security issues in manet
TRANSCRIPT
Security issues in MANET Seminar 2015
SSM college of Engineering and Technology
Basharat SultanEnroll : 3167Computer Science & Engineering
Mobile Adhoc Network is a group of wireless mobile computers in which nodes cooperate by forwarding packets for each other to allow them to communicate beyond direct wireless transmission range
MANETS are more vulnerable to attacks than wired networks
Security is a process that is as secure as its weakest link. So, in order to make MANETs secure, all its weak points are to be identified and solutions to make all those weak points safe, are to be considered.
So Security issues in MANETs will remain a potential research area in near future.
INTRODUCTION
The characteristics of these networks are summarized as follows:
Communication via wireless means. Nodes can perform the roles of both hosts and
routers. No centralized controller and infrastructure. Intrinsic mutual trust. Dynamic network topology. Frequent routing updates.
Continue…
The following are the advantages of MANETs: They provide access to information and services regardless of geographic
position. These networks can be set up at any place and time.
Some of the applications of MANETs are : Military or police exercises. Disaster relief operations. Mine cite operations. Urgent Business meetings.
Advantages and Applications
Some of the disadvantages of MANETs are: Limited resources. Limited physical security. Intrinsic mutual trust vulnerable to attacks. Lack of authorization facilities. Volatile network topology makes it hard to detect malicious nodes. Security protocols for wired networks cannot work for ad hoc networks.
Disadvantages OF MANET
MANETs are much more vulnerable to attack than wired network. This is because of the following reasons :
Open Medium - Eavesdropping is more easier than in wired network.
Dynamically Changing Network Topology – Mobile Nodes comes and goes from the network , thereby allowing any malicious node to join the network without being detected.
Cooperative Algorithms - The routing algorithm of MANETs requires mutual trust between nodes which violates the principles of Network Security.
Lack of Centralized Monitoring - Absence of any centralized infrastructure prohibits any monitoring agent in the system.
Lack of Clear Line of Defense –
Security Problems in MANETs
The possible security attacks in MANETs can be divided into two categories:
Passive attack In this type of attack, the intruder only performs some kind of monitoring
on certain connections to get information about the traffic without injecting any fake information
Active attack In this type of attack, the intruder performs an effective violation on either
the Network resources or the data transmitted
Classification of attacks in MANETS
Eavesdropping:
This is a passive attack. The node simply observes the confidential information.
Traffic Analysis
In MANETs the data packets as well as traffic pattern both are important for adversaries.
Traffic analysis can also be conducted as active attack by destroying nodes Snooping:
Snooping is unauthorized access to another person's data.
Continue…
Denial Of Service Impersonation Packet Modification Flooding Worm Hole Selfish node Gray Hole Routing Table Run-off Information Revelation Black Hole
Types of active attacks
This type of attack when launched against MANET inserts malicious packets into the network which disrupts the service which was targeted, causing non-availability of resources to legitimate users.
Denial Of Service
In this type of attack a node impersonates as another node in order to send fake routing information, so that the other node knows that the information came from a normal node
Impersonation
This type of an attack involves packet content modification performed by an intermediate node
Packet modification
In this type of attack nodes in MANET does not participate in communication, so that they can save their resources
Selfish Node
A malicious node can send route request for an unknown node, which does not exist in the network. The node receiving these packets will store this information in their routing table. But due to their memory limitation, the routing table will run out of space
Routing Table Run-off
In this type of attack the attacker is present within the network and due to broadcasting problem he also gets this information which he can easily encapsulate and can seek vital information
Information Revelation
Reliable Infrastructure Layer Securing Communication layer Routing Layer Security Network Layer Security Application Layer Security SVM Based Method
COUNTERMEASURES
The functions that this layer provides can be used by the other layers.
So the requirement of distributed security mechanism is
the need of the hour which can play a vital role in authentication before any communication takes place, which can establish secure communication between the nodes.
securing this layer will provide the key for securing the whole system
Reliable Infrastructure Layer
Wireless channel can be protected by the use of security protocol like WPA2 (Wi-Fi Protected Access version 2) that works on the data link Layer
Securing Communication layer
In MANET each node acts as router to route the data which it receives to its destination.
The whole communication depends on the every node in the network and if the routing tables are being tampered it can collapse the whole network communication.
In order to secure routing in MANET a two phase security must be applied; ‘routing information security’ and ‘secure data forwarding’
Routing Layer Security
IPSec is one the security protocol of the network layer that can help obtain authentication of a node in order to maintain confidentiality and reliability for secure data transmission.
Another protocol, Secure Message Transfer (SMT) helps to build security relationship with the communicating node
This layer solves the problem which routing protocols cannot
Network Layer Security
This layer should provide end-to-end security
Protocols like Secure Electronic Transaction (SET), Secure Shell (SSH), Secure Socket Layer (SSL) etc. are some that work on application layer
SSL is mostly used in web transmissions, SSH is a replacement of Telnet and FTP, SET is used by end systems to perform secure transaction.
Application Layer Security
The method Support Vector Machine (SVM) is based on trust scheme
This method monitors various metrics like PMISR, PMOR and PDR in order to establish trust between the communicating nodes.
This method is a solution to detect various malicious attacks in MANET. In order to evaluate the performance the following metrics are used by SVM:
SVM Based Method(v.v.imp)