this part of the thesis work is covered in the paper...
TRANSCRIPT
24
CHAPTER 2
LITERATURE SURVEY
This part of the thesis work is covered in the paper titled, “Network Layer Attacks and
Defense Mechanisms in MANETs-A Survey”, International Journal of Computer
Applications (0975-8887), Vol. 9, No. 9, NOV 2010, pp. 12-17.
This chapter discusses the literature survey of the present investigation and presents a
comprehensive overview of related work in the area of MANET intrusion detection and
prevention. The study covers the different protocol approaches for route discovery,
encryption approaches as both preventive and IDS, acknowledgement methods and cross
layer approaches. The review on these topics exactly shows how the developed technique
encapsulates all of these features to develop a robust defensive mechanism to identify and
correct network layer attacks to evaluate the performance of the network.
2.1. Security Mechanisms against Network layer Attacks
Security has become the fundamental and vital service for the wireless networks,
especially MANETs. The MANETs triumph is highly dependent on public’s assurance in
its security part. The unique features of MANETs pose both prospects and challenges in
reaching necessary security requirements. The present scenario in MANETs security and
countermeasures are surveyed to showcase the chances of reducing or eliminating security
vulnerabilities in the form of attacks. The literature review mainly concentrates on the two
types of approaches as preventive and detective (IDS) for network layer attacks for the
different types of routing schemes and encryption techniques. In the earlier years, the
proposed conventional approaches were based on authentication; encryption techniques
and others form the first line of defense, whereas the IDS and other cooperation
enforcement methods form the second line of defense, but were successful in reducing
selfish behaviors only. This drawback is considered as the catalyst to design the defensive
mechanisms combining the first and second line of defense concepts to come out with new
kind of solutions, which is the highlight of this thesis work. In the recent years, the
25
intrusion detection has got supreme importance within the broad domain of network
security, more so in the case of wireless ad hoc networks.
It is a very easy task for hackers in the recent years, to eventually succeed to infiltrate the
system with the usage of latest technological advances in the hacking mechanisms. That is
why it becomes more important to check out constantly the system and monitor the
suspicious behavior. Intrusion detection systems (IDSs) do just that; that is monitor audit
data, look for intrusions to the system, and initiate a proper response (e.g., email the
systems administrator, start an automatic reprisal) [24]. As such, there is a need to
complement traditional security mechanisms with efficient intrusion detection and
response. Here we present a survey on the work that has been done in the area of intrusion
detection and prevention in mobile ad hoc networks with multiple perspectives.
2.2. Studies based on Analytical Modelling Solutions for Network Layer
attacks in MANETs
A lot of work has been proposed and implemented in the form of process algebra or
quantitative analysis to tailor the specifications and verification of the MANET properties
as in [25, 26, 27, 28, 29, 30 and 31]. The routing process in MANETs is inherently
dependent on node behaviors as the main support for multi-hop operations in these
networks is assumed from well-behaved or genuine nodes. The different behaviors of
nodes that exist in real MANETs are, selfishness, malicious and power constrained ones.
This node behavioral classification shows the transition probabilities assumed for changes
in the states and modelled according to the semi-Markov process. Using this as the basis
study, most of the earlier work relies on the modelling and analysis of different
characteristics of MANETs. Fei Xing and Wenye have shown the impact of misbehavior
on connectivity in the form of DoS attacks in MANETs using the semi-Markov process
[29]. The solution they have implemented analytically to mitigate the misbehaviors in the
form of black hole or DoS attacks is to isolate the co-operative node itself from its
misbehaving neighbors. Similar research has been carried by A.H. Dehgan to isolate the
cooperative node from its malicious and selfish neighbors and again with DoS attacks
[30]. Daniel Seither et al. proposed an analytical model for black hole attack and their
26
countermeasures which have been realized using simulation [32]. A.H. Azni proposed
analytical model for correlated node behavior in MANETs to show the impact on network
survivability through simulations [31]. These are some of the important earlier studies
conducted based on semi-Markov modelling and analysis for various characteristics in
MANETs.
Although the current thesis work mainly concentrates on simulation and experimental
approaches, the analytical modelling developed strives to match with the solution
implemented for experimental approach in isolating malicious nodes. The model designed
differs from the others in the sense that, the solution proposed and implemented is to
isolate the malicious nodes launching network layer attacks from the other intermediate
neighbors in the selected optimal path for communication between source and destination.
As such, the other studies are totally contrasted in providing the solution of isolating
genuine node itself from the malicious neighbors. Using from the state transition formulae,
it has been deduced to find the probability of a node being in a genuine state with varying
intermediate nodes and malicious nodes to obtain a stabilized performance of the network.
2.3. Studies Based on Preventive Security Mechanisms
The countermeasures used to ensure security in MANETs ranges from the conventional
methods like authentication, encryption, digital signatures and access control which stand
for the first line of defense. The implementation of IDS and cooperation enforcement
mechanisms also strives to achieve security in MANETs against attacks forming the
second line of defense. The conventional security techniques like encryption and
authentication schemes are mainly based on cryptography and have two types, symmetric
and asymmetric cryptography. To achieve the security primitives such as data integrity
and authentication, message digests (hash functions) and digital signatures are the best
suited services. Likewise, safety of physical device is equally important like that of data,
as mobile devices tend to be miniature devices and are physically vulnerable. There are
chances of devices stolen, lost, damaged or hijacked by the adversaries, especially in the
battlefield. The devices and the data stored within are usually secured by using smart cards
which are accessed through PIN (Personal Identification Number), passwords, biometrics
27
or tokens [33]. This importance has made the preventive mechanisms very popular and
the following sections introduces to survey of some existing work in this area.
Variety of routing protocols has been proposed to tackle the attacks in MANETs. But very
little effort has been done on the malicious node detection launching network layer attacks
and existing work in this area is still in its formative stage. There are works which reveal
that the misbehaving nodes agree to forward packets but fail to do so, which is solved by
two solutions namely, watchdog and pathrater [34]. The former identifies the misbehaving
node and later takes care of providing the best route information. The watchdog’s problem
lies in that it won’t detect nodes in the presence of ambiguous collisions, receiver
collisions, limited transmission power, false misbehaviors and partial dropping. A new
secure routing protocol with efficient cryptographic primitives is designed called, Ariadne
[35], to overcome tampering and DoS attacks using DSR protocol. The drawback with this
protocol is that it works only for symmetric encryption techniques and is proved to be less
efficient with optimized version of DSR.
In 2002, another method called CORE [36] was developed and implemented. CORE is
different from Watchdog-Pathrater in the sense that it helps the legitimate users to avoid
misbehaving nodes; it can be integrated with higher layer applications also, whereas the
watchdog is restricted only for routing layer. But CORE has got some restrictions as it is
implemented only to detect selfish nodes using DSR (Dynamic Source Routing) protocol
and for DoS (Denial of Service) attacks. To overcome this problem CONIDENT protocol
mechanism was suggested in [37]. This represents an extension to routing protocol to
detect and isolate misbehaving node using four components as monitor, a reputation
system, a trust manager and a path manager. This ensures security, robustness for
malicious behavior using AODV protocol. Packet leashes, a preventive security method
described in [38] explains a specific protocol TIK to overcome wormhole attacks in
MANETs. It works only for wormhole attacks and TIK protocol and as the protocol is
heavily dependent on broadcast authentication and time synchronization, the packet
leashes are proved to be less efficient. To mitigate the problem of time or clock
synchronization, a mechanism called SECTOR [39] is introduced to prevent wormhole
28
attacks. This method uses one-way hash chains and Merkle hash tree. Again the SECTOR
detects only wormhole attacks and thus are overruled.
In 2004, a distributed security scheme against DoS attacks was proposed [40]. This
method proposes a modified AODV protocol and compares the performances with original
one. It tries to put the restriction on number of route requests which may not be compatible
when network grows. Instead, the developed approach adopts to as many route requests as
possible and also uses few concepts of AODV to form a new routing strategy. In 2006, a
secure method for server pooling against byzantine attacks was proposed using a
preventive approach of key pre-distribution [41].
Unfortunately as MANETs are dynamic in nature, key distribution schemes may not be
applicable always as all the nodes in MANET range may not be known in advance. These
issues make way to implement separate but closely-related key management approaches to
support protocol development in MANETs [34, 42 and 43]. This feature is encashed and
implemented as a broadcast authentication scheme using a genetic concept algorithm,
which is applied for not only gray hole attack but also for other attacks in the proposed and
developed scheme. In 2007, MEPA (Minimum Exposed Path to the Attack in MANET)
computes the shortest path but does not concentrate on cryptographic primitives, instead,
tries to reduce the impact of attacks [44]. The main drawback of this method is that the
status of links is not revealed. The developed solution covers this problem of indicating
the link status also of whether it is proper or improper for communication. In [45] a shared
secret symmetric key mechanism in multipath routing using DSR protocol to mitigate data
dropping and data modifying attacks has been discussed. The developed approaches in the
current thesis uses the same concept to mitigate not only data dropping, message
tampering attacks, but, also considers few more attacks like black hole, gray hole and
replication attacks using a protocol independent approach which surely enhances the
method, in [45] as the update of the confirmed list of nodes participating in
communication is done only at destination node, whereas, the current approach updates
the nodes list participating in route discovery at all the nodes in the range.
In 2008 an approach which is independent of protocol used in detecting and accusing the
misbehaving node in MANET was proposed in [46]. The drawback of this approach lies in
29
the fact that it can detect only black hole and gray hole attacks without the protocol
interference, which is extended by the developed approaches to some more attacks without
the interference of protocol. A friend-assisted intrusion detection and response
mechanisms for MANETs is presented in paper [47]. The concept is totally based on
friendship mechanism and lacks to cover most of the security requirements. Identity-based
key cryptography was proposed in [48], which uses either IP addresses or email id’s as
public keys. This method lacks anonymity and privacy preservation and as a result it may
be more vulnerable to attacks. In [49], a novel algorithm for route discovery was proposed
which can be adapted to standard protocols like AODV or DSR. The route discovery
process is protected by public key cryptography techniques. As this approach increases
the computational burden and reduces the performance without being able to detect the
link breakages, it will not be suitable to consider for efficient routing algorithm. The
developed approach in the current work considers this and develops the routing scheme in
such a way that it is able to detect the link breakages and link misbehaviors through an
acknowledgement scheme. A survey of security mechanisms for network layer attacks is
detail is shown in paper [50]. This clearly gives us the idea of security perspectives in
MANETs against attacks. A scheme which is based on temporary MANET considers an
efficient secret key sharing encryption technique for node admissions in the network [51].
The main drawback of this approach is that it doesn’t consider isolating the malicious
node from the network, which is considered and implemented in the current thesis work.
An AODV+2ACK model was proposed in [52] to detect the routing misbehavior for the
selfish nodes. But the method could only acknowledge fraction of data packets sent and
which is taken for all the packets sent in the current work with time and distance-based
routing strategy combined with one hop acknowledgement scheme. Cross layer
architecture is proposed to detect DoS attacks by using data mining technique with
clustering algorithm in [53]. The technique emphasizes more on IDS architecture
involving OSI layer stack but does not discuss about the data confidentiality requirement
and lacks the encryption mechanism. In [54], a reputation-based scheme to mitigate
routing misbehavior was proposed using clustering algorithm with AODV protocol. The
method neither discusses about the security requirements coverage nor satisfies the
30
security provisioning. Also there is no enhanced feature in the protocol or the technique it
applies.
A framework of intrusion detection system with two hierarchical levels using co-operative
cross layer IDS to secure broadband services of wireless mesh networks was proposed in
[55]. As the procedure proposed here lacks security parameters, like, encryption process
and different parameter analysis from layers of protocol stack, the work is proved to be
insufficient and needs more details. In [56] a trust-based security scheme for RREQ
(Route Request) flooding attack was discussed using DSR protocol. Although, the concept
depends on selection of threshold values and delay queues, it delays the detection of
misbehaving nodes and lacks data flooding prevention.
An efficient binary tree structure for network nodes in creating certification scheme for
routing procedure using a public key management is implemented in [57]. The drawback
of this approach is that the partial centralized control concept is implied as a result of
binary tree structure. To overcome this fact, the current thesis work concentrates and
implements algorithms like Dijkstra’s shortest path method using the time as a weight
metric instead of distance metric. This will fairly reduce the overhead and decentralized
concept of MANETs will be maintained. Yet, another efficient public key management for
self-organized MANET for OLSR protocol has been implemented and showed in paper
[58]. The problem in the method lies in the fact that every node has to maintain and
monitor the key repositories and which creates a sort of overhead for the individual nodes.
The current work presented in this thesis relays on the fact that it works independent of the
protocol used and distribution of the public key will be done prior to route discovery phase
and lessens the burden of individual node maintaining, storing or revoking the keys.
In MANETs the routing protocol problems still prevail as of now, a solution to such a
problem is proposed in [59] to enhance routing ability in MANETs to ensure cooperation
and forwarding. The method proposed here is again protocol-dependent and works well
for DSR routing scheme and enhances just the protocol feature in mitigating blackhole
attack and selfish nodes. The current thesis is focused on malicious node mitigation
launching different types of network layer attacks compared to these existing methods. A
31
distributed hierarchical architecture was proposed, where the network will be partitioned
in to zones and every zone will be assigned with a manager to monitor the activities [60].
As the whole method lies in the trustworthiness of zone manager there is a possibility of
some sort of centralized control and is not suitable to MANETs nature.
A cross-layer approach which compares AODV and DSR with IEEE 802.11 to show the
performance related issues is shown in paper [61]. Again the proposed approach is
protocol-dependent and considers only the performance measure of protocols but not
taking in to consideration of misbehavior detection or prevention. Whereas, the developed
approaches in the current thesis considers both detection and correction of network layer
attacks with performance measure and independent of protocol analysis. To overcome the
centralized key management problems in MANETs, a region based approach to achieve a
group key management was proposed in paper [62]. In this method the group key needs to
be refreshed every time, the possibility of losing the secrecy of key is high and also if
there are several sub-groups, key maintenance becomes a problem. A combined data
fusion model for authentication and intrusion detection using biometric systems was
implemented and shown in paper [63].
The problem with this approach is that biometric system, as the nodes are highly dynamic
in nature and every second the nodes keep on changing the range, the biometrics may not
evaluate once the old node tries to re-enter the range. A generalized IDS and prevention
mechanism using anomaly-based and knowledge-based IDS from attacks was proposed in
[64] and performance was evaluated. The isolation of the attacker in this combination
approach may cause some severe harm to network and hence, it may require an adaptive
flexible intrusion response mechanism. EAOMDV (Enhanced AD-Hoc On Demand
Multipath Distance Vector Routing Protocol) was proposed in [65] to overcome the
problems in routing by pre-emptively predicting the problems in links. The approach
considers only the routing part and how to select routes which are genuine in nature and
does not address the other network layer vulnerability, like, mitigating the attacks it faces.
A model which avoids malicious nodes in the forwarding path using RTS, CTS, DATA
and ACK signaling with AODV as protocol for routing was proposed in [66]. The method
32
is protocol dependent and does not addresses the security requirements for data
transmission and no discussion has been done on how to secure the data to be forwarded.
A detailed survey on packet dropping attack and the attack schemes are discussed and the
importance of security in MANETs using any of the proposed preventive, detective and
reactive approaches is emphasized in paper [67]. The physical layer authentication
mechanism for neighborhood information discovery against adversaries was introduced in
paper [68]. The scheme looks little different from other conventional approaches to ensure
security, but achieving physical layer authentication may need some extra resources like
configuration changes, device compatibility with the authentication software etc;.
A Joint authentication and topology control scheme was proposed to show the throughput
gradation in upper authentication and physical layer schemes [69]. The work shows the
performance only with respect to one network metric as throughput, but achieving
topology control is difficult in MANETs as they are highly dynamic in nature and difficult
to keep track of the nodes in a particular range. An encryption mechanism which uses
MAC address as an additional parameter in the message and the nodes in the network are
organized in a spanning tree fashion to avoid loops in paper [70]. The address inclusion in
message header may form additional overhead for data packets and also all the time the
addresses need to be updated as the nodes may leave or join the network anytime. A
Collaborative watchdog scheme to detect selfish nodes was proposed in paper [71]. The
method is modelled for continuous time Markov chain with two parameters to indicate the
degree of collaboration and detection of the watchdog. The problem with this method is
that it increases the overhead as the node carries both false negatives and false positives
and lacks an updating mechanism and can achieve only moderate collaboration.
2.4. Studies based on Detective Security Mechanisms (IDS)
Although theoretically the cryptographic mechanisms can be applied with protocols to
overcome the attacks, but in reality, due to many of the constraints like design,
implementation, protocol chosen for communication or physical device limitations, there
may be a possibility that many of the malicious behaviors are exempted from
identification or bypassed by the preventive mechanisms. In this regard, a second line of
33
defense is very much in need to detect anomalies. These mechanisms are also called
reactive methods as they try to detect the misbehaviors based on the expected behavior of
attacks statistically. In order to achieve high level of security for MANETs there is a
possibility to consider the combination of both preventive and IDS mechanisms for
effective results. A sort of this kind of combination is designed and developed for
intrusion detection and correction in the form of network layer attacks in the current work.
Some of the important earlier research work done in this area is considered for study as
follows:
A Secure Efficient Ad Hoc Distance Vector routing protocol (SEAD), based on DSDV
protocol (Destination –Sequenced Distance Vector routing) was proposed in [72]. The
main advantage of this protocol is that it reduces CPU processing capability and does not
employ asymmetric cryptographic operations, but uses one way hash chain. The method
lacks the security aspect as the hash values can be readily deduced by hackers using
different mechanisms. With lot of advancements in hacking methods to infiltrate the
systems, there is a maximum need to periodically monitor suspicious behavior to monitor
audit data, look for intrusions and initiate proper response. A total knowledge about the
intrusion detection techniques and their common architecture has been discussed in paper
[10]. A collaborative monitoring mechanisms by the local nodes themselves and without
centralized control, adopt a credit strategy for cross validation to improve network
performance was proposed in paper [73].
As organizing collaboration, especially, on itself by the node requires lot of
trustworthiness in the network, this may become a cause for failure for this approach [73].
To overcome such problems, a dynamic-based learning process to mitigate anomalies by
detecting them in calculating the nodes projection distance was proposed in paper [74]. As
the method is heavily protocol-dependent it clarifies that it will be tried for further new
protocols in routing. To compensate the problem with protocol-based IDS, a trust
management misbehavior detection approach was proposed in paper [75]. SMART, the
support vector machine algorithm is used to detect misbehavior nodes and does not require
any cryptographic or threshold mechanisms to be applied beforehand. As the whole
approach is dependent on trustworthiness, the accuracy met will be less because of the
34
dynamicity of the network and moreover, the approach addresses to find out the
misbehaviors but not attacks pertaining to any layer. The preventive measures like
authentication and cryptography alone are not able to provide the security to these types of
networks. Therefore, an efficient IDS is needed to identify and isolate attacks. Such an
IDS is presented in paper [76], which uses mobile agents for periodic and detection
reports. For Mobile agents authenticity, it uses again, the signature concept thereby
making the approach a combination of preventive and IDS approaches. In such cases, the
mobile agent authenticity verification totally depends on trust and may be proved partially
secure in nature and the paper does not show any of the implementation technique, but,
just gives the idea.
As an attempt to secure MANET, another detection technique based on side channel
monitoring, using the adjacent nodes to route chosen for data communication was
proposed in paper [77]. The method focuses on detection principle without considering the
security measures of the technique itself and cryptography evaluation has not been
considered. To overcome the drawbacks in earlier approaches, a monitoring-based
intrusion detection system is introduced to indicate the level of intrusion detection through
false positives in paper [78]. Although the scheme proved to be efficient in combating
attacks, it may not likely to be accurate for the ad hoc scenario due to varying noise levels,
signal propagation characteristics, interference from other transmissions, which increase
false positives on the network performance. On the contrary, a combination of adaptive
and non-adaptive techniques to detect misbehavior using the local information available at
genuine nodes was proposed in paper [79]. Basically, it acts as a reaction mechanism
which relies on two methods and it may not be possible to find out which node has led to
severe throughput degradation in the network as the nodes are highly mobile in nature.
Another risk-aware response mechanism to cope with the routing attacks was proposed in
paper [80]. The method uses Dempster-Shafer theory to measure the damages by attacks
and assess their risk. Even this method looks different, as it proves to be a an adaptive and
reputation model which does not concentrate on security aspect of the data to be
communicated and tries to assess the damages caused by detected attacks without taking
any corrective measures.
35
2.5. Studies based on Acknowledgement Approaches to Ensure Security
in MANETs
Two network layer acknowledgement schemes termed TWOACK and S-TWOACK which
are compatible with any protocol were proposed in paper [81]. The work detects the
misbehaving nodes and using the routing protocol, isolates them for further route
discovery. The scheme results in considerable increase in performance point of view for
MANETs. To improve upon the 2ACK technique, Kejun Liu suggested a scheme that
serves as an add-on technique for routing process to detect routing misbehavior and to
mitigate the adverse effects caused by that in paper [82]. The scheme results in reducing
additional overhead and only acknowledges a fraction of received data packets and
emphasizes more on link misbehavior by detecting the misbehaving node. The developed
approach in the current thesis is similar to the work described in paper [82] and differs
from that in applying the one hop acknowledgement scheme rather 2ACK. Another
improvement to the same idea proposed in earlier year work of [82] was introduced in
paper [52], which models 2ACK with AODV to detect routing misbehavior and mitigates
the adverse effects. The approach sends two hop acknowledgement packets in opposite
direction of routing path to reduce the additional routing overhead and acknowledges only
a fraction of data packets.
Yet another improvement to TWOACK scheme was analyzed and evaluated in paper [83],
to detect and mitigate the effect of routing misbehavior in MANETs. In this scheme, it
checks data confidentiality using the hash code and thereby declares misbehaving link
containing the misbehaving node. A similar work has been considered in paper [84],
which also works on 2ACK scheme and mitigates the routing misbehavior effects for
network layer. Acknowledgement scheme was improved by using a new on-demand
source routing protocol called Endair. Security is ensured and to overcome the flaw in it,
the scheme uses acknowledgement-based reply to find the secure route. This approach
overcomes the hidden channel attack and explained in the paper [85].
36
2.6. Studies based on Experimental Approaches to Ensure Security in
MANETs
The time critical applications of MANETs have increased the importance of security in
their operations. Most of the work conducted towards the research in the area of security
in MANETs, whether it is routing or data forwarding, has been done in the simulation
environments. The great advantage in carrying out the simulation experiments is its
inexpensive nature and clear vision to understand the protocol working and algorithm
executions. Very little work has been done in this direction, so only the current thesis work
takes this opportunity to design and execute the real world experimentation to verify and
compare the simulation results. This will definitely enhance or revise the current
implementations done in simulators. To understand the simulation results better, whether it
is throughput, delay or RTT etc; the experimental studies were done to assess them to find
the differences between the two. The analytical study carried out in the current thesis is
also matched with the experimental modelling implemented for solutions to misbehaviors
in the form of network layer attacks.
In the past, lot of work has been carried out to build the test-beds and verify the results
[86, 87, 88 and 89]. There are works consider only the performance metric like throughput
but not mobility factor as in [90]. A multi-hop mesh network is implemented and tested
for impact of node density and connectivity for measuring performance in paper [91].
There are several studies which reveal that the work has been carried only on reactive
protocols for test-bed implementations as in [92, 93, 94 and 95]. Since the work considers
the protocols like AODV or DSR, there is a need to reassert that the ad hoc networks also
perform using pro-active protocols as did in paper [96, 97, 98 and 99].
In paper [100], the work identifies only the MAC limitations, but not the upper layer
operations. The sort of closest work to the current research is tackled in paper [101], which
is again protocol independent in nature. There are some other works done on the part of
routing concepts as in [102, 103, 104 and 105] to obtain more accurate and perfect results
as compared to simulation results. As discussed at the beginning of this section, the
current thesis work attempts to reconsider the problems in routing. In this regard, the work
37
presents an independent of protocol routing scheme for isolation of malicious intermediate
nodes launching network layer attacks using real experimentation. The results obtained are
evaluated and compared for performance metrics with that of simulation models used in
the current thesis, applying different routing schemes and encryption techniques as
described in chapters 4 and 5.
2.7. Research Gap Covered
The typical intrusion detection techniques in MANETS using different criteria have been
presented and it is found that the developed work is totally different from the existing ones
in the following aspects:
The proposed and implemented mechanism proves to be highly defensive in
nature as it combines the independent of protocol feature with preventive and IDS
approaches with key and keyless techniques.
Further, it also includes the analysis of one hop ACK packets from MAC layer,
based on which, it identifies the anomalies in network layer, so it becomes a cross-
layer method.
The proposed idea is also presented as a analytical model for node misbehaviors
and the impact of isolation of malicious nodes from the selected path on MANETs
performance.
The present work is a sort of new research as there are three different routing
schemes designed and developed for both simulation and experimental approach
and no limitation is put on the data size as any large data files can be transmitted
over the selected channel. The work is also tested individually for image and
graphics data to see the compatibility aspect.
Secured IDS called SSA is developed which almost works at the par to standard
IDS architecture in MANETs.
It considers other than DoS, black hole or worm hole attacks for network layer
like message tampering, gray hole as packet dropping attack and replication
attack.
38
These are some of salient features which make the work different from the existing ones
and fills the research gap. The performance comparison is also made between the
experimental and simulation approaches to evaluate the best results. Another high point of
the research lies in the fact that the simulation environments are developed and deployed
for testing the designed routing scheme suites by not adhering to the standard simulators.
Chapter Summary:
As the very nature of MANETs makes them suitable to be used in the context of extreme
emergency situations for all the rescue operations, there is a common need of network
layer security. Therefore it is very much critical from the point of ad-hoc communications
to consider these issues. With regard to this, several works have been investigated and
presented with novel security suites to come up with the idea that showcases that the
developed approach in the current thesis is different from existing research work. The
typical intrusion detection techniques in MANETs using different criteria’s have been
presented and the work combines the protocol-less feature with preventive and IDS
approaches by employing key and keyless techniques. Further, it also includes the analysis
of one-hop ACK packets from MAC layer, based on which it identifies the anomalies in
network layer, so it becomes a sort of cross-layer method also. The proposed idea is also
developed as experimental approach to evaluate the performance obtained in simulation
environments. Theoretical concept of node misbehavior modelling is also considered and
shows the impact of isolation of misbehaviors on MANETs performance and the same
concept is also realized in experimental approach.