The purpose of this chapter is to investigate and expose methods and techniques developed to provide security in wireless ad hoc networks. Researchers have proposed variety of solutions for security problems of Wireless Mobile Ad-Hoc Networks (MANET) against Distributed Denial of Service (DDoS) attacks. Due to the wireless nature of the channels and specific characteristics of MANETs, the attacks cannot be defeated through conventional security mechanisms. An adversary can easily override its medium access control protocol (MAC) and continually transfer packages on the network channel and the access point node(s) cannot assign authorization access to shared medium. These attacks cause a significant decrease on overall network throughput, packet transmission rates and delay in the MAC layer since other nodes back-off from the communication. In this chapter the proposed methods are applied for preventing and mitigating different wireless ad hoc network attacks are investigated and effectiveness and efficiency of these mechanisms are exposed.
TopIntroduction
Security is one of the major problems of network systems. Secure communication becomes significant challenge for Mobile Wireless Ad Hoc Networks (MANET) due to their dynamic network topology and lack of centralized infrastructure. The varieties of attacks cause potential threats from different aspects, however, Denial of Service attacks (DoS) or Distributed Denial of Service attacks (DDoS) are two of the most harmful attacks against functionality and stability of network systems and MANETs are more vulnerable to these attacks due to limited resources that forces them to be greedy in resource utilization. These attacks aims to paralyze the member of the network (a node) or the entire network, by flooding excessive volume of traffic to consume the key resources of the member of the network or the entire network.
Solving security issues in these networks become more critical since financial aspects of the DoS and DDoS attacks becomes noticeable and since the application areas covers military, disaster relief operations, mine site operations and robot data acquisitions. Such networks can be used to enable next generation of battlefield applications envisioned by the military including situation awareness systems for maneuvering war fighters, and remotely deployed unmanned micro-sensor networks. MANETs can provide communication for civilian applications, such as disaster recovery and message exchanges among medical and security personnel involved in rescue missions.
Majority of the research efforts in the literature have been taken to solve an effective and applicable security mechanism problems of MANETs, which would detect the flooding attack, mitigate the affects and provide traceback mechanism. Research efforts on MANETs provided security through different mechanisms.
Based on the wide range of survey and analysis of current MANETs DDoS attacks and security system strategies, the major purposed solutions composed of two-tier architecture which has a little complexity that obeys the nature of MANETs. On many surveys, the proposed solutions require some modifications on routing protocols (such as AODV, DSR, DSDV), or require some cooperation or support from non-system node(s), or in some studies controlling the access and authorization through assigning through certification authorities (CA). These proposed solutions and strategies against DoS attacks can be classified under different categories and especially Jamming attacks are investigated by the researchers in the literature since these attacks consume the nodes power and processing abilities to keeping them busy by injecting huge amount of traffic on the network (Nguyan, et.al, 2000).
DoS defence methods have been proposed since long time, but most of them remain theoretical with no actual implementation or could not produce satisfied results and performance when applied on MANETs. Many of these methods need to be implemented simultaneously and collaboratively on several nodes, making them difficult to implement especially on nodes which are distributed and need to maintain round-the-clock Internet connectivity. In addition to this, this implementation becomes more difficult once we consider distributed framework and the stability of Internet connection problems arises on MANETs. Moreover, adopted solutions introduce relative complexity, overhead and delay to the network, by adding features such as digital signatures and encryption. The security methods rely on random or probabilistic means to detect legitimate traffic and discard it, which necessities that a certain percentage of legitimate packets would be dropped in the process. While this might not be a serious downside, it reduces the overall Quality of service on providing security.
Recent wireless research indicates that the wireless MANET presents a larger security problem than conventional wired and wireless networks. A Jamming attacks exhausts the victim’s network resources such as bandwidth, computing power, battery etc. The victim is unable to provide services to its legitimate clients and network performance is greatly deteriorated. This chapter provides a wide range of literature survey of existing methods and approaches to providing security in MANETs.