Security Issues in MANET: A Review

Rashid Sheikhl Mahakal Singh Chandee, Durgesh Kumar Mishra3 2Arjun Institut: of Advaced Studies and Research Centre, Indore, India

arjunpublication@rediffmail.com 1,3 Acropolis Institute of Technology and Research, Indore, India

rashidsheikhmrsc@yahoo.com mishra research@rediffmail.com

Abstract- Sometimes the physically distributed computing devices in a network may be interested in computing some function of their private inputs without disclosing these inputs to one another. This type of computation falls under the category of Secure Multiparty Computation (SMC). The solution to SMC problems in Mobile Ad hoc Networks (MANET) can be found with the modification of the data inputs or with some anonymization technique. MANETs are the wireless networks of the mobile computing devices with no support of any fIXed infrastructure. The mobile nodes use any of the radio technology like Bluetooth, IEEE 802. I I or Hiperlan for directly communicating with each other. The nodes behave as hosts as well as routers. The security challenges in the MANET arise due to its dynamic topology, vulnerable wireless link and nomadic environment. An identification mechanism is needed between the nodes using identification and the credentials. This security architecture simultaneously leads to privacy problems. Some mechanism is needed which prevents a node to learn the identity or the credentials of other nodes. To provide location privacy in MANET is a nontrivial task. Current routing protocols do not focus much on the security and the privacy issues. These aspects are postponed till further development. An authentication protocol is needed between nodes using some cryptographic technique. In service­oriented MANET the denial of the service must be taken care of so that the availability of the service is maintained The security requirement of the ad hoc network depends on its application. For example, for a simple business meeting the requirement is mitigated and for the military battlefield it is severe. Thus no general security architecture can be developed for MANET. Specific security architecture is needed for specific application. Much security related work is still pending and will add to the standards as the physical deployment of the MANET will grow. In this paper, an emphasis is made on how

978-1-4244-7202-4/10/$26.00 ©2010 IEEE

SMC solutions can be used for privacy preservation during computation.

Keywords- MANET, Security, Privacy, Secure Multiparty Computation.

1. Introduction

Mobile Ad hoc NETworks (MANET) are the wireless networks of mobile computing devices without any support of a fixed infrastructure. The mobile nodes in a MANET self organize together in some arbitrary fashion. These networks can be applied between persons or between vehicles in areas which are depleted of fixed infrastructure. These areas could be military battlefield or some flood or earthquake affected areas [1 ]. Two nodes can directly communicate with each other if they are within the radio range. If the nodes are not within the radio range they can communicate with each other using multihop routing. These mobile networks have following features:

1 . The wireless link between the nodes is highly vulnerable. This is because nodes can continuously move causing the frequent breakage of the link. The power available for transmission is also strictly limited.

2. The topology of the network is highly dynamic due to the continuous breakage and establishment of wireless link. Nodes continuously move into and out of the radio range. This gives rise to the change in

routing information.

3. These is a bandwidth constraint in this wireless networks.

4. MANETS need energy - efficient operation because all the nodes depend on battery power which is highly limited.

These features indicate need of a more secure operation in the MANET. Current routing protocols do not focus much on the security aspects. Mobile ad hoc networks are more vulnerable to security threats as compared to

traditional wired network. In this paper security issues are explored, efforts for achieving security issues are surveyed and some methods of secure multiparty computations (SMC) are suggested to achieve the security.

2. Security Issues in MANET

As already mentioned the mobile ad hoc networks are vulnerable to security problems than the wired networks, in this section various vulnerabilities are explored.

2.1 No predefmed Boundary In mobile as hoc networks we cannot precisely define a physical boundary of the network. The nodes work in a nomadic environment where they are allowed to join and leave the wireless network. As soon as an adversary comes in the radio range of a node it will be able to communicate with that node. The attacks include eavesdropping impersonation; tempering, replay and Denial of Service (DoS) attack [2].

2.2 Adversary inside the Network The mobile nodes within the MANET can freely join and leave the network. The nodes within network may also behave maliciously. This is hard to detect that the behavior of the node is malicious. Thus this attack is more dangerous than the external attack. These nodes are called compromised nodes.

2.3 No centralized control facility MANETS do not have any centralized control facility which may lead to many security problems. It becomes very difficult to detect any attack. Traffic cannot be monitored from a centralized point instead the control is distributed at each node. The detection becomes more difficult when the advisory changes the attack pattern and the target of the attack. To the node a failure may be caused by an adversary or due to some network problem. Due to the lack of security association we cannot classify the nodes as trusted node or untreated node.

2.4 Limited Energy Resource All the nodes in a mobile Adhoc network depend on battery power for their operation. The alternate power sources are assumed to be absent. The adversary can sent huge traffic to the target node. The target node may be continuously busy in handling these packets; this will cause the battery power to be exhausted.

This will cause a denial of service (dos) attack because now the node will not be able to provide services within the network. Sometimes the attackers ask the nodes to perfonn some meaningless time consuming computation causing its battery power to be lost.

Some nodes may behave as selfish nodes. A selfish node does not cooperate when running some common algorithm. For example consider a cluster based intrusion detection technique [3] where a cluster of nodes cooperatively detect the intrusion. A node is selected as a monitor when it wishes to do this. A malicious behavior simply avoids being the monitor. When majority of nodes behaves selfishly the whole system will collapse.

2.5 Changing scale The scalability of the mobile ad hoc network keeps changing all the time. It is very difficult to predict the number of nodes in a mobile ad hoc network at some future time. The protocols and services designed for MANETs must be made compatible to this changing scalability.

3. Security Criteria in MANET

In this section different security criteria are explored with reference to mobile ad hoc networks.

3.1 Availability It refers to the property of the network to continue provide services regardless of the state of the network. A denial of service attacks is based to attack this property.

3.2 Integrity Integrity guarantees that no modification, addition, deletion is done to the message, the altering of message can be malicious or accidental.

3.3 Confidentiality It grantees that the message cannot be even viewed in its original fonn by any unauthorized person.

3.4 Authenticity With the help of this property the parties prove their identities. This property ensures that the parties are genuine not impersonators.

3.5 Non repudiation With this property the sender and receiver cannot disavow about sending and receiving the message.

3.6 Authorization This property assigns different access rights to different types of users. For example a network management can be performed by network administrator only.

3.7 Anonymity All the information about the identity of a node should be kept private for privacy- preservation.

4. Attacks in MANETs

The attacks in the MANET can be external or internal. An external attacks causes congestion, sends false routing information or causes unavailability of services. In an internal attack the malicious node from the network gains unauthorized access and impersonates as a genuine node. It can analyze traffic between other nodes and may participate in other network activities.

4.1 Denial of Service attack This attack aims to attack the availability of a node or the entire network. If the attack is successful the services will not be available. The attacker generally uses radio signal jamming and the battery exhaustion method.

4.2 Impersonation If the authentication mechanism is not properly implemented a malicious node can act as a genuine node and monitor the network traffic. It can also send fake routing packets, and gain access to some confidential information.

4.3 Eavesdropping This is a passive attack. The node simply observes the confidential information. These information can be later used by the malicious node. The secret information like location, public key, private key, password etc. can be fetched by eavesdropper.

4.4 Routing Attacks The malicious node make routing services a target because its an important service in MANETs. There are two flavors to this routing attack. One is attack on routing protocol and

another is attack on packet forwarding or delivery mechanism. The first is aimed at blocking the propagation of routing information to a node. The latter is aimed at disturbing the packet delivery against a predefmed path. Many routing attacks have been studied [4, 5, 6, 7]

5. Security Solutions in MANET

In this section we survey several security schemes to deal with the attacks describes in the previous sections.

5.1 Intrusion Detection Zhang et aZ. [8] proposed a scheme for intrusion detection in MANET. They proposed distributed and cooperative framework to detect the attack. Every node in the MANET participates in the process of intrusion detection. It detects the sign of intrusion locally and independently and also propagates this information to other nodes in the network.

5.2 Cluster-based Instruction Detection There is a drawback of distributed and cooperation intrusion detection framework of Zhang et al. [8] that due to limited power capacity some of the node may behave as selfish node. To eliminate this drawback Huang et aZ. [3] proposed a cluster-based intrusion detection scheme. The whole MANET is organized as a set of clusters such that a node is member of at least one cluster. Only one node in a cluster will monitor the intrusion detection. The nodes within a cluster are within the same radio range.

5.3 Defending Wormhole Attack using leash In wormhole attack some adversary records information and replays to another node using tunneling. The receiver node has a difficulty of distinguishing it from the genuine routing packet. The defense against wormhole attack is given in [9, 10] using packet leashes. A Packet leash is additional information attached to the packet to restrict its maximum allowable transmission distance. Two types of leashes exist. A geographical leash ensures the maximum distance between sender and receiver. A Temporal leash bounds the maximum time of packet journey. A receiver examines its time or distance whether it has traveled more than he allowed distance.

6. Privacy- preservation in MANET using SMC solution

Secure Multiparty Computation (SMC) is a subject of information security which allows multiple parties to compute some functions of their common inputs without disclosing actual inputs to one another. This subject started with Yao's Millionaire Problem [1 1 ]. The problem is that how two millionaire can know who is richer without disclosing individual wealth to one another. There are three types of solutions available to SMC problem; Cryptosystem, Randomization methods and anonymization methods. All these methods provide privacy­preservation during computation. Sometimes data is modified to prevent any possibility of eavesdropping. Some other time the identity of the party is made ambiguous. The mobile ad hoc network can be seen as a multiparty computation paradigm when the mobile node is considered as cooperating party. The Anonypro and extended anonypro protocols can be used to hide the identity of the party [1 2]. The Secure Sum Protocols [1 3, 14, 1 5, 1 6] can be used for calculating sum, difference, average and other aggregates.

7. Conclusion

MANET due to its natural properties is more vulnerable to the attacks. There is a need to design more secure protocols to deal with these security problems. This paper discusses the basic properties of the MANET, the vulnerabilities in it, different types of attacks, secure protocols provided by the researchers. We also suggest SMC solutions that can be used to tackle these problems.

References

[1] M.S. Corson, J.P. Maker and J.H. Cernicione, Internet- based Mobile Ad hoc Networking, IEEE Internet Computing, pages 63- 70, July- August 1999.

[2] A Mishra and K.M Nadkarni, security in wireless Ad hoc network, in Book. The Hand book of Ad Hoc Wireless Networks(chapter 30), CRC press LLC, 2003.

[3] Y. Haung and W. Lee, A Cooperative Intrusion Detection system for Ad hoc Networks, in Proceedings of the 1st ACM Workshop on security of Ad hoc and sensor Networks, Fairfax, Virgining 2003, pages 135-147.

[4] P. Papadimitrates and Z.J. Hass, secure Routing for mobile Ad Hoc Networks in proceeding of SCS Communication Networks and Distributed system modeling and simulation Conference (CNDS), San Antonio, TX, Jan. 2002.

[5] Y.Hu, A Perrig and D. Johnson, Ariadne: A secure On-demand Routing Protocol for Ad Hoc Networks, in Proceeding of ACM MOBICOM'02, 2002.

[6] K. Sanzgiri, B. Dahill, B.N. Levine, C. shield and E.M Belding- Royar, A secure routing protocol for Ad Hoc Networks, in Proceedings of ICNP'02, 2002.

[7] Y. Hu, D. Johnson and A Perrig, SEAD: Secure Efficient Distance Vector Routing for Mobile Wire less Ad Hoc Networks, 1 (1) : 175-192, July 2003.

[8] Y. Zhang and W. Lee, Intrusion detection in wireless Ad Hoc Networks, in the proceedings of the 6th International Conference on mobile computing and networking ( Mobicom2000), pages 275-283, Boston, Massachusetts, Aug. 2000.

[9] Y. Hu, A Perrig and D. Johnson, Packet Leashes: A Defense against Wormhole Attack in Wireless Ad Hoc Networks, in proceedings of IEEE INFOCOM'03, 2003.

[10] Y. Hu, A Perrig and D. Johnson, Wormhole Attacks in Wireless Networks, IEEE Journal on selected areas in communication, Vol. 24, No. 2, Feb. 2006.

[11] AC.Yao, "Protocol for Secure Computations," in proceedings of the 23rd annual IEEE symposium on foundation of computer science, pages 160-164, Nov. 1982.

[12] D. K. Mishra, M. Chandwani, "Extended Protocol for Secure Multiparty Computation using Ambiguous Identity," WSEAS Transaction on Computer Research, Vol. 2, issue 2, Feb. 2007.

[13] C. Clifton, M. Kantarcioglu, J. Vaidya, X. Lin, and M. Y. Zhu, "Tools for Privacy-Preserving Distributed Data Mining," J. SIGKDD Explorations, Newsletter, VolA, No.2, ACM Press, pages 28-34, Dec. 2002.

[14] R. Sheikh, B. Kumar and D. K. Mishra, "Privacy­Preserving k-Secure Sum Protocol," in International Journal of Computer Science and Information Security, Vol.6 No.2, pages 184-188, USA, Nov. 2009.

[15] R. Sheikh, B. Kumar and D. K. Mishra, "Changing Neighbors k-Secure Sum Protocol for Secure Multi-Party Computation," in International Journal of Computer Science and Information Security, Vol.7 No.1, pages 239-243, USA, Jan. 2010.

[16] R. Sheikh, B. Kumar and D. K. Mishra, "A Distributed k-Secure Sum Protocol for Secure Multi-Party Computation," Journal of Computing, USA, Vol. 2, Issue 3, pages 68-72, Mar. 2010.