Mobile Ad Hoc Network Security Vulnerabilities

Mobile Ad Hoc Network Security Vulnerabilities

Animesh K. Trivedi (Indian Institute of Information Technology, India), Rajan Arora (Indian Institute of Information Technology, India), Rishi Kapoor (Indian Institute of Information Technology, India) and Sudip Sanyal (Indian Institute of Information Technology, India)
DOI: 10.4018/978-1-60566-026-4.ch407
OnDemand PDF Download:
$37.50

Abstract

Mobile ad hoc networks inherently have very different properties from conventional networks. A mobile ad hoc network (MANET) is a collection of mobile nodes that are self configuring (network can be run solely by the operation of the end-users), capable of communicating with each other, establishing and maintaining connections as needed. Nodes in MANET are both routers and terminals. These networks are dynamic in the sense that each node is free to join and leave the network in a nondeterministic way. These networks do not have a clearly defined physical boundary, and therefore, have no specific entry or exit point. Although MANET is a very promising technology, challenges are slowing its development and deployment. Nodes in ad hoc networks are in general limited in battery power, CPU and capacity. Hence, the transmission ranges of these devices are also limited and nodes have to rely on the neighboring nodes in the network to route the packet to its destination node. Ad hoc networks are sometimes referred to as multi-hop networks, where a hop is a direct link between two nodes. MANET has many important applications, including battlefield operations, emergency rescues, mobile conferencing, home and community networking, sensor dust and so forth.
Chapter Preview
Top

Introduction

Mobile ad hoc networks inherently have very different properties from conventional networks. A mobile ad hoc network (MANET) is a collection of mobile nodes that are self configuring (network can be run solely by the operation of the end-users), capable of communicating with each other, establishing and maintaining connections as needed. Nodes in MANET are both routers and terminals. These networks are dynamic in the sense that each node is free to join and leave the network in a nondeterministic way. These networks do not have a clearly defined physical boundary, and therefore, have no specific entry or exit point. Although MANET is a very promising technology, challenges are slowing its development and deployment. Nodes in ad hoc networks are in general limited in battery power, CPU and capacity. Hence, the transmission ranges of these devices are also limited and nodes have to rely on the neighboring nodes in the network to route the packet to its destination node. Ad hoc networks are sometimes referred to as multi-hop networks, where a hop is a direct link between two nodes.

MANET has many important applications, including battlefield operations, emergency rescues, mobile conferencing, home and community networking, sensor dust and so forth.

Due to limited memory and computational power, nodes in MANETs have limited services and security provision. Unlike wired networks which have a higher level of security for gateways and routers, ad hoc networks have characteristics such as dynamically changing topology, weak physical protection of nodes, no established infrastructure or centralized administration and high dependence on inherent node cooperation. The routing protocols used in the current generation of mobile ad hoc networks, like Dynamic Source Routing (DSR), and Ad hoc On Demand Distance Vector Routing Protocol (AODV), are based on the principle that all nodes will cooperate, but dynamic and cooperative nature of MANETS presents substantial challenges to this assumption (Johnson, Maltz, & Broch, 2001; Perkins & Royer, 1999). Without node cooperation in a mobile ad hoc network, routes cannot be established, and packets cannot be forwarded. As a consequence, access control mechanisms, (similar to firewalls in wired networks) are not feasible. However, cooperative behavior, such as forwarding other node’s messages, cannot be taken for granted because any node could misbehave. Misbehavior means deviation from regular routing and forwarding protocol assumption. It may arise for several reasons, non-intentionally when a node is faulty or intentionally when a node may want to save its resources. Cooperation in mobile ad hoc networks is a big issue of consideration. To save battery, bandwidth, and processing power, nodes should not forward packets for others. If this dominant strategy is adopted, the outcome is a nonfunctional network when multi-hop routes are needed, so all nodes are worse off. Without any counter policy, the effects of misbehavior have been shown to dramatically decrease network performance. Depending on the proportion of misbehaving nodes and their strategies, network throughput could decrease, and there could be packet losses, denial of service or network portioning. These detrimental effects of misbehavior can endanger the entire network.

Wireless ad hoc networks are vulnerable to various attacks. These include passive eavesdropping, active interfering, impersonation, modification of packets and denial-of-service. Intrusion prevention measures, such as strong authentication and redundant transmission, can be used to tackle some of these attacks. However, these techniques can address only a subset of the threats, and moreover, are costly to implement due to the limited memory and computation power on nodes. We can identify two types of uncooperative nodes: faulty or malicious and selfish. Faulty or malicious behavior refers to the broad class of misbehavior in which nodes are either faulty and can therefore not follow a protocol, or are intentionally malicious and try to attack the system. Selfishness refers to no cooperation in certain network operations. In mobile ad hoc networks, the main threat from selfish nodes is dropping of packets (black hole), which may affect the performance of the network severely. Faulty, malicious and selfish nodes are misbehaved nodes.

Key Terms in this Chapter

Firewalls: A logical barrier designed to prevent unauthorized or unwanted communications between sections of a computer network.

Promiscuous Mode: Refers to a configuration of a network interface wherein a setting is enabled so that the interface passes all traffic it receives to the CPU rather than just packets addressed to it, a feature normally used for packet sniffing.

Ad Hoc Network: A mobile ad hoc network (MANET) is a kind of wireless ad hoc network, and is a self-configuring network of mobile routers (and associated hosts) connected by wireless links—the union of which form an arbitrary topology.

Terminal: In the context of telecommunications, a terminal is a device which is capable of communicating over a line.

Bandwidth: Bandwidth is a measure of frequency range and is typically measured in hertz. Bandwidth is related to channel capacity for information transmission.

Reputation: As a socially transmitted belief (i.e., belief about belief) concerns properties of agents, namely their attitudes toward some socially desirable behavior, be it cooperation, reciprocity, or norm-compliance.

Routers: A router acts as a junction between two or more networks to transfer data packets among them.

Gateway: A computer or a network that allows or controls access to another computer or network.

Denial of Service (DoS): Is an attempt to make a computer resource unavailable to its intended users. Typically, the targets are high-profile Web servers where the attack is aiming to cause the hosted Web pages to be unavailable on the Internet. It is a computer crime that violates the Internet proper use policy as indicated by the Internet Architecture Board (IAB).

Intrusion Detection System (IDS): Is used to detect many types of malicious network traffic and computer usage that can’t be detected by a conventional firewall.

Complete Chapter List

Search this Book:
Reset