Defence System for MANETs. Mobile Adhoc Networks

Table of Contents

Chapter – I: Introduction
1.1 Introduction
1.2 Characteristics of MANETs
1.3 Architecture of MANETs
1.4 MANET Standards
1.5 MANET Challenges:
1.6 Security Challenges:
1.7 Criteria for Security in MANET:

Chapter – II: State of Art and Literature
2.1 Introduction
2.2 Proactive Routing Protocols:
2.3 Reactive protocols:
2.4 Position Based Routing Protocols:
2.5 Routing Protocol Comparison

Chapter – III: Proposed Secure Multipath Routing Protocol
3.1 Introduction to Proposed Routing Protocol
3.2 Secure Multipath Ad Hoc On-Demand Distance Vector Routing Protocol (SMAODV):

Chapter – IV: Experimental Evaluation:
4.1 Introduction
4.2 Simulation Results

Chapter – V: Conclusion and Future
5.1 Summary
5.2 Future Work

References:

Abstract

MANET is a class of ad hoc networks which spans a huge spectrum of other networking paradigms such as WMN, WSN, and VANET etc. There is a dire need for strengthening the base of all these networks from the security point of view. The vulnerability of MANET’s towards the attacks is huge as compared to their wired counterparts. MANET’s are vulnerable to attacks because of the unique characteristics which they exhibit like the absence of central authority, usage of wireless links, dynamism in topology, shared medium, constrained resources etc. The ramification being that the security needs of MANET’s become absolutely different than the ones which exist in the customary networks. One of the basal vulnerabilities of MANET’s come from their peer to peer architecture which is completely open wherein the mobile nodes act as routers, the medium of communication is open me reachable to both the legitimate users of the network as well as the malicious nodes. Consequently, there is a bankruptcy of clear line of defence from the perspective of security design. This in turn implies that any node which may even be authentic can enter the network and affect its performance by dropping the packets instead of forwarding them. When these types of attacks occur in ad hoc networks then even the standard routing protocols like AODV, DSDV, DSR, LAR, and LAMR etc. do not provide the required security. The proposed solutions in literature such as SAODV, ARAN, and SEAODV all provide authentication and encryption based solutions to these attack. But, the attack on availability which is the most common and easiest of them all cannot be avoided by authentication and encryption because even the authentic user can be the attacker. Also, encryption cannot be helpful to prevent such attacks. Therefore in such a situation if a proper solution is not provided the entire MANET operation will get crippled. The main aim of this work is to guarantee a security solution which provides defence against these attacks. To achieve that, a secure routing protocol (SMAODV) is presented which makes use of the multiple paths between source-destination pairs for removing the malicious routes from the network thereby reducing the effect of the attack to a great extent.

Chapter – I: Introduction

1.1 Introduction

Over the past few decades, there has been a progressive of shift from wired networks to wireless networks. Wireless networks came as a blessing for the applications that required scalability and mobility which could not be provided by their wired counterparts. Among the wireless networks that exist today, the most unique and important application is that of MANET [1]. MANETs are the category of the wireless networks which do not require a fixed infrastructure to function I.e. in MANETs there is no central authority and therefore for the purpose of communication all the nodes act both as transmitters as well as the receivers. The communication is achieved as follows: When the source and destination nodes are within the range of each other, they communicate directly and when they are far apart, they take the help of neighbour nodes. This means that every node acts as a router in MANETs. All the links in MANETs are bidirectional. The biggest advantage of the wireless networks is their tendency to allow different notes to communicate while maintaining their mobility at the same time. Since MANETs do not rely on any infrastructure, all the nodes are independent and can move freely [2, 3]. The transmission range of MANET nodes is limited, which means that the direct communication between source and destination is not possible when they are outside their zones of transmission. For that intermediate nodes take part in communication and hence communication in MANETs is divided among 2 types: Single-hop communication and multi-hop communication. In single-hop, the nodes which lie in the radio range of each other communicate directly while as in multi-hop communication when the destination node is beyond source node’s radio range, intermediate nodes help to relay the messages to their destinations.

Abbildung in dieser Leseprobe nicht enthalten

Figure 1: MANET Single Hop & Multi Hop Communication [Author’s Contribution]

1.2 Characteristics of MANETs

MANETs are the systems which are known for their dynamism, the medium of communication in MANET is air, and therefore the entire communication is vulnerable to interference and attacks [4]. The dynamism is brought by the nodes which are mobile-they give rise to frequent changes in the topology. Owing to these frequent topology changes and absence of centralised authority (infrastructure), MANET operation calls for two fundamental requirements:

a) Similar management capabilities for all nodes in MANET
b) Every operation of network as dataflow, routing, locating et cetera need to be infrastructure less (decentralised) [5].

1.2.1 Opportunities and limitations of MANETs

1. Self-configuring networks: MANETs have the ability to form self-configuring and self-maintaining networks. They are self-configuring and self-maintaining because there is no central administration to do this job for them. This means, MANETs do not need any static infrastructure to perform a particular jobs well (applications where infrastructure based networks are hard to be deployed).
2. Nominal configuration is needed to install MANETs. Their quick implementation makes them one of the best network choices to be used in the situations of emergency such as natural disasters, medical emergencies et cetera. In such situations having the infrastructure based network communication is not possible.
3. Costly routing: since there are no access points, no fixed infrastructure, every node in MANETs need to perform the function of routing-which becomes expensive. Furthermore, when the destination is far away, the routing cost increases even more. Therefore in MANETs, neighbour communication is favoured.
4. Unreliable links: The links established in MANETs are unreliable because the topology changes rapidly owing to mobility, plus there are environmental factors and interference of other elements. Also collisions cannot be detected in wireless networks like their wired counterparts. As a result the percentage of message losses is high in MANETs.
5. Limited resources: the nodes in MANETs are relatively small in size - hence they have limited power, processing ability and memory.
6. Broadcast communication: The communication in MANETs is mostly broadcast based. So if 10 nodes lie within the range of source, all of them receive the information. These nodes then further move the message forward by relaying it on to their transmission ranges. Therefore, every time source node talks to its neighbours, the gossip reaches to all the other notes in vicinity at no extra cost.
7. Mobility: Nodes in MANET move freely while carrying information. This feature may help in dispersion, mixture and aggregation of information.
8. Data – centric routing: Unlike traditional MANETs that use point to point addressing centric model, some MANETs use data centric communication model in routing. In data centric communication model, the priority is given to type of data rather than the source’s identity. This model supports data aggregation which is performed in-network. It also puts restrictions on the way in which storage and routing tasks are executed in the network [4].

1.3 Architecture of MANETs

Three types of architecture is a possible in MANETs namely, centralised, distributed and Peer to peer (P2P) [6].

1. Centralised architecture based MANET: This architecture consists of the following entities:

a) Service Publisher: A MANET node that has some service to offer is called a service publisher. A service publisher publishers its service to the network.
b) Service Broker: MANET node which acts as the mediator between publisher and consumer nodes.
c) Service Subscriber/ Consumer: A MANET node that consumes the service published by the service publisher.

Abbildung in dieser Leseprobe nicht enthalten

Figure 2: Centralized Architecture [Author’s Contribution]

In Centralised MANET architecture a central service publishing node is always available. This architecture maintains a centralised registry for publishing the services. The consumer can avail the services by binding with the publisher of the service and simultaneously accessing the centralised registry. Today MANETs are used for critical applications like military missions, battlefield communications, et cetera. They are also proving to be extremely useful in the areas of intelligent commerce, prompt messaging, CRM, online multimedia content of business organisations et cetera [7]. Consequently, there is the need of having service oriented architecture of MANETs to ensure easy access and benefit of using MANETs.

Using centralised MANET architecture is not an option in the case when MANETs are specifically used for critical applications [8] because of the following reasons:

a) Fault Tolerance: There is a central service publishing Node whose job is to retain the focal service registry, so if this node becomes unreachable or goes down, the entire system fails.
b) Quality of Service: Providing service specific quality of service parameters such as reliability ( an assurance that the service will be available for certain duration ), security mechanism et cetera used by the service is a challenge[9]
c) Other problems: These include trust on registry node (what if it gets corrupt), breakdown of centralised broker like UDDI [10,11] wherein UDDI becomes inaccessible because of nodes mobility et cetera. Therefore, this architecture is most suitable for small or average sized MANETs and cannot be used as the underlying architecture for service oriented architecture (SOA).

2. Distributed architecture based MANETs: The central Service publishing node is unavailable therefore, any Service publisher node can publish a service and any service consumer node may discover the publish service and consume it.

3. Peer to Peer architecture based MANETs: In this type of architecture, every node has equal status and hence can both produce services for other nodes as well as consume services provided by others.

Both Peer to Peer and distributed architectures do not depend on the central register. These Architectures are well suited for large-scale services. The issues faced by centralised architecture-based MANETs namely, fault tolerance, network resilience are removed here. [12, 13] proposed methods to install SOA on underlying Peer to Peer and distributed architectures.

1.4 MANET Standards

The unique characteristics such as infrastructure independent operation, dynamism in the topology, mobility, constrained resources exhibited by MANETs chase numerous challenges from security, trust and performance points of view. What protocols or standards do nodes in MANET follow when they need to communicate with their neighbours. Standardisation and normalisation of information technology and communication strategies is important for the quick implementation of any new technology. They not only provide interoperability but also reduce the costs of implementation and give way to easy installation. A set of IEEE WLAN standards are used for MANETs viz, IEEE 802.11, IEEE 802.15 , IEEE 802.15.4, IEEE 802.16, IEEE 802.20

1.4.1 IEEE 802.11 – Wireless Fidelity (WI – FI)

Standardised under IEEE 802.11x, Wi-Fi has numerous versions where ‘x’ can be replaced by a, b, g, n, e, p [14] etc. The entire management and process of certification of Wi-Fi is taken care of by the Wi-Fi alliance which is the separate party created by companies working in the field of electronics and communication. The timeline of Wi-Fi starts from 1985 when the idea to conceive Wi-Fi technology came to reduce the work pressure of cashier machines. Wi-Fi was standardised ultimately in the year 1997. Operating frequency of Wi-Fi stands at 2.4 GHz, 5 GHz. Because of the technology developments Wi-Fi also works at 60 GHz frequency. The bandwidth of Wi-Fi channels all 0.3, 0.6 or 2MHz. The range of Wi-Fi enabled devices is 30 - 100 m and it caters to PAN (personal area networks) and wireless LANs. Wi-Fi shows dynamism in terms of data transfer speed for example 802.11 b displays at the most a data transfer speed of 11 mbps while as the versions a, c send data at the speed of 54 mbps. The bit – time (the time taken to transfer a single bit at a particular data transfer rate) of Wi-Fi is 0.00185. The Wi-Fi enabled devices consume a lot of power so they need good battery backup. One Wi-Fi-based network can have 2007 nodes and work absolutely fine. Wi-Fi-based networks employ WEP, WPA and WPA2 protocols to achieve encryption and security respectively.

1.4.1.1 Architecture of WI – FI

Every version of 802.11x follows the TCP model consisting of five layers. The only difference is that in 802.11x data- link layer of TCP is divided into two sub layers – logic link control (802.2) and media access control (802.3 PHY and Mac). Any application for TCP/IP which can easily run for Ethernet can also run on Wi-Fi interface [15, 16]. The standard 802.11 defines numerous services out of which the most important ones are:

a) Station Services (SS): Services which revolve around privacy, authentication and de-authentication.
b) Distributed System Services (DSS): Services which are defined by association, disassociation, re-association, integration and dissemination [16, 17]

Abbildung in dieser Leseprobe nicht enthalten

Figure 3: comparison of different versions of IEEE 802.11 [20]

1.4.2 802.15.1 Bluetooth

In 1994 Ericsson Germany-based telecom giant launched Bluetooth. Bluetooth got its name from European unification king, Harald Blatand. Bluetooth special interest group (SIG)is a body that manages Bluetooth for standards and devices. The protocol updates of Bluetooth came and under versions 2.0, 2.1, 3.0, 4.0. The Operating frequency of 802.15.1 is 2.4 GHz while its channel consumes a bandwidth upto the range of 1 MHz. Bluetooth networks Cater to the needs of wireless personal area networks (WPANs) and the maximum number of nodes which can participate in such a network is 8 [17]. The technology gives a range of upto 10m. A point to point master slave strategy is employed to create a Bluetooth-based network, wherein there is one master and seven other slave piconets (a small network of a maximum of 8 nodes of which 1 is master and 7 others are slaves) and scatternets (when 2 or more than 2 piconets combine they form a scatternet. The data transfer rates of Bluetooth goes up to 1MBPS. Bluetooth utilises frequency hopping spread spectrum (FHSS - in which the frequency of carrier signal is varied) technique. This protocol can assist in the exchange of any kind of data be it image, video, audio, or text.

Abbildung in dieser Leseprobe nicht enthalten

Figure 4: Bluetooth Piconet/Scatternet Master/Slave configuration [Author’s Contribution]

1.4.3 802.15.4 Zigbee

Based on 802.15 standard, 802.15.4 is a technical standard for a group of communication protocols which are employed in order to make the Personal Area networks (PANs). Particularly Zigbee is employed in applications which demand low data transfer rates but more battery life in addition to security. One of the unique characteristics of Zigbee based network is that there can be 65,000 nodes. IEEE and Zigbee Alliance decided to come together and gave the new emerging technology a name (Zigbee), inspired from the waggle movements of honeybees. The idea of the technology came into light in the year 1999, the time when it was realised that other complimentary technologies like Bluetooth and Wi-Fi are not prepared for applications which needed to run for longer durations. The operating frequency of Zigbee is 900 - 928 MHz and 2.4 GHz. In European countries, frequency of 868 MHz is employed for this technology. Also it consumes a bandwidth of 1 MB. The range varies from 30 -100 m (it is restricted only to WPANs). The data transfer rate is low, only 250kbps and the bit - time is 4 microseconds. It consumes very less power almost one fourth as that of Wi-Fi-based networks. Protocol based on Zigbee use AES (Advanced Encryption Security) encryption method and CCB-CCM as network security method.

1.4.4 IEEE 802.16 WIMAX

As the world shifts from wired to wireless, Worldwide Interoperability for Microwave Access (WIMAX) offers unique advantages in terms of reliability, data rate, costs et cetera. IEEE 802.16 defines the specifications for the implementation of Wireless Metropolitan Area Network (WMANs). It's with the assistance of a standard like WIMAX that today we can have an easy access to broadband at any time and at any place [18]. WIMAX makes it possible to reach to a broadband connection when one is travelling at a speed of 125 km/h. The operating frequencies of WIMAX are 2.3 -2.7 GHz (licensed), 3.4 - 3.6 GHz (licensed) and 5.8 GHz (unlicensed). It utilises a bandwidth of 3 to 20 MHz. The data transfer rate for WIMAX is 70 mbps (shared) the range goes up to a whopping 50 km. There are three variations available to 802.16 namely 802.16c, 802.16d, 802.16e [19].

1.4.5 IEEE 802.20 Mobile – FI

IEEE 802.20 (Mobile – Fi) is the most recent IEEE standard for WLANs which can be used for MANETs. Mobile-Fi assists in accessing and deploying cost-efficient, ubiquitous, always ready and platform independent broadband which is fully mobile [20]. 802.20 is the youngest IEEE standard that is capable of carrying native IP traffic to distances of up to 15 km while at the same time providing symmetrical rates.

1.5 MANET Challenges:

Today MANETs are considered to be one of the best emerging technologies for mobile computing. MANET is the fastest growing of networks because of the increase in affordable, powerful and portable devices. Unlike their wired counterparts, MANETs display some unique characteristics which ultimately pose numerous challenges related to security and routing. Also, the medium of communication is shared which means that not only the legitimate user gets the access, illegitimate users also can access the medium easily therefore breach of security. This clearly implies that in MANETs there is no clear line of defence as we have in wired networks. In wired networks, there are fixed routes but in MANETs, every node can be treated as router. Thus, securing such a network is in itself a challenge because the attacker field/range is vast. Other non-trivial challenges are the server resource bondage, hugely dynamic topology of network etc. MANETs offer alluring applications because of their features discussed in preceding sections, but before they can be expected to be deployed on commercial scale, some of the critical challenges and open problems need to be solved. These include [21, 22]:

[...]