security issues in manet

Security Attack In MANET

Nitin Verma

2011BTechCSE005

What is MANET ?

• MANET is a type of multi-hop network, infrastructure less and the most important self organizing.

• Due to its wireless and distributed nature there is a great challenge for system security designers.

Characteristics

• Dynamic Topologies

• Energy-constrained Operation

• Limited Bandwidth

Continued…

• Note : One of the main characteristic of MANET’s with respect to security design point of view is the lack of clear line defence.

• There is no well defined rule or place where traffic from different nodes should be monitored or access control mechanisms can be enforced. Due to this, there is no any defence line that separates inside network from the outside network

Challanges

• Movability

• Routing :

PRO-ACTIVE

RE-ACTIVE

HYBRID

Security service

• Authentication : means correct identity is known to communicating authority.

• Confidentiality : means message information is kept secure from unauthorized access.

• Integrity : means message is unaltered during the communication between two parties.

Types of attack

• Active Attack

• Passive Attack

Active attack

• Attacker attempt to modify the data being exchange in network.

• It may disrupts the normal functioning of network.

• In active attack, the intruders can modify the packets, inject the packets, drop the packet or it can use various features of network to launch the attack.

Passive attack

• Attackers snoop the data exchanged in network without altering it.

• This attack target the confidentiality attribute of system.

• It is very difficult to detect because the operation of network is not affected by this kind of attack.

Attacks in manet

• Attacks in MANET can also be classified as :-

• External attack : Carried out by node that do not belong to the domain of the network.

• Internal attack : It is from compromised nodes, which are actually part of the network.

Black hole attack

• A black-hole is a malicious node that falsely replies for route request without having an active route to the destination and exploits the routing protocol to advertise itself as having shortest route to destination.

• By advertising the shortest route, source station starts sending data through the black hole node and it becomes the active element in route.

Wormhole attack

• In this attack, an attacker records packets at one location in the network & tunnel them to another location.

• When an wormhole attack is used against an on-demand routing protocol the attack could prevent the discovery of any routes other than through the wormhole.

Sleep Deprivation

• It is also called as resource consumption attack.

• An attacker can attempt to consume battery life by requesting excessive route discovery, or by forwarding unnecessary packet to the victim node.

Eavesdropping

• The main goal of eavesdropping is obtain to confidential information that should be kept secret during the communication.

• This confidential information may include the location, public key, private key or even password of nodes.

Flooding attack

• RREQ Flooding

• Data Flooding

RREQ flooding

• In the RREQ flooding attack, the attacker broadcast the many RREQ packet for the IP which does not exist in the network.

• Effects :

Consumes network bandwidth.

Consumes node battery power.

Data flooding

• In this, data packets are used to flood the network.

• Effects

Hard to detect.

Can be detected by the application layer.

Security mechanism

• Preventive Mechanism : Conventional authentication & encryption scheme based on cryptography.

Cryptography

Hash function

Digital signature

• Reactive Mechanism : An intrusion detection system is used as second line of defence.

Anomaly based IDS

Signature based IDS

conclusion

• Due to mobility & open media nature, the mobile ad-hoc networks are more prone to security threat compared to the wired network.

• Therefore security need are higher in mobile ad-hoc networks as compared to traditional networks.