Security in Ad Hoc Networks

Security in Ad Hoc Networks
Dr.R.PushpaLakshmi
Associate Professor/IT
PSNA College of Engineering & Technology
Email:push@psnacet.edu.in
Outline
 Introduction
 Security
 Security functions
 Challenges
 Classification of attacks
 Solutions
 References
2/12/2018 FDTP on IT6601 Mobile Computing 2

Introduction
 Ad Hoc Networks
 Characteristics
 Cost effective
 Autonomous (stand-alone self organized system)
 Wireless medium
 Lack of fixed infrastructure (flexible,

reconfigurable)
 Dynamic topology
 Limited resources

Security in Ad Hoc Wireless Networks
 A security protocol should meet following requirements
 Data confidentiality/secrecy is concerned with ensuring
that data is not exposed to unauthorized users.
 Data integrity means that unauthorized users should not
be able to modify any data without the owner's
permission.
 System availability means that nobody can disturb the
system to have it unusable.
 Authentication is concerned with verifying the identity of
a user.
 Non-repudiation means that the sender cannot deny
having sent a message and the recipient cannot deny have
received the message.

Security in Ad Hoc Wireless Networks
 Issues and challenges in security provisioning
 Shared broadcast radio channel: The radio channel in ad hoc
wireless networks is broadcast and is shared by all nodes in the
network.
 Insecure operational environment: The operating
environments where ad hoc wireless networks are used may
not always be secure. For example, battlefields.
 Lack of central authority: There is no central monitor in ad hoc
wireless networks.
 Lack of association: A node can join and leave the network at
any point.
 Limited resource availability: Resources such as bandwidth,
battery power, and computational power are scarce.
 Physical vulnerability: Nodes in these networks are usually
compact and hand-held in nature.

Need for Security
 Some people who cause security problems and why.

Security Threats
 Four types of security threats:
 Interception refers to the situation that an unauthorized

party has gained access to a service or data.
 Interruption refers to the situation in which services or
data become unavailable, unusable, or destroyed.
 Modifications involve unauthorized changing of data
or tampering with a service.
 Fabrication refers to the situation in which additional
data or activity are generated that would normally not
exist.

Security threats
Information source Information destination
a) Normal flow
b) Interruption- attack on
availability
c) Interception- attack on
confidentiality
d) Modification-attack on integrity e) Fabrication-attack on

authenticity 8
Security threats
 Passive attacks – eavesdropping on or

monitoring of transmissions
 Release of message contents
 Traffic analysis
 Active attacks – modification of the data stream
or creation of a false stream (Internal, External)
 Masquerade
 Replay
 Modification of message
 Denial of service

The security solutions for MANET’s with respect to entire
protocol stack

Network Security Attacks
Security Attacks
Passive Attacks Active Attacks
Snooping
MAC Layer Network Layer Transport Layer Application Layer

Attacks Other attacks
Attacks Attacks Attacks
Jamming Wormhole Session Repudiation

attack hijacking DoS
Blackhole attack Impersonation

Manipulation
Byzantine attack of network
traffic
Information disclosure
Device
Resource consumption attack tampering
Routing attacks
2/12/2018 11
FDTP on IT6601 Mobile Computing
 Network Layer Attacks
 Wormhole attack: an attacker receives packets at one location in the network
and tunnels them to another location in the network.
 Blackhole attack: A malicious node could divert/discard the packets.
 Byzantine attack: A compromised intermediate node could create routing

loops, routing packets on non-optimal paths, and selective packet dropping.
 Information disclosure: A compromised node may leak confidential
information to unauthorized nodes in the network.
 Resource consumption attack: A malicious node tries to consume/waste away
resources of other nodes present in the network.
 Routing attacks
 Routing table overflow: An adversary node advertises routes to non-

existent nodes.
 Routing table poisoning: The compromised nodes send fictitious routing
updates.
 Packet replication: An adversary node replicates stale packets.
 Route cache poisoning: Each node maintains a route cache that can be
poisoned by a adversary node.
 Rushing attack: On-demand routing protocols that use duplicate
suppression during the route discovery process are vulnerable to this
attack.
 Transport Layer Attacks
 Session hijacking: An adversary takes control over a session
between two nodes.
 Application Layer Attacks
 Repudiation: Repudiation refers to the denial or attempted denial by
a node involved in a communication.
 Other Attacks
 Multi-layer attacks could occur in any layer of the network protocol
stack.
 Denial of service: An adversary attempts to prevent authorized
users from accessing the service.
 Jamming: Transmitting signals on the frequency of senders
and receivers to hinder the communication.
 SYN flooding: An adversary send a large number of SYN
packets to a victim node.
 Distributed DoS attack: Several adversaries attack a service at
the same time.
 Impersonation: An adversary pretends to be other node.
 Device tampering: Mobile devices get damaged or stolen easily.

Spoofing
Hijacking

Normal connection
SYN Flooding

Secure routing protocols
Security Aware Ad-hoc Routing (SAR)
 Metrics: level of trust
 Protocol:
 Basic protocol : On-demand protocol AODV
 Embed security metric into the RREQ packet itself and change
the forwarding behavior of the protocol w.r.t. RREQs
 Source node :
 Specify desired level of security in the RREQ
 Broadcast the packet
 Intermediate node :
 Process/forward the packet only if it can provide the required

security or has the required authorization or trust level ;
 Otherwise drop the RREQ
 If an end-to-end path with the required security found, the

intermediate node or eventual destination sends a suitably
modified RREP
Security Aware Ad-hoc Routing (SAR) (Cont..)
Route discovered by SAR may not be the shortest route in terms of

hop-count
SAR finds a route with a ‘quantifiable guarantee of security’
If one or more routes satisfying the required security attributes exists,

SAR finds the shortest such route
Optimal route: All nodes on the shortest path (in terms of hop-count)
satisfy the security requirements
Advantages:
•Different level of security
•Incorporate with traditional routing table
Drawback:
•If no path with nodes that meet the RREQ’s security requirements
exists, SAR fails to find a route even though the network may be
connected
•Requires different keys for different levels of security

SEAD (Secure Efficient Ad hoc Distance
vector routing)
Basic protocol : DSDV
Uses : Distance vector routing and one-way hash function
Routing tables maintain a hash value for each entry
Characteristics
 1. SEAD deals with the attacks that modify routing information
broadcasted during update of DSDV-SQ protocol such as to prevent
attacks which modify sequence number and metric field in routing table
update.
 2. SEAD uses efficient one way hash chain technique rather than
expensive asymmetric cryptography operations.
 3. SEAD supposes some technique for a node to give an authenticated
element of hash chain which can authenticate all other elements of
chain.
 4. SEAD is not immune to wormhole attack.

Hash Chains
A one-way hash chain is built on a one-way hash function.
To create a one-way hash chain, a node chooses a random x ∈ {0,1}ρ and
computes the list of values h0, h1, h2, h3, ..., hn,where h0 = x, and
hi = H(hi –1) for 0 < i ≤ n, for some n.
Route updation:
1. Route update message is sent along with the hash value used for
authentication.
2. If the authentication value used is hkm+j, then the attacker who tries
to modify this value can do so only if he/she knows hkm+j-1.
3. An intermediate node, on receiving this authenticated update,
calculates the new hash value based on the earlier updates (hkm+j-1), the
value of the metric, and the sequence number.
4. If the calculated value matches with the one present in the route
update message, then the update is effected; otherwise, the received
update is just discarded.
Advantage:
Overcome DoS and resource consumption attacks.
Withstand multiple uncoordinated attacks.
Drawback:
Fails if attacker uses same metric and seq. no. of past update message.
Authenticated Routing for Ad Hoc
Networks (ARAN) Protocol
 Effectively basic AODV, except route
discovery/setup/maintenance are authenticated
 Utilizes public-key cryptography to verify hop-by-hop
all route request “RDP” & route reply “REP” packets
 Eliminates most routing security problems except for
tunneling & trivial DoS attacks
1.The ARAN protects against fabrication attacks,

modification attacks, and impersonation attacks
2.ARAN is not immune to wormhole attack
3.ARAN uses asymmetric cryptography which is very
costly in terms of CPU and energy usage.
ARAN – Initial Setup
Public Key A
IP Address A
Create Time
Expiry Time
Signature by T
Certificate A Certificate B Certificate C Certificate D

A B C D
Trusted certificate server T

ARAN – Route Discovery
IP Address D
Initial RDP packet
Certificate A
Nonce A
Create Time
Signature by A
RDP: A -> D
A B C D

Intermediate RDP Packet

RDP: A -> D
Signature by B
Certificate B
RDP: A -> D
verified
A B C D

RDP: A -> D
Signature by C
Certificate C
RDP: A -> D
verified verified
A B C D

ARAN – Route Setup
IP Address A Initial REP packet

Certificate D
Nonce A
Create Time
Signature by D
REP: A->D
verified verified verified

A B C D
*Replies to first RDP packet*

Intermediate REP Packet

REP: A -> D
Signature by C
CertificateC
REP: A->D
verified

A B C D

REP: A -> D
Signature by B
CertificateB
REP: A->D
verified
verified

A B C D

ARAN – Route Complete

A B C D

ARAN – Route Maintenance
IP Address A
IP Address D
Certificate C
Nonce C
Create Time
Signature by C
ERR: A->D
A B C D
Link broken!

Security-Aware AODV Protocol
 Address blackhole attack in AODV
Solutions for the Blackhole Problem

1. Only the destination node would be permitted to initiate
RouteReply packets.
delay increases as the n/w size increases
2. FurtherRouteRequest and FurtherRouteReply - next-hop
neighbor nodes
Disadvantages:
1. Overhead of the routing protocol is high.
2. Fails incase of group attacks.

Secure Routing Protocol (SRP)
 Extension to existing reactive protocols.
 e.g. AODV, DSR
 Assumes secure link between two nodes already exists.

 e.g. create Shared Key using Public Keys of both
sides.
 SRP defends against attacks that disrupt the route
discovery process.
 Set up a security association without the need of
cryptographic validation of the communication data by
the intermediate nodes.
 SRP assumes that this SA can be achieved through a
shared key KST between the source S and target T.

 The SRP uses an additional header called SRP
header to the underlying routing protocol
packet.
 SRP header contains the following fields:
 the query sequence number QSEC
 query identifier number QID
 96 bit MAC field
 Calculate MAC from Source, Dest, RREQ ID,
and Shared Key.
 Otherwise, forward the request towards
destination after extracting QID, source, and
destination address.
 When the target T receives request packet, it verifies.
 If QSEC >=QMAX, the request is dropped.
 Otherwise it calculates the keyed hash of the request
fields and if the output matches SRP MAC then
authenticity of the sender and integrity of the request are
verified.
 If the two routes match then S calculates the MAC by
using the replied route, the SRP header fields, and the
secure key between source and destination.
 If the two MAC match then the validation is successful
and it confirms that the reply did came from the
destination T.
Drawback:
 discovers single route and it cannot handle attacks when
multiple nodes collude during route discovery
Trust based Secure Routing Protocols
TRUST DSR [4]
 TDSR reduces no. of packets dropped by a node

 Trust is computed based on successful and unsuccessful
transmission by the node (positive and negative
acknowledgement)
 Selects a secure path for transmission.

Secure Cluster Based Routing Protocol (SCBRP)
 Uses Cluster Based Distributed Certification Authority (CB -

DCA) to establish secure connection.
 All traffics among cluster members are carried out via cluster
heads.
 sender node sends its encrypted request message along with its
certificate. The receiver decrypts the message and extracts the
public key of the sender node. As a response, the receiver sends
its certificate and randomly generated session key that is
encrypted with sender’s public key.
 A secure communication is established by using the randomly
generated session key.

Fuzzy Logic based Security Level Routing protocol
(FLSL)
 Select the path with highest security level for routing.
 security level of the node is computed from the length of

secret key, frequency of changing keys and the number
of neighbor hosts.
Fuzzy trust approach proposed in (Hallani & Shahrestani

2008)
 selects a reliable routing path based on trust level of the
route.
 The trust level of the route is the minimum of trust value
of nodes that lies on the route.
 Trust level is computed based on replay attacks, false
routing messages and packet drop rate.

Trust based security framework (Manoj et al
2012)
 uses fuzzy logic based algorithm for trust computation.

 final trust value of the node is computed based on
battery power of node, trust value, and packet integrity
check value.
 Trust value is a combination of direct trust, computed by
monitoring neighbor behavior and recommended trust,
the value recommended by neighboring nodes.
 The certification authority is a node with maximum trust
value, issues certificates to other nodes based on their
trust value stored in the final trust table.

Trust-based Secure Routing protocol (TSR) (Xia et
al 2013)
 Each node computes trust based on their own packet

forwarding ratios.
 Historical trust - computed based on packet forwarding
ratios.
 Node’ s current trust -computed from node’ s historical
trust
 route trust -computed by using trust value of intermediate
node present in the route.
 The system requires an adaptive trust level classification of
nodes and is not scalable.

Enhanced Trust-based Secure source Routing
(ETSR) (Duraimurugan et al 2013)
 uses fuzzy logic to evaluate trust using control packet

forwarding ratio and data packet forwarding ratio.
 Computes trust only based on packet forwarding ratio.
 This algorithm cannot handle eavesdropping or message

tampering attacks, as its trust value is computed only
based on packet forwarding ratio.

Security in VANET
Characteristics of VANET
 High Mobility
 Rapidly changing network topology
 Unbounded network size
 Frequent exchange of information
 Wireless Communication
 Time Critical
 Sufficient Energy
 Better Physical Protection

Security Challenges in VANET
 Real time Constraint
 Data Consistency Liability
 Low tolerance for error
 Key Distribution
 Incentives
 High Mobility
Security requirements in VANET

 Authentication
 Availability
 Non-Repudiation
 Privacy
 Data Verification

Types of communications:
•Vehicle To Vehicle (V2V)
•Vehicle To Infrastructure (V2I)

Attacks on availability Attacks on integrity and data trust
Denial of Service attacks Masquerading attack
Jamming attack Replay attack
Greedy behavior attack Message Tampering/Suppression/
Blackhole attack Fabrication/Alteration
Grayhole attack Illusion attack
Sinkhole attack
Wormhole attack Other attacks
Malware attack Attacks on privacy
Broadcast tampering attack Timing attack
Spamming attack Brute force attack
Man in the middle attack
Attacks on authenticity and identification
Sybil attack
GPS spoofing/position faking attack
Node impersonation attack
Tunnelling attack
Key and/or Certificate Replication attack
Attacks on confidentiality
Eavesdropping attack
Traffic analysis attack
Cryptographic solutions for VANETs
attacks and vulnerabilities.
Attacks : Jamming
Compromised services : Availability
Cryptographic solutions :
Switch the transmission channel and use the frequency
hopping technique FHSS (Frequency Hopping Spread
Spectrum) which involves cryptographic algorithms to
generate pseudo-random numbers for the hopping
algorithm. This proposal requires a modification of the
used standard which currently allows only the OFDM.

Attacks : Eavesdropping
Compromised services : Confidentiality
Encrypt only data which has paramount importance
and which manipulation puts in risk the privacy of the
driver (positioning data, vehicle identification data, ...).

Attacks : Traffic analysis
– Same proposition as eavesdropping.
– Use algorithms such as VIPER for V2I communications

Attacks : DOS
Compromised services : Availability
Use bit commitment and signature based authentication
mechanisms, which reduces the impact of almost of DOS
attacks

Cryptographic solutions for VANETs attacks and
vulnerabilities.
Attacks : Sybil attack

Compromised services : Authentication , Availability
– Deploy a central Validation Authority (VA), which validates entities
in real time. Validation process can be direct or indirect. In direct
validation, the node which wants to authenticate, establish a direct
connection with the VA. In the indirect method, an entity already
enabled can accept an incoming entity.
– Use authentic and secure links with trusted nodes, validating
unknown nodes with the method of secure location verification
using approved certification.
– Strengthening the authentication mechanism by the use of distance
bounding protocols based on cryptographic techniques such as bit
commitment and zero-knowledge.

Attacks : Message tampering/ suppression/fabrication/
alteration
Compromised services : Availability, Integrity, Non-
repudiation
– Use a vehicular PKI (VPKI) or a zero-knowledge techniques
for the authentication between vehicles and for signing
warning messages
– Establish group communications. Keys can be managed by a
Group Key Management system (GKM). This causes that an
intruder could not be able to communicate with the group.
Attacks : Broadcast tampering
Compromised services : Integrity
– Given that this attack can be performed by a legitimate node
of the network, cryptographic primitives are enable to
prevent it. However, a non-repudiation mechanism may
exist.

Attacks : Brute force
– Use strong encryption and key generation algorithms
unbreakable within a reasonable running time

Attacks : Illusion attack
Compromised services : Authentication, Integrity
– The hardware equipment and the software must be accessible
only by authorized.
– Updates or reading operations from the sensors must be
authenticated and verified e.g. by a challenge/response
mechanism.
– Use trusted hardware for which it is practically impossible to
change existing protocols and values, except by authorized

Attacks : GPS spoofing/Position faking
Compromised services : Authentication Privacy
– Use bit commitment and signature based mechanisms with
positioning systems to accept only authentic location data

Attacks : Man in the middle attack
Compromised services : Authentication, Confidentiality,

Integrity
– Use a strong authentication methods such as digital
certificates and zero-knowledge.

Attacks : Node impersonation
Compromised services : Integrity Authentication Non-
repudiation
– Use variables MAC and IP addresses for V2V and V2I
communications.
– Authenticate via digital certificates.
– Strengthening the authentication mechanism using distance
bounding protocols based on cryptographic techniques such
as bit commitment and zero-knowledge

References:
1. C.Siva Ram Murthy, and B.S.Manoj, ‘Ad Hoc Wireless
Networks’, Pearson Education.
2. Mohamed Nidhal Mejri et al. (2014), ‘Survey on VANET
security challenges and possible cryptographic
solutions’, Vehicular Communications, 1, 53–66.
3. Ram Shringar Raw et al. (2013), ‘Security Challenges,
Issues And Their Solutions For VANET’, International
Journal of Network Security & Its Applications, 5(5), 95-
105.

Thank you!

Security in Ad Hoc Networks

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Security in Ad Hoc Networks

Uploaded by

Copyright:

Available Formats

Security in Ad Hoc Networks

2/12/2018 FDTP on IT6601 Mobile Computing 2

 Autonomous (stand-alone self organized system)

 Lack of fixed infrastructure (flexible,

2/12/2018 FDTP on IT6601 Mobile Computing 3

2/12/2018 FDTP on IT6601 Mobile Computing 4

2/12/2018 FDTP on IT6601 Mobile Computing 5

 Some people who cause security problems and why.

2/12/2018 FDTP on IT6601 Mobile Computing 6

 Interception refers to the situation that an unauthorized

2/12/2018 FDTP on IT6601 Mobile Computing 7

d) Modification-attack on integrity e) Fabrication-attack on

 Passive attacks – eavesdropping on or

2/12/2018 FDTP on IT6601 Mobile Computing 9

2/12/2018 FDTP on IT6601 Mobile Computing 10

Passive Attacks Active Attacks

MAC Layer Network Layer Transport Layer Application Layer

Jamming Wormhole Session Repudiation

Blackhole attack Impersonation

 Byzantine attack: A compromised intermediate node could create routing

 Routing table overflow: An adversary node advertises routes to non-

 Device tampering: Mobile devices get damaged or stolen easily.

2/12/2018 FDTP on IT6601 Mobile Computing 15

2/12/2018 FDTP on IT6601 Mobile Computing 16

 Specify desired level of security in the RREQ

 Broadcast the packet

 Process/forward the packet only if it can provide the required

 If an end-to-end path with the required security found, the

Route discovered by SAR may not be the shortest route in terms of

SAR finds a route with a ‘quantifiable guarantee of security’

If one or more routes satisfying the required security attributes exists,

2/12/2018 FDTP on IT6601 Mobile Computing 20

2/12/2018 FDTP on IT6601 Mobile Computing 21

1.The ARAN protects against fabrication attacks,

Certificate A Certificate B Certificate C Certificate D

Trusted certificate server T

2/12/2018 FDTP on IT6601 Mobile Computing 25

Intermediate RDP Packet

2/12/2018 FDTP on IT6601 Mobile Computing 26

2/12/2018 FDTP on IT6601 Mobile Computing 27

IP Address A Initial REP packet

verified verified verified

*Replies to first RDP packet*

2/12/2018 FDTP on IT6601 Mobile Computing 28

Intermediate REP Packet

verified verified verified

2/12/2018 FDTP on IT6601 Mobile Computing 29

verified verified verified

2/12/2018 FDTP on IT6601 Mobile Computing 30

verified verified verified

verified verified verified

2/12/2018 FDTP on IT6601 Mobile Computing 31

2/12/2018 FDTP on IT6601 Mobile Computing 32

Solutions for the Blackhole Problem

2/12/2018 FDTP on IT6601 Mobile Computing 34

 Assumes secure link between two nodes already exists.

2/12/2018 FDTP on IT6601 Mobile Computing 35

 TDSR reduces no. of packets dropped by a node

2/12/2018 FDTP on IT6601 Mobile Computing 38

 Uses Cluster Based Distributed Certification Authority (CB -

2/12/2018 FDTP on IT6601 Mobile Computing 39

 security level of the node is computed from the length of

Fuzzy trust approach proposed in (Hallani & Shahrestani

2/12/2018 FDTP on IT6601 Mobile Computing 40

Replies to first RDP packet