17-05-2014, 02:25 PM
Different Types of Attacks on Integrated MANET-Internet Communication
Different Types of Attacks .pdf (Size: 108.45 KB / Downloads: 44)
Abstract
Security is an important issue in the integrated MANET-Internet environment because in
this environment we have to consider the attacks on Internet connectivity and also on
the ad hoc routing protocols. The focus of this work is on different types of attacks on
integrated MANET-Internet communication. We consider most common types of attacks
on mobile ad hoc networks and on access point through which MANET is connected to
the Internet. Specifically, we study how different attacks affect the performance of the
network and find out the security issues which have not solved until now. The results
enable us to minimize the attacks on integrated MANET-Internet communication
efficiently.
INTRODUCTION
Mobile ad hoc network has been a challenging research area for the last few years because of its
dynamic topology, power constraints, limited range of each mobile host’s wireless transmissions and
security issues etc. If we consider only a stand-alone MANET then it has limited applications, because the
connectivity is limited to itself. MANET user can have better utilization of network resources only when it
is connected to the Internet. But, global connectivity adds new security threats to the existing active and
passive attacks on MANET. Because we have to consider the attacks on access point also through which
MANET is connected to Internet.
In the integrated MANET-Internet communication, a connection could be disrupted either by attacks on
the Internet connectivity or by attacks on the ad hoc routing protocols. Due to this reason, almost all
possible attacks on the traditional ad hoc networks also exist in the integrated wired and mobile ad hoc
networks. Whatever the attacks are, the attackers will exhibit their actions in the form of refusal to
participate fully and correctly in routing protocol according to the principles of integrity, authentication,
confidentiality and cooperation. Hence to design a robust framework for integrated MANET-Internet
communication we have to minimize attacks on the internet connectivity and also on the ad hoc routing
protocols.
INTRODUCTION
Mobile ad hoc network has been a challenging research area for the last few years because of its
dynamic topology, power constraints, limited range of each mobile host’s wireless transmissions and
security issues etc. If we consider only a stand-alone MANET then it has limited applications, because the
connectivity is limited to itself. MANET user can have better utilization of network resources only when it
is connected to the Internet. But, global connectivity adds new security threats to the existing active and
passive attacks on MANET. Because we have to consider the attacks on access point also through which
MANET is connected to Internet.
In the integrated MANET-Internet communication, a connection could be disrupted either by attacks on
the Internet connectivity or by attacks on the ad hoc routing protocols. Due to this reason, almost all
possible attacks on the traditional ad hoc networks also exist in the integrated wired and mobile ad hoc
networks. Whatever the attacks are, the attackers will exhibit their actions in the form of refusal to
participate fully and correctly in routing protocol according to the principles of integrity, authentication,
confidentiality and cooperation. Hence to design a robust framework for integrated MANET-Internet
communication we have to minimize attacks on the internet connectivity and also on the ad hoc routing
protocols.
Passive Attacks
A passive attack does not disrupt proper operation of the network. The attacker snoops the data
exchanged in the network without altering it. Here, the requirement of confidentiality can be violated if an
attacker is also able to interpret the data gathered through snooping. Detection of passive attacks is very
difficult since the operation of the network itself does not get affected. One way of preventing such
problems is to use powerful encryption mechanisms to encrypt the data being transmitted, thereby
making it impossible for eavesdroppers to obtain any useful information from the data overheard. There is
an attack which is specific to the passive attack a brief description about it is given below:
Snooping
Snooping is unauthorized access to another person's data. It is similar to eavesdropping but is not
necessarily limited to gaining access to data during its transmission. Snooping can include casual
observance of an e-mail that appears on another's computer screen or watching what someone else is
typing. More sophisticated snooping uses software programs to remotely monitor activity on a computer
or network device.
Black hole Attack
In this attack, an attacker uses the routing protocol to advertise itself as having the shortest path to the
node whose packets it wants to intercept. An attacker listen the requests for routes in a flooding based
protocol. When the attacker receives a request for a route to the destination node, it creates a reply
consisting of an extremely short route. If the malicious reply reaches the initiating node before the reply
from the actual node, a fake route gets created. Once the malicious device has been able to insert itself
between the communicating nodes, it is able to do anything with the packets passing between them. It
can drop the packets between them to perform a denial-of-service attack, or alternatively use its place on
the route as the first step in a man-in-the-middle attack.
For example, in Fig. 2, source node S wants to send data packets to destination node D and initiates the
route discovery process. We assume that node 2 is a malicious node and it claims that it has route to the
destination whenever it receives route request packets, and immediately sends the response to node S. If
the response from the node 2 reaches first to node S then node S thinks that the route discovery is
complete, ignores all other reply messages and begins to send data packets to node 2. As a result, all
packets through the malicious node is consumed or lost.
CONCLUSION AND FUTURE WORK
We have discussed security issues related to integrated mobile ad hoc network (MANET)-Internet and
stand alone MANET. The proposed mechanisms until now have solved many security issues related to
integrated MANET-Internet communication but they have not solved them completely. So, we can design
a security mechanism by which we can minimize or completely remove many of those attacks.
In future, we will propose to design a robust framework that uses minimal public key cryptography to
avoid overload on the network and uses shared key cryptography extensively to provide security. The
performance analysis of the protocol shall be done using NS-2 simulation software. It is expected that it
shall minimize the security attacks due to both integrated MANET-Internet and stand alone MANET.