2. INTRODUCTION
Overview Characteristics
Nodes within ad hoc network are - No fixed infrastructure
mobile, also known as MANET, they -Dynamic topology
communicate with each other within radio - Energy constrained
range through direct wireless links or multi-
hop routing. - Node acts both as a host and router
The nodes can continuously move into and
out of the radio range of the other nodes in
the ad hoc network, and the routing
information will be changing all the time
because of the movement of the nodes
3. SECURITY ISSUES
Security Goal [4]
• Availability: ensures the survivability of network services despite denial of
service attacks.
• Confidentiality : Ensures that secret information or data is never disclosed to
unauthorized devices.
• Integrity : Ensures that a message received is not corrupted.
• Authentication: enables a node to ensure the identity of the peer node it is
communicating with.
• Non-repudiation: ensures that the origin of a message cannot deny having sent
the message.
Challenge [2]:
• the vulnerability of the link
• limited physical protection of each of the nodes
• dynamically changing of topology
• the absence of a certification authority
• the lack of the centralized monitoring or management point
4. SECURITY ISSUES
Threat
•External attacks come from outside intruders, i.e. non participants in the
protocol, whose objective is the disruption of normal routing operation
• To defend against the external attacks, nodes can protect routing information in
the same way they protect data traffic.
• A compromised node is categorized as internal attack.
• the most severe threat for MANETs, it may broadcast wrong routing information
to other nodes
• Detection of compromised nodes through routing information is also difficult due
to dynamic topology of Adhoc networks.
•Routing protocols for Adhoc networks must handle outdated routing information
to accommodate dynamic changing topology.
5. ROUTING PROTOCOL ISSUES
Attacks using modification of protocol fields of messages
• The level of trust in a traditional Ad-hoc network cannot be measured or
enforced, enemy nodes or compromised nodes may participate directly in
the route discovery and may intercept and filter routing protocol packets
to disrupt communication.
• Malicious nodes can easily cause redirection of network traffic and DOS
attacks by simply altering these fields
• in Figure 5, a malicious node M could keep traffic from reaching X by
consistently advertising to B a shorter route to X than the route to
X, which C is advertising.
6. ROUTING PROTOCOL ISSUES
Attacks using modification of protocol fields of messages
• The attacks can be classified as remote redirection attacks and denial of
service attacks
Remote redirection with modified route sequence number (AODV)
• Remote redirection attacks are also called black-hole attacks[7].
• a malicious node uses routing protocol to advertise itself as the
shortest path to nodes whose packets it wants to intercept
• Protocols such as AODV instantiate and maintain routes by
assigning monotonically increasing sequence numbers to routes
towards a specific destination
• any node may divert traffic through itself by advertising a route to
a node with a destination sequence number greater than the
authentic value.
• Figure 5 illustrates an example ad hoc network. Suppose a
malicious node, M, receives the RREQ that originated from S for
destination X after it is re-broadcast by B during route discovery.
• M redirects traffic towards itself by unicasting to B a RREP
containing a significantly higher destination sequence num for X
than the authentic value last advertised by X.
7. ROUTING PROTOCOL ISSUES
Attacks using modification of protocol fields of messages
Redirection with modified hop count (AODV)
• by modifying the hop count field in route discovery messages.
• When routing decisions cannot be made by other metrics, AODV
uses the hop count field to determine a shortest path.
• The malicious nodes can attract route towards themselves by
resetting the hop count field of the RREP to zero.
• Once the malicious node has been able to insert itself between
two communicating nodes it is able to do anything with the
packets passing between them.
• It can choose to drop packets to perform a denial of service
attack, or alternatively use its place on the route as a first step in
man-in-the-middle attack.
8. ROUTING PROTOCOL ISSUES
Attacks using modification of protocol fields of messages
Denial of service with modified source routes
• DSR is a routing protocol, which explicitly states routes in data
packets.
• These routes lack any integrity checks and a simple denial-of-
service attack can be launched in DSR by altering the source
routes in packet headers.
• Modification to source routes in DSR may also include the
introduction of loops in the specified path.
• Although DSR prevents looping during the route discovery
process, there are insufficient safeguards to prevent the insertion
of loops into a source route after a route has been salvaged.
9. ROUTING PROTOCOL ISSUES
Attacks using impersonation
• Current Ad-hoc routing protocols do not authenticate source IP address. A
malicious node can launch many attacks by altering its MAC or IP address.
• Both AODV and DSR are susceptible to this attack.
• In this type of attack, nodes may be able to join the network
undetectably, or send false routing information, masquerading as some
other trusted node
10. ROUTING PROTOCOL ISSUES
Attacks using fabrication
• Generation of false routing messages is termed as fabrication messages.
Such attacks are difficult to detect.
Falsifying route error messages in AODV or DSR
• AODV and DSR implement path maintenance measures to recover
broken paths when nodes move.
• The vulnerability is that routing attacks can be launched by
sending false route error messages.
• Suppose node S has a route to node X via nodes A, B, and C, as in
Figure 5. A malicious node M can launch a denial of service attack
against X by continually sending route error messages to B
spoofing node C, indicating a broken link between nodes C and X.
• B receives the spoofed route error message thinking that it came
from C.
• B deletes its routing table entry for X and forwards the route error
message on to A, who then also deletes its routing table entry. If
M listens and broadcasts spoofed route error messages whenever
a route is established from S to X, M can successfully prevent
communications between S and X.
11. ROUTING PROTOCOL ISSUES
Attacks using fabrication
Route cache poisoning in DSR
• This is a passive attack that can occur in DSR due to promiscuous
mode of updating routing table which is employed by DSR.
• Occurs when information stored in routing table at routers is
deleted, altered or injected with false information.
• DSR Nodes learn the routes from packet’s headers, which a node
is processing along a path, routes in DSR may also be learned from
promiscuously received packets.
• A node overhearing any packet may add the routing information
contained in that packet's header to its own route cache.
• The vulnerability is that an attacker could easily exploit this
method of learning routes and poison route caches.
• Suppose a malicious node M wanted to poison routes to node X. If
M were to broadcast spoofed packets with source routes to X via
itself, neighboring nodes that overhear the packet transmission
may add the route to their route cache.
12. ROUTING PROTOCOL ISSUES
Attacks using fabrication
Routing table overflow attack
• In routing table overflow attack, the attacker attempts to create
route to non-existent nodes.
• The goal of the attacker is to create enough routers to prevent
new routes from being created or overwhelm the protocol.
• Implementation and flush out legitimate routes from routing
tables.
• Proactive routing algorithms attempt to discover routing
information even before they are needed, while reactive
algorithms create only when they are needed. This makes
proactive algorithms more vulnerable to table overflow attacks.
13. SOLUTION TO AD HOC ROUTING
Installing extra facilities in the network to mitigate routing misbehavior
• Misbehaving nodes can reduce network throughput and result in poor
robustness.
• A technique to identify and isolate such nodes is proposed in [10] by
installing a watchdog and a pathrater in the Ad-hoc network on each
node.
• The watchdog identifies misbehaving nodes, while the pathrater avoids
routing packets through these nodes.
• When a node forwards a packet, the node’s watchdog verifies that the
next node in the path also forwards the packet.
• The watchdog does this by listening promiscuously to the next node’s
transmissions. If the next node does not forward the packet, then it is
misbehaving.
• The pathrater uses this knowledge of misbehaving nodes to choose the
network path that is most likely to deliver packets.
14. SOLUTION TO AD HOC ROUTING
Watchdog
S A B C D
Figure 6: Watchdog’s operation.
• when A transmits a packet for B to forward to C, A can often tell if B
transmits the packet.
• If encryption is not performed separately for each link, which can be
expensive, then A can also tell if B has tampered with the payload or the
header.
Advantages
The watchdog mechanism can detect misbehaving nodes at forwarding level
and not just the link level.
15. SOLUTION TO AD HOC ROUTING
Watchdog
• The watchdog is implemented by maintaining a buffer of recently sent
packets and comparing each overheard packet with the packet in the
buffer to see if there is a match.
• If so, the packet in the buffer is removed and forgotten by the watchdog,
since it has been forwarded on.
• If the packet has remained in the buffer for longer than a certain timeout,
the watchdog increments a failure tally for the node responsible for
forwarding on the packet.
• If the tally exceeds a certain threshold bandwidth, it determines that the
node is misbehaving and sends a message to the source notifying it of the
misbehaving node.
16. SOLUTION TO AD HOC ROUTING
Watchdog - Weakness
Ambiguous collision
• It prevents A from overhearing transmissions from B
• A packet collision occur at A while it is listening for B to forward on a
packet.
• A does not know if the collision was caused by forwarding on a packet as
it should or if B never forwarded the packet and the collision was caused
by other nodes in A’s neighborhood.
• Because of this uncertainty, A should instead continue to watch B over a
period of time.
2 1 1
S A B C D
Figure 7: Ambiguous Collision.
17. SOLUTION TO AD HOC ROUTING
Watchdog - Weakness
Receiver collision
• node A can only tell whether B sends the packet to C, but it cannot tell if C
receives it.
• If a collision occurs at C when B first forwards the packet, A only sees B
forwarding the packet and assumes that C successfully receives it.
• Thus, B could skip retransmitting the packet and evade detection.
S A B C D
Figure 8: Receiver Collision
18. SOLUTION TO AD HOC ROUTING
Watchdog - Weakness
False misbehavior
• It can occur when nodes falsely report other nodes as misbehaving.
• A malicious node could attempt to partition the network by claiming that
some nodes following it in the path are misbehaving.
• For instance, node A could report that node B is not forwarding packets
when in fact it is. This will cause S to mark B as misbehaving when A is the
culprit.
• This behavior, however, will be detected. Since A is passing messages onto
B (as verified by S), then any acknowledgements from D to S will go
through A to S, and S will wonder why it receives replies from D when
supposedly B dropped packets in the forward direction.
• In addition, if A drops acknowledgements to hide them from S, the node B
will detect this misbehavior and will report it to D.
19. SOLUTION TO AD HOC ROUTING
Watchdog - Weakness
Limited transmission power
• Another problem is that a misbehaving node that can control its
transmission power can circumvent the watchdog.
• A node could limit its transmission power such that the signal is strong
enough to be overheard by the previous node but too weak to be received
by the true recipient.
Multiple colluding nodes
• Multiple nodes in collusion can mount a more sophisticated attack. For
example, B and C could collude to cause mischief. In this case, B forwards
a packet to C but does not report to A when C drops the packet. Because
of its limitation, it may be necessary to disallow two consecutive un-
trusted nodes in a routing path.
20. SOLUTION TO AD HOC ROUTING
Watchdog - Weakness
Partial dropping
• A node can circumvent the watchdog by dropping packets at a lower rate
than the watchdog’s configured minimum misbehavior threshold.
• Although the watchdog will not detect this node as misbehaving, this node
is forced to forward at the threshold bandwidth.
• In this way the watchdog serves to enforce this minimum bandwidth. For
the watchdog to work properly it must know where a packet should be in
two hops.
21. SOLUTION TO AD HOC ROUTING
Pathrater
• The pathrater is run by each node.
• It combines the knowledge of misbehaving nodes with link reliability data
to pick. The most reliable route.
• Each node maintains a rating for every other node it knows about in the
network. It calculates a path metric by averaging the node ratings in the
path.
• This metric gives a comparison of the overall reliability of different paths
and allows pathrater to emulate the shortest length path algorithm when
no reliability information has been collected.
• If there are multiple paths to the same destination, the path with the
highest metric is selected. Since the pathrater depends on knowing the
exact path a packet has traversed, it must be implemented on top of a
source routing protocol.
22. SOLUTION TO AD HOC ROUTING
Pathrater
• When anode in the network becomes known to the pathrater (through
route discovery), the pathrater assigns it a “neutral” rating of “0.5”. A
node always rates itself with a “1.0”.
• This ensures that when calculating path rates, if all other nodes are
neutral nodes (rather than suspected misbehaving nodes); the pathrater
picks the shortest length path.
• The pathrater increments the ratings of nodes on all actively used paths by
0.01 at periodic intervals of 200 ms.
• An actively used path is one on which the node has sent a packet within
the previous rate increment interval. The maximum value a neutral node
can attain is 0.8. The node’s rating is decreased by 0.05 when a link break
during packet forwarding and the node becomes unreachable.
• The lower bound rating of a “neutral” node is 0.0. The pathrater does not
modify the ratings of nodes that are not currently in active use.
23. SOLUTION TO AD HOC ROUTING
Pathrater
• When the pathrater calculates the path metric, negative path values
indicate the existence of one or more suspected misbehaving nodes in the
path (special highly negative value is assigned by watchdog, -100 in the
simulations,).
• If a node is marked as misbehaving due to a temporary malfunction or
incorrect accusation it would be preferable if it were not permanently
excluded from routing.
• Therefore nodes that have negative ratings should have their ratings
slowly increased or set back to a non-negative value after a long timeout.
25. SOLUTION TO AD HOC ROUTING
Security Aware Routing - SAR
• makes use the trust levels (security attributes assigned to nodes) to make
informed and secure routing decision.
• Current routing protocols discover the shortest path between two nodes.
But SAR can discover a path with desired security attributes (E.g. a path
through nodes with a particular shared key).
• A node initiating route discovery sets the sought security level for the
route i.e. the required minimal trust level for nodes participating in the
query/reply propagation.
• Nodes at each trust level share symmetric encryption keys. Intermediate
nodes of different levels cannot decrypt in-transit routing packets or
determine whether the required security attributes can be satisfied and
drop them.
• Only the nodes with the correct key can read the header and forward the
packet. So if a packet has reached the destination, it must have been
propagated by nodes at the same level, since only they can decrypt the
packet, see its header and forward it.
Drawbacks
A lot of encryption overhead, since each intermediate node has to performs it.
26. SOLUTION TO AD HOC ROUTING
SAODV - Implementation SAR extends AODV
• Most of AODV’s original behavior such as on-demand discovery using flooding,
reverse path maintenance and forward path setup via Route Request and Reply
(RREP) messages is retained.
• The RREQ packet has an additional field called RQ_SEC_REQUIREMENT that
indicates the required security level for the route the sender wishes to discover.
• An intermediate node at the required trust level, updates the RREQ packet by
updating another new field, RQ_SEC_GUARANTEE field. The RQ_SEC_GUARANTEE
field contains the minimum security offered in the route.
• This can be achieved if each intermediate node at the required trust level performs
an ‘AND’ operation with RQ_SEC_GUARANTEE field it receives and puts the updated
value back into the RQ_SEC_GUARANTEE field before forwarding the packet.
• When an RREQ successfully traverses the network, the RQ_SEC_GUARANTEE
represents the minimum security level in the entire path from source to destination.
• the destination copies this from the RREQ to the RREP, into a new field called
RP_SEC_GUARANTEE field. The sender can use this value to determine the security
level on the whole path, since the sender can find routes which offer more security
than asked for, with which he can make informed decisions.
27. SOLUTION TO AD HOC ROUTING
Authenticated Routing for Ad-hoc Networks - ARAN
• ARAN is presented in [14], introduces authentication, message integrity
and non-repudiation to an Ad-hoc environment.
• ARAN is composed of two distinct stages. The first stage is simple and
requires little extra work from peers beyond traditional ad hoc protocols.
Nodes that perform the optional second stage increase the security of
their route, but acquire additional cost for their ad hoc peers who may not
comply (e.g., if they are low on battery resources).
• ARAN makes use of cryptographic certificates for the purposes of
authentication and non-repudiation.
28. SOLUTION TO AD HOC ROUTING
ARAN, Stage 1
Preliminary Certification
• Before entering the Ad-hoc network, each node requests a certificate from T. For a
node A,
T -> A: CertA = [IPA, KA+, t, e]KT-
• All nodes must maintain fresh certificates with the trusted server and must know T’s
public key.
End-to-End authentication
• The goal of stage 1 is for the source to verify that the intended destination was
reached.
• Source node , A, begins route instantiation to a destination X by broadcasting to its
neighbors a route discovery packet (RDP):
A -> broadcast: [RDP, IPX, CertA, NA, t]KA-
• all signed with A's private key. Each time A performs route discovery, it
monotonically increases the nonce. Nodes then store the nonce they have last seen
with its timestamp.
29. SOLUTION TO AD HOC ROUTING
ARAN, Stage 1
• Intermediate node for RDP , Each node records the neighbor from which it received
the message. Let A's neighbor be B.
B -> broadcast: [[RDP, IPX, CertA, NA, t]KA-]KB-, CertB
• Upon receiving the broadcast, B's neighbor C validates the signature with the given
certificate.
• C then rebroadcasts the RDP to its neighbors, first removing B's signature.
C -> broadcast: [[RDP, IPX, CertA, NA, t]KA-]KC-, CertC
• Destination node, unicasts a Reply (REP) packet back along the reverse path to the
source.
X -> D: [REP, IPA, CertX, NA, t]KX-
• Intermediate node for REP, All REPs are signed by the sender.
D -> C: [[REP, IPA, CertX, NA, t]KX-]KD-, CertD
• C validates D's signature, removes the signature, and then signs the contents of the
message before unicasting the RDP to B
• C -> B: [[REP, IPA, CertX, NA, t]KX-]KC-, CertC
• Source node, verifies that the correct nonce was returned by the destination as well
as the destination's signature. Only the destination can answer an RDP packet.
30. SOLUTION TO AD HOC ROUTING
ARAN, Stage 2
• The disadvantage of ARAN is that it requires that nodes keep one routing table
entry per source-destination pair that is currently active. This is certainly more
costly than per-destination entries in non-secure ad hoc routing protocols.
• Stage 2 is done only after Stage 1 is over. This is because the destination certificate
is required in this stage.
• This stage is primarily used for discovery of shortest path in a secure fashion. Since a
path is already discovered , data transfer can be pipelined with Stage 2's shortest
path discovery operation.
• Source, by broadcasting a Shortest Path Confirmation (SPC) message to its
neighbors
A -> broadcast: SPC, IPX, CertX, [[IPX, CertA, NA, t]KA- ]KX+
• This signed message is encrypted with X's public key so that other nodes cannot
modify the contents
31. SOLUTION TO AD HOC ROUTING
ARAN, Stage 2
• Intermediate Node , a neighbor B that receives the message rebroadcasts the
message after including its own cryptographic credentials.
B ->broadcast: SPC, IPX, CertX, [[[IPX, CertA, NA, t]KA-]KX+]KB-, CertB]KX+
• Nodes that receive the SPC packet create entries in their routing table so as not to
forward duplicate packets. The entry also serves to route the reply packet from the
destination along the reverse path.
• Destination Node, it checks that all the signatures are valid. X replies to the first SPC
it receives and also any SPC with a shorter recorded path by sending Recorded
Shortest Path (RSP) message .
X -> D: [RSP, IPA, certX, NA, route]KX-
• The source eventually receives the packet and verifies that the nonce corresponds
to the SPC is originally generated.
Advantages
The onion-like signing of messages prevents nodes in the middle from changing the path
in several ways. First, to increase the path length of the SPC, malicious nodes require an
additional valid certificate. Second, malicious nodes cannot decrease the recorded path
length or alter it because doing so would break the integrity of the encrypted data.
32. SOLUTION TO AD HOC ROUTING
ARAN, Route Maintenance
• Nodes keep track of whether routes are active. When no traffic has
occurred on an existing route for that route's lifetime, the route is simply
de-activated in the route table.
• Data received on an inactive route causes nodes to generate an Error
(ERR) message that travels the reverse path towards the source.
• Nodes also use ERR messages to report links in active routes that are
broken due to node movement. All ERR message must be signed.
• For a route between source A and destination X, a node B generates the
ERR message for its neighbor C as follows:
B -> C: [ERR, IPA, IPX, CertC, NB, t]KB-
• This message is forwarded along the path towards the source without
modification.
• Because messages are signed, malicious nodes cannot generate ERR
messages for other nodes
33. SOLUTION TO AD HOC ROUTING
ARAN, Key Revocation
• ARAN attempts a best effort key revocation that is backed up with limited
time certificates.
• Calling the revoked certificate cert r, the transmission appears as
• T -> broadcast: [revoke, Cert-R]KT-
• Any node receiving this message re-broadcasts it to its neighbors.
• Any neighbor of the node with the revoked certificate needs to reform
routing as necessary to avoid transmission through the now-untrusted
node.
34. SOLUTION TO AD HOC ROUTING
Secure Routing Protocol – SRP [11]
• SRP is applied as an extension of a multitude of existing routing protocols
such as DSR [12] and ZRP [13].
• counters the malicious behavior that guarantees the acquisition of correct
topological information in a timely manner.
• . i.e., the route replies that are validated and accepted by the querying
node provide accurate connectivity information, despite the presence of
strong adversaries [13].
• Achieved with the existence o a security association between the pair of
end nodes only, without the need for intermediate node to
cryptographically validate control traffic.
35. SOLUTION TO AD HOC ROUTING
Secure Routing Protocol – SRP [11]
• Here is assumed that a security association (a shared key KST) is
established between source (S) and destination (T).
• The route request packet is identified by a random query identifier (rnd#)
and a sequence number (sq#).
• S constructs a Message Authentication Code (MAC) which is a hash of
source, destination, random query identifier, sequence number and KST
• MAC = h(S, T, rnd#, sq#, KST)
• In addition the identifiers (IP addresses) of the traversed intermediate
nodes are accumulated in the route request packet.
• The intermediate nodes maintain a limited amount of state information
regarding relayed queries (by storing their random sequence number), so
that previously seen route requests are discarded.
36. SOLUTION TO AD HOC ROUTING
Secure Routing Protocol – SRP [11]
• More than one route request packet reaches the destination through
different routes.
• The destination T calculates a MAC covering the route reply contents and
then returns the packet to S over the reverse route accumulated in the
respective request packet.
• The destination responds to one or more route request packets to provide
the source with an as diverse topology picture as possible.
Advantages:
• Computing the MAC is not computationally expensive.
• Message integrity is preserved.
• If confidentiality of data is required, the pay load could be encrypted with
the shared key KST
37. SOLUTION TO AD HOC ROUTING
Secure Routing Protocol – SRP [11]
• the query request is denoted as a list { QST; n1, n2, …. nk}
• QST denotes the SRP header for a query searching for T and initiated by S.
• ni , i not = {1,k} are the IP addresses of the intermediate nodes and n1=
S, nk= T.
• Similarly, a route reply is denoted as { RST; n1, n2, …. nk}
38. SOLUTION TO AD HOC ROUTING
Secure Routing Protocol – SRP [11]
Case 1
• When M receives { QST; S} it tries to mislead S by generating{ RST; S, M1, T}
i.e. it fakes that destination T is its neighbor.
• This is possible in a regular routing protocol, but not here, since only T can
generate the MAC which is verified by S.
Case 2
• If M1 discards request packets that it receives, it narrows the topology
view of S.
• But at the same time it practically removes itself from S’s view.
• Thus it cannot inflict harm to data flows originating from S, and route
chosen by S would not include M1.
39. SOLUTION TO AD HOC ROUTING
Secure Routing Protocol – SRP [11]
Case 3
• When M1 receives { RST; S,1, M1, S, 4, T} it tampers with its contents and
relays{ RST; S, 1, M, Y, T}.
• Y being any sequence of nodes. S readily discards the reply due to the
integrity protection provided by MAC.
Case 4
• When M2 receives { QST; S, 2, 3 } it corrupts the accumulated route and
relays { QST; S, X, 3, M2} to its neighbors, where X is a false IP address.
• This request arrives at T, which constructs the reply and routes it over
{T, M2, 3, X, S} towards S.
• but when node 3 receives the reply it cannot forward it any further since X
is not its neighbor and the reply is dropped.
40. SOLUTION TO AD HOC ROUTING
Secure Routing Protocol – SRP [11]
Case 5
• If M1 replays route requests to consume network resources, they will be
discarded by intermediate nodes, since they maintain a list of query
identifiers seen in the past.
• The query identifier is a random number, so that it is not guessable by the
malicious node.
Case 6
• If M1 attempts to forward { QST; S, M*} i.e. it spoofs its IP address.
• Consequently S would accept { RST; S, M*, 1, 4, T} as a route
• But the connectivity information conveyed by such a reply is correct.
41. SOLUTION TO AD HOC ROUTING
Attack on SRP
Tunneling
• If 2 nodes collude during the 2 phases (request and reply) of a single route
discovery, then the protocol could be attacked. e.g.: if M1 received a route
request, it can tunnel it to M2
• i.e. discover a route to M2 and send the request encapsulated in a data
packet. Then M2 broadcasts a request with the route segment between
M1 and M2 falsified {QST; S, M1, Z, M2}.
• T receives the request and constructs a reply which is routed one
{T, M2, Z, M1, S}. M2 receives the reply and tunnels it back to M1, which
then returns it to S. As a result the connectivity information is only
partially correct.
Replay
• If M1 rewrites the RND# with some other random number, its neighbors
think that it is a genuine packet and keep forwarding it, thus wasting their
resources.
• Only when the packet reaches the destination this misuse can be detected
using the MAC.
42. Conclusion
• Routing protocol threats are usually specific to particular security weakness
(not necessary design weakness) of the protocol, which can be categorized
using different criteria.
• However, proposed routing solutions are capable to operate with dynamic
topology but in terms of security measure they provide partial or no solution
[4].
• Thus implementation of secure routing protocol is still one of the challenges
within ad hoc network.
43. References
1. Wenjia Li and Anupam Joshi, “Security Issues in Mobile Ad Hoc Networks A Survey”.
2. Jean-Pierre Hubaux, Levente Buttyan and Srdan Capkun, “The Quest for Security in Mobile Ad hoc
Networks”, Proceedings of the ACM Symposium on Mobile Ad hoc Networking and Computing, MobiHOC 2001.
3. Hao Yang, Haiyun Luo, Fan Ye, Songwu Lu, and Lixia Zhang, “Security in Mobile Ad Hoc Network Challenge and
Solutions”, IEEE Wireless Communications, February 2004
4. L. Zhou, Z. J. Haas. Securing Ad Hoc Networks. IEEE Network, 13(6): 24-30, Nov/Dec 1999.
5. Preetida Vinayakray-Jani, “Security within Ad hoc”, Position Paper, PAMPAS Workshop, Sept. 16/17 2002, London.
6. Dr. Harsh Sadawarti and Anuj K. Gupta, “Secure Routing Techniques for MANETs”, International Journal of Computer
Theory and Engineering, Vol. 1, No. 4, October2009, 1793-8201.
7. F.Wang, B. Vetter, and S.Wu, “Secure Routing Protocols: Theory and Practice,” Technical Report, North Carolina State
University, May 1997
8. [http://citeseer.nj.nec.com/400961.html.2000.H. Dang,W. Li, and D. P. Agrawal, “Routing security in wireless ad hoc
networks”, IEEE Communications Magazine, 0163-6804, pp. 70-75, October 2002.]
9. A. K. Bayya, S. Gupte, Y. K. Shukla, A. Garikapati, “Security in Ad-hoc Networks”.
10. S. Marti, T.J. Giuli, Kevin Lai and Mary Baker, Mitigating Routing Misbehavior in Mobile Ad Hoc Networks.
Proceedings of MOBICOM 2000, August 2000.
11. P. Papadimitratos and Z.J. Haas. “Secure routing for mobile ad hoc networks,” SCS Communication Networks and
Distributed Systems Modeling and Simulation Conference (CNDS 2002), Jan 2002.
12. D.B. Johnson, D.A Maltz, and J. Broch, “DSR: The Dynamic Source Routing Protocol for Multi-Hop Wireless Ad hoc
Networks,” Ad Hoc Networking, C.E. Perkins, Ed., Addison-Wesley, 2001, 139-172.
13. Z. J. Haas, M. Perlman, “The Performance of Query Control Schemes of the Zone Routing Protocol” IEEE/ACM
Transactions on Networking, vol. 9, no. 4, pp. 427-438, Aug 2001.
14. B. Dahill, B. N. Levine, E. Royer, and C. Shields, “A secure routing protocol for ad hoc networks,” in Proceedings of
the International Conference on Network Protocols (ICNP), pp. 78-87, 2002.
15. F. Stajano and R. Anderson, “The Resurrecting Duckling: Security Issues for Ad Hoc Wireless Networks,” Security
Protocols, 7th International Workshop, LNCS, Springer-Verlag, 1999.
16. Seung Yi, P. Naldurg and R. Kravets, “Security-Aware Ad-Hoc Routing for Wireless Networks”.