security issues in manet

34
Security issues in MANET Seminar 2015 SSM college of Engineering and Technology Basharat Sultan Enroll : 3167 Computer Science & Engineering

Upload: flowerjaan

Post on 28-Jul-2015

33 views

Category:

Engineering


4 download

TRANSCRIPT

Security issues in MANET Seminar 2015

SSM college of Engineering and Technology

Basharat SultanEnroll : 3167Computer Science & Engineering

“The quieter you become, the more you are able to hear.”

WHAT IS A MANET ?

Mobile Adhoc Network is a group of wireless mobile computers in which nodes cooperate by forwarding packets for each other to allow them to communicate beyond direct wireless transmission range

MANETS are more vulnerable to attacks than wired networks

Security is a process that is as secure as its weakest link. So, in order to make MANETs secure, all its weak points are to be identified and solutions to make all those weak points safe, are to be considered.

So Security issues in MANETs will remain a potential research area in near future.

INTRODUCTION

Continue..

The characteristics of these networks are summarized as follows:

Communication via wireless means. Nodes can perform the roles of both hosts and

routers. No centralized controller and infrastructure. Intrinsic mutual trust. Dynamic network topology. Frequent routing updates.

Continue…

The following are the advantages of MANETs: They provide access to information and services regardless of geographic

position. These networks can be set up at any place and time.

Some of the applications of MANETs are : Military or police exercises. Disaster relief operations. Mine cite operations. Urgent Business meetings.

Advantages and Applications

Some of the disadvantages of MANETs are: Limited resources. Limited physical security. Intrinsic mutual trust vulnerable to attacks. Lack of authorization facilities. Volatile network topology makes it hard to detect malicious nodes. Security protocols for wired networks cannot work for ad hoc networks.

Disadvantages OF MANET

MANETs are much more vulnerable to attack than wired network. This is because of the following reasons :

Open Medium - Eavesdropping is more easier than in wired network.

Dynamically Changing Network Topology – Mobile Nodes comes and goes from the network , thereby allowing any malicious node to join the network without being detected.

Cooperative Algorithms - The routing algorithm of MANETs requires mutual trust between nodes which violates the principles of Network Security.

Lack of Centralized Monitoring - Absence of any centralized infrastructure prohibits any monitoring agent in the system.

Lack of Clear Line of Defense –

Security Problems in MANETs

The possible security attacks in MANETs can be divided into two categories:

Passive attack In this type of attack, the intruder only performs some kind of monitoring

on certain connections to get information about the traffic without injecting any fake information

Active attack In this type of attack, the intruder performs an effective violation on either

the Network resources or the data transmitted

Classification of attacks in MANETS

Eavesdroping

Traffic Analysis

Snooping

TYPES OF PASSIVE ATTACKS

Eavesdropping:

This is a passive attack. The node simply observes the confidential information.

Traffic Analysis

In MANETs the data packets as well as traffic pattern both are important for adversaries.

Traffic analysis can also be conducted as active attack by destroying nodes Snooping:

Snooping is unauthorized access to another person's data.

Continue…

Denial Of Service Impersonation Packet Modification Flooding Worm Hole Selfish node Gray Hole Routing Table Run-off Information Revelation Black Hole

Types of active attacks

This type of attack when launched against MANET inserts malicious packets into the network which disrupts the service which was targeted, causing non-availability of resources to legitimate users.

Denial Of Service

In this type of attack a node impersonates as another node in order to send fake routing information, so that the other node knows that the information came from a normal node

Impersonation

This type of an attack involves packet content modification performed by an intermediate node

Packet modification

Flood Storm Attack

BlackHole Attack

Wormhole attack

In this type of attack nodes in MANET does not participate in communication, so that they can save their resources

Selfish Node

This type of an attack can lead to packet loss

Gray-Hole

A malicious node can send route request for an unknown node, which does not exist in the network. The node receiving these packets will store this information in their routing table. But due to their memory limitation, the routing table will run out of space

Routing Table Run-off

In this type of attack the attacker is present within the network and due to broadcasting problem he also gets this information which he can easily encapsulate and can seek vital information

Information Revelation

Reliable Infrastructure Layer Securing Communication layer Routing Layer Security Network Layer Security Application Layer Security SVM Based Method

COUNTERMEASURES

The functions that this layer provides can be used by the other layers.

So the requirement of distributed security mechanism is

the need of the hour which can play a vital role in authentication before any communication takes place, which can establish secure communication between the nodes.

securing this layer will provide the key for securing the whole system

Reliable Infrastructure Layer

Wireless channel can be protected by the use of security protocol like WPA2 (Wi-Fi Protected Access version 2) that works on the data link Layer

Securing Communication layer

In MANET each node acts as router to route the data which it receives to its destination.

The whole communication depends on the every node in the network and if the routing tables are being tampered it can collapse the whole network communication.

In order to secure routing in MANET a two phase security must be applied; ‘routing information security’ and ‘secure data forwarding’

Routing Layer Security

IPSec is one the security protocol of the network layer that can help obtain authentication of a node in order to maintain confidentiality and reliability for secure data transmission.

Another protocol, Secure Message Transfer (SMT) helps to build security relationship with the communicating node

This layer solves the problem which routing protocols cannot

Network Layer Security

This layer should provide end-to-end security

Protocols like Secure Electronic Transaction (SET), Secure Shell (SSH), Secure Socket Layer (SSL) etc. are some that work on application layer

SSL is mostly used in web transmissions, SSH is a replacement of Telnet and FTP, SET is used by end systems to perform secure transaction.

Application Layer Security

The method Support Vector Machine (SVM) is based on trust scheme

This method monitors various metrics like PMISR, PMOR and PDR in order to establish trust between the communicating nodes.

This method is a solution to detect various malicious attacks in MANET. In order to evaluate the performance the following metrics are used by SVM:

SVM Based Method(v.v.imp)

Continue…

Continue…

Algorithm of SVM

THANK YOU