GANDHI & DAVE : SECURITY IN MOBILE AD HOC NETWORKS
 343

 

  • Log analysis Module defines the metrics, which quantify a vulnerable routing attack.
  • Routing Attack Vulnerability Evaluation Module collects measured routing
    vulnerability metrics and uses fuzzy logic to evaluate vulnerability at node or system level.
  • Routing Attack Response and Protection Module protects the system from routing attacks. Based on original security level and calculated vulnerabilities, the security level of system is calculated and adjusted accordingly.

Secure AODV [11], protocol uses a signature to authenticate most fields of a route request and route reply and uses hash chains to authenticate the hop count. Network nodes authenticate AODV routing packets with an SAODV signature extension, which prevents certain impersonation attacks. The initiator chooses a maximum hop-count, based on the expected network diameter and generates a one-way hash chain of length equal to the maximum hop count plus one, which is used as metric authenticator.

6.2. Securing DSR protocol

The DSR protocol faces attacks like incorrect forwarding of packets, bogus routing information for traffic attraction, choosing a short reply time for the route to stay longer in cache and salvaging a route that is not actually broken. Buchegger et al propose [28] a Grudger Protocol and extend it to DSR for solving
the above attacks. It is based on two basic ideas that are used to detect non-co-operating or grudger node. First is to employ a neighbourhood watch, to be warned by what happens with the neighbour node and second, sharing the information of experienced malicious behavior with others and learn from them. The protocol defines suitable cost and profit to routing and forwarding information. It also keeps the history of experiences with non-cooperating nodes and uses these measures to throw cheating nodes out of the network.

A solution [12] for wormhole attack suffered by on-demand and periodic protocols uses a concept called packets leashes1. The receiver here can determine if the packet has traversed an unrealistic distance by authenticating either an extremely precise timestamp for synchronization with the sender called temporal leashes or location information combined with a loose timestamp called geographical leashes.

1. Leash is a rope attached to the neck of a pet (often a dog) for restraint or to prevent it from getting away

 

  

With this synchronization the receiver is able to determine the difference between packet’s expected travel time to the receiver and the actual receive time.

7. CONCLUSIONS

Due to inherent characteristics, the MANET are highly susceptible to malicious attacks. The power and computation constraints are also higher in these networks, making security requirements different from wired networks. Ad hoc networks need secure routing protocols and trust management to prevent attacks that use modification, fabrication and impersonation. The routes discovered by routing protocols may be with smallest hop count or secure but need not be minimum-energy routes. There is another view of the attacks in MANET. A malicious node may launch a DoS attack against another node by routing traffic through the node in an attempt to wear down the other node’s batteries. Intrusion prevention measures such as encryption and authentication must be able to defend against hijacked mobile nodes that carry private keys and easily authenticate themselves. Establishment of trust in ad hoc network environment thus also becomes important. The necessity of obtaining trust certificates or a shared key in the protocols like SRP makes an increased requirement of energy and processing power in the nodes. This may be sometimes impossible to provide thus prohibiting the use of cryptographic schemes. The energy requirement may also be more for transmitting packets in case of protocols like SAR where additional security metric is inserted during route discovery.

REFERENCES

  1. C E Perkins, Ad Hoc Networks, Addison-Wesley, USA, 2001.

  2. S Basagni, M Conti, S Giordano & I Stojmenovic, Mobile Ad Hoc Networking, IEEE Press, USA, 2004.

  3. C E Perkins & P Bhagwat, Highly Dynamic Destination-Sequenced Distance Vector Routing (DSDV) for Mobile Computers, ACM SIGCOMM Conference on Communications Architectures, Protocols and Applications, vol 24, pp 234-244, October 1994.

  4. M Abolhasan, T A Wysocki, E Dutkiewicz, A Review of Routing Protocols for Mobile Ad hoc Networks, Ad hoc Networks, vol 2, pp 1-22, January 2004.

  5. A S Tanenbaum, Computer Networks, 4th Edition, Pearson Education, New Delhi, 2003.

  6. D B Johnson, D A Maltz & J Broch, DSR: The Dynamic Source Routing Protocol for Multihop Wireless Ad hoc Networks, IETF Internet Draft, October 1999.