security issues and attacks in mobile ad hoc networks

15 downloads 33302 Views 517KB Size Report
channel access and multihop routing, security has become a primary concern in ... Availability: ensures that the desired network services are available whenever ...
SECURITY ISSUES AND ATTACKS IN MOBILE AD HOC NETWORKS Pooja Mishra

Ashutosh Rastogi

Student, M.Tech Department of Electronics and Communication Babu Banarasi Das University Lucknow, India [email protected]

Assistant Professor Department of Electronics and Communication Babu Banarasi Das University Lucknow, India [email protected]

Abstract—Mobile Ad hoc Networks (MANETs) is a special group of nodes that works without any fixed infrastructure .Each node in the network behaves as a router so that it can transmit the data towards the destination. Due to the lack of central point of control, MANETs are more vulnerable to attacks as compared to other networks. Moreover, other characteristics such as frequently changing topology, nodes limitations (energy resource, storage device, CPU etc..) and communication channel limitations (bandwidth, reliability) add extra challenges. MANETs have different network concerns and security challenges to get the availability of ubiquitous connectivity and secure communications. This paper discusses the reputation management systems which affect the trust in cooperation and negotiation between mobile networking entities. It also discuss the security features, challenges, and various attacks on MANETs, and at last we classify different security attacks on MANETs due to the different network layers. Keywords— mobile ad hoc networks, node limitations, topology, channel limitations, mobile networking.

I. INTRODUCTION In past years mobile ad hoc networks (MANETs) have received great attention because of their self-configuration and self-maintenance capabilities. While early research effort assumed a friendly and cooperative environment and focused on problems such as wireless channel access and multihop routing, security has become a primary concern in order to provide secured communication between nodes in a potentially hostile environment. Due to the lack of central point of control, MANETs are more vulnerable to routing attacks as compared to other networks. Although security has long been an active research topic in wireline networks, the unique characteristics of MANETs present a new set of nontrivial challenges to security design. During the last decade, extensive studies have been conducted on routing in mobile ad hoc networks, and have resulted in several mature routing protocols. However, in order to work properly, these protocols need trusted working environments, which are not always available. In many situations, the environment may be adversarial. For example, some nodes may be selfish, malicious, or compromised by attackers. To address these issues, many schemes have been proposed to secure the routing protocols in ad hoc networks. So, in order to make MANETs secure, all types of attacks are to be identified and solutions to be considered to make MANETs safe. Some of the attacks are considered in our study. However the list is

possibly incomplete, and some more attacks on MANETs are likely to be discovered in near future. So Security issues in MANETs will remain a potential research area in near future. The ultimate goal of the security solutions for MANETs is to provide security services, such as authentication, confidentiality, integrity, anonymity, and availability, to mobile users.

II. BASIC CONCEPTS A. Security Requirements The security services of ad hoc networks are not altogether different than those of other network communication paradigms. The goal is to protect the information and the resources from attacks and misbehavior. In dealing with network security, we shall explain the following requirements that an effective security paradigm must ensure: Availability: ensures that the desired network services are available whenever they are expected, in spite of attacks. Systems that ensure availability seek to combat denial of service and energy starvation attacks that we will present later. Authenticity: ensures communication from one node to another is genuine. It ensures that a malicious node cannot masquerade as a trusted network node. Data confidentiality: is a core security primitive for ad hoc networks, It ensures that a given message cannot be understood by anyone else than its (their) desired recipient(s). Data confidentiality is typically enabled by applying cryptography.

B. MANETs features and their impact on security The features of MANETs make them more vulnerable to attacks and misbehavior than traditional networks, and imposes the security solution to be different from those used in other networks. These features are: Infrastructure less: Central servers, specialized hardware, and fixed infrastructures are necessarily absent. The lack of infrastructure precludes the deployment of hierarchical host relationships; instead, nodes uphold egalitarian relationships. That is, they assume contributory collaborative roles in the network rather than ones of dependence. i.e., any security solution should rely on cooperative scheme instead of centralized one. Wireless links use: The use of wireless links renders a wireless ad hoc network susceptible to attacks. Unlike wired networks where an adversary must gain physical access to the network wires or pass through several lines of defense at firewalls and gateways, attacks on a wireless ad-hoc network can come from all directions and target at

any node. Hence, a wireless ad hoc network will not have a clear line of defense, and every node must be prepared to threats. Moreover, since the channel is widely accessible, the MAC protocols used in ad hoc networks, such IEEE802.11, rely on trusted cooperation in a neighborhood to ensure channel access, which presents a vulnerability. Multi-hop: Because the lack of central routers and gateways, hosts are themselves routers, then packets follow multi-hop routes and pass through different mobile nodes before arriving to the destination. Because of the possible untrustworthy of such nodes, this feature presents a serious vulnerability. Nodes movement autonomy: mobile nodes are autonomous units that are capable of roaming independently. This means that tracking down a particular mobile node in a large scale ad hoc network cannot be done easily. Amorphous: Nodes mobility and wireless connectivity allow nodes to enter and leave the network spontaneously. Therefore, the network topology has no form regarding both the size and the shape. Hence, Any security solution must take this feature into account. Power limitation: Ad hoc enabled mobile nodes are small and light weight , therefore, they are often supplied with limited power resources, small batteries, to ensure portability. The security solution should take this restraint into account. Furthermore, this limitation causes a vulnerability since a node powering-off can cause its breakdown. Thereby, attackers may targets some nodes batteries to disconnect them, even to make network partition. This is called energy starvation attack or sleep deprivation torture attack.

C. Attacks It includes any action that intentionally aims to cause any damage to the network, it can be divided according to their origins or their nature. Origin based classification splits attacks up into two categories; external and internal, whereas, nature based classification splits them up into passive attacks and active attacks External attacks: This category Includes attacks launched by a node that do not belong to the logical network, or is not allowed to access to it. Such a node penetrates the network area to launch its attack . Internal attacks: This category includes attacks launched by an internal compromised node, It is a more several kind of threat to the network since the proposed defence toward external attacks is ineffective against compromised and internal malicious nodes . Passive attacks: A passive attack is a continuous collection of information, these information would be used later when launching an active attack. That means the attacker eavesdrop packets and analyzes them to pick up required information. The security attribute that must be provided here is information confidentiality. Active attacks: Include almost all the other attacks launched by actively interacting with victims, like sleep deprivation torture that aims the batteries charges, hijacking, in which the attacker takes control of a communication between two entities and masquerades as one of them, jamming, that causes channel unavailability, attacks against routing protocols, etc... most of these attacks result in a denial of service (DoS), that is a degradation or a complete halt in communication between nodes. A MANET provides network connectivity between mobile nodes over potentially multihop wireless channels mainly through link-layer protocols that ensure one-hop connectivity, and network- layer protocols that extend the connectivity to multiple hops. These distributed protocols typically assume that all nodes are cooperative in the coordination process. This assumption is unfortunately not true in a hostile environment. Because cooperation is assumed but not enforced in MANETs, malicious attackers can easily disrupt network operations by violating protocol specifications.

III. SECURITY ISSUES A. Routing Security Issues A MANET’s routing protocol finds routes between nodes, then allows data packets to be forwarded through other network's nodes towards the final destination. In contrast to traditional network routing protocols, ad hoc network routing protocols must adapt more quickly to cope with MANETs factors presented previously, especially the frequent change of the network topology. This problem of routing in ad hoc networks is an important one and has been extensively studied, particularly in the MANET working group of the Internet Engineering Task Force (IETF). Since MANETs environment is untrusted , a secure routing protocol is required. Recently, several secure MANET routing protocols have been proposed. In this section we deal with the security issues of routing protocols , we first present a classification of different attacks that threat earlier MANET routing protocols, then we discuss the recent proposed solutions.

Secure routing protocol requirements A good secure routing protocol aim is to prevent each of the exploits . For this purpose, it must satisfy the following requirements:  Routing packets cannot be spoofed.  Fabricated routing messages cannot be injected into the network.  Routing messages cannot be altered in transit.  Routing loops cannot be formed through malicious actions.  Routes cannot be redirected from the shortest path by malicious actions.  Unauthorized nodes should be excluded from route computation and discovery.  The network topology must not be exposed neither to adversaries nor to authorized nodes by the routing messages, since exposure of the network topology may be an advantage for adversaries trying to destroy or capture nodes.

B.

Data forwarding security issues

Protecting the network layer in a MANET is an important research topic of wireless security. The core functionalities provided in the network layer are routing and packet forwarding, malicious attacks on either of them will disrupt the normal network operations. Although several recent proposals have addressed the problem of secure ad hoc routing, as shown previously, protection of data forwarding service has received relatively less attention except the works of. Now we discuss about the issue of protecting packet forwarding.

C.

Data forwarding attacks

i Eavesdrop The wireless channels used in MANETs are freely and easily accessible. Moreover, promiscuous mode, which means capturing packets by a node that is not the appropriate destination, is employed by protocols to operate or to ensure more efficiency, eg.. a routing protocol may use this mode to learn routes. These features can be employed by malicious to eavesdrop data in transit. The obvious proactive solution against this is to use cryptography, this solution just ensures confidentiality, but does not prevent eavesdropping, and to the best of our knowledge, no detecting solution is available. Since

breaking keys is always possible and using a robust key revocation within MANET is problematic, eavesdropping is a serious attack against data forwarding.

ii Dropping data packets Since packets follow multi-hop routes, a malicious can participate in routing and drop all packets it receives to forward. To do this, it first attacks the routing protocol to gain participation in routing, using one or more of the attacks presented previously.

iii Inject forged data packet A malicious may fabricate data packets to inject and disperse them with no other interest than overloading the network, this can result in disruption of forwarding legal packets.

IV.

CHALLENGES IN MANETs

One fundamental vulnerability of MANETs comes from their open peer-to-peer architecture. Unlike wired networks that have dedicated routers, each mobile node in an ad hoc network may function as a router and forward packets for other nodes. The wireless channel is accessible to both legitimate network users and malicious attackers. As a result, there is no clear line of defense in MANETs from the security design perspective. The boundary that separates the inside network from the outside world becomes blurred. There is no well defined place/infrastructure where we may deploy a single security solution. Moreover, portable devices, as well as the system security information they store, are vulnerable to compromises or physical capture, especially low-end devices with weak protection. Attackers may sneak into the network through these subverted nodes, which pose the weakest link and incur a domino effect of security breaches in the system. The stringent resource constraints in MANETs constitute another nontrivial challenge to security design. The wireless channel is bandwidth- constrained and shared among multiple networking entities. The computation capability of a mobile node is also constrained. For example, some low-end devices, such as PDAs, can hardly perform computation-intensive tasks like asymmetric cryptographic computation. Because mobile devices are typically powered by batteries, they may have very limited energy resources. The wireless medium and node mobility poses far more dynamics in MANETs compared to the wireline networks. The network topology is highly dynamic as nodes frequently join or leave the network, and roam in the network on their own will. The wireless channel is also subject to interferences and errors, exhibiting volatile characteristics in terms of bandwidth and delay. Despite such dynamics, mobile users may request for anytime, anywhere security services as they move from one place to another. The above characteristics MANETs clearly make a case for building multiple security solutions that achieve both broad protection and desirable network performance. First, the security solution should spread across many individual components and rely on their collective protection power to secure the entire network. The security scheme adopted by each device has to work within its own resource limitations in terms of computation capability, memory, communication capacity, and energy supply. Second, the security solution should span different layers of the protocol stack, with each layer contributing to a line of defense. No single-layer solution is possible to thwart all potential attacks. Third, the security solution should thwart threats from both outsiders who launch attacks on the wireless channel and network topology, and insiders who sneak into

the system through compromised devices and gain access to certain system knowledge. Fourth, the security solution should encompass all three components of prevention, detection, and reaction, that work in concert to guard the system from collapse. Last but not least, the security solution should be practical and affordable in a highly dynamic and resource constrained networking scenario.

V. A MULTIFENCE SECURITY SOLUTION In this section we review the state-of-the-art security proposals for MANETs. Because multihop connectivity is provided in MANETs through distributed protocols in both the network and link layers, the ultimate multifence security solution naturally spans both layers, as illustrated in Fig. 1. There are basically two approaches to securing a MANET: proactive and reactive. The proactive approach attempts to thwart security threats in the first place, typically through various cryptographic techniques. On the other hand, the reactive approach seeks to detect threats a posteriori and react accordingly. Each approach has its own merits and is suitable for addressing different issues in the entire domain. For example, most secure routing protocols adopt the proactive approach in order to secure routing messages exchanged between mobile nodes, while the reactive approach is widely used to protect packet forwarding operations. Due to the absence of a clear line of defense, a complete security solution for MANETs should integrate both proactive and reactive approaches, and encompass all three components: prevention, detection, and reaction. The prevention component deters the attacker by significantly increasing the difficulty of penetrating the system. However, the history of security has clearly shown that a completely intrusion-free system is infeasible, no matter how carefully the prevention mechanisms are designed. This is especially true in MANETs, consisting of mobile devices that are prone to compromise or physical capture. Therefore, the detection and reaction components that discover the occasional intrusions and take reactions to avoid persistent adverse effects, are indispensable for the security solutions to operate in the presence of limited intrusions. In the MANET context, the prevention component is mainly achieved by secure ad hoc routing protocols that prevent the attacker from installing incorrect routing states at other nodes. These protocols are typically based on earlier ad hoc routing protocols such as DSR , AODV and Destination-Sequenced Distance Vector(DSDV) and employ different cryptographic primitives (e.g., HMAC, digital signatures hash chains) to authenticate the routing messages. The detection component discovers ongoing attacks through identification of abnormal behavior exhibited by malicious nodes. Such misbehavior is detected either in an end-to-end manner, or by the neighboring nodes through overhearing the channel and reaching collaborative consensus. Once an attacker node is detected, the reaction component makes adjustments in routing and forwarding operations, ranging from avoiding the node in route selection to collectively excluding the node from the network. Security never comes for free. When more security features are introduced into the network, in parallel with the enhanced security strength is the ever-increasing computation, communication, and management overhead. Consequently, network performance, in terms of scalability, service availability, robustness, and so on of the security solutions, becomes an important concern in a resourceconstrained ad hoc network. While many contemporary proposals focus on the security vigor of their solutions from the cryptographic standpoint, they leave the network performance aspect largely unaddressed. In fact, both dimensions of security strength and network performance are equally important, and achieving a good

trade-off between two extremes is one fundamental challenge in security design for MANETs. There are basically two approaches to protecting MANETs: proactive and reactive. The proactive approach attempts to prevent an attacker from launching attacks in the first place, typically through various cryptographic techniques. In contrast, the reactive approach seeks to detect security threats a posteriori and react accordingly.

integrity, confidentiality and support perfect security forward. The significant importance of the aforementioned protocol is that it offers flexibility , which cannot be achieved at higher or lower layer abstractions in addition to the symmetric cryptographic schemes. These are 1000 times faster than asymmetric cryptographic

schemes, a fact that makes IPSec appropriate to be used in handheld resources constrained devices such as PDAs.

VII. SECURE AD HOC ROUTING The secure ad hoc routing protocols take the proactive approach and enhance the existing ad hoc routing protocols, such as DSR and AODV, with security extensions. In these protocols, each mobile node proactively signs its routing messages using the cryptographic authentication primitives described above. This way, collaborative nodes can efficiently authenticate the legitimate traffic and differentiate the unauthenticated packets from outsider attackers. However, an authenticated node may have been compromised and controlled by the attacker. Therefore, we have to further ensure proper compliance with the routing protocols even for an authenticated node. In the following, we describe how different types of routing protocol are secured.

VIII.

Figure 1. The components in the multifence security solution

VI.

NETWORK-LAYER SECURITY

The network-layer security designs for MANETs are concerned with protecting the network functionality to deliver packets between mobile nodes through multihop ad hoc forwarding. Therefore, they seek to ensure that the routing message exchanged between nodes is consistent with the protocol specification, and the packet forwarding behavior of each node is consistent with its routing states. Accordingly, the existing proposals can be classified into two categories: secure ad hoc routing protocols and secure packet forwarding protocols. Before we describe these security solutions in detail, we first introduce several cryptographic primitives for message authentication, the essential component in any security design, and analyze the trade-offs behind them. 

SNAuth-SPMAODV with IPSec for Network Layer Security

Secure Neighbor Authentication Strict Priority Multipath Ad hoc Ondemand Distance Vector Routing) with IPSec is robust against Denial of Service attack and it also provides security services for both routing information and data message at network layer in MANET. The proposed method uses a hybrid version of the IPSec protocol, which includes both AH and ESP modes. IPSec is a protocol suit for securing IP based communication focusing on authentication,

LINK-LAYER SECURITY

Link-layer security solutions protect the one-hop connectivity between two direct neighbors that are within the communication range of each other through secure MAC protocols. We use 802.11, the de facto standard MAC protocol for MANETs, to illustrate the link-layer security issues. IEEE 802.11 MAC — The vulnerability of the IEEE 802.11 MAC to DoS attacks was recently identified. The attacker may exploit its binary exponential backoff scheme to launch DoS attacks uses simulations to show that implementing a fair MAC protocol is a necessary but insufficient technique to solve the problem. A more robust MAC protocol with fairness guarantees is required to secure the MANET link-layer operations. Recently a security extension to 802.11 was also proposed . It follows the reactive approach and seeks to detect and handle such MAC-layer misbehaviors. The original 802.11 backoff scheme is slightly modified in that the backoff timer at the sender is provided by the receiver instead of setting an arbitrary timer value on its own. When a malicious node selects a small backoff value or does not back off at all, the receiver can detect such misbehaviors by checking the deviation between the actual transmission schedule and the expected schedule. The receiver then reacts by penalizing the misbehaving node and assigning larger backoff values to it. The NAV field carried in the RTS/CTS frames exposes another vulnerability to DoS attacks . Since the attacker in the local neighborhood is aware of the duration of the ongoing transmission, it may transmit a few bits within this period to incur bit errors in a victim’s link-layer frame via wireless interference. Because the attacker can disrupt a legitimate frame of thousands or even tens of thousands of bits with little effort, the power consumption battle favors the adversary side rather than the legitimate node side. To the best of our knowledge, it remains unclear how to defeat such resource consumption DoS attacks in MANETs. IEEE 802.11 WEP — It is well known that the IEEE 802.11WEP protocol is vulnerable to attacks of two categories:

• Message privacy and message integrity attacks. These attacks are based on various mechanisms such as short IV, linear cyclic redundancy check (CRC)-32 checksum, and key stream recovery by known plaintext attacks. • Probabilistic cipher key recovery attacks such as the FluhrerMantin-Shamir attack . These attacks are based on the fact that the initial output in the RC4 key stream is disproportionally affected by a small number of key bits, particularly the prefix and postfix parts of the key . Fortunately, the recently proposed 802.11i/ WPA has mended all obvious loopholes in WEP. Future countermeasures such as RSN/ AES-CCMP are also being developed to improve the strength of wireless security. We do not provide more details here because these cryptographic problems are not unique to ad hoc networks, and have been extensively studied in the context of wireless LANs. Table 1 describes the security issues in each layer. Layer Application layer

Transport layer

Network layer Link layer

Physical layer

Security issues Detecting and preventing viruses, worms, malicious codes, and application abuses Authenticating and securing end-toend communications through data encryption Protecting the ad hoc routing and forwarding protocols Protecting the wireless MAC protocol and providing link-layer security support Preventing signal jamming denial-ofservice attack

Table 1. The security solutions for MANETs should provide complete protection spanning the entire protocol stack.

IX.

CONCLUSION

A systematic literature review was conducted in this paper to understand the issues related to security model and attacks in MANETs. In this paper, we try to explain the network security threats in the mobile ad hoc network. Due to movability of nodes in MANETs, the security needs are much higher than as comparison to traditional wired network. During the survey, we discussed how the attack has been occurred in the network layer. To conclude, the security is mobile ad hoc network is a complex and challenging topic.

References [1]. Hao Yang, Haiyun Loo, Fan Ye, Sogwu Lu and Lixia Zhog, “ Security in mobile ad hoc networks, challenges and solution” Wireless Communication , IEEE Volume I, issue 1, Feb 2004, pp.38 – 47. [2]. A.H Azni, Rabiah Ahmad, Zul Azri Mohamad Noh, Farida Hazwani and Najwa Hayaati, “Systematic Review for Network Survivability Analysis in MANETS”, Procedia - Social and Behavioral Sciences 195 ( 2015 ) . [3]. Y. Hu, A. Perrig, and D. Johnson, “Ariadne: A Secure Ondemand Routing Protocol for Ad Hoc Networks”, ACM MOBICOM, 2002. [4].

F. Xing and W. Wang, “On the Survivability of Wireless Ad Hoc Networks with Node Misbehaviors and Failures,” IEEE Trans. Dependable Secur. Comput., vol. 7, no. 3, pp. 284 – 299, 2010.

[5].

Y. Hu, A. Perrig, and D. Johnson, “Packet Leashes: A Defense against Wormhole Attacks in Wireless Networks,”IEEE INFOCOM, 2002.

[6]. Papadimitratos, and Z. Haas, “Secure Routing for Mobile Ad Hoc Networks,” CNDS, 2002. [7]. V. Gupta, S. Krishnamurthy, and M. Faloutsos, “Denial of Service Attacks at the MAC Layer in Wireless Ad Hoc Networks,” IEEE MILCOM, 2002. [8]. Hu, Y.C., Perrig, A., Johnson, D.B. “Wormhole Attacks in Wireless Networks”. IEEE J. Sel. Area Comm. Volume 24, Pages 370–380, 2006. [9].

P. Ghosekar, G. Katkar, and P. Ghorpade, “Mobile Ad Hoc Networking : Imperatives and Challenges,” IJCA Special Issue on MANETs, no. 3 pp. 153–158, 2010.

[10]. C. Perkins and E Royer, “Ad Hoc On-Demand Distance Vector Routing,” 2nd IEEE Wksp. Mobile Comp. Sys. and Apps., 2006.

[11]. Y. Hu, D. Johnson, and A. Perrig, “Sead: Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Networks,” IEEE WMCSA, 2002. [12]. J. Kong et al., “Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks,” IEEE ICNP, 2001.