing protocols
Table-driven routing protocols attempt to maintain consistent, up-to-date routing information from
each node to every other node in the network. These protocols require each node to maintain one
or more tables to store routing information, and they respond to changes in network topology by
Rashid Hafeez Khokhar, Md Asri Ngadi & Satria Mandala
International Journal of Computer Science and Security, volume (2) issue (3) 20
propagating updates throughout the network in order to maintain a consistent network view. The
areas in which they differ are the number of necessary routing-related tables and the methods by
which changes in network structure are broadcast. The following sections discuss some of the
existing table-driven ad hoc routing protocols.
Destination-sequenced distance-vector (DSDV)
The Destination-Sequenced Distance-Vector (DSDV) routing protocol [18] is a table-driven
algorithm based on Bellman-Ford routing mechanism [2]. The improvements made by [18] to the
Bellman-Ford algorithm include freedom from loops in routing tables. In DSDV every node in the
network maintains a routing table in which all of the possible destinations within the network and
the number of hops to each destination are recorded. Each entry is marked with a sequence
number assigned by the destination node. The sequence numbers enable the mobile nodes to
distinguish stale routes from new ones, thereby avoiding the formation of routing loops. Routing
table updates are periodically transmitted throughout the network in order to maintain table
consistency. To help alleviate the potentially large amount of network traffic that such updates
can generate, route updates can employ two possible types of packets: full dump and smaller
incremental packets. Each of these broadcasts should fit into a standard-size of network protocol
data unit (NPDU), thereby decreasing the amount of traffic generated. The mobile nodes maintain
an additional table where they store the data sent in the incremental routing information packets.
New route broadcasts contain the address of the destination, the number of hops to reach the
destination, the sequence number of the information received regarding the destination, as well
as a new sequence number unique to the broadcast [18]. The route labeled with the most recent
sequence number is always used. In the event that two updates have the same sequence
number, the route with the smaller metric is used in order to optimize (shorten) the path. Mobiles
also keep track of the settling time of routes, or the weighted average time that routes to a
destination will fluctuate before the route with the best metric is received (see [18]). By delaying
the broadcast of a routing update by the length of the settling time, mobiles can reduce network
traffic and optimize routes by eliminating those broadcasts that would occur if a better route was
discovered in the very near future.
Optimized link state routing (OLSR) protocol
Optimized link state routing (OLSR) protocol [4] is a proactive routing protocol and based on
periodic exchange of topology information. The key concept of OLSR is the use of multipoint relay
(MPR) to provide an efficient flooding mechanism by reducing the number of transmissions
required. In OLSR, each node selects its own MPR from its neighbors. Each MPR node maintains
the list of nodes that were selected as an MPR; this list is called an MPR selector list. Only nodes
selected as MPR nodes are responsible for advertising, as well as forwarding an MPR selector
list advertised by other MPRs. Generally, two types of routing messages are used in the OLSR
protocol, namely, a HELLO message and a topology control (TC) message. A HELLO message is
the message that is used for neighbor sensing and MPR selection.