Ad hoc Network Security

Chapter 3

3.1 Introduction of Ad hoc Network Security

Ad hoc wireless networks bring together mobile devices without complex infrastructure, setup, or administration-and they have enormous commercial and military potential. In such an environment, it may be necessary for one mobile host to enlist the aid of other host in forwarding a packet to its destination, due to the limited range of each mobile host's wireless transmission.

(K. Makki, P.Reiher, N.Pissinou, S.Makki, Mobile and Wireless Network Security and Privacy, published by Springer)

According to (L.Zhou Zygmunt J. Haas), in an ad hoc network, there is no fixed infrastructure such as base stations or mobile switching centers. Mobile nodes that are within each other's radio range communicate directly via wireless links, while those that are far apart rely on other nodes to relay messages as routers. Node mobility in an ad hoc network causes frequent changes of the network topology. Figure 1 shows such an example: initially, nodes A and D have a direct link between them. When D moves out of A's radio range, the link is broken. However, the network is still connected, because A can reach D through C, E, and F.

Figure 1: Topology change in ad hoc networks: nodes A, B, C, D, E, and F constitute an ad hoc network. The circle represents the radio range of node A. The network initially has the topology in (a). When node D moves out of the radio range of A, the network topology changes to the one in (b).

L.Zhou Zygmunt J. Haas, Securing Ad Hoc Networks, Department of Computer- Cornell University Science.

Criteria for Protecting Ad Hoc Networks

3.1.1 Physical Security

V.Karpijoki defines that in ad hoc networks especially mobile nodes, are typically significantly more susceptible to physical attacks than wired nodes in traditional networks. However, the significance of the physical security in the overall protection of the network is highly dependent on the ad hoc networking approach and the environment in which the nodes operate. For instance in ad hoc networks that consist of independent nodes and work in a hostile battlefield the physical security of single nodes may be severely threatened. Therefore in such scenarios the protection of nodes cannot rely on physical security. In contrary, in the classroom example scenario the physical security of a node is an important issue to the owner of the node, perhaps for privacy reasons, but the breaking of the physical security does not affect the security of the system as such.

Vesa Karpijoki, Security in Ad Hoc Networks, Helsinki University of Technology

3.1.2 Security of Network Operations

From security point of view there are many reason due to which wireless ad hoc network is at risk. When unauthorized entities or node disrupt the normal operation we can say network is in under attack. The nodes are communicating with each other through a wireless link and these are the most vulnerable to link attacks some of the links attack are:

1. Passive Eavesdropping

2. Active Interfering

3. Leaking secret information

4. Data tempering

5. Impersonation

6. Message reply

7. Message distortion

8. Denial of Services

Amitabh Mishra also highlight that the security of ad hoc networks can be based on protection in the link or network layer. In some ad-hoc solutions, the link layer offers strong security services for protecting confidentiality and authenticity, in which case all of the security requirements need not be addressed in the network or upper layers. For instance, in some wireless LANs link layer encryption is applied. However, in most cases the security services are implemented in higher layers, for instance in network layer, since many ad hoc networks apply IP-based routing and recommend or suggest the use of IPSec.

Network (Amitabh Mishra, 2008) which put fingered to the new scheme for key agreement. The detection of compromised node is one of the immense problems. Usually such nodes can be detected by monitoring their behavior but due to the poor link quality sometimes other nodes are misbehaving as well, which makes it really difficult to distinguish between the misbehaving node and one that is behaving strange due to poor link quality. A Byzantine failure is mainly happen due to the presence of compromising node. In this failure set of nodes could be compromised in such a fashion that the imprecise and malicious behavior cannot be openly distinguished at all. (Amitabh Mishra, 2008).

Amitabh Mishra, 2008, Security and Quality of services in ad hoc wireless network, Published by Cambridge University Press,2008

3.1.3 Service Aspects

Ad hoc networks may apply either hierarchical or flat infrastructure both in logical and physical layers independently. As in some flat ad hoc networks the connectivity is maintained directly by the nodes themselves, the network cannot rely on any kind of centralized services. In such networks the necessary services such as the routing of packets and key management have to be distributed so that all nodes have responsibility in providing the service. As there are no dedicated server nodes, any node may be able to provide the necessary service to another.

According to K. Makki, P.Reiher, N.Pissinou, S.Makki, Availability is a central issue in ad hoc networks that must operate in dynamic and unpredictable conditions. Availability also ensures the survivability of network services despite denial of service attacks. A denial of service attack could be launched at any layer of an ad hoc network. On the physical and media access control layers, an adversary could employ jamming to interfere with communication on physical channels. On the network layer, an adversary could disrupt the routing protocol and disconnect the network. On the higher layers, an adversary could bring down high-level services. One such target is the key management service an essential service for any security framework.

Confidentiality ensures that certain information is never disclosed to unauthorized entities. Network transmission of sensitive information, such as strategic or tactical military information, requires confidentiality. Leakage of such information to enemies could have devastating consequences. Routing information must also remain confidential in certain cases, because the information might be valuable for enemies to identify and to locate their targets in a battlefield.

(K. Makki, P.Reiher, N.Pissinou, S.Makki, Mobile and Wireless Network Security and Privacy, published by Springer)

3.1.4 Security of Key Management

As in any distributed system, in ad hoc networks the security is based on the use of a proper key management system. As ad hoc networks significantly vary from each other in many respects, an environment-specific and efficient key management system is needed. To be able to protect nodes e.g. against eavesdropping by using encryption, the nodes must have made a mutual agreement on a shared secret or exchanged public keys. For very rapidly changing ad hoc networks the exchange of encryption keys may have to be addressed on-demand, thus without assumptions about a priori negotiated secrets. In less dynamic environments like in the classroom example above, the keys may be mutually agreed proactively or even configured manually (if encryption is even needed).

If public-key cryptography is applied, the whole protection mechanism relies on the security of the private key. Consequently, as the physical security of nodes may be poor, private keys have to be stored in the nodes confidentially, for instance encrypted with a system key. For dynamic ad hoc networks this is not a wanted feature and thus the security of the private key must be guaranteed with proper hardware protection (smart cards) or by distributing the key in parts to several nodes. Hardware protection is, however, never alone an adequate solution for preventing attacks as such. In ad hoc networks a centralized approach in key management may not be an available option, as there may not exist any centralized resources. Moreover, centralized approaches are vulnerable as single point of failures. The mechanical replication of the private keys or other information is an inadequate protection approach, since e.g. the private keys of the nodes simply have then a multiple possibility to be compromised. Thus a distributed approach in key management-for any cryptosystem in use - is needed, as proposed.

3.1.5 Access Control

The access control is an applicable concept also within ad hoc networking, as there usually exist a need for controlling the access to the network and to the services it provides. Access control is often related to the identification and authentication. The main issue in the identification and authentication is that the parties can be confirmed to be authorized to gain the access. In some systems, however, identification or authentication of nodes is not required: nodes may be given e.g. delegate certificates with which the nodes can gain access to services. In this case actual authentication mechanisms are not needed, if the nodes are able to present adequate credentials to the access control system. In some ad hoc networks services may be centralized, while in other networks they are applied in a distributed manner, which may require the use of different access control mechanisms (Vesa Karpijoki).

Vesa Karpijoki, Security in Ad Hoc Networks, Helsinki University of Technology

3.2 How Ad hoc Network Works:

In the Ad hoc network, WLAN (Wireless Local Area Network) provides the communication over the air with RF technology without any physical connection in the LAN characteristic. Since the new standard introduced in the wireless local area network is one of most reason for growing interest in public safety communications have created new demands for reliable transmission of real-time multimedia for wireless communication, which is known as 802.11b in September 1999 (Z. J. Haas et al, 1999). After the introduction with this standard wireless local area service are more reliable as compare to wired LAN in terms of the data transfer and performance. The 802.11 b describes the standards for physical and data link layer. It uses IEEE 802.3 protocol for logical link control, which is a part of Data link layer, (there are two parts in data link layer one is logical link control and other data link control).

TCP/IP protocol occurs on the higher layer, which has a special Network Interface Card (NIC) with a circuit network to convert the analog signal in to digital for the use in the computers (Z. J. Haas et al, 1999). This device has a LAN card, which allow to catch any frequency within a range and tuned on that frequency. Basically its transmission range is hundreds of meters and the data transfer rate is 1Mbps, but transmission range and the data transfer rate is quite dependent upon the signal power, weather conditions and interference (Amitabh Mishra, 2008).

802.11 mobile stations can be mobile or stationary. These mobile device vigorously group together with the help of wireless LAN cells, or basic service sets (BSSs) (Amitabh Mishra, 2008).

There are two basic types of BSS.

1. Independent BSS

2. Ad hoc BSS

Independents BSS: they are created when required without any administration that is why they are known as Independents BSS. Basically they are design for a particular purpose such as, emergency purpose where data is crucial to handle, transfer the data from one computer to the other. It establish the wireless link between the stations in the BSS through which they require a data transfer and then transmission took place directly source to the destination but it is necessary that the BSS should be in a range each other, Communication is limited due to limited number of stations in BSS(Amitabh Mishra, 2008).

Ad hoc BSS: It is also known as infrastructure BSS, which is the combination of the wired and wireless network. Each BSS infrastructure has an access point (AP), It is a central traffic relay which operates on a fixed channel connects infrastructure BSS to distribution system (DS). Extended service set (ESS) is formed by the combination of multiple BSS. (Amitabh Mishra, 2008).

Distributed system is the connected to the hub, switch or router to the access the network recourses and other network like internet. The frame does forward between APs and the switch or router is the responsibility of distribution system (DS), which can get either through wired or wireless links.

There are one link layer established between free moving mobile stations and AP which is known as MAC layer but they only directly communicate to and from the selected AP. To offer the connectivity between the mobile stations in the BSS required a store and forward retransmission for intra-BSS. Mobile station use 802.11 scan process to become a member of an infrastructure BSS and attach to the wireless LAN system, which discover the BSS that are within the range. The packet transmitted from AP, these packets can easily find the BSSs and the mobile station credentials are checked before becoming a member of any access point. Mobile stations may be connected with only one AP at a time but mobile station has to be authenticated by several APs. Roaming mobile stations initiate handoff from one BSS to another through resuscitation, the resuscitation management frame is both a request by the sending mobile station to disassociate from the currently associated BSS and a request to join a new BSS (Amitabh Mishra, 2008).

3.3 Difference between wired and Mobile Ad hoc wireless Network Security

3.3.1. Medium access

CSMA/CD use an access techniques in Ethernet LAN, which allows to send and receive the data at the same time and find out if there is collision occur in the medium whereas , it is impossible in the radio medium. There is difference between the carrier sense technique between Ethernet and wireless. In the Ethernet LAN technique, all stations are situated within the range of other station. The two stations of this network transmit the data simultaneously and they won't work properly if collision occurs otherwise its working fine whereas, it is not possible in wireless LAN because there is hidden terminal in the their network. Wireless 802.11 b introduce a new term in order to prevent the collision which known as Carrier sense multiple access with collision avoidance (CSMA/CA). In this technique, mobile device use four-way handshaking, which includes Request to send, Clear to send, Data and acknowledgement (RTS/CTS/DATA/ACK) for access grant and collision avoidance. (Amitabh Mishra, 2008). If a node wish to direct transmission with the another node then it send a request to send (RTS) packet to the destination node if the destination node receive this packet without any error then it answer with a clear to send (CTS) packet. If it save to do so then initiating node send the data (DATA) which is replied by a acknowledge packet (ACK). After successful delivery of data packet acknowledgement sent the response. Truncated binary back off is used for avoiding simultaneous access of medium in 802.11b (Amitabh Mishra, 2008).

3.3.2. Authentication and privacy

IEEE 802.11 introduce a new term in order to make wireless LAN more secure and reliable which is known as wired equivalent privacy (WEP) a MAC layer security system. The reason of using wired equivalent privacy is to provide the best level of privacy equivalent to the wired Ethernet and uses the shared key authentication technique service with RC4 encryption which is also known as Ron's Cipher 4. This is used to produce a pseudo-random number sequence that is “XORed” into the data stream. Basically key is the combination of secret key and an initialization vector (IV), which is used to set the initial condition or the state of the RC4 pseudo-random number generator (Amitabh Mishra, 2008). Each BSS grips up to the 40 bit keys, which is shared by all station in the BSS. If two station would like to share data between each other with the WEP key then authentication station present a challenge task to requesting station. The requesting station encrypt the RC4 algorithm and send encrypted task to the authenticate station. This encrypted task is checked or decrypted by authentication center earlier than completion verification. WLAN operation of IEEE 802.11 defines the two mechanisms to provide the access control during service set identifiers (SSIDs) and privacy on wireless LANs by the wired equivalent privacy (WEP). There is one non native scheme as well which is providing privacy through encryption that is virtual private Network (VPN) (Amitabh Mishra, 2008).

L. Zhou and Z.J. Haas, “Securing Ad hoc Networks”, IEEE Networks, 13(6): 24-30, Nov/Dec 1999

3.3.3 Security threats.

Wireless LANs are more uncovered for the security threats as compare to the wired LAN because wireless LAN are more open then the wired LAN that is why wireless LAN needs high level of security against the threats, some of them are given below.

(a) Stolen hardware.

Client use the WEP key assign, It is stored in the disk memory of the customer or is stored in the adaptor without wire of LAN. Then this processor of customer has a property of the MAC address of the customer and the key and those of WEP are used to be connected to the LAN without wire. If there is then the a-user divides customers whom they divide the key of WEP and the MAC address (Amitabh Mishra, 2008). That the administrator it is almost impossible detects the violation of safety. The true owner must inform the administrator and the administrator limit the MAC address and the key of WEP for the access of the LAN without wire and the deciphering of the transmitted data (Amitabh Mishra, 2008). It is that the administrator keeps the disc of the all customers which uses the same principal static keys of a figuring due to the lost or stolen customer. This charge become more difficult to reprogram the key of WEP as the number of nodes (customer) increases. In these circumstances we need a solution with following possibilities. (Amitabh Mishra, 2008)

1. The devices have to capability to authenticate independently possibly by using the user name and password, which is self-reliance from the hardware. (Amitabh Mishra, 2008).

2. The generation of WEP key is dynamic rather then the static after authentication of user (Amitabh Mishra, 2008).

(b) Malicious access points:

The authentication process of 802.11b-shared key to require only one-way authentication. Only access point authenticates the user, but user does not authenticate the access point. If it gives to unwanted, or the malicious access point, which can do it inside to wireless LAN genuine causes of the Denial of service in position is brought, by attacking the users, knows I the avoidance of this situation, which we need mutual authentication in place of One way, in the client and authentication operator mutually with inside at realistic time is authenticated. Communication between authentication operator and client is by access point, (Amitabh Mishra, 2008). Like that it is necessary for access point to support the mutual authentication draft the ability must determine and the malicious access points of entrance located.

(c) Miscellaneous threats

There is a support from per packet encryption in the standard version of WEP but it do not have an authentification for each packet due to this which it is large open for mystification. It can frequently handle by changing the key of WEP (J. Newsome and others, 2003). It is easy for the hacker to obtain the information of the network by supervising 802.11 data and control channels. Information such as the MAC address of the client and the access point, the period of association and disassociation and MAC address of internal host centre can easily be hecked to avoid this which it is to better employ by key of per session WEP.

3.4 Attack Types in Mobile Ad Hoc Networks:

Considering substantial security criteria, the different kinds of the possible attacks are now discussed approximately ad hoc network. . The discussion makes the basis available for, later in the work and suggests defense and counter measures, against these attacks. The attacks can be classified under two expanded categories.

Mishra, A.: Security and Quality of Service in Ad Hoc Wireless Networks. Cambridge University Press (2008)

External attacks introduced outside from the network, in which the attacker tries to cause accumulation in the network wrong routing information to reproduce, services to correct work to prevent, or the network completely close;

Internal attacks introduced within the network, in which the attacker wins normal access to the network, by comparing itself directly or by embodying an existing according-to-law zero point. The attacker used then the access to the network, over in the malicious behavior to engage.

in the two categories, which are shown above, external attacks are similar to the normal attacks in the traditional wired network by the fact that the opponent is in the proximity, but not a reliable zero point in the network therefore this kind of the attack by security methods such as membership authentication or fire wall to be prevented and determined can, which are relatively conventional security solutions. However because of penetrating communication nature and the opened wetting agents in the mobile ad hoc network are internal attacks far more dangerous than the internal attacks: because the compared points of zero are original the good-like users ad hoc of the network, they can lead the authentication easily and protection before security units receive. Consequently the opponents can use it to hide in order to win normal entrance to the services, which the authorized the users for in the net available only should be, and they can use the certified identity, which from the compared points of zero are made available, in order their bad-willing behavior. Therefore we should direct more attention on the internal attacks, which are introduced by the bad-willing inaugurating, if we regard the security missions in the mobile ad hoc network. In the following we discuss the main attack kinds, which emerge in the mobile ad hoc network.

Yongguang Zhang and Wenke Lee, Security in Mobile Ad-Hoc Networks, in Book Ad Hoc Networks Technologies and Protocols (Chapter 9), Springer, 2005.

Another way of classifying an attack can be done by the focus of the attack itself. Ad hoc networks are typically subjected to two different levels of attacks:

- Passive Attacks which consist on the attacker eavesdropping on the data that is being communicated in the network. Examples of passive attacks include covert channels, traffic analysis and sniffing information, allowing an attacker to compromise secrets and keys in the network;

- Active Attacks

Active attacks involving specific actions, such as changing run opponents, replication between nodes on a network or deletion of data that are exchanged. External attacks are usually active attacks from the enemy's attempts to change the behaviour of network mechanisms. This is opposed to passive attacks that the enemy is a subtle, even if his action by collecting data, which can later be used to start an active attack.

In the following, we discuss the main attack types that emerge in the mobile ad hoc networks.

3.4.1 Denial of service (DoS)

These threats are either inadvertently failure causes or enemy node (L.Zhou and Z.Hass, 1999). Denials of service attacks are strong on the "unsafe" a distributed system. This attack several centralized flood fails or crushes on the network. But this can be achieved radio jamming and battery exhaustion due to spread of responsibility in both the short and centralized resources Distributed DoS ad hoc network attacks are crueler ad hoc network (J.P. Hubaux, 2000). If the enemy node is enough computational power and bandwidth easily crushed or delays due to a small ad hoc network (L.Zhou and Z.Hass, 1999). Compromise is the ability to specify the routing node, or any portion of it, with an intention to send routing information normally more, therefore, to prevent congestion this node does not have to maintain up-to-date information has been changed in the network topology. Costs are very severing, where the presence of infection and compromise routing node is not recognized, because the network shows are typically to other nodes. In the case of a tractor network is called the Byzantine error. An example of the Byzantine Empire, the error is on a network that match the node will take part in the session but drop some packages that can directly keys and session identifiers degradation, is desirable. They do not, on the other hand, enable secure management or appropriate confidentiality protection systems requirement. Some DoS attacks; examples include SYN floods, jamming and distributed denial of service (J.P. Hubaux, 2000). SYN flood an attacker node sends a SYN packet is the victim of a node in the fact that it sends SYN ACK node that is addressed to the reply mention is made of the SYN packet is received, that never reach. There are plenty of links to a number of the sender's and the victim confirmed. Node-memory exhausted and node cannot process the request, and actual remain idle.) that the number of nodes that belong to the same network work vis-à-vis the network attack down or seriously disrupt their activities, also known as Distributed denial of services attacks. Even if you identify a malicious node after jamming frequency, what network transfer frequency, which causes interference to avoid the transfer of such attacks as well as the location of the starting frequency I hope will be used.( D, A., A, J.: Data networks. In: Upper Saddle River, Prentice -Hall, Inc (1992)

1. Zhou, L., Haas, Z.: Securing ad hoc networks. Network, IEEE 13(6) (Nov/Dec1999) 24-30

2. Hubaux, J.P., Le Boudec, J.Y., Giordano, S., Hamdi, M., Blazevic, L., Buttyan, L.,Vojnovic, M.: Towards mobile ad-hoc wans: terminodes. Wireless Communications and Networking Conference, 2000. WCNC. 2000 IEEE 3 (2000) 1052-1059 vol.3

3. D, A., A, J.: Data networks. In: Upper Saddle River, Prentice -Hall, Inc (1992)

3.4.2 Impersonation attacks:

Impersonation attacks pose a serious hazard to ad hoc network (GN). If the security mechanism does not support the relevant node authentication, match nodes may impersonate trusted nodes. This threat can be mitigated by the strong authentication mechanisms, such as digital signatures (k. Vesa, 2000). [Vesa, k.: Security ad hoc networks (2000)]. Since implementing digital signatures based on public-key encryption, high computational power and effective and safe management of [Mishra, A.: security and quality of service of the ad hoc wireless networks. Cambridge University Press (2008)] that most ad-hoc network nodes one is unable to supply the lack of resources. Since this fact hybrid encryption schemes such as the message authentication codes (Mac) can be used [Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication, Springer-Verlag (1996) 1-15].

Sybil and trust two well know impersonation attacks to Ad hoc network are explained below. Sybil attack:

An essentially an impersonation attack, in which a malicious device illegitimately fabricates multiple identities, behaving as if it were a larger number of nodes (instead of just one) which is known as Sybil attack [Douceur, J.R., Donath, J.S.: The sybil attack. In: Proceedings for the 1st International Workshop on Peer-to-Peer Systems, Cambridge, MA, USA (March 2002) 251-260]. Malicious device additional identities are referred to as Sybil identities or Sybil nodes. According to the taxonomy presented in [Newsome, J., Shi, E., Song, D., Perrig, A.: The sybil attack in sensor networks: analysis & defenses. In: Information Processing in Sensor Networks, 2004. IPSN 2004. Third International Symposium on. (2004) 259-268], there are three possible orthogonal dimensions for this attack: direct vs. indirect communication; fabricated vs. stolen identities; and simultaneity. In the worst case, an attacker can create an unlimited number of Sybil identities, with only one malicious device.

Sybil attacks are launched in three possible dimensions that are:

a) Direct or indirect communication

b) Fabricated or stolen identities

c) Simultaneity Simultaneous

Direct vs. Indirect Communication

- Direct communication: One way, to the Sybil of attack to accomplish is, so that the Sybil nodes to communicate directly with the legitimate nodes. This means that, if a legitimate node sends a radio announcement to a Sybil node, which hears bad-willing device to the announcement. Symmetrically if an announcement sends any Sybil nodes, the announcements are really sent by the bad-willing node device;

- Indirect communication: in this type of attack legitimate nodes and Sybil nodes cannot directly communicate with each other and there would be a probability to reach one or more malicious device to the Sybil nodes. In this way, each message, which is sent to a Sybil node, is shifted by one of these malicious nodes, which pretends, to lead her to the locking place of destination.

. Fabricated vs. Stolen Identities:

There are primarily two different ways in which a node of Sybil can obtain an identity: it can manufacture one (for example, creating an arbitrary mark) or it can steal validates existing of a legitimate node.

- Fabricated Identities if there is no restriction of network on the allowed identities, or a certain manner of checking that an identity is legitimate, a malevolent node can simply produce of an arbitrary identity, and employ it to join the network;

- Stolen Identities if there are mechanisms to prevent identities distort to join the network (for example, a namespace limited to prevent attackers from inserting new identities), the attacker can try to assign legitimate identities with the nodes of Sybil. This flight of identity can pass unperceived, if the attacker can, in way or other, to neutralize the personified nodes.


- Simultaneous: - Simultaneous:

While a particular entity of hardware can only announce one identity at the same time, it can make a cycle by these identities to make them simultaneously seem to be present. In this way at the same time the attacker can have all its identities of Sybil taking part in the network

- Non-simultaneous:

Alternatively, the attacker can present a great number of identities over a certain period of time all in only acting as a smaller number of identities at a given moment. Moreover, if the attacker has several compromised nodes, it can periodically make the identities of exchange of nodes, making detection even harder. Trust attack

These attacks are a type of attacks of personification. The goal of the application of safety is to provide safety to a given message of the active passive attacks, with this fine authentification is employed between the user and the system which is known as trust. There is level different of trust according to the condition of user who is called the hierarchy of trust, it represents privileges of organization it knowledge a figure with each level of privilege (C. Karlof and D. Wagner, 2003), to imitate the degree of safety, the significance, or the possibilities of its ad hoc way and network node (Amitabh Mishra, 2008). The attack on the hierarchy of trust is also regarded as external and interior attacks depending on the source of attack or the value coupled with the identity. To avoid the unauthorized access to the network the fastener is employed between the user and their degree of trust thus nobody of other can personify the other user (C. Karlof and D. Wagner, 2003). Strong access control, private or secret keys, authentification, the authorization and accountancy or the ANTI-AIRCRAFT DEFENCE are employed to avoid these attacks (Amitabh Mishra, 2008). Attacks from abroad are usually prevented by strong arrangement of authentification which the user is identified and certified by an authority centralized and for inside the use of blocked momentary associations and waste-resistant waste-proof and nodes prevent the attacks but it is very difficult to prevent with this attack because these attacks are launched in a field of protection and it is very difficult to prevent fate of cause of damage to the network these attacks on the level of protocol (C. Karlof and D. Wagner, 2003). Disclosure

The parameters of some times are more important then the data of the traffic as of the military data if any one sniff those order the package which it can easily discover the place of the node and to thus launch broken attacks to the good conflicts any communication must be blocked and to some extent that no other node can hear that, the data stored in a node are also crucial because they store almost each thing like the specific details of node, the keys of its place and the private and secret password. If any unauthorized node obtains this information then it can easily launch the attack, it is very difficult to meet that.

3.5 Information in Transit

In this subsection we examine specific threats for the routing protocol in transit. Additionally to the utilization of the vulnerability, which is referred on the compared or enemy node of the protection and execution the trust level, knows the information use carried inside the choice of routing protocol, in order to launch attacks. These attacks can lead denial of services of protocol entities to corruption of the information, release of the sensitive information, theft or refusal of the legitimate service from other protocol entities.[ J. Howard, An Analysis Of Security Incidents On The Internet 1989 - 1995, Ph.D. thesis, Doctor of Philosophy in Engineering and Public Policy, Carnegie Mellon University, Apr. 1997].

Threats to information in transit include [W. Stallings, Network and Internetwork Security Principles and Practice, Prentice Hall, Englewood Cliffs, NJ, 1995.], [F.Wang, Brian Vetter, and Shyhtsun Felix Wu, “Secure routing protocols: Theory and practice,” Technical Report, North Carolina State University.],:


The flow of the routing protocol packets, particularly route discovery message and the modernizations can be interrupted or be obstructed from the malicious nodes. The Attackers can filter selective the messages and the modernizations of control and forces the routing protocol in order to behave itself in wrong way. In the SAR, a malicious node that interrupts the flow of the packages that belong to a higher or lowest trust level it cannot cause an attack, because it is supposed for drop these packages however. If a node filters packet that belong in itself to the same trust level, the nature of broadcasting of the communication channel can help inside in the survey of the attacks of interruption from other listeners of the transmission range [S. Marti and T. Giuli and K. Lai and M. Baker, “Mitigating Routing Misbehavior in Mobile ad hoc networks,” in The Sixth Annual ACM/IEEE International Conference on Mobile Computing and Networking, Boston, MA, USA, Aug. 2000.].

Interception and Subversion:

Routing protocol traffic and control messages, e.g., the “keep-alive” and “are-you-up?” messages can be deflected, rerouted. In SAR, the messages are protected by the key management infrastructure. In addition, the use of flooding makes these attacks superfluous.


The integrity of the information in routing protocol packets can be compromised by modifying the packets themselves. False routes can be propagated, and legitimate nodes can be bypassed. The SAR supplies a suite of the cryptographic techniques that can be comprised on the need-to- use the base in order to prevent the modification. These include the digital signature them and the cryptography


The false route and the metric information can be inserted in the legitimate protocol packets from the malicious insider nodes. In this situation, the sender of the RREQ can receive multiple RREPs. Currently the SAR selects the first RREP that arrives to the sender. The sender can be modified in order to verify that the RREP has credentials that guarantee integrity of the metric one and repudiate the property of the attributes from challenging the intermediate nodes. We plan to comprise this behavior in happening.

3.5 Node Hijacking:

For a malicious node it is possible to pretend to be like the base station and to recommend the customers to connect with it. That node then will be in one privileged position in order to collect the private data, like: secret words of access, logon name, password, etc that is an example of a node that diverts where a legitimate base station has been diverted from an attacker. There can be also other kind of node hijacking called “route hijacking”, where the attacker modifies the routing information in order to hijack traffic to and from selected nodes. If it's happen the packet is misrouted or detouring of message which is called route hijacking. The main scope to make this is to divert the traffic from the selects nodes; through the use of tamper proof nodes and trustworthy nodes we can get rid of these attacks (Amitabh Mishra, 2008). There is another used method in order to avoid these types of attacks and that one is reputation based control. In this approach, router keep record of the “reputation tables” or Reputation caches” which are consider as a trustworthy routes. If router keep record of reputation nodes or reputation routes it is quite difficult for malicious node to hijack the node because router uses this information to avoid variance. [Mishra, A.: Security and Quality of Service in Ad Hoc Wireless Networks. Cambridge University Press (2008)].

3.6 Attacks on secure Ad hoc nodes

This section describes about some possibility of attack on mobile ad hoc network it also explains how to handle with these attacks and possible way to secure the ad hoc network. Moreover there are some recovery schemes available to recover from these attacks. Basically attacker is classified in three main categories, which have also shown in given figure (Amitabh Mishra, 2008).

a) Integrity attacks

b) Privacy attacks

c) Availability attacks

a) Integrity attacks

This guarantee precludes the possibility of messages being altered in transit. In these attacks attacker's main purpose is to change the data of the ad hoc nodes. Integrity can be compromised mainly in two ways [Data Integrity, from Wikipedia, the free encyclopedia,]:

Malicious altering

Accidental altering

A message can be removed, replayed or revised by an adversary with malicious goal, which is regarded as malicious altering; on the contrary, if the message is lost or its content is changed due to some benign failures, which may be transmission errors in communication or hardware errors such as hard disk failure, then it is categorized as accidental altering.

b) Privacy attacks:

In these attacks attackers get the critical information and after gaining the access to this information, malicious node can broadcast it or manipulate it so other nodes can use this sensitive information for their attacks (Amitabh Mishra, 2008).

c) Availability attacks

This type of attack is a type of DOS( denial of services) attack and the main goal of this attack is to distress the network's function as well as network recourse that is why other nodes don't use it (Amitabh Mishra, 2008). In this sort of attack in which attacker begins the attack on ad hoc nodes are measured as a low level attack. Usually three main categories are used from the attacker in order to launch an attack on ad-hoc node these categories are given below:

a) Software attacks

b) Physical attacks

c) Side- channel attacks

In the software the attacks are launch through software like the worm, virus the etc, damages of these attacks the implantations of the system like RAM, integrated chip on board. In these attack the system is observed when it is making the cryptographic operations some entities that are controlled are time of execution (S. Ravi, To. Raghunathan and S. Chakradhar, 2004) behavior of the node when all the defect appears, these attacks are usually launch from two types of attacker.

1) Active attacker

2) Passive attacker

The such which just observes or supervises statistics of network are the passive attackers while these attackers or agent which interfere in the operations of network are the active attackers, the integrity and the attacks of availability are the type of attacks only launched by the active attackers because they mingle the exploitations with it with the system. Sometimes the attackers employ the combination of the attacks to achieve their goals

i) Software attacks

The net under the threat of the software attacks, which are launched by a worm or a virus, and mostly attack on system security, integrity, privacy and availability. Normally software attacks targeted the system weakness, the system vulnerability or exposure aimed to be called, by which them receive admission to the final system. (Amitabh Mishra, 2008). The general example of system vulnerability is buffer overflow, in which malicious node overflows fully the systems buffer with waste and program address and overwrites (D. Boneh et al., 1997), which are close. When such kind attacks accomplished, then it can be responsible for a worst effect on the system.

ii) Physical and side-channel attacks

Some prominent attacks that come in this category are (Amitabh Mishra, 2008).

1) Power Analysis Attack

2) Timing Analysis, fault injection Attacks

3) Faulty Injection Attacks

3.1) Availability attack

3.2) Integrity attack

3.3) Privacy Attack

3.4) Precursor attack

4) Electromagnetic Analysis Attack

MANET (Analysis and Intrusion Detection) Page 19

Please be aware that the free essay that you were just reading was not written by us. This essay, and all of the others available to view on the website, were provided to us by students in exchange for services that we offer. This relationship helps our students to get an even better deal while also contributing to the biggest free essay resource in the UK!