Review of security threats and its countermeasures in Mobile Adhoc Networks.
In a continuously changing network environment, the objective of routing is to determine the latest topology to determine a right route to a specific node (Hu, Y. C et al, 2006). In ad hoc networks, routing becomes a significant concern, as it has to be managed by heterogeneous nodes in a collaborative manner. Large numbers of ad hoc routing algorithms have been offered for efficient routing in Manets.
Mobility of end nodes and intermediate nodes, battery power, processing power constraints, open channel, varying capacity error prone links, hidden node and exposed node problem are the serious challenges in designing an efficient routing protocol for Manets (Michiardi, P and Molva, R, 2002) Based on their underlying Architectural framework, the routing protocols can be categorized in to two major kinds: identity centric and location-centric.
(i) Identity Centric Routing: Most of the existing Manet routing protocols use the identity of the nodes (IP address) for communication in the dynamic environment. Depending on the routing topology it is classified into Proactive, reactive and Hybrid protocols (Boukerche, A, n.d).
(a) Proactive Routing protocols: Are otherwise known as Table driven protocols. In this type of protocols, nodes exchange the topology information periodically either locally or globally throughout the participating network and maintain the updated routing table. Hence, whenever the nodes require exchanging any data they can acquire route information readily at any time. The major drawback of this type of protocol is consumption of large bandwidth for passing updates and control messages. Examples: OLSR, DSDV
(b) Reactive Routing protocols: Are otherwise known as On Demand protocols. In this type of protocols, routes will be established by the nodes only when they need to send data to the destination whose route is unknown. Since routes are to be established whenever required the communication overhead will be comparatively less. e.g., AODV, DSR.
(c) Hybrid routing protocols: It uses the combination of both proactive and reactive protocols. In general a proactive scheme is used to discover routes in initial stage and reactive schemes are used in further stages. An example of a hybrid routing protocol is Zone Routing Protocol (ZRP), FSR. These kind of protocols initially uses proactive approach for establishment and later uses reactive approach for maintenance. Guerrero Zapata stated ZRP is also called a hierarchical routing protocol.
(ii) Location Centric Routing: Instead of using node ids, it uses location parameters to communicate and route the data. Location centric routing protocols in general assume that every node in the network knows the location particulars of other nodes. Examples: ALARM, PRISM (Defrawy, K. E., and Tsudik, G, 2011).
The main focus of the earlier routing protocols design was to make sure of efficient routing process that involves route discovery, route maintenance, and route recovery during failures by assuming that all nodes are trustworthy and well-behaved .In reality, Adhoc networks are more vulnerable to security attacks due to the unmonitored malicious nodes. By the realization of the issues related to routing process and the need of providing security in routing research community has started a developing secured routing protocol in recent past.
This article is organized as follows. Section 2 discusses the Major types of: Adversaries, security attributes, section 3 deliberates attacks in the protocol stack in Manets. Section 4 concisely reviews the various types of routing attacks and finally Section 5 discusses different kinds of secured routing protocols and their defences against attacks and their drawbacks.
Major adversaries, security attributes of manets:
Due to the varying nature of the network, routing is more exposed to be affected by two major types of adversaries according to the domain of the attackers (Lou et al, 2004)
(i) External attackers: The attackers from outside of the network can easily detect the IDs of the participating nodes by snooping of all the communication within the network, and thus attempts to compromise the privacy of the nodes. Once the IDs are detected, they also tries to flood incorrect routing details, modify the original message and, replay the old routing messages with the intention of causing extreme traffic load in the network thereby depleting the resources.
(ii) Internal Attackers: The compromised nodes are more hazardous than outside attacker .As they are active members of the network they can easily track the nodes, inject false messages and broadcast improper message about routing to other nodes. It is very difficult to identify the exactness of the inaccurate messages sent by the compromised nodes.
The following are the major security attributes which ensures the trustworthiness of the network (Zapata, 2002) and (Su., W, 1999):
Availability: Availability assures network services all the time and possibility to correct failures to keep the stable connection.
Authenticity: Provides ability to the nodes to validate that the data has been sent by the legitimate node. Without this an attacker can impersonate a node and gain access to resources and sensitive information.
Confidentiality: Protection of any information from being exposed to unintended entitiy. Only the envisioned receivers should be able to interpret the transmitted data.
Integrity: Ensures data is not altered during the transmission process i.e., confirms data integrity.
Non repudiation: Ensures that sender and receiver can never negate the messages send or received by them.
Along with the above security mechanisms Key Management, Access Control, Trust, Isolation, Authorization, Location Privacy, Self-Stabilization, Byzantine robustness and Anonymity ensures the higher level of security for the routing in Manets if followed.
Attacks on protocol stack:
* Application layer: Repudiation, Data corruption, Malicious code attack
* Transport layer: Session Hijacking, SYN flooding
* Network layer: Black hole attacks, wormhole attack, Byzantine, Partition, routing table poisoning, Packet replication, information disclosure, Location disclosure attack, message altering.(Abusalah et al., 2004)
* Data Link layer: Traffic analysis, Monitoring, WEP weakness.
* Physical layer: Jamming, eavesdropping, interceptions.
* Multi-layer: Denial-of-service attacks (Yang, 2004) impersonation, Man-in-the-middle attack.
Major functions of Network Layer and vulnerable attacks in it:
Routing and data packet forwarding are the main network-layer operations in MANETs, they interact with each other and accomplish the functionality of delivering packets from the source to the destination. The ad hoc routing protocols exchange routing messages between nodes and maintain routing states at each node accordingly. Based on the routing states, data packets are forwarded by intermediate nodes along an established route to the destination. Both routing and packet forwarding operations are vulnerable to malicious attacks, leading to various types of malfunction in the network layer(Yang, 2004).
Network-layer Attacks: Based on the objective of the attack the network layer attacks are classified commonly into two categories: (i) Routing attacks and (ii) Packet forwarding attacks. Malign, Wormhole, black hole, rushing, Byzantine, flooding resource consumption, location disclosure are the main security attacks in Network layer (Zhou and Haas, 1999) .As the network layer is responsible for routing process that enables proper communication which is the main purpose of the network, it is more prone to attacks.
By attacking the routing protocols, attackers can easily absorb network traffic, insert themselves into the path amongst the source and destination, and thus control the network traffic flow. The attackers can create routing loops, introduce severe network congestion, and channel contention. Multiple colluding attackers triggers excessive network control traffic, and further increases network congestion and performance degradation. Protecting ad hoc routing and forwarding protocols are the major Network Layer issues. Routing attacks are carried out during the route establishment, route maintenance as well route recovery phases.
Types of routing attacks:
The malicious attacker can try to attack routing packets and routing protocols either by (i) Spreading the malicious packets by using its own address or using arbitrary address which does not belong to any node in the network (ii) Lying in the routing path and misdirecting the routing which leads to denial of service(Yau et al, 2007).
1. Routing Table Overflow Attack: Proactive routing protocols are vulnerable to this type of attack. The attacker node sends excessive number of route advertisement request message to the intended node to make its routing table to overflow.
2. Routing Table Poisoning: The compromised insider nodes send fabricated routing updates or modify the route updates and send it to the uncompromised nodes in the network which leads to sub optimal routing. As result congestion may occur and even some times the network portioning may happen.
3. Packet Replication: The adversary node replicates the outdated packets which lead to needless confusion in routing process. This consumes the bandwidth and battery power of the nodes which are scarce in Manets.
4. Rushing Attack: Reactive protocols are more vulnerable to this kind of attack. Once the source node sends a Route Request message, an adversary node immediately floods it throughout the network. The nodes which are receiving the original Request discards it by thinking it as a duplicate and reply to the adversary.
5. Flooding Attack: This type of attack tries to exhaust the network resources, such as bandwidth, battery power and computational power of the nodes (Yi. P et al., 2005) or disturb the routing process and thereby degrades the network performance.
6. Worm hole: An attacker tunnels the received packet and replay at another location with the cooperation of another attacker. It is one of the most sophisticated and severe attacks in MANETs (Zhang,Y et al., 2006), it can be launched against all communications that afford authenticity and confidentiality.
7. Black hole Attack: A malicious node broadcasts that it has an optimal route and thereby makes other nodes to send data packets through it. After receiving the data packets it may drop or misuse the data. It is more common in many of the routing protocols.
8. Gray hole Attack: This is a special kind of black hole attack. In this type of attack the malicious node selectively drops out some packets especially control packets and forwards the data packets. Sometimes the dropping will be carried out by the node for a certain time period and the node turns to behave normally later. This happens in ununiformed intervals of time by defeating the trust-based mechanisms and is more difficult to overcome (Abdelaziz et al., 2013).
9. Byzantine Attacks: In this attack the adversary has full control of legitimate device and can perform arbitrary behavior to disturb the communication between the nodes in the network. Byzantine attacks (Kannhavong et al., 2007).
10. Replay Attack: A node registers other node's valid control messages and resends them later which cause the receivers to record the stale routes in their routing table and as a consequence the routing process gets disturbed. The replay attack  can be misused to mimic a particular node.
11. Message withholding attack: By holding back a topology control message an attacker can detach a particular node and thwart it from getting data packets from other nodes.
12. Link Withholding Attack: A malicious node ignores to broadcast the link of a node or set of nodes which results link loss to these nodes.
13. Link Spoofing Attack: In this type of attack, by broadcasting fake links with non-neighbors the attacker gains the authentication and disrupts routing operations. Replay, Link withholding and Link Spoofing Attacks are very serious in OLSR protocol.
14. Colluding misrelay attack: Several attackers work together by mutual agreement to drop or modify the routing packets. This disrupts the routing operation in Manet and is very hard to detect by using the conservative methods like path rater and watchdog .
15. Location Disclosure Attack: By using traffic analysis techniques (Abdusalah, 2008) or probing and monitoring approaches an adversary discovers the location of a specific node or a set of nodes. Using it the attacker traces the sender, receiver and intermediate nodes involved in traffic pattern and tracks the changes. The leakage of such information is overwhelming in security.
Secured routing protocols:
Providing security and anonymity is highly challenging in open natured mobile ad hoc network environment where the topology is not fixed. All the traditional routing protocols are vulnerable to several attacks. Later the Manet researchers focused to overcome the attacks by adopting various security mechanisms and proposed various routing protocols based on the earlier versions.
Table 1 provides the details of some popular secured routing protocols, their defenses against attacks and their drawbacks.
In this paper we have presented the different types of routing protocols, major types of adversaries, and security attributes to be considered in Manets. Almost all types of routing attacks and foremost secured versions of the routing protocols have been reviewed. It is noted that due to its adhoc nature Manets are becoming more and more susceptible to attacks ties. As many secured routing mechanisms are proposed the threat are also keeps on increasing and is not possible to provide a fool proof mechanism for secured data transmission in this mobile environment. Any proposed mechanism can only ensure few of the security attributes and can overcome one or few of the attacks.
Received 12 October 2014
Received in revised form 26 December 2014
Accepted 1 January 2015
Available online 25 February 2015
Abdelaziz, A.K., M. Nafaa and G. Salim, 2013. Survey of Routing Attacks and Countermeasures in Mobile Ad Hoc Networks.15th IEEE International Conference on Computer Modeling and Simulation. UKSim.
Abusalah, L., A. Khokhar, M.A. Guizani, 2008. Survey of Secure Mobile Ad Hoc Routing Protocols. IEEE Communications Surveys & Tutorials, 10(4):78-94, Fourth Quarter.
Adjih, C., D. Raffo and P. Muhletaler, 2005. Attacks Against OLSR: Distributed Key Management for Security. 2nd OLSR Interop/ Workshop. Palaiseau, France.
Boukerche, A., Taxonomy of Routing Protocols for Mobile Ad Hoc Networks. Algorithms and Protocols for Wireless Mobile Ad Hoc Networks.
Defrawy, K.E. and G. Tsudik, 2011. Privacy-Preserving Location-Based On-Demand Routing in MANETs. IEEE Journal on Selected Areas in Communications, 29(10).
Guerrero Zapata, M., Secure Ad hoc On-Demand Distance Vector Routing, Mobile Computing and Commun. Review, 6(3): 106-107.
Hu, Y.C., A. Perrig and DB. Johnson, 2006. Wormhole Attacks in Wireless Networks. IEEE Journal on Selected Areas in Communications, 24(2).
Kannhavong, B., N. Hidehisa, Y. Nemoto and N. Kato, 2007. A Survey of Routing Attacks in Mobile Ad Hoc Networks. IEEE Wireless Communication, 14(5): 85-91.
Lou, W., W. Liu, Y. Fang, 2004. SPREAD: Improving network security by multipath routing in Mobile Ad hoc networks. Twenty-third Annual Joint Conference of the IEEE Computer and Communications Societies, 4: 2404-2413.
Marti, S.T.J, G.K. Lai and M. Baker, 2000. Mitigating Routing Misbehavior in Mobile Ad Hoc Networks. 6th MobiCom. Boston: MA.
Michiardi, P. and R. Molva, 2002. CORE: A Collaborative Reputation Mechanism to. IFIP-Communication and Multimedia Society Conf.
Su, W. and M. Gerla, 1999. IPv6 Flow Handoff in Ad Hoc Wireless Networks Using Mobility Prediction. IEEE Globecom, pp: 271-275.
Yang, H., H. Lou, S. Lu and L. Zhang, 2004. Security in mobile ad hoc networks: challenges and solutions. IEEE Wireless Comm8unications, 11(1): 38-47.
Yang, H.H.Y., 2004. Security in mobile ad hoc networks: Challenges and solutions. IEEE Wireless Communications, 11(1): 38-47.
Yau, P.W., S. Hu and C.J. Mitchell, 2007. Malicious attacks on ad hoc network routing protocols. International Journal of Computer Research, 15(1).
Yi, P., Z. Dai, S. Zhang and Y. Zhong, 2005. A New Routing Attack in Mobile Ad Hoc Networks. International Journal of Information Technology, 11(2).
Zapata, M.G., 2002. Secure Ad hoc On-Demand Distance Vector Routing. Mobile Computing and Communications Review, 6(3): 106-107.
Zhang, Y., W. Liu and W. Lou, 2006. MASK: Anonymous On-Demand Routing in Mobile Ad Hoc Networks. IEEE Transactions on Wireless Communications, 5(9):2376-2385.
Zhou, L. and Z.J. Haas, 1999. Securing Ad Hoc Networks. IEEE network.
(1) A. Geetha and (2) Prof. N. Sreenath
(1) Research Scholar, Department of Computer Science and Engineering, Pondicherry Engineering College, Pondicherry University, Box: 605 014India
(2) Professor, Department of Computer Science and Engineering, Pondicherry Engineering College, Pondicherry University, Box: 605 014India
Corresponding Author: A. Geetha, Research Scholar, Department of Computer Science and Engineering, PEC, Pondicherry University, India.
Table 1: Secured Manet Routing Protocols. Protocol Major Routing Secure Attacks Versions DoS, Resource SEAD(Secure consumption Efficient Ad attack, routing hoc Distance vector) SDSDV OLSR Wormhole, SLSP(secure Link link state withholding protocol) attack, Link Spoofing attack AODV Route Cache CORE Poisoning, Black hole, Worm hole, Flooding SAODV [M.G.Zapata, 2002] DSR Fabrication, Ariadne Worm hole CONFIDANT ZRP Impersonation, SRP Flooding, Dropping, Snooping Protocol Security Defense Against Attacks Mechanisms * One-way hash 1. Resource Consumption function, 2. Routing attacks * Authentication 3. DoS * One-way hash function Two one way hash 1.Hostile attacks chains 2.Protects on the sequence numbers and metrics OLSR * One-way hash 1.Denial of Service chains attacks * Digital 2.Byzantine Signature AODV * Reputation 1.Selfish behavior of * Watch dog nodes Denial of service attacks Further Route 1.resilience to attack Request from malicious nodes 2. Selfish attacks. Black hole attacks DSR TESLA 1.Fabrication attacks Digital Signature 2.Packet dropping attack 3.Selfish Misbehavior 4.Black hole attack 5. Routing attacks 6.DoS Reputation System Forwarding attacks Trust Manager ZRP Shared Symmetric Location Key Cryptography Disclosure Protocol Drawbacks Would not be able to overcome attacks where the attacker uses the same metric and sequence number that were used by the recent update message and sends a new routing table. Increased computational overhead. May be subject to denial of service attacks. [SDSDV] OLSR An attacker can masquerade as a victim node and flood the victim's neighbors with link-state updates that seem to originate from the victim. AODV May not sense misbehaving nodes in existence of ambiguous collusions, receiver collusions, limited transmission power, false misbehavior, collision and partial dropping . High communication overheads. Fails to detect the wormhole attacks[Wei Yuan, 2014] DSR If the attacker is along the discovered route, then Ariadne vulnerable to an attacker. Due to its complex reputation mechanism more chances of attacks on the reputation value. ZRP Does not attempt to (i) Secure Route Error Packets. (ii) prevent unauthorized modification of fields while forwarding the packets
|Printer friendly Cite/link Email Feedback|
|Author:||Geetha, A.; Sreenath, N.|
|Publication:||Advances in Natural and Applied Sciences|
|Date:||Jun 1, 2015|
|Previous Article:||A survey on trust management in cloud computing.|
|Next Article:||A novel approach for converting 2D into 3D images using Hough feature extraction technique.|