Category Archives: Blog

MANET Security Overview

A mobile ad hoc network (MANET) is a connection of mobile gadgets that self-configures [1, 2, 6, 8]. MANET is a new developing telecommunication that enables people to communicate without relying on infrastructural facilities, irrespective of their locality. It is commonly known as “infrastructure-less” connectivity. The network is the fastest expanding network because of cheaper, smaller, and more efficient gadgets. There is no centralized method for packet routing, and mutual trust is the primary criterion for inter-node communication [8, 15]. This paper will outline security issues in MANET, elaborate on the most recent attacks, and compare well-known secure routing protocols.

In MANET, devices should discover the existence of other devices and execute the appropriate configuration to permit data and utility sharing and interaction. Ad hoc networking permits gadgets to retain network connections and add and remove appliances from the network with ease [9]. Due to mobility nodes, risks from infiltrated nodes within the network, inadequate security systems, topology changes, scalability, and absence of central control, MANETs are more susceptible than wired networks. MANET is more vulnerable to malicious attacks as a result of these flaws.

It is devoid of any permanent structures, such as entry points or connection points [5, 7, 9]. MANET is linked via wireless links/cables and has no centralized administration. Where wireless connection is not available, or a wired backbone is not viable, cellular ad hoc connectivity can be set up [11]. All provisional network services are configured and created on the fly. As a result, security in provisional networks becomes a built-in flaw due to a lack of framework needed and vulnerability to wireless connection attacks.

Many ad hoc networking protocols have been developed, such as Destination-Sequenced Distance Vector (DSDV) [1], Ad hoc On-Demand Distance Vector (AODV) [14], Dynamic Source Routing (DSR) [4], and Optimized Link State Routing Protocol (OLSR) [3]. However, they all require that all hubs are coordinated and dependable and that no security measure is used. Because there is no centralized management to control the connected devices functioning in the network, security in the mobile ADHOC network is significant.

Most Recent Attacks to MANET

Because of the problems it poses to the network protocol, MANETs has become one of the most popular topics of recent studies. Current wired network security techniques cannot be readily applied to MANETs, making MANETs far more prone to security threats. Many experts are working to address MANET’s significant flaws, including restricted bandwidth, battery capacity, processing capacity, and security [11, 14]. Even though there is a great deal of work being done on this topic, notably routing assaults and their associated countermeasures, there is still a lot of work to be done.

MANET lacks a centralized monitoring server [1, 5, 13, 15]. The lack of control makes it harder to identify threats since traffic monitoring in a complex flexible, and large-scale ad-hoc network is challenging. Understanding the many types of assaults is often the initial step in creating effective security mechanisms. The attacks might occur from within and external of the network. For protected data transfer, MANET connectivity security is critical.

Figure I: Various Types of Attacks on MANETS

Passive Attacks

Passive attacks are those that do not affect the network’s regular operation [5]. Attackers listen in on network traffic without modifying it. If an attacker is somewhat able to understand data collected through surveillance, privacy can be compromised [2]. Because the network’s functionality is unaffected, detection of these attacks is difficult.

Eavesdropping

Eavesdropping involves overhearing without exerting any further effort. This results in the communication being intercepted, read and conversed with by an unauthorized receiver [2]. Mobile hosts share a wireless channel in a MANET. By nature, the majority of wireless transmission uses RF spectrum and broadcasts [5]. The transmission of messages can be intercepted, and a false message can be inserted into the network.

Traffic Monitoring

It can be built to identify communication parties and functionality that could be used to launch additional assaults [7]. Other wireless networks, such as WLAN, satellite, and cellular, are also susceptible to these same vulnerabilities.

Traffic Analysis

A passive attack called traffic analysis is used to learn which nodes connect and how much data is handled [12, 15].

Syn Flooding

It is a denial of service (DoS) attack. An attacker can keep requesting additional connections until the necessary resources by each link are depleted, or the threshold is reached [15]. It puts valid nodes under significant resource constraints.

Active Attacks

Active attacks are those carried out by compromised users that incur a cost in terms of resources to carry them out. Active assaults entail altering the network traffic or creating a fake stream [3, 10, 15]. Explicit or implicit active attacks are manifested. Hubs that are not part of the network carry out external assaults.  Internal assaults are carried out by network nodes that have been infiltrated. The rogue node(s) can target MANET in various methods to impair routing processes, including delivering fraudulent messages on multiple occasions, faking routing data, and advertising faking connections [2, 4].

Black Hole Attack

In a black hole intrusion, an attacker publishes a null statistic for all endpoints, causing all nodes in its proximity to divert packets to it [12]. A malicious hub broadcasts false routing data, pretending to have discovered the best path, inducing other legitimate nodes to send digital data through it. A corrupt router dumps all packets rather than transmitting them. An intruder monitors the queries in a flooding-centered protocol.

Wormhole Attack

A wormhole intrusion happens when a hacker intercepts transmissions at one connection point, “channels” them to a different point, and then broadcasts them into the system from that location. When navigation control messages are transmitted, routing can be disturbed. Therefore, a wormhole is a conduit created by two collaborating attackers. In AODV [14], and DSR [7] this attack might hinder any paths from being discovered and could even generate a wormhole for packets that are not addressed to themselves due to transmission. Wormholes are challenging to identify since the path through which information is transmitted frequently not of the constituent of the primary network [15]. Wormholes are harmful since they can disrupt without the network’s awareness.

Location Disclosure Attack

Via the adoption of traffic analytical methods or basic tapping and surveillance procedures, an intruder can determine a hub or architecture position inside an existing network and thereby violate the network’s confidentiality obligation [4, 8]. Attackers attempt to ascertain the credentials of sender and receiver and examine traffic to ascertain the network’s traffic sequence and follow variations to that trend [9, 13]. Discharge of this type of information is disastrous for security reasons.

Flooding

Malicious users may insert erroneous control information and user data into the connection or generate shadow packets that tunnel around because of incorrect routing data, ultimately consuming traffic and computing resources in the end [5]. It has a particularly negative impact on ad hoc networks, as its nodes typically have restricted battery and processing capability. Bandwidth may also be a financial factor, depending on the package provided [9]. Any congestion that explodes the network’s or a particular node’s bandwidth statistics can significantly damage costs.

Spoofing Attacks

Spoofing is a type of intrusion in which the hacker identifies a different hub in the network; thus, the intruder gets communication intended for the specific node [11]. Typically, this type of assault is undertaken to acquire entry to the network to conduct more attacks that could severely disable it. This kind of intrusion can be conducted by any malignant hub with sufficient information about the connection to generate a fake Identifier for one of its associate nodes [4, 8, 10]. Using that Identifier and a good incentive can misdirect other hubs into establishing paths approaching the node in question instead of the legitimate node.

This study attempted to classify the various forms of ad hoc security assaults only based on their features to shorten the mitigation duration significantly from the initial categorization. By classifying attacks into these multiple broad groups, the naming process becomes less complicated.

 

Comparison between Well-known Secure routing protocols for MANETS

MANET lacks a defined protection mechanism, which means it is convenient to both authorized network users and malevolent intruders [13]. One of the primary problems in MANET is the existence of malicious nodes, making it challenging to create a solid security program capable of protecting MANET against other routing assaults [9]. However, these solutions are incompatible with MANET resource limits, such as restricted speed and battery capacity, due to the high traffic load associated with key transfer and verification. MANETs can function independently or in conjunction with a wired infrastructure, frequently via a gateway hub that participates in both networks to transfer traffic [3]. This adaptability, along with its ability to self-organize, is one of MANET’s greatest assets, as well as one of its most significant security flaws.

Significantly, while some techniques based on cryptography and access control appear promising, however, they are too costly for resource-constrained MANETs. They are not yet ideal in terms of balancing efficacy and competence [1, 4]. While some techniques work effectively when just a single malicious node is present, they may not be appropriate when numerous collaborating intruders are present. Additionally, some may necessitate the use of functional applications, for example, a GPS or the alteration of the current protocol.

MANETs are primarily embedded in the Transmission Control Protocol (TCP) [4] or the Internet Protocol (IP) [2] suite to facilitate communication. While the movement of the nodes in MANETs enables effectiveness, it is also the primary rationale for assaults on such networks, some of which have been explored thus far. Routing protocols are broadly classified according to their technique for updating routing information, their adoption of transitory information for routing, their routing architecture, and their exploitation of particular resources [6].

Each routing procedure requires safe data transport. MANET security package standards are identical to those of any wired or wireless network infrastructure. The following are five critical security objectives that must be met to secure data and resources against attack [6, 9, 11].

Authentication

Verification guarantees that only legitimate nodes communicate or transmit data.  Without authorization, any hostile node in the connection might masquerade as a trustworthy node, impairing data flow between the hubs.

Availability

Convenience guarantees that services survive and continue to operate in the event of an intrusion. It refers to the concept that network operations should be accessible at all times. The systems that ensure MANET reliability should be capable of dealing with various threats, including denial of service assaults, energy starvation assaults, and node misconduct.

Confidentiality

Confidentiality guarantees that data is only available to the designated recipient. Except for the transmitter and recipient nodes, no other network user can access the information. It is accomplished through the use of data encryption methods.

Integrity

Integrity guarantees that no malicious node modifies the sent data. 

Non-Repudiation

Refusal to recant assures that neither the transmitter nor the recipient may dispute a message that has been delivered. Non-repudiation assists in identifying and isolating compromised nodes.

Outline of Available Protocols

Security procedures for MANETs may be broadly classified into three classes: prevention, discovery, and response. Prevention protocols are used to prohibit the attacker node from initiating any activity [11, 13]. This methodology necessitates encryption to establish the secrecy, virtue, and non-disapproval of routing packet data. The discovery and response mechanisms aim to determine any spiteful node or activity in the connectivity and take appropriate measures to ensure the correct routing [10, 13, 15]. Core, Confidant, Pathrater, Byzantine Algorithm, and Watchdog are just a few examples.

Figure II: Diagram of Secure Routing Protocols

Classification of Secure Routing Protocols for MANET

Solutions Based on Cryptography

It is divided into symmetric and asymmetric cryptographic solutions.

Solutions Based on Symmetric Cryptography

The Secure Routing Protocol (SRP) [9] is a technique created to safeguard essential routing procedures that use broadcast to query for routes. It may be used to extend a variety of current responsive routing procedures, most notably the DSR [4]. Between an origin and a target node, a security association (SA) is essential.  The SA is expected to be formed by the use of a public key among multiple communicating hubs.

Likewise, the Security-aware Ad hoc Routing (SAR) [4] technique is a MANET routing solution that adds protection aspects into path detection as parameters. Notwithstanding, whereas conventional non-protected routing algorithms determine the abridged channel between multiple network users, SAR may determine a route with the appropriate protection characteristics [3]. SAR may be implemented to any fundamental ad hoc routing technique (DSR or AODV) to incorporate the security metric into path request communication.  A primary downside of SAR is the enormous cost it adds to the routing mechanism, as each intermediary node must conduct cryptography.

Asymmetric Cryptography Solutions

As defined in [6], Authenticated Routing for Ad hoc Networks (ARAN) is a protected packet transmission technology anchored on essential techniques.  ARAN employs an encryption-decryption technique to ensure verification, integrity protection, and the refusal to recant messages [6, 7]. It is divided into two independent operating phases. The first stage is the provisional approval step, which necessitates a credible certificate authority (CA). All hubs must approach the CA to access the network and get a license for their domain and shared key [6]. The certifying expert makes its public key available to all network users. The procedure’s second functional step is the path discovery procedure, which enabled end-to-end verification. It verifies that the endpoint was attained.

Figure III: Route Discovery in the ARAN Protocol

Similarly, path maintenance in ARAN is accomplished through the use of ERR notifications that are certified by the nodes that create them to indicate known vulnerabilities [6].

Figure IV: Route Maintenance in ARAN Protocol

Solution Based on one-way Hash Chain

The Secure Efficient Ad hoc Distance vector (SEAD) [7] is a protected ad hoc connection routing technique built on the architecture of the DSDV transmission algorithm, specifically the DSDVSQ variant [10] of this technique. SEAD authenticates hop tally and series numbers using cryptographic hash functions and does not employ any irregular cryptographic processes [8, 13]. Each node in SEAD generates its hash string by executing a uni-directional hash operation to a randomly generated value. Additionally, certain pieces from the hash chain are employed to encrypt the routing technique’s upgrades. The technique, however, is predicated on the presence of a means for authenticating a single piece in a hash chain among multiple hubs [4]. As a result, when a node sends or transmits a routing upgrade, it contains a single hash chain figure for each element in the configuration.

To avert the formation of routing circles, SEAD recommends two distinct ways for authenticating the origin of each routing upgrade message [8, 15]. The initial recommendations involve clock integration among the ad hoc network’s nodes and broadcast verification techniques. The second technique presupposes a mutual confidential key for the multiple nodes to authenticate a routing upgrade message using a message authentication code (MAC) [4] across the nodes. SEAD offers robust defense against attackers attempting to produce wrong routing information but cannot defend against the wormhole attack.

Hybrid Solutions

SAODV is a recommended hybrid solution that is an enhancement to the AODV routing technique [11]. The suggested enhancements use cryptographic identities to authenticate the communications’ non-modifiable elements. A uni-directional hash chain to protect the hop-count feature inside the RREQ and RREP texts is the only adjustable aspect of AODV communication [5, 7, 8]. The technique necessitates a critical management system that enables each node to get public keys from the other network users. SAODV provides security characteristics such as integrity, verification, and non-repudiation.

Nonetheless, SAODV’s efficiency is degraded as a result of the usage of irregular cryptography. Additionally, SAODV is vulnerable to the Wormhole attack [12]. Furthermore, hop count verification through hash chains is insecure, as a rogue node may relay a notice without increasing the hop volume.

Similarly, the Secure Link State Routing Protocol (SLSP) [11] is a recommended technique for safeguarding preemptive routing in MANET and disseminating route information for regional and network-broad surveyed architectures. SLSP can be adopted as an autonomous approach for effective connection routing or in conjunction with a responsive provisional routing procedure as part of a composite routing architecture [4, 6, 10]. The SLSP, on the other hand, demands the presence of an irregular key duo for each of a hub’s network interfaces. With regards to public key dissemination, SLSP makes no use of a central server. The node distributes the shared key to the nodes in its immediate neighborhood.

Figure V: Comparison Table of Secure Routing Protocols

Detection and Reaction Schema

Byzantine Algorithm

The Byzantine Algorithm technique is adopted to safeguard the connection against Byzantine faults, which encompass packet alteration, packet loss, and assaults perpetrated by selfish or malevolent hubs [4, 11]. It is divided into three phases: path exploration, Byzantine fault discovery, and weight control of links. When an originator node wishes to convey a signal, it transmits a path appeal packet to its peers, including the address of origin, the terminal address, a hash value, a weighted index, and the secret key used for verification.

When the transitional hub collects the RREQ packet, it examines an RREQ item in its table. If no item for the RREQ exists, it checks the identification key and adds it to the list, rebroadcasting it to other hubs [11]. When the target node is attained, the key is verified, and a route reply message is created (RREP). When the originator node receives the RREP packet, it verifies the confidential key. Additionally, it contrasts the attained path to the current path. If the receiving path is superior to the current one, this path should be added to its list.

Figure VI: The Three Phases of Byzantine Algorithm

During the fault identification stage, each intermediary node transmits a reply to the base node for every packet collected [8, 11]. When the tally of unanswered packets exceeds a predefined limit, a failure is recorded on the route. Similarly, the procedure determines the load of the links during the link weight control step. If the defect diagnosis phase identifies a connection as bad, the associated weight number is raised. During the path discovery stage, the connection with the lowest weight entry will be considered superior.

Core

CORE (a cooperative reputation technique for enforcing node collaboration in MANET) [15] is an approach that is based on nodes cooperating. It employs a popularity list and a monitoring method to determine if a hub is collaborative or disruptive [4]. The popularity list feature stores information about intermediary nodes and their related status or ratings. The Watchdog element computes the equation and returns the value of popularity. A sender and one or more intermediary nodes are required for this protocol. When an intermediary node declines to collaborate with the source node, the CORE technique reduces the intermediary node’s repudiation [3]. It can result in the network’s probe node being eliminated.

Confidant

The Confidant (Cooperation of Nodes: Fairness in Dynamic Ad hoc Networks) algorithm is used to identify non-collaborative nodes [3, 11]. The monitor, the popularity mechanism, the route manager, and the trust manager are the components of this protocol. The monitor element is in charge of passively acknowledging every packet it transmits. The trust control component is accountable for the transmission and receipt of alarm notifications [5].  The component that manages reputation keeps a list of nodes and their related rankings. Ratings are updated using a value equation that employs lightweights when an alert is generated for a malfunctioning node and heavier weights when clear evidence becomes available [5]. The route control element is responsible for managing all routing data packet, including the inclusion, removal, and modification of pathways based on input from the popularity mechanism.

Watchdog and Pathrater

The watchdog and pathrater protocols are used to identify rogue nodes that reject relaying packets after previously agreeing to do so [6, 7, 10]. The watchdog must monitor whether or not the subsequent node in the route is sending the data packet. Otherwise, it will be interpreted as malevolent action. The pathrater’s role is to analyze and determine the most dependable route from the watchdog’s findings. When a network user sends digital data to another node in the route, it listens to see whether the adjacent hub will likewise send it and checks whether the subsequent node does not change the packet before relaying it [6]. Suppose a router engages in suspicious activity such as denial of service attacks or data packet manipulation. In that case, the watchdog will raise the node’s fault rating—this failure rate aids in determining the most dependable route between endpoints.

Figure VII: A Demonstration of Trust Architecture within a Node

Summary

This article discussed the most widely used techniques for protecting routing in MANETS. The research of the many suggested security mechanisms revealed that the intrinsic properties of MANETs, such as frequently dynamic configurations and poor infrastructure, exacerbate the already massive challenge of safe routing. This study demonstrates that none of the proposed safe routing methods can achieve all security objectives. Numerous safe routing methods for MANETs employ multi-hop routing instead of single-hop routing to transmit packets to their destinations. Numerous systems for secure routing have relied on cryptography approaches. The confidentiality of mobile nodes is ensured by connectivity authentication, and all intermediary nodes are needed to validate the routing data’s digital certificates cryptographically. Other designs make use of trust measuring units.

Nevertheless, the core concept in all safe routing solutions is to incorporate more data into exchanging packets, routing list information transfers, and other protection processes offered in these technologies. Therefore, protecting and upgrading how routing digital data packets are conveyed over the wireless link while incurring a minimal performance expenditure. Additionally, the security burden is primarily due to the computational effort of the cryptographic techniques employed in repetitive routing operations. However, if a safe routing procedure suffers from significant overheads that render it inefficient, the protocol becomes effectively worthless.

Conclusion

The article described the different security objectives, vulnerabilities, and existing routing methods that fulfill MANET security needs. The adaptability, simplicity, and efficiency with which MANETS may be established suggest that they will find broader applicability. It leads to ad-hoc networks wide open for development to satisfy the demands of these demanding applications. A more demanding objective for ad hoc network security is to design a multifaceted security approach integrated into perhaps every element of the connection, leading to defense-in-depth against various established and undiscovered security risks. As a result, the paper recommends enhancements to the AODV routing technique to enable secure network layer communication in MANETs.

References

[1] Abdel-Fattah, F., Farhan, K. A., Al-Tarawneh, F. H., & AlTamimi, F. (2019, April). Security challenges and attacks in dynamic mobile ad hoc networks MANETs. In 2019 IEEE Jordan international joint conference on electrical engineering and information technology (JEEIT) (pp. 28-33). IEEE.

[2] Aluvala, S., Sekhar, K. R., & Vodnala, D. (2016). An empirical study of routing attacks in mobile ad-hoc networks. Procedia Computer Science, 92, 554-561.

[3] Desai, A. M., & Jhaveri, R. H. (2019). Secure routing in mobile ad hoc networks: a predictive approach. International Journal of Information Technology, 11(2), 345-356.

[4] Islabudeen, M., & Devi, M. K. (2020). A smart approach for intrusion detection and prevention system in mobile ad hoc networks against security attacks. Wireless Personal Communications, 112(1), 193-224.

[5] Jhaveri, R. H., & Patel, N. M. (2017). Attack‐pattern discovery-based enhanced trust model for secure routing in mobile ad‐hoc networks. International Journal of Communication Systems, 30(7), e3148.

[6] Kannammal, A., & Roy, S. S. (2016, March). Survey on secure routing in mobile ad hoc networks. In 2016 International Conference on Advances in Human-Machine Interaction (HMI) (pp. 1-7). IEEE.

[7] Krishnan, R. S., Julie, E. G., Robinson, Y. H., Kumar, R., Tuan, T. A., & Long, H. V. (2020). Modified zone-based intrusion detection system for security enhancement in mobile ad hoc networks. Wireless Networks, 26(2), 1275-1289.

[8] Kumar, S., & Dutta, K. (2016). Intrusion detection in mobile ad hoc networks: techniques, systems, and future challenges. Security and Communication Networks, 9(14), 2484-2556.

[9] Kumar, S., & Dutta, K. (2016). Securing mobile ad hoc networks: Challenges and solutions. International Journal of Handheld Computing Research (IJHCR), 7(1), 26-76.

[10] Liu, G., Yan, Z., & Pedrycz, W. (2018). Data collection for attack detection and security measurement in mobile ad hoc networks: A survey. Journal of Network and Computer Applications, 105, 105-122.

[11] Meddeb, R., Triki, B., Jemili, F., & Korbaa, O. (2017, May). A survey of attacks in mobile ad hoc networks. In 2017 International Conference on Engineering & MIS (ICEMIS) (pp. 1-7). IEEE.

[12] Mohammed, A. S., Yuvaraj, D., Sivaram, M., & Porkodi, V. (2018). DETECTION AND REMOVAL OF BLACK HOLE ATTACK IN MOBILE AD HOC NETWORKS USING GRP PROTOCOL. International Journal of Advanced Research in Computer Science, 10(6).

[13] Moudni, H., Er-rouidi, M., Mouncif, H., & El Hadadi, B. (2016, March). Secure routing protocols for mobile ad hoc networks. In 2016 international conference on information technology for organizations development (IT4OD) (pp. 1-7). IEEE.

[14] Moudni, H., Er-Rouidi, M., Mouncif, H., & El Hadadi, B. (2016, March). Attacks against AODV routing protocol in mobile ad-hoc networks. In 2016 13th international conference on computer graphics, imaging and visualization (cgiv) (pp. 385-389). IEEE.

[15] Sarika, S., Pravin, A., Vijayakumar, A., & Selvamani, K. (2016). Security issues in mobile ad hoc networks. Procedia Computer Science, 92, 329-335.

• What is a Mobile Ad Hoc Network (MANET) and why is security a major concern in MANETs?,

• What are the most recent and common attacks affecting MANETs?,

• How do passive attacks and active attacks differ in MANET environments?,

• What are the key security objectives required to protect MANET routing?,

• How do well-known secure routing protocols for MANETs compare in addressing security threats?