chapter-1 introduction to manet -...

Chapter-1

Introduction to

MANET

Introduction to MANET

P a g e | 1

Chapter 1 Introduction to MANET

Past few years, have witnessed a rapid escalation in the field of mobile

computing due to proliferation of inexpensive, widely available

wireless devices. Thus, it has opened vast opportunity for researchers

to work on Ad Hoc Networks.

In a MANET, nodes within one another’s wireless transmission range

can communicate directly; however, nodes outside one another’s

range have to rely on some other nodes to relay messages [140]. Thus,

a multi-hop scenario occurs, where several intermediate hosts relay

the packets sent by the source host to make them reach the

destination node.

MANET is one that comes together as needed, not necessarily with any

support from the existing infrastructure or any other kind of fixed

stations [4, 29, 30, 97]. This statement can be formalized by defining

an ad hoc network as an autonomous system of mobile hosts (MHs)

(also serving as routers) connected by wireless links, the union of

which forms a communication network modeled in the form of an

arbitrary communication graph. This is in contrast to the well-known

single hop cellular network model that supports the needs of wireless

communication by installing base stations (BSs) as access points. In

these cellular networks, communications between two mobile nodes

completely rely on the wired backbone and the fixed (BSs). In a

MANET, no such infrastructure exists and the network topology may

dynamically change in an unpredictable manner since nodes are free

to move.

As for the mode of operation, ad hoc networks are basically peer-to-

peer multi-hop mobile wireless networks where information packets

are transmitted in a “store-and-forward” manner from a source to an

arbitrary destination, via intermediate nodes as shown in Figure 1.1.

As the MHs move, the resulting change in network topology must be


P a g e | 2

made known to the other nodes so that outdated topology information

can be either updated or removed. For example, MH2 in Figure 1.1

changes its point of attachment from MH3 to MH4, other nodes in the

network should now use this new route to forward packets to MH2

[30].

Asymmetric link

Symmetric link

Figure 1.1: A Mobile Ad-Hoc network (MANET)

In Figure 1.1, it is assumed that it is not possible to have all MHs

within range of one another [30]. If all MHs are close-by within radio

range, no routing issues to be addressed. In real situations, the power

needed to obtain complete connectivity may be, at least, infeasible, not

to mention issues such as battery life and spatial reusability. Figure

1.1 raises another issue of symmetric (bi-directional) and asymmetric

(unidirectional) links. As it will be seen later on, some of the protocols

that consider symmetric links with associative radio range, i.e., if (in

Figure 1.1) MH1 is within radio range of MH3, then MH3 is also within

radio range of MH1.

This is to say that the communication links are symmetric. Although

this assumption is not always valid, it is usually made so because

routing in asymmetric networks is a relatively hard task [107].

In certain cases, it is possible to find routes that could avoid

asymmetric links, since it is quite likely that these links looming fail.

Symmetric links, with all MHs having identical capabilities and

responsibilities are discussed.

MH3

MH2

MH5

MH1

MH6

MH7

MH4

MH2


P a g e | 3

The issue of symmetric and asymmetric links is one among the several

challenges encountered in a MANET. Another important issue is that

different nodes often have different mobility patterns. Some MHs are

highly mobile, while others are primarily stationary. It is difficult to

predict a MH's movement and pattern of movement [30].

The dynamic nature of MANETs makes network open to attacks and

unreliability. Routing is always the most significant part for any

networks. Each node should not only work for itself, but should also

be cooperative with other nodes. MANETs are vulnerable to various

security attacks [22, 59, 139, 140]. Hence, finding a secure and

trustworthy end-to-end path in MANETs is a genuine challenge.

1.1 Applications of MANETs

The deployment of a MANETs is easy due to the absence of setting up

any infrastructure for communication. Mostly such kind of networks

are required in military application and emergency rescue operations.

But slowly MANETs have entered with the areas of gaming, sensing,

conferencing, collaborative and distributed computing [3]. This

dynamic network is yet to capture most of the commercial

applications. Research is still going on in this direction so that the

MANET can be deployed in any area where a faster and cheaper

network can be setup instantly for data communication.

In the following Table 1.1, overview of some of the applications of

Mobile Ad Hoc Networks [7, 29, 30, 119] is provided.


P a g e | 4

Table 1.1: Application of Mobile Ad hoc Networks

Application Description

Military

Services:

Military services are one of the most discussed and

common application area of mobile ad hoc networks

where installation of any fixed infrastructure is not

possible in the enemy territories or inhospitable

terrains. In this environment MANET provides the

required communication mechanism in no time. Here,

the soldiers are considered to be the mobile nodes. So

the network is required to remain connected even

though the soldiers move freely. This support is

provided by the MANET. Another application in this

area can be the coordination of the military objects

and the personnel in the battlefield. For example, the

leader of a group of soldiers may want to pass a

message to all the soldiers or a group of soldiers

involved in the operation. In this situation, a secure

and reliable routing protocol should be able to do the

job.

Emergency

Services:

These arise as a result of natural disasters when the

entire communications infrastructure is in disarray

(for example, Tsunamis, hurricanes, earthquake etc.)

where restoring communications quickly is essential.

By using ad hoc networks, an infrastructure could be

set up in hours instead of days/weeks required for

wire-line communications.

Education: Universities and campus settings, Virtual classrooms,

Ad hoc communications during meetings or lectures.


P a g e | 5

Sensing and

Gaming:

Sensor network is a special case of ad hoc networks

where mobility is generally not considered. However

the battery power is a key factor in sensors. Each

sensor is equipped with a transceiver, a small micro-

controller and an energy source. The sensors relay

information from other devices to transport data to a

central monitor. The sensors are used to sense the

environmental condition such as temperature,

pressure, humidity etc. In this case they form an ad

hoc network to collect intended information. The

mobility can also be incorporated into the sensor

network where they are meant to study the behavior of

tornados or to study the behavior of patients in the

hospital.

Multi-user games, robotics pets.

Personal

Area

Networking:

Personal communicating devices like laptops, PDAs,

mobile phones create a network to share data among

one another called the Personal Area Network (PAN).

The PAN covers a very short range for communication

and can be used for ad hoc communication among the

devices or for connecting to a backbone network.

1.2 Characteristics and Features of MANETs

Ad hoc networks have many features, which make them quite distinct

from wired networks and thus require innovative ways to implement

the network functionalities. Table 1.2 summarizes some of the

characteristics of MANETs [26, 30, 119, 125].


P a g e | 6

Table 1.2: Characteristics of MANETs.

Characteristics Description

Wireless medium: The wireless medium used by the nodes to

communicate with each other has time-varying

coverage and asymmetric propagation properties.

It is less reliable and more prone to interference

compared to a wired medium.

Dynamic

Topologies:

Nodes are free to move arbitrarily with different

speeds; thus, the network topology may change

randomly and at unpredictable times.

Infrastructureless

Network:

Network is not depending on any fix infrastructure

for its operation.

Power

Management:

As the nodes are not fixed, they rely on batteries

as their power source. Thus mechanisms and

protocols devised for such networks need to keep

the energy constraint in mind.

Peer-to-Peer

nature:

These are not fixed nodes with pre-defined roles.

Thus, all protocols need to be designed for

distributed environments composed of “peers" and

need to be robust enough to handle these

distributed dynamic topologies. These different

characteristics of wireless ad hoc networks require

different techniques than the wired networks,

especially at the three lower-most layers, to

effectively perform the network functions. The

widely adopted standard for wireless networks, at

the physical and data-link layer is IEEE 802.11

(for wireless local area networks).

Limited

computing and

energy resources:

There are limited computing power, memory, and

disk size due to the limited battery capacity, as

well as limitation on device size, weight, and cost.


P a g e | 7

Limited service

coverage:

Due to device, distance between devices, network

condition limitations, service implementation for

wireless devices is more challenging as compared

to the wired networks and their elements and at

the same time MANETs faces many constraints.

Higher

interference

results in lower

reliability:

Infrared signals suffer interference from sunlight

and heat sources, and can be shielded/absorbed

by various objects and materials. Radio signals

usually are less prone to being blocked; however,

they can be interfered by other electrical devices.

The broadcast nature of transmission means all

devices are potentially interfering with one

another. Self-interference also happens due to

multipath.

Highly variable

network

conditions:

Higher data loss rates due to interference.

User movement causes frequent disconnection.

Channel changes occur as users move around.

Received power diminishes with distance.

Limited

Bandwidth:

Wireless links continue to have significantly lower

capacity than infrastructure networks. In addition,

the realized throughput of wireless

communications - after accounting for the effects

of multiple access, fading, noise, and interference

conditions, etc., is often much less than a radio's

maximum transmission rate.


P a g e | 8

1.3 Challenges of MANETs

MANETs have been a very popular field of research for last few years.

Almost every characteristic of the network has been explored to some

level. Yet, no ultimate resolution to any of the problems has been

found. On the contrary, more questions crop up which need to be

addressed. Table 1.3 outlines some of the major challenges that ought

to be addressed [26, 30, 119, 125].

Table 1.3 : Major challenges of MANETs

Challenges Descriptions

Routing in

Dynamic

Topology:

In MANET, the presence of node mobility changes

the link of connectivity between the nodes very

frequently. The existing conventional Bellman Ford

routing algorithm or classic Link State algorithms

are not applicable for such dynamic network where

the topology changes with the free movement of the

nodes.

Topology

maintenance:

Updating information of dynamic links among

nodes in MANETs is a major challenge.

Lack of central

Infrastructure:

There exist several solutions in a cellular network

to handle the mobility of the nodes while routing is

the major concern. But, MANET doesn’t have a

centralized monitoring authority and the lack of

any central facility decreases the routing efficiency

as well as the throughput.

Scalability: In MANETs, the nodes are constrained with the

limited battery power, computation capability and

storage capacity. As the network size increases, the

number of packets forwarded by each node also

increases. This drains the node resources fast,

making it dead in a short period.


P a g e | 9

Similarly, topology maintenance overhead in a

scalable dynamic network is another challenging

issue. This ultimately affects the QoS of the

network.

Cooperativeness: Routing algorithm for MANETs usually assumes

that nodes are cooperative and non-malicious. As a

result a malicious attacker can easily become an

important routing agent and disrupt network

operation by violating the protocol specifications.

Energy

Efficiency:

Portable mobile devices are mostly operated by the

batteries whose life span is very limited. Further,

the nodes in the MANET have to perform the role of

an end system (transmitter or receiver) as well as

an intermediate system (forwarding packets of

other nodes) which causes more battery drainage.

Security and

Privacy:

Mobility implies higher security risks such as peer-

to-peer network architecture or a shared wireless

medium accessible to both legitimate users and

malicious attackers.

Autonomous: No centralized administration entity is available to

manage the operation of the different mobile nodes

in MANETs.

Poor

Transmission

Quality:

This is an inherent problem of wireless

communication caused by several error sources

that result in degradation of the received signal.


P a g e | 10

1.4 Overview of IEEE 802.11

The Institute of Electrical and Electronics Engineers (IEEE) 802.11 is

a prominent standard for wireless local area networks (WLANs), which

is adopted by many vendors of WLAN products. The IEEE 802.11 is

the first digital wireless data transmitting standard, which deals with

the physical and MAC layers in WLANs. It was brought out in year

1997.

Under the IEEE 802.11 standard, Mobile Terminals (MTs) can operate

in two modes [3, 32, 60]: (i) Infrastructure mode, in which MTs can

communicate with one or more Access Points (APs) which are

connected to a WLAN and (ii) Ad Hoc Mode, in which MTs can

communicate directly with each other without using an AP.

A wireless access point is required for infrastructure mode wireless

networking. Hence it offers the advantage of scalability, centralized

security management and better connectivity. In the ad hoc mode of

wireless networks, the nodes can directly communicate with each

other without using any access point. To set up an ad hoc wireless

network, each wireless adapter must be configured for ad hoc mode

versus the infrastructure mode. An ad hoc network tends to feature a

small group of devices all in very close proximity to each other. In this

network the performance degrades as the number of nodes increases.

Ad hoc networks cannot bridge to wired LANs or the internet without

the presence of a special purpose gateway node.

1.4.1 Physical Layer: IEEE 802.11 supports three options for

the medium to be used at the physical level – one is based on infrared

[32, 129] and the other two are based on radio transmission. The

physical layer is subdivided conceptually into two parts – Physical

Medium Dependent Sublayer (PMD) and Physical Layer Convergence

Protocol (PLCP).


P a g e | 11

PMD handles encoding, decoding, and modulation of signals. The

PLCP abstracts the functionality that the physical layer has to offer to

the MAC layer. PLCP offers a Service Access Point (SAP) that is

independent of the transmission technology, and a Clear Channel

Assessment (CCA) carrier sense signal to the MAC layer. The SAP

abstracts the channel which can offer up to 1 or 2 Mbps data

transmission bandwidth. The CCA is used by the MAC layer to

implement the Carrier Sense Medium Access with Collision Avoidance

(CSMA/CA) mechanism.

The following are the three choices for the physical layer in the

original 802.11 standard : (i) Frequency Hopping Spread Spectrum

(FHSS) operating in 2.4 GHz Industrial, Scientific, and Medical (ISM)

band, at data rates of 1 Mbps [using 2 – level Gaussian Frequency

Shift Keying (GFSK) modulation scheme] and 2 Mbps (using 4-level

GFSK); (ii) Direct Sequence Spread Spectrum (DSSS) operating in the

2.4 GHz ISM band, at data rates of 1 Mbps (using differential binary

phase shift keying(DBPSK)) (iii) infrared operating at wavelengths in

850-950 mm range, at data rates of 1 Mbps and 2 Mbps using Pulse

Position Modulation (PPM) scheme.

1.4.2 Basic MAC Layer Mechanism: The IEEE 802.11 MAC

has become ubiquitous and gained widespread popularity as a de

facto layer-2 standard for wireless networks. Wireless transmissions

are inherently broadcast in nature and contentions to access the

shared channel need to be resolved carefully in order to avoid

collisions. Currently, the IEEE 802.11 standards include a basic

medium access protocol Distributed Coordination Function (DCF) and

an optional Point Coordination Function (PCF). The multihop or

single-hop ad hoc operation is supported by the DCF, which is based

on the Carrier Sense Medium Access with Collision Avoidance

(CSMA/CA) random access scheme, in which retransmission of

collided packets is managed according to binary exponential backoff

rules.


P a g e | 12

To avoid the hidden terminal problem an optional Request to Send

(RTS)- Clear to Send (CTS) mechanism is implemented. The PCF is a

centralize-scheduling and polling-based protocol, which is designed to

support collision free and transmission of real time traffic in wireless

networks. When the PCF is in operation, the AP controls medium

access and avoids simultaneous transmissions by the nodes.

Inter-Frame Spacing (IFS): Inter-frame spacing refers to the time

interval between the transmissions of two successive frames by any

station. There are for types of IFS: SIFS, PIFS, DIFS, and EIFS, in

order from shortest to longest. They denote priority levels of access to

the medium. Shorter IFS denotes a higher priority to access the

medium, because the waiting time to access the medium is lower.

The exact values of the IFS are obtained from the attributes specified

in the Physical Layer Management Information Based (PHYMIB) and

are independent of the station bit rate

Short inter-frame spacing (SIFS): SIFS is the shortest of all

the IFSs and denotes highest priority to access the medium. It is

defined for short control messages such as acknowledgement for

data packets.

PCF inter-frame spacing (PIFS): PIFS is the waiting time whose

value lies between SIFS and DIFS and it is used for real-time

services.

DCF inter-frame spacing (DIFS): DIFS is used by stations that

are operating under the DCF mode to transmit packets. This is

for asynchronous data transfer within the contention period

Extended inter-frame spacing (EIFS): EIFS is the longest of all

the IFSs and denotes the least priority to access the medium.

IEFS is used for resynchronization whenever physical layer

detects incorrect MAC frame reception.


P a g e | 13

Carrier Sense Medium Access with Collision Avoidance

(CSMA/CA): CSMA/CA is the MAC layer mechanism used by IEEE

802.11 WLAN. This technique cannot be used in the context of WLAN

effectively because the error rate in WLANs is much higher and

allowing collisions will lead to a drastic reduction in throughput.

Morever, detecting collisions in the wireless medium is not always

possible. The technique adopted here is therefore one of collision

avoidance.

1.5 The Network Simulator (NS2)

Simulation has proved to be a valuable tool in many research areas

where analytical methods are not applicable and experimentation is

not feasible. Researchers generally use simulation to analyze system

performance prior to physical design or to compare multiple

alternatives over a range of system conditions.

There are various simulators like NS-2 [143], Glomosim [150], Qualnet

[151] and Opnet [152] are available to carry out research work in

Wireless and Wired Networking. Network Simulator (NS version 2) is

an object-oriented, discrete event driven network simulator developed

at University of California, Berkely written in C++ and OTcl and and

freely available for academic research purpose. To conduct

performance analysis of our proposed solutions presented in this

thesis, the popular NS2 simulator [143] has been extensively used.

NS 2 was chosen primarily because it is a proven simulation tool

utilised in many previous research studies on MANETs [15] and has

been validated and verified in [68, 123].


P a g e | 14

1.5.1 Random Waypoint Mobility (RWP) Model

Mobile nodes in a MANET often move from one location to another,

but finding ways to model these movements is often not obvious. In

order to thoroughly evaluate communication protocols for MANETs

such as Ad Hoc On Demand Distance Vector (AODV), it is necessary

to develop and use mobility models that realistically capture the

movements of mobile nodes.

The Random Waypoint Mobility (RWP) [86] is the most popular

mobility models used in MANETs research and is itself the focal point

of most research activity [76, 20, 48]. The model defines a collection of

nodes which are placed randomly within a confined simulation space.

Then, each node selects a random destination inside the simulation

area and travels towards it at a certain speed “s”. Once it has reached

its destination, the node pauses for some time “t”, before it chooses

another random destination and repeats the process.

NS2 comes with a built in CMU tool called ‘setdest’ that can be used

to generate a large number of nodes and their movements. Setdest is

available under the “ns2.34/indep-utils/cmu-scen-gen/setdest”

directory. Setdest generates the position of nodes during the start of

the simulation, their movement speed and direction throughout the

simulation.


P a g e | 15

1.6 Security issues in MANETs: Threats,

Vulnerabilities and Attacks

Any system which is required to be secured might have weakness or

vulnerabilities which would be targeted by an attacker [7, 122].

Threat: Threat is the means through which the ability or intent of an

agent to adversely affect an automated system, facility or operation

can be manifested. All methods or things used to exploit a weakness

in a system, operation or constitute threat agents. Examples of threats

include attackers, intelligence service etc. Following factors cause

threat in MANETs [7].

Absence of infrastructure — certification/authentication author-

abilities are absent.

Dynamically changing network topology — this puts security of

routing protocols under threat.

Power and computational limitations — these can prevent the

use of complex encryption algorithms.

Vulnerability: Vulnerability is any hardware or software flaw that

leaves an information system open for potential exploitation. The

exploitation can be of various types, such as gaining unauthorized

access to information or disrupt critical processing.

Channel vulnerability — broadcast wireless channels allow

message eavesdropping and injection easily.

Node vulnerability — when nodes do not reside in physically

protected places, they easily fall under attack.

Attack: Attack is an attempt to bypass the security controls on a

computer system. The attack may alter, release, or deny data.

Examples of attacks include actions such as obtaining illegitimate


P a g e | 16

privileges, inserting data falsely, modifying information, analyzing

network traffic, obtaining illegitimate access to the system or disrupt

network operation using malicious software [7].

These attacks can be classified into following types:

External Attacks: External attacks are carried out by nodes that do

not belong to the network. They cause congestion, send false routing

information or cause unavailability of services.

Internal Attacks: Internal attacks are from compromised nodes that

are part of the network. In an internal attack the malicious node from

the network gains unauthorized access and impersonates as a

genuine node. It can analyze traffic between other nodes and may

participate in other network activities.

Different attacks are of two kinds (i) Passive attacks and (ii)

Active attacks [7]:

1. Passive Attack: In this type of attack, an attacker passively

listens to the packet or frame exchanges in the wireless medium by

sniffing the airwaves. Since an attacker only listens to the packets

that are passing by without modifying or tampering with the packets,

these attacks mainly target the confidentiality attribute of the system.

However, this process of gathering information might lead to active

attacks later on. This kind of attack is easier to launch.

Traffic Monitoring and Analysis: In this type of attack,

adversaries monitor packet transmission to infer important

information such as a source, destination, and source-destination

pair, analyse that information to use for different attacks.


P a g e | 17

Eavesdropping: Eavesdropping is another kind of attack that

usually happens in the mobile ad hoc networks. Transmission in

adhoc networks use shared wireless medium and in broadcasting

manner. All nodes in range can hear transmission without any extra

efforts. This type of attack aims at obtaining some confidential

information that needs to be kept secret during the communication.

Syn Flooding: In this type of attack, an attacker may repeatedly make

new connection request until the resources required by each

connection are exhausted or reach a maximum limit. It produces

severe resource constraints for legitimate nodes. This attack is like

Denial of Service (DoS) type.

2. Active Attack: Active attacks are those attacks where the

attacker takes malicious action in addition to passively listening to on-

going traffic e.g. attacker might choose to modify packets, inject

packets or even disrupt network service. The misbehaving node has to

bear some energy costs in order to perform some harmful operation

like changing the data. Active attacks cause damage and are

malicious which often threaten integrity, availability of the network.

These type of attacks can be internal or external [7].

Generic Attacks against Routing: Routing is very

important function in MANETs. It can also be easily misused, leading

to several types of attack. Routing protocols in general are prone to

attacks from malicious nodes. These protocols are usually not

designed with security in mind and often are very vulnerable to node

misbehavior. This is particularly true of MANET routing protocols

because they are designed for minimizing the level of overhead and for

allowing every node to participate in the routing process.

Making routing protocol efficient always increases the security risk of

the protocol and allows a single node to significantly impact the

operation of the protocol.


P a g e | 18

Following are some of the examples of attacks that can be launched

against MANET routing protocols [89, 113, 126, 129]:

Black Hole Attack: In this type of attack, attacker node sends false

message to all or route requesting node, claiming to possess shortest

path from it to destination node. So all or requesting node update

their routing table and send data toward attacker (malicious) node(s).

Malicious node(s) may drop all incoming packets.

Wormhole Attack: In this type of attack, attacker(s) make tunnel

between them & grub data, pass it from tunnel and replay it at other

end which disturbs routing. Figure 1.2 describes wormhole attack.

Figure 1.2 : Wormhole Attack

This type of attack could prevent discovery of any routes and may

create a wormhole even for packet not address to itself because of

broadcasting [53, 57]. Wormhole are hard to detect & do damage to

network.


P a g e | 19

Gray hole Attack: In this type of attack, attacker node(s) involves

itself in data transmission path (attacker node work in on off mode) to

drop data packet on certain probability like packet intended for

specific node or drop packets at certain time interval or every nth

packet or at specific time of the day or some portion of packet. It is

very hard to detect because attacker node works in on off mode with

probability therefore data forwarded by it in network is so hard to

identify.

Location disclosure Attack: This type of attack is a part of the

information disclosure attack. The malicious node(s) leaks information

regarding the location or the structure of the network. It itself may

also use the location information for further attack. It gathers the

node location information such as a route map and knows nodes

situated on the target route. Figure 1.3 show Location disclosure

Attack.

Figure 1.3: Location disclosure Attack

As shown in figure 1.3 node M1 collect all topology information &

either discloses it to other malicious node M2 or itself uses for attack

on any other node for example M1 would send fake Message to S.


P a g e | 20

Flooding: In this type of attack, attacker (malicious) node(s)

broadcast false packets or ghost packets which have wrong routing

information & drain valuable resources like battery, processing power,

and bandwidth. It leads to increased traffic in network, keeping nodes

busy and reduced network performance.

Denial of Service (DoS) attack: This type of attack has similarity

with Flooding type of attacks. This type of attack is any event that

diminishes or eliminates a network’s capacity to perform its expected

function. These attacks are launched against server resources or

network bandwidth by preventing authorized users from accessing

resources. For example, an attack may target a system by exhausting

limited wireless resources such as bandwidth, storage space, battery

power, CPU, or system memory. Networks and applications can be

attacked by modifying routing information or changing system

configuration, thereby directly attacking data integrity.

Selfish Nodes attack: In this type of attack, a node doesn’t harm

others in network but this type of malicious node uses network for its

own purpose but it doesn’t involve traffic transmission to other nodes.

By doing so, they save their resources like battery and computation

power.

Man-in-the-Middle attack: In this type of attack, attacker node(s)

diverts all data packets traffic between sender & receiver node through

itself. In many cases, it impersonates as receiver for sender & as

sender for receiver. Figure 1.4 depicts Man-in-the-Middle Attack.


P a g e | 21

Figure 1.4: Man-in-the-Middle Attack

As shown in figure 1.4 for data transmissions going on between

nodes S to D, malicious node M diverts all packets through it by

sending fake reply messages.

Impersonation attack/ Identity Spoofing: In this type of attack,

malicious node(s) uses other node’s identity like IP or MAC address for

attack.

Sybil attack: In this type of attack, malicious node acts as several

different nodes with their identities rather its own identity. This allows

it to forge the result of a voting used for threshold security methods

[38, 71, 88].


P a g e | 22

Rushing attack: In this type of attack, an adversary node which

receives a Route Request packet from the source node floods the

packet quickly throughout the network before other nodes which also

receive the same Route Request packet can react. Nodes that receive

the legitimate Route Request packets assume those packets to be

duplicates of the packet already received through the adversary node

and hence discard those packets. Any route discovered by the source

node would contain the adversary node as one of the intermediate

nodes. Hence, the source node would not be able to find secure

routes. It is extremely difficult to detect such attacks in MANETs [56].

Routing Table/ Cache Poisoning: In this kind of attack, malicious

nodes in the networks send fictitious routing updates or modify

genuine route update packets that are sent to other uncompromised

nodes. Routing table poisoning may result in sub-optimal routing,

congestion in portions of the network, or even make some parts of the

network inaccessible.

MANETs research challenges include efficient routing and Security,

Media Access Control and Power Consumption etc. [11]. Several

characteristics of an ad hoc network make it much more difficult to

keep its secure as compared to the infrastructure-based network.


P a g e | 23

1.7 Research Problem

MANETs are creating much research interest both in academia and

the telecommunication industries. The principal attractions of

MANETs are related to the ease with which they can be deployed due

to their infrastructure-less, not require any centralized

administration. Interestingly, designing adequate security schemes for

these innovative networks is very challenging. One of the challenging

security problems in MANETs is the secure routing in presence of

selfish or adversarial entities which drop the packets they agreed to

forward; and in doing this selfish or adversarial entities can disrupt

the network traffic and cause various communication problems.

Several research works have been proposed to provide secure route

discovery and detection and prevention of attacks. Each one has its

own limitations and constraints. Many existing solutions address

ways to provide security using cryptography and/or trust based

security are presented in the literature covered in section 3.3 and 3.4

of the thesis.


P a g e | 24

1.8 Motivation and Objectives

Early research works assumed a friendly and co-operative

environment and focus on problem such as simple routing, multihop

routing and wireless channel access. Now, security has become a

primary concern to provide secure, protected communication between

nodes in a potentially hostile environment. Moreover, unique feature

of MANETs present a new set of security challenges. Several

researchers aim at securing the routing messages of existing routing

protocols such as AODV and DSR etc. and they proposed solutions

based on cryptographic mechanisms to make routing protocol secure,

however, this mechanism require a key management service to keep

track of key and node binding. Also it needs a trusted entity called the

certificate authority (CA) to issue public key certificate for every node

in the network. This is “hard security” mechanisms and too expensive

for MANETs. As a result, we were motivated to develop a trust based

secure routing protocol for MANETs.

The objective of carried out research work is to propose routing

protocols and techniques for secure route discovery and maintain it by

preventing different attacks, thus ensuring the transfer of data

packets over the network safely. In detail the objectives can be laid

down as below:

A. To gain in-depth knowledge of Mobile Ad hoc Networks and its

working.

B. To understand the issues and challenges of deployment and

maintenance of MANETs.

C. Propose architecture for AODV reactive routing protocol to

enhance security feature and efficiency.

D. Proposed routing protocol to provide secure route discovery and

maintenance to prevent Blackhole and DoS attack.

E. To propose another approach for survival from insider attacks

like Route Disruption and Route Invasion.


P a g e | 25

1.9 Contributions of the thesis

The contributions of our research work are as follows.

A new trust based mechanism Trust based On Demand Routing

Protocol “TSDRP” is proposed and studied for prevention of blackhole

and DoS attack in benign and malign environment. Simulation results

show the effects of numbers of malicious nodes, traffic load, mobility

speed, pause time and network sizes to help understand the impact of

the packet dropping attack and its mitigation. This study shows that a

trust based prevention mechanism can help improving the packet

delivery performance. TSDRP does not violate the concept of MANETs,

as it is not using any kind of cryptographic key management functions

and is independent from the centralized trusted architecture.

Through the proposed technique NDTAODV, we tendered an

effective mechanism to provide security in AODV against resource

depletion attacks (resource depletion by aggressive RREQ control

packet flooding), results shows that the proposed algorithm prevent

the malicious nodes, isolates them from the active route and increases

packet delivery fraction. Performance of NDTAODV is better in the

malign environment (presence of attacks) whereas NDTAODV and

normal AODV perform almost similar in the benign environment

(absence of flooding attack). This makes AODV more robust.

A new approach AODVSEC is proposed: AODVSEC is not imposing

any lengthy complex processing (e.g. cryptography) on the mobile

node. Compared results demonstrate that the AODVSEC having least

processing time which obviously saves computational power than the

SAODV routing protocol. Also AODVSEC prevent the insider attacks

launched through actively forged RREP control message by just using

RREQ-ACK cach and validation of RREP with RREQ_ACK.


P a g e | 26

1.10 Organisation of the thesis

Thesis begins with an introduction to MANET in Chapter 1. Different

routing protocols of MANET are explained in Chapter 2, whereas

various secure routing protocols are discussed in Chapter 3. Chapter

4 describes our proposed TSDRP: Trust based secure on demand

routing protocol to prevent blackhole and DoS attacks. Chapter 5

contains our proposed NDTAODV: Neighbour Defence Technique for

AODV to Mitigate Flood Attack in MANETs. Chapter 6 details about

our proposed novel technique AODVSEC to prevent insider attacks.

The conclusions and summary of our research work are presented in

Chapter 7. In Chapter 8, we give limitations of our work and thus

outline scope for future work.

Chapter Summary

This chapter discussed with basic concepts of ad hoc networks

includes their application, characteristics and unique challenges like

attacks, threats and vulnerabilities associated with securing MANETs.

Use of network simulator and mobility model are also described.

In the last research problem, motivation and objectives of research,

contributions of the thesis and organization of the thesis are

discussed.

chapter-1 introduction to manet -...

Documents