Security in Mobile Ad-hoc Networks

Wormhole Attacks

What are MANETs

Mobile Ad-hoc Network (MANET) is a collection of wireless mobile hosts without fixed network infrastructure and centralized administration. Communication in MANET is done via multi-hop paths. Each node in MANET acts as a router that forwards data packets to other nodes

Issues With MANETs

Routing

Algorithms MAC (medium access control) layer Protocols Approaches to support multimedia traffic (real-time traffic) Energy aware Algorithms MANET contains diverse resources The line of defense is very ambiguous Nodes operate in shared wireless medium

Issues (contd)
Network

topology changes unpredictably and very dynamically Radio link reliability is an issue Connection breaks are pretty frequent. Moreover, density of nodes, number of nodes and mobility of these hosts may vary in different applications. There is no stationary infrastructure.

Routing Algorithms
Mainly two types of routing algorithms Proactive Protocols : Table Driven Reactive Protocols : On-Demand

Proactive Protocols
DSDV:

Destination Sequenced Distance Vector Algorithm WRP: Wireless Routing Protocol OLSR: Optimized Link State Routing Protocol

Reactive Protocols
AODV:

Adhoc On-Demand Distance Vector Routing Algorithm DSR: Dynamic Source Routing Algorithm

Security Attacks
As MANETs are unwired network with dynamic topology associated with them, they are very vulnerable to MANET attacks. In protocol stack, Physical layer has security issues like Denial of Service (DoS) attacks and preventing signal jamming. Network layer has to deal with security of ad-hoc routing protocol and related parameters. Transport layer has issues with end to end data security with encryption methods and Authentication. Application layer has security concerns with prevention, worms, malicious codes, application abuses as well as virus detection

Types of Attacks
Attack

using Modification: by altering the protocol fields in messages or injecting routing messages with false values Attack Using Impersonation: by impersonating a node (spoofing) Attack using Fabrication: false routing information is generated by an intruder.

Fabrication Attacks
Blackhole

Attacks: Malicious node that falsely replies for route requests without having an active route to the destination. Grayhole Attacks: Node may forward all packets to certain nodes but may drop packets coming from or destined to specific nodes. Wormhole Attacks: The attacker disrupts routing by short circuiting the usual flow of routing packets.

Wormhole Attack

The attacker disrupts routing by short circuiting the usual flow of routing packets. Wormhole attack can be done with one node also. But generally, two or more attackers connect via a link called wormhole link. They capture packets at one end and replay them at the other end using private high speed network. Wormhole attacks are relatively easy to deploy but may cause great damage to the network.

Wormhole Attack

Effect of Wormhole Attacks

Wormhole is equally dangerous for both Proactive and On-demand protocols. Wormholes are dangerous by themselves, even if attacker are diligently forwarding all packets without any disruptions, on some level, providing a communication service to the network. With wormhole in place, affected network nodes do not have a true picture of the network, which may disrupt the localization-based schemes, lead to the wrong decisions, etc.

Effects (contd)
A

wormhole link is simply unreliable, as there is no way to protect what the attackers can do and when. Simply put the wormholes are compromising network security whether they are actively disrupting routing or not. Wormhole can also be used to simply aggregate a large number of network packets for the purpose of traffic analysis or encryption compromise

Solution
Routing security in ad hoc networks is often equated with strong and feasible node authentication and lightweight cryptography. A wide variety of secure extensions to existing routing protocols have been proposed over the years. However, the majority of these protocols are focused on using cryptographical solutions to prevent unauthorized nodes from creating seemingly valid packets. Unfortunately, the wormhole attack can not be

Solution
There are some techniques to prevents wormhole attacks Packet Leashing by Round Trip message Time Treating network disruption created by wormhole

And much more. Still to learn