applications, and other emergency
and disaster situations.
A futuristic application of MANET
is sensor network which will consist of several thousand small low-powered
nodes with sensing capabilities.
Recent wireless research
indicates that the wireless MANET presents a larger security problem than
conventional wired and wireless networks. While most of the underlying features
make MANETs useful and popular.
First, all signals moves through
bandwidth-constrained wireless links, which makes it more prone to physical
security threats. Possible link attacks range from passive eavesdropping to active
interference. Mobile nodes without adequate protection are easy to compromise,
capture and hijack. An attacker can listen to and modify all the traffic on the
wireless communication channel, and may attempt to masquerade as one of the
participants. Authentication based on public key cryptography and certification
authorities may be difficult to accomplish in a MANET due to the absence of any
central support infrastructure.
Second, mobile nodes are roaming independently
and are able to move in any direction. Therefore, any security solution with a
static configuration would not be adequate for the dynamically changing
topology. In most routing protocols for a MANET, nodes exchange information about
the topology of the network so that routes can be established between a source and
a destination. All messages are transmitted over the air; any intruder can
maliciously give incorrect updating information by pretending to be a
legitimate change of routing information. For instance, denial of service (DoS)
can easily be launched if a malicious node floods the network with spurious
routing messages. The other nodes may unknowingly propagate the messages.
Third, decentralized decision making in the
MANET depends on the agreeable support of all hubs. The malicious node used to modify
the traffic by traversing it by refusing cooperation to break the cooperative
algorithms. This causes of centralized intrusion detection schemes to fail.
Finally, as a large portion of all or some of all
MANET may depend on batteries or the other expendable means of their energy.
By forcing a
node to replay packets to exhaust its energy, an attacker could create a new
type of DoS attack easily. Frequent disconnection is common in wireless MANETs,
Due to the limited network capacity and battery power of wireless nodes, which
makes anomalies hard to distinguish from normalcy. In general, the wireless
MANET is specifically vulnerable due to its fundamental characteristics of dynamic
topology, open medium, and absence of central authorities, constrained
capability, and distributed cooperation. Existing security solutions for wired
networks cannot be applied directly in wireless MANETs.
3. Attacks on
To securing a MANETs is not so
much different from other networks: most typically integrity, confidentiality,
availability, authentication, and non-repudiation.
Integrity means that the
information is not modified or corrupted by unauthorized users or by the
Confidentiality only authorized
people or systems can have an access or execute protected data or programs. The
sensitivity of information in MANETs may decay much more rapidly than in other
information. For example, yesterday’s troop location will typically be less
sensitive than today’s.
to the ability of the network to provide services as required. Denials of
Service (DoS) attacks have become one of the most worrying problems for network
managers. In a military environment, a successful DoS attack is extremely
dangerous, and the engineering of such attacks is a valid modern war-goal.
is the verification of claims about the identity of a source of
information. And lastly,
Non-repudiation ensures that
committed actions cannot be denied. In MANETs security goals of a system can
change in different modes (e.g. peace time, transition to war, and war time
of a military network).
The characteristics of MANETs
make them susceptible to many new attacks. At the top level attacks can be
classified according to network protocol stacks.
Here are some examples in a table of
attacks at different layers. Some attacks could occur in any layer of the
network protocol stack, e.g. jamming at physical layer, hello flood at network
layer, and SYN flood at transport layer are all DoS attacks. As new routing
protocols introduce new forms of attacks on MANETs, we mainly focus on network
layer attacks in this chapter.
Application Layer data corruption, viruses and
Transport Layer TCP/UDP SYN flood
Network Layer hello flood, black hole
Data Link Layer monitoring, traffic analysis
Physical Layer eavesdropping,