SlideShare a Scribd company logo

Gw2412271231

IJERA Editor
IJERA Editor
1 of 5
Download to read offline
Vijaya Bhaskar .Ch, Nagaraju.M, Chaitanya Kumar.N / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 2, Issue4, July-August 2012, pp.1227-1231 Review Of Attacks And Security Threats As Securing In Wireless Ad Hoc Networks Vijaya Bhaskar .Ch , Chaitanya Kumar.N, Nagaraju.M Abstract Security is an essential requirement in mobile ad devices. In this paper an effort has been made to evaluate hoc network (MANETs). Compared to wired networks, various security threats. MANETs are more vulnerable to security attacks due to the lack of a trusted centralized authority and limited resources. Attacks on ad hoc networks can be classified as 2. SECURITY REQUIREMENTS passive and active attacks, depending on whether the normal operation of the network is disrupted or not. The In any fixed or wireless network, the security is study here proposes a theory in this paper based on incorporated at three stages: prevention, detection and cure. Hashing as a tool. This scheme can make most of the on Key parts of prevention stage are authentication and demand protocols secure. The study should help in making authorization. The authentication is associated with protocols more robust against attacks and standardize authenticating the participating node, message and any other parameters for security in routing protocols. meta-data like topology state, hop counts etc. Authorization is associated with recognition. Where detection is the ability Keywords: security threats, Attacks, secure routing, hash to notice misbehavior carried out by a node in the network, function. the ability to take a corrective action after noticing misbehavior by a node is termed as cure. 1. INTRODUCTION Different possible attacks on ad hoc networks are Wireless Ad Hoc networks interesting and eavesdropping, compromising node, distorting message, challenging is its potential use in situations where the replaying message, failing to forward message, jamming infrastructure support to run a normal network does not signals etc. The central issues behind many of the possible exist. Some applications include a war zone, an isolated attacks at any level of security stage are authentication, remote area, a disaster zone like earthquake affected area confidentiality, integrity, non repudiation, trustworthiness and virtual class room etc. and availability. Ad-hoc networks are self-organizing wireless There are several proposals available to solve these networks, in which all end nodes act as routers. A Mobile issues, but are not comprehensive in nature as they target Ad hoc Networks (MANET) consists of a set of mobile specific threats separately. Therefore there is a strong need hosts within communication range and exchange the data to have an efficient security regime which can take care of among themselves without using any preexisting all the aspects of security. infrastructure. MANET nodes are typically distinguished by their limited power, processing and memory resources 3. SECURITY THREATS as well as high degree of mobility. In such networks, the wireless mobile nodes may dynamically enter the network and leave the network. Due to the limited transmission range of wireless network nodes, multiple hops are usually needed for a Node to exchange information with any other node in the network. It is very challenging for researchers to provide comprehensive security for ad hoc networks with the desired quality of service from all possible threats. Providing security becomes even more challenging when The two broad classes of network attacks are active attacks the participating nodes are mostly less powerful mobile and passive attacks. 1227 | P a g e
Vijaya Bhaskar .Ch, Nagaraju.M, Chaitanya Kumar.N / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 2, Issue4, July-August 2012, pp.1227-1231 3.1 Passive Attack  Masquerading: The attacker impersonates an authorized user and thereby gains certain unauthorized privileges. A passive attack on a communications system is one in which the attacker only eavesdrops; he may read  Replay: The attacker monitors transmissions (passive messages he is not supposed to see, but he does not create attack) and retransmits messages as the legitimate user. or alter messages. This contrasts with an active attack in which the attacker may create, forge, alter, replace or  Message modification: The attacker alters a legitimate reroute messages. Generally, the term "passive attack" is message by deleting, adding to, changing, or reordering it. used in the context of cryptanalysis. For example, wiretapping an unencrypted line is a passive attack.  Denial-of-service: The attacker prevents or prohibits the normal use or management of communications facilities. There are three passive attacks that will in theory break The consequences of these attacks include, but are not any cipher except a one-time pad; variants of this work for limited to, loss of proprietary information, legal and either block ciphers or stream ciphers: recovery costs, tarnished image, and loss of network service.  brute force attack — try all possible keys Ad hoc networks face many problems due to which a  algebraic attack — write the cipher as a system of consistent and secure network flow becomes challenging equations and solve for the key task. Some of the issues associated are given below.  code book attack — collect all possible plaintext/cipher text pairs for a block cipher, or 1) Ad Hoc networks primarily being wireless have limited the entire pseudorandom stream until it starts band-width in comparison to wired networks. Smaller repeating for a stream cipher . packets are available to transfer data and it further constraints to use lesser number of bits for security An attack in which an unauthorized party gains purposes. It has been expected that this limitation will be access to an asset and does not modify its content (i.e., eased with the advancement of hardware in future. eavesdropping). Passive attacks can be either eavesdropping or traffic analysis (sometimes called traffic 2) The participating nodes of an Ad Hoc networks usually flow analysis). These two passive attacks are described as are mobile devices which have limited capabilities in terms of processing power, memory size and battery backup. It  Eavesdropping: The attacker monitors transmissions for makes the use of digital signature , as a security measure message content. An example of this attack is a person less suitable as digital signatures are computation intensive. listening into the transmissions on a network topology The use of digital signatures may also consume considerable between two workstations or tuning into transmissions memory if digital signatures are appended by each node that between a wireless handset and a base station. forwards the packet to its destination. Furthermore a PKI infrastructure is not practical in case of Ad Hoc networks.  Traffic analysis: The attacker, in a more subtle way, Other problem with use of digital signature is to maintain a gains intelligence by monitoring the transmissions for certificate revocation list (CRL), in the absence of a central patterns of communication. A considerable amount of server. The solution to this problem can be achieved by information is contained in the flow of messages between using some light weight security arrangements only. communicating parties. 3) The use of hashing techniques although offer efficient 3.2 Active Attack security measures but have been used relatively less. Hashing technologies like MAC [4], HMAC [4], one way An active attack attempts to alter or destroy the hash chains etc have mostly been used for authenticating data being exchanged in the network there by disrupting routing and message information. The effectiveness of the normal functioning of the network. hashing techniques depends on the way the collisions have been treated. An attack whereby an unauthorized party makes modifications to a message, data stream, or file. It is possible to detect this type of attack but it may not be preventable. Active attacks may take the form of one of four types masquerading, replay, message modification, LAYER Active Attacks comment and denial-of-service (DoS). These attacks are summarized MAC LAYER Jamming attack The particular as: ATTACKS class of DoS 1228 | P a g e
Vijaya Bhaskar .Ch, Nagaraju.M, Chaitanya Kumar.N / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 2, Issue4, July-August 2012, pp.1227-1231 attacks. messages NETWORK Wormhole attack severe threats TRANSPORT Session Hijacking spoofs the LAYER to MANET LAYER attack victim‟s IP ATTACKS routing ATTACKS address. protocols, DSR SYN Flooding denial-of- or AODV, the attack service attack attack could APPLICATION Repudiation attack prevent the LAYER discovery ATTACKS of any routes other than 4. SECURE ROUTING through the The routing protocols [1,2,3] with in ad hoc wormhole. networks are more vulnerable to attacks as each device acts Blackhole attack exploits the as a relay. Any tampering with the routing information can mobile ad hoc be compromise the whole network. An attacker can routing introduce rogue information with in routing information or protocol, replay old logged or stored information. consumes the The aim is to protect any information or behavior intercepted that can update or cause a change to the routing tables on packets cooperating nodes involved in an ad hoc routing protocol. without any For completeness, timeliness and ordering are added to the forwarding. list of desirable security properties that can eliminate or Byzantine attack Creates routing reduce the threat of attacks against routing protocols. loops. Techniques that can be used to guarantee these properties Routing Attacks - are described in Table 1. Routing Table Overflow, Properties Techniques Routing Table Timeliness Time stamping, Slotted Poisoning, Time Route Cache Ordering Sequence Numbering Poisoning, Rushing Attack Authenticity Password, Certificate Packet Authorization Credential Replication, Integrity Digest, Digital Signature Resource Forward Confidentiality Encryption consumption attack unnecessary packets to the Non-Repudiation Chaining of Digital victim node. Signature IP Spoofing attack impersonates a member by Table 1: Properties of secured routing occupying IP address. The following properties can be integrated into State Pollution a malicious routing protocol messages to prevent attacks that exploit the attack node gives vulnerability of unprotected information in transit: incorrect  Timeliness: Routing updates need to be delivered in a parameters in timely fashion. Update messages that arrive late may not reply reflect the true state of the links or routers on the network. Sybil attack impersonates They can cause incorrect forwarding or even propagate false nonexistent information and weaken the credibility of the update nodes information. Most ad hoc routing protocols have timestamps Fabrication Injects huge and timeout mechanisms to guarantee the freshness of the routes they provide. packets into the networks  Ordering: Out-of-order updates can also affect the Modification make changes correctness of the routing protocols. These messages may to the routing not reflect the true state of the network and may propagate 1229 | P a g e
Vijaya Bhaskar .Ch, Nagaraju.M, Chaitanya Kumar.N / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 2, Issue4, July-August 2012, pp.1227-1231 false information. Ad hoc routing protocols have sequence Each of these desirable properties has a cost and numbers that are unique within the routing domain to keep performance penalty associated with it. Some options such updates in order. as enforcing access control to routing tables using  Authenticity: Routing updates must originate from credentials and providing non repudiation by chaining authenticated nodes and users. Mutual authentication is the signatures are extremely expensive and impractical to basis of a trust relationship. Simple passwords can be used implement and enforce in a generalized routing protocol. for weak authentication. Each entity can append a public key certificate, attested by a trusted third party to claim its 5. PROPOSED SOLUTION - HASHING TECHNIQUES authenticity. The certifying authority can implement a password based login or a challenge-response mechanism Hash Function: Hashing techniques available are to authenticate the identity in the first place. The receiving based on the concept of a hash function that transforms a node can then verify this claim by examining the given input of arbitrary length to a value of a fixed length, certificate. One of the problems in ad hoc networking is the called the hash value. The transformation is done in a absence of a centralized authority to issue and validate manner that it is computationally infeasible to transform the certificates of authenticity. hash value to the original value. Hash functions are very  Authorization: An authenticated user or node is issued efficient as they do not involve heavy computations and an unforgeable credential by the certificate authority. hence are applied in the area of security for message These credentials specify the privileges and permissions authentication and integrity checks. associated by the users or the nodes. Currently, credentials The problem with hash functions is collision. are not used in routing protocol packets, and any packet Collision is a situation where a hash function generates the can trigger update propagations and modifications to the same hash value for more than one different input values. routing table. Collisions are possible in a hash function due to the fact that  Integrity: The information carried in the routing updates it transforms an input of any length to an output of fixed can cause the routing table to change and alter the flow of length, meaning a mapping from a larger set to a smaller set. packets in the network. Therefore, the integrity of the The solution to this problem is achieved through the content of these messages must be guaranteed. This can be adoption of appropriate collision resolution or avoiding accomplished by using message digests and digital techniques. There can be three ways in which the collisions signatures. can be handled: first by selecting a hash function that is more and more collision resistant, second by putting the  Non-repudiation: Routers cannot repudiate ownership processing in an environment to minimize the chance of of routing protocol messages they send. A major concern collisions and third by resolving when the collision really with the updates is the trust model associated with the takes place. The choice of a hash function, its propagation of updates that originate from distant nodes. implementation and its associated collision resolution Ad-hoc nodes obtain information from their neighbors and technique depends on problem area that is being solved. forward it to their other neighbors. These neighbors may The popular examples of hashing functions found forward it to other neighbors and so on. In most existing to be used in different places are HMAC, MD5, SHA-1. protocols, nodes cannot vouch for the authenticity of One way hash chain: A unique way of using hash functions updates that are not generated by their immediate is „one way hash chain‟. This concept was firstly used to neighbors. In order to preserve trust relationships, it provide one time password authentication and later for one becomes necessary to form a chain of routers (using time use of digital cash. One way hash chain is the list of signatures to protect integrity) and authenticate every one values that are generated by applying a hash function on an in turn, following the chain to the source. This is necessary initial value repeatedly. Every value, except the initial one, because trust relationships are not transitive. Alternative is therefore generated by applying hash function to its solutions that avoid chaining include the path attribute previous value exactly one time. This way, any value from mechanism developed for Secure BGP and secure distance that list can be authenticated by providing the previous vector routing. value in the sequence as a key. Therefore the values of a  Confidentiality: In addition to integrity, sometimes it chain can be used in the reverse order of their generation. may be necessary to prevent intermediate or non-trusted The problem with hash chain is to synchronize the nodes from understanding the contents of packets as they authentication process with the revealing of the validating are exchanged between routers. Encrypting the routing keys. A message will be incorrectly invalidated if time protocol packets themselves can prevent unauthorized duration in which the validating key (the previous hash users from reading it. Only routers that have the decryption value from the hash chain) is being advertised is missed key can decrypt these messages and participate in the Many of the implementations of one way hash chains in ad routing. This is employed when a node cannot trust one or hoc network are based on TESLA[4] protocol which was more of its immediate neighbors to route packets correctly, initially developed for authenticating broadcast messages. etc. 1230 | P a g e
Vijaya Bhaskar .Ch, Nagaraju.M, Chaitanya Kumar.N / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 2, Issue4, July-August 2012, pp.1227-1231 Hash Trees: Hash tree is a tree of hash values that has protocols, but neither work discusses the mechanisms for been built up on a set of some initial values. The lowest detecting the status of these links. layer of the tree comprise of the initial values as the leaf nodes, In the next layer of the tree the initial values are 7. CONCLUSION individually converted to their corresponding hash values In this paper, the security threats for an ad hoc while in the subsequent layers, the hash values are network has been analyzed and presented with the security computed by utilizing more than one values of the lower objectives that need to be achieved. The paper represents the layer. Eventually we have a top hash value representing the first step of research to analyze the security threats, to root of the tree. The top hash value can be used to understand the security requirements for ad hoc networks, authenticate any of the values within the tree. and to identify existing techniques, as well as to propose new mechanisms to secure ad hoc networks. Hashing has 6. RELATED WORK been used as one of the tools. More skilled technical work Most of the work done around using Hashing has to be done to deploy these security mechanisms in an ad techniques is around authenticating messages and route hoc network and to investigate the impact of these security table entries. Bayyaet al [3] demonstrate the use of hashing mechanisms on the network performance depending up on as part of password based authenticated key exchange. The the requirements. problems given in this protocol are (1) the need of a strong shared secret (2) the need to constantly change the shared 8. REFERENCES secret which in turn may prove to be computationally [1] W. Stallings,” Network and Internetwork Security expensive. Adrian et al [ ] used symmetric cryptography to Principles and Practice”, Prentice Hall, Englewood secure ad hoc networks by using one way hash chains or Cliffs, NJ, 1995. Markle hash tree as part of SEAD protocol for proactive [2] NIST, Fed. Inf. Proc. Standards, “Secure Hash routing. In this protocol the elements of hash chain are Standard,” Pub. 180, May 1993. used directly to authenticate the sequence number and [3] Bayya, Arun. Security in Ad-hoc Networks, other metric in each entry. The problems identified with Computer Science Department. University of SEAD protocol are (1) no provision of a secure initial key Kentucky distribution (2) count-to-infinity problem where the routing [4] D. B. J. Yih-Chun Hu, Adrian Perrig. Ariadne: A table update of one node forces the routing table update in secure on-demand routing protocol for ad-hoc another node which in tern forces the update in the first networks. In Proceedings of the Eighth Annual node and so on (3) observes greater network traffic. Adrian International Conference on Mobile Computing et al [5], in one of the variants of their routing protocols and Networking (MobiCom 2002), Sept. 2002. named „Secure On-Demand Routing Protocol‟ based [5] Y. Hu, D. Johnson, and A. Perrig, “Sead: Secure authentication on TESLA which in turn depends on using Efficient Distance Vector Routing for Mobile hashing in the form of MAC for authenticating messages. Wireless Ad Hoc Networks,” IEEE WMCSA, TESLA also takes care of constantly changing keys with 2002. the help of one-way key chains which are published on a [6] Abhay Kumar Rai, Rajiv Ranjan Tewari & Saurabh time synchronization pattern. The problem associated with Kant Upadhyay, Adrian is strict time synchronization. Zapata [7] in its “Different Types of Attacks on Integrated proposed protocol, SAODV [7] uses a new one-way hash MANET-Internet chain for each Route Discovery to secure the metric field Communication,” International Journal of in an RREQ packet. It also uses asymmetric cryptography Computer Science and to initially authenticate participating nodes. Adding two Security (IJCSS) Volume: 4 Issue: 3. issues to create security will demand more mathematics [7] Manel Guerrero Zapata, N. Asokan. Securing Ad and slow down causing end to end delay. Maintenance of Hoc Routing Protocol. WiSe 2002 PKI infrastructure is always a problem in case of asymmetric primitives being used. [8] Pradip M. Jawandhiya et. al. / International Journal of Engineering Science and Technology Vol. 2(9), Cheung [5] and Hauser et al. [5] describe symmetric-key 2010, 4063-4071. approaches to the authentication of updates in link state 1231 | P a g e

Recommended

433 438
433 438433 438
433 438Editor IJARCET
 
A NOVEL TWO-STAGE ALGORITHM PROTECTING INTERNAL ATTACK FROM WSNS
A NOVEL TWO-STAGE ALGORITHM PROTECTING INTERNAL ATTACK FROM WSNSA NOVEL TWO-STAGE ALGORITHM PROTECTING INTERNAL ATTACK FROM WSNS
A NOVEL TWO-STAGE ALGORITHM PROTECTING INTERNAL ATTACK FROM WSNSIJCNC
 
HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...
HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...
HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...IJNSA Journal
 
Investigation of detection & prevention sinkhole attack in manet
Investigation of detection & prevention sinkhole attack in manetInvestigation of detection & prevention sinkhole attack in manet
Investigation of detection & prevention sinkhole attack in manetijctet
 
76201924
7620192476201924
76201924IJRAT
 
D0961927
D0961927D0961927
D0961927IOSR Journals
 
DOS Attacks on TCP/IP Layers in WSN
DOS Attacks on TCP/IP Layers in WSNDOS Attacks on TCP/IP Layers in WSN
DOS Attacks on TCP/IP Layers in WSNijcncs
 
Ijartes v1-i2-007
Ijartes v1-i2-007Ijartes v1-i2-007
Ijartes v1-i2-007IJARTES
 

Recommended

433 438
433 438433 438
433 438Editor IJARCET
 
A NOVEL TWO-STAGE ALGORITHM PROTECTING INTERNAL ATTACK FROM WSNS
A NOVEL TWO-STAGE ALGORITHM PROTECTING INTERNAL ATTACK FROM WSNSA NOVEL TWO-STAGE ALGORITHM PROTECTING INTERNAL ATTACK FROM WSNS
A NOVEL TWO-STAGE ALGORITHM PROTECTING INTERNAL ATTACK FROM WSNSIJCNC
 
HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...
HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...
HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENS...IJNSA Journal
 
Investigation of detection & prevention sinkhole attack in manet
Investigation of detection & prevention sinkhole attack in manetInvestigation of detection & prevention sinkhole attack in manet
Investigation of detection & prevention sinkhole attack in manetijctet
 
76201924
7620192476201924
76201924IJRAT
 
D0961927
D0961927D0961927
D0961927IOSR Journals
 
DOS Attacks on TCP/IP Layers in WSN
DOS Attacks on TCP/IP Layers in WSNDOS Attacks on TCP/IP Layers in WSN
DOS Attacks on TCP/IP Layers in WSNijcncs
 
Ijartes v1-i2-007
Ijartes v1-i2-007Ijartes v1-i2-007
Ijartes v1-i2-007IJARTES
 
A novel approach for a secured intrusion detection system in manet
A novel approach for a secured intrusion detection system in manetA novel approach for a secured intrusion detection system in manet
A novel approach for a secured intrusion detection system in maneteSAT Publishing House
 
A Review Paper on Network Layer attacks in MANETs
A Review Paper on Network Layer attacks in MANETsA Review Paper on Network Layer attacks in MANETs
A Review Paper on Network Layer attacks in MANETsijsrd.com
 
Data Transfer Security solution for Wireless Sensor Network
Data Transfer Security solution for Wireless Sensor NetworkData Transfer Security solution for Wireless Sensor Network
Data Transfer Security solution for Wireless Sensor NetworkEditor IJCATR
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
A review of security attacks and intrusion detection schemes in wireless sens...
A review of security attacks and intrusion detection schemes in wireless sens...A review of security attacks and intrusion detection schemes in wireless sens...
A review of security attacks and intrusion detection schemes in wireless sens...ijwmn
 
Review Paper on Predicting Network Attack Patterns in SDN using ML
Review Paper on Predicting Network Attack Patterns in SDN using MLReview Paper on Predicting Network Attack Patterns in SDN using ML
Review Paper on Predicting Network Attack Patterns in SDN using MLijtsrd
 
Wireless networks security
Wireless networks securityWireless networks security
Wireless networks securityelango30
 
M026075079
M026075079M026075079
M026075079ijceronline
 
Data Security via Public-Key Cryptography in Wireless Sensor Network
Data Security via Public-Key Cryptography in Wireless Sensor NetworkData Security via Public-Key Cryptography in Wireless Sensor Network
Data Security via Public-Key Cryptography in Wireless Sensor NetworkIJCI JOURNAL
 
2.espk external agent authentication and session key establishment using publ...
2.espk external agent authentication and session key establishment using publ...2.espk external agent authentication and session key establishment using publ...
2.espk external agent authentication and session key establishment using publ...EditorJST
 
U0 vqmtq2o tk=
U0 vqmtq2o tk=U0 vqmtq2o tk=
U0 vqmtq2o tk=International Journal of Science and Research (IJSR)
 
International Journal of Computer Science and Security Volume (2) Issue (1)
International Journal of Computer Science and Security Volume (2) Issue (1)International Journal of Computer Science and Security Volume (2) Issue (1)
International Journal of Computer Science and Security Volume (2) Issue (1)CSCJournals
 
Security in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionSecurity in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionIOSR Journals
 
A Data Hiding Techniques Based on Length of English Text using DES and Attack...
A Data Hiding Techniques Based on Length of English Text using DES and Attack...A Data Hiding Techniques Based on Length of English Text using DES and Attack...
A Data Hiding Techniques Based on Length of English Text using DES and Attack...IJORCS
 
1705 1708
1705 17081705 1708
1705 1708Editor IJARCET
 
Paper_38-Secure_Clustering_in_Vehicular_Ad_Hoc_Networks
Paper_38-Secure_Clustering_in_Vehicular_Ad_Hoc_NetworksPaper_38-Secure_Clustering_in_Vehicular_Ad_Hoc_Networks
Paper_38-Secure_Clustering_in_Vehicular_Ad_Hoc_NetworksZainab Nayyar
 
D43021519
D43021519D43021519
D43021519IJERA Editor
 
International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)irjes
 
Ijcet 06 07_001
Ijcet 06 07_001Ijcet 06 07_001
Ijcet 06 07_001IAEME Publication
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
 
Attacks in MANET
Attacks in MANETAttacks in MANET
Attacks in MANETSunita Sahu
 
T04506110115
T04506110115T04506110115
T04506110115IJERA Editor
 

More Related Content

What's hot

A novel approach for a secured intrusion detection system in manet
A novel approach for a secured intrusion detection system in manetA novel approach for a secured intrusion detection system in manet
A novel approach for a secured intrusion detection system in maneteSAT Publishing House
 
A Review Paper on Network Layer attacks in MANETs
A Review Paper on Network Layer attacks in MANETsA Review Paper on Network Layer attacks in MANETs
A Review Paper on Network Layer attacks in MANETsijsrd.com
 
Data Transfer Security solution for Wireless Sensor Network
Data Transfer Security solution for Wireless Sensor NetworkData Transfer Security solution for Wireless Sensor Network
Data Transfer Security solution for Wireless Sensor NetworkEditor IJCATR
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
A review of security attacks and intrusion detection schemes in wireless sens...
A review of security attacks and intrusion detection schemes in wireless sens...A review of security attacks and intrusion detection schemes in wireless sens...
A review of security attacks and intrusion detection schemes in wireless sens...ijwmn
 
Review Paper on Predicting Network Attack Patterns in SDN using ML
Review Paper on Predicting Network Attack Patterns in SDN using MLReview Paper on Predicting Network Attack Patterns in SDN using ML
Review Paper on Predicting Network Attack Patterns in SDN using MLijtsrd
 
Wireless networks security
Wireless networks securityWireless networks security
Wireless networks securityelango30
 
Data Security via Public-Key Cryptography in Wireless Sensor Network
Data Security via Public-Key Cryptography in Wireless Sensor NetworkData Security via Public-Key Cryptography in Wireless Sensor Network
Data Security via Public-Key Cryptography in Wireless Sensor NetworkIJCI JOURNAL
 
2.espk external agent authentication and session key establishment using publ...
2.espk external agent authentication and session key establishment using publ...2.espk external agent authentication and session key establishment using publ...
2.espk external agent authentication and session key establishment using publ...EditorJST
 
International Journal of Computer Science and Security Volume (2) Issue (1)
International Journal of Computer Science and Security Volume (2) Issue (1)International Journal of Computer Science and Security Volume (2) Issue (1)
International Journal of Computer Science and Security Volume (2) Issue (1)CSCJournals
 
Security in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionSecurity in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionIOSR Journals
 
A Data Hiding Techniques Based on Length of English Text using DES and Attack...
A Data Hiding Techniques Based on Length of English Text using DES and Attack...A Data Hiding Techniques Based on Length of English Text using DES and Attack...
A Data Hiding Techniques Based on Length of English Text using DES and Attack...IJORCS
 
Paper_38-Secure_Clustering_in_Vehicular_Ad_Hoc_Networks
Paper_38-Secure_Clustering_in_Vehicular_Ad_Hoc_NetworksPaper_38-Secure_Clustering_in_Vehicular_Ad_Hoc_Networks
Paper_38-Secure_Clustering_in_Vehicular_Ad_Hoc_NetworksZainab Nayyar
 
International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)irjes
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
 

What's hot (20)

A novel approach for a secured intrusion detection system in manet
A novel approach for a secured intrusion detection system in manetA novel approach for a secured intrusion detection system in manet
A novel approach for a secured intrusion detection system in manet
 
A Review Paper on Network Layer attacks in MANETs
A Review Paper on Network Layer attacks in MANETsA Review Paper on Network Layer attacks in MANETs
A Review Paper on Network Layer attacks in MANETs
 
Data Transfer Security solution for Wireless Sensor Network
Data Transfer Security solution for Wireless Sensor NetworkData Transfer Security solution for Wireless Sensor Network
Data Transfer Security solution for Wireless Sensor Network
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
 
A review of security attacks and intrusion detection schemes in wireless sens...
A review of security attacks and intrusion detection schemes in wireless sens...A review of security attacks and intrusion detection schemes in wireless sens...
A review of security attacks and intrusion detection schemes in wireless sens...
 
Review Paper on Predicting Network Attack Patterns in SDN using ML
Review Paper on Predicting Network Attack Patterns in SDN using MLReview Paper on Predicting Network Attack Patterns in SDN using ML
Review Paper on Predicting Network Attack Patterns in SDN using ML
 
Wireless networks security
Wireless networks securityWireless networks security
Wireless networks security
 
M026075079
M026075079M026075079
M026075079
 
Data Security via Public-Key Cryptography in Wireless Sensor Network
Data Security via Public-Key Cryptography in Wireless Sensor NetworkData Security via Public-Key Cryptography in Wireless Sensor Network
Data Security via Public-Key Cryptography in Wireless Sensor Network
 
2.espk external agent authentication and session key establishment using publ...
2.espk external agent authentication and session key establishment using publ...2.espk external agent authentication and session key establishment using publ...
2.espk external agent authentication and session key establishment using publ...
 
U0 vqmtq2o tk=
U0 vqmtq2o tk=U0 vqmtq2o tk=
U0 vqmtq2o tk=
 
International Journal of Computer Science and Security Volume (2) Issue (1)
International Journal of Computer Science and Security Volume (2) Issue (1)International Journal of Computer Science and Security Volume (2) Issue (1)
International Journal of Computer Science and Security Volume (2) Issue (1)
 
Security in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy functionSecurity in MANET based on PKI using fuzzy function
Security in MANET based on PKI using fuzzy function
 
A Data Hiding Techniques Based on Length of English Text using DES and Attack...
A Data Hiding Techniques Based on Length of English Text using DES and Attack...A Data Hiding Techniques Based on Length of English Text using DES and Attack...
A Data Hiding Techniques Based on Length of English Text using DES and Attack...
 
1705 1708
1705 17081705 1708
1705 1708
 
Paper_38-Secure_Clustering_in_Vehicular_Ad_Hoc_Networks
Paper_38-Secure_Clustering_in_Vehicular_Ad_Hoc_NetworksPaper_38-Secure_Clustering_in_Vehicular_Ad_Hoc_Networks
Paper_38-Secure_Clustering_in_Vehicular_Ad_Hoc_Networks
 
D43021519
D43021519D43021519
D43021519
 
International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)
 
Ijcet 06 07_001
Ijcet 06 07_001Ijcet 06 07_001
Ijcet 06 07_001
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
 

Similar to Gw2412271231

Attacks in MANET
Attacks in MANETAttacks in MANET
Attacks in MANETSunita Sahu
 
Analysis of security threats in wireless sensor network
Analysis of security threats in wireless sensor networkAnalysis of security threats in wireless sensor network
Analysis of security threats in wireless sensor networkijwmn
 
Effectual Routine for Trilateral Authentication in Ad-hoc Networks using Mult...
Effectual Routine for Trilateral Authentication in Ad-hoc Networks using Mult...Effectual Routine for Trilateral Authentication in Ad-hoc Networks using Mult...
Effectual Routine for Trilateral Authentication in Ad-hoc Networks using Mult...IOSR Journals
 
PREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORK
PREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORKPREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORK
PREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORKIJNSA Journal
 
Study of Layering-Based Attacks in a Mobile Ad Hoc Networks
Study of Layering-Based Attacks in a Mobile Ad Hoc NetworksStudy of Layering-Based Attacks in a Mobile Ad Hoc Networks
Study of Layering-Based Attacks in a Mobile Ad Hoc NetworksIRJET Journal
 
Wireless Sensor Networks: An Overview on Security Issues and Challenges
Wireless Sensor Networks: An Overview on Security Issues and ChallengesWireless Sensor Networks: An Overview on Security Issues and Challenges
Wireless Sensor Networks: An Overview on Security Issues and ChallengesIJAEMSJORNAL
 
A Survey on Threats and Security schemes in Wireless Sensor Networks
A Survey on Threats and Security schemes in Wireless Sensor NetworksA Survey on Threats and Security schemes in Wireless Sensor Networks
A Survey on Threats and Security schemes in Wireless Sensor NetworksIJERA Editor
 
Protocols for Wireless Sensor Networks and Its Security
Protocols for Wireless Sensor Networks and Its SecurityProtocols for Wireless Sensor Networks and Its Security
Protocols for Wireless Sensor Networks and Its SecurityIJERA Editor
 
An overview of contemporary security problems in wireless mesh networks
An overview of contemporary security problems in wireless mesh networksAn overview of contemporary security problems in wireless mesh networks
An overview of contemporary security problems in wireless mesh networksiosrjce
 
International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)ijceronline
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
A Survey on Security Issues to Detect Wormhole Attack in Wireless Sensor Network
A Survey on Security Issues to Detect Wormhole Attack in Wireless Sensor NetworkA Survey on Security Issues to Detect Wormhole Attack in Wireless Sensor Network
A Survey on Security Issues to Detect Wormhole Attack in Wireless Sensor Networkpijans
 

Similar to Gw2412271231 (20)

Attacks in MANET
Attacks in MANETAttacks in MANET
Attacks in MANET
 
T04506110115
T04506110115T04506110115
T04506110115
 
Analysis of security threats in wireless sensor network
Analysis of security threats in wireless sensor networkAnalysis of security threats in wireless sensor network
Analysis of security threats in wireless sensor network
 
Paper1
Paper1Paper1
Paper1
 
Effectual Routine for Trilateral Authentication in Ad-hoc Networks using Mult...
Effectual Routine for Trilateral Authentication in Ad-hoc Networks using Mult...Effectual Routine for Trilateral Authentication in Ad-hoc Networks using Mult...
Effectual Routine for Trilateral Authentication in Ad-hoc Networks using Mult...
 
PREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORK
PREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORKPREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORK
PREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORK
 
Study of Layering-Based Attacks in a Mobile Ad Hoc Networks
Study of Layering-Based Attacks in a Mobile Ad Hoc NetworksStudy of Layering-Based Attacks in a Mobile Ad Hoc Networks
Study of Layering-Based Attacks in a Mobile Ad Hoc Networks
 
Wireless Sensor Networks: An Overview on Security Issues and Challenges
Wireless Sensor Networks: An Overview on Security Issues and ChallengesWireless Sensor Networks: An Overview on Security Issues and Challenges
Wireless Sensor Networks: An Overview on Security Issues and Challenges
 
Abdullah Mukhtar ppt
Abdullah Mukhtar pptAbdullah Mukhtar ppt
Abdullah Mukhtar ppt
 
A Survey on Threats and Security schemes in Wireless Sensor Networks
A Survey on Threats and Security schemes in Wireless Sensor NetworksA Survey on Threats and Security schemes in Wireless Sensor Networks
A Survey on Threats and Security schemes in Wireless Sensor Networks
 
Protocols for Wireless Sensor Networks and Its Security
Protocols for Wireless Sensor Networks and Its SecurityProtocols for Wireless Sensor Networks and Its Security
Protocols for Wireless Sensor Networks and Its Security
 
N010617783
N010617783N010617783
N010617783
 
An overview of contemporary security problems in wireless mesh networks
An overview of contemporary security problems in wireless mesh networksAn overview of contemporary security problems in wireless mesh networks
An overview of contemporary security problems in wireless mesh networks
 
Ar34261268
Ar34261268Ar34261268
Ar34261268
 
G011123539
G011123539G011123539
G011123539
 
International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
 
A Survey on Security Issues to Detect Wormhole Attack in Wireless Sensor Network
A Survey on Security Issues to Detect Wormhole Attack in Wireless Sensor NetworkA Survey on Security Issues to Detect Wormhole Attack in Wireless Sensor Network
A Survey on Security Issues to Detect Wormhole Attack in Wireless Sensor Network
 
Science journal
Science journalScience journal
Science journal
 
1705 1708
1705 17081705 1708
1705 1708
 

Gw2412271231

  • 1. Vijaya Bhaskar .Ch, Nagaraju.M, Chaitanya Kumar.N / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 2, Issue4, July-August 2012, pp.1227-1231 Review Of Attacks And Security Threats As Securing In Wireless Ad Hoc Networks Vijaya Bhaskar .Ch , Chaitanya Kumar.N, Nagaraju.M Abstract Security is an essential requirement in mobile ad devices. In this paper an effort has been made to evaluate hoc network (MANETs). Compared to wired networks, various security threats. MANETs are more vulnerable to security attacks due to the lack of a trusted centralized authority and limited resources. Attacks on ad hoc networks can be classified as 2. SECURITY REQUIREMENTS passive and active attacks, depending on whether the normal operation of the network is disrupted or not. The In any fixed or wireless network, the security is study here proposes a theory in this paper based on incorporated at three stages: prevention, detection and cure. Hashing as a tool. This scheme can make most of the on Key parts of prevention stage are authentication and demand protocols secure. The study should help in making authorization. The authentication is associated with protocols more robust against attacks and standardize authenticating the participating node, message and any other parameters for security in routing protocols. meta-data like topology state, hop counts etc. Authorization is associated with recognition. Where detection is the ability Keywords: security threats, Attacks, secure routing, hash to notice misbehavior carried out by a node in the network, function. the ability to take a corrective action after noticing misbehavior by a node is termed as cure. 1. INTRODUCTION Different possible attacks on ad hoc networks are Wireless Ad Hoc networks interesting and eavesdropping, compromising node, distorting message, challenging is its potential use in situations where the replaying message, failing to forward message, jamming infrastructure support to run a normal network does not signals etc. The central issues behind many of the possible exist. Some applications include a war zone, an isolated attacks at any level of security stage are authentication, remote area, a disaster zone like earthquake affected area confidentiality, integrity, non repudiation, trustworthiness and virtual class room etc. and availability. Ad-hoc networks are self-organizing wireless There are several proposals available to solve these networks, in which all end nodes act as routers. A Mobile issues, but are not comprehensive in nature as they target Ad hoc Networks (MANET) consists of a set of mobile specific threats separately. Therefore there is a strong need hosts within communication range and exchange the data to have an efficient security regime which can take care of among themselves without using any preexisting all the aspects of security. infrastructure. MANET nodes are typically distinguished by their limited power, processing and memory resources 3. SECURITY THREATS as well as high degree of mobility. In such networks, the wireless mobile nodes may dynamically enter the network and leave the network. Due to the limited transmission range of wireless network nodes, multiple hops are usually needed for a Node to exchange information with any other node in the network. It is very challenging for researchers to provide comprehensive security for ad hoc networks with the desired quality of service from all possible threats. Providing security becomes even more challenging when The two broad classes of network attacks are active attacks the participating nodes are mostly less powerful mobile and passive attacks. 1227 | P a g e
  • 2. Vijaya Bhaskar .Ch, Nagaraju.M, Chaitanya Kumar.N / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 2, Issue4, July-August 2012, pp.1227-1231 3.1 Passive Attack  Masquerading: The attacker impersonates an authorized user and thereby gains certain unauthorized privileges. A passive attack on a communications system is one in which the attacker only eavesdrops; he may read  Replay: The attacker monitors transmissions (passive messages he is not supposed to see, but he does not create attack) and retransmits messages as the legitimate user. or alter messages. This contrasts with an active attack in which the attacker may create, forge, alter, replace or  Message modification: The attacker alters a legitimate reroute messages. Generally, the term "passive attack" is message by deleting, adding to, changing, or reordering it. used in the context of cryptanalysis. For example, wiretapping an unencrypted line is a passive attack.  Denial-of-service: The attacker prevents or prohibits the normal use or management of communications facilities. There are three passive attacks that will in theory break The consequences of these attacks include, but are not any cipher except a one-time pad; variants of this work for limited to, loss of proprietary information, legal and either block ciphers or stream ciphers: recovery costs, tarnished image, and loss of network service.  brute force attack — try all possible keys Ad hoc networks face many problems due to which a  algebraic attack — write the cipher as a system of consistent and secure network flow becomes challenging equations and solve for the key task. Some of the issues associated are given below.  code book attack — collect all possible plaintext/cipher text pairs for a block cipher, or 1) Ad Hoc networks primarily being wireless have limited the entire pseudorandom stream until it starts band-width in comparison to wired networks. Smaller repeating for a stream cipher . packets are available to transfer data and it further constraints to use lesser number of bits for security An attack in which an unauthorized party gains purposes. It has been expected that this limitation will be access to an asset and does not modify its content (i.e., eased with the advancement of hardware in future. eavesdropping). Passive attacks can be either eavesdropping or traffic analysis (sometimes called traffic 2) The participating nodes of an Ad Hoc networks usually flow analysis). These two passive attacks are described as are mobile devices which have limited capabilities in terms of processing power, memory size and battery backup. It  Eavesdropping: The attacker monitors transmissions for makes the use of digital signature , as a security measure message content. An example of this attack is a person less suitable as digital signatures are computation intensive. listening into the transmissions on a network topology The use of digital signatures may also consume considerable between two workstations or tuning into transmissions memory if digital signatures are appended by each node that between a wireless handset and a base station. forwards the packet to its destination. Furthermore a PKI infrastructure is not practical in case of Ad Hoc networks.  Traffic analysis: The attacker, in a more subtle way, Other problem with use of digital signature is to maintain a gains intelligence by monitoring the transmissions for certificate revocation list (CRL), in the absence of a central patterns of communication. A considerable amount of server. The solution to this problem can be achieved by information is contained in the flow of messages between using some light weight security arrangements only. communicating parties. 3) The use of hashing techniques although offer efficient 3.2 Active Attack security measures but have been used relatively less. Hashing technologies like MAC [4], HMAC [4], one way An active attack attempts to alter or destroy the hash chains etc have mostly been used for authenticating data being exchanged in the network there by disrupting routing and message information. The effectiveness of the normal functioning of the network. hashing techniques depends on the way the collisions have been treated. An attack whereby an unauthorized party makes modifications to a message, data stream, or file. It is possible to detect this type of attack but it may not be preventable. Active attacks may take the form of one of four types masquerading, replay, message modification, LAYER Active Attacks comment and denial-of-service (DoS). These attacks are summarized MAC LAYER Jamming attack The particular as: ATTACKS class of DoS 1228 | P a g e
  • 3. Vijaya Bhaskar .Ch, Nagaraju.M, Chaitanya Kumar.N / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 2, Issue4, July-August 2012, pp.1227-1231 attacks. messages NETWORK Wormhole attack severe threats TRANSPORT Session Hijacking spoofs the LAYER to MANET LAYER attack victim‟s IP ATTACKS routing ATTACKS address. protocols, DSR SYN Flooding denial-of- or AODV, the attack service attack attack could APPLICATION Repudiation attack prevent the LAYER discovery ATTACKS of any routes other than 4. SECURE ROUTING through the The routing protocols [1,2,3] with in ad hoc wormhole. networks are more vulnerable to attacks as each device acts Blackhole attack exploits the as a relay. Any tampering with the routing information can mobile ad hoc be compromise the whole network. An attacker can routing introduce rogue information with in routing information or protocol, replay old logged or stored information. consumes the The aim is to protect any information or behavior intercepted that can update or cause a change to the routing tables on packets cooperating nodes involved in an ad hoc routing protocol. without any For completeness, timeliness and ordering are added to the forwarding. list of desirable security properties that can eliminate or Byzantine attack Creates routing reduce the threat of attacks against routing protocols. loops. Techniques that can be used to guarantee these properties Routing Attacks - are described in Table 1. Routing Table Overflow, Properties Techniques Routing Table Timeliness Time stamping, Slotted Poisoning, Time Route Cache Ordering Sequence Numbering Poisoning, Rushing Attack Authenticity Password, Certificate Packet Authorization Credential Replication, Integrity Digest, Digital Signature Resource Forward Confidentiality Encryption consumption attack unnecessary packets to the Non-Repudiation Chaining of Digital victim node. Signature IP Spoofing attack impersonates a member by Table 1: Properties of secured routing occupying IP address. The following properties can be integrated into State Pollution a malicious routing protocol messages to prevent attacks that exploit the attack node gives vulnerability of unprotected information in transit: incorrect  Timeliness: Routing updates need to be delivered in a parameters in timely fashion. Update messages that arrive late may not reply reflect the true state of the links or routers on the network. Sybil attack impersonates They can cause incorrect forwarding or even propagate false nonexistent information and weaken the credibility of the update nodes information. Most ad hoc routing protocols have timestamps Fabrication Injects huge and timeout mechanisms to guarantee the freshness of the routes they provide. packets into the networks  Ordering: Out-of-order updates can also affect the Modification make changes correctness of the routing protocols. These messages may to the routing not reflect the true state of the network and may propagate 1229 | P a g e
  • 4. Vijaya Bhaskar .Ch, Nagaraju.M, Chaitanya Kumar.N / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 2, Issue4, July-August 2012, pp.1227-1231 false information. Ad hoc routing protocols have sequence Each of these desirable properties has a cost and numbers that are unique within the routing domain to keep performance penalty associated with it. Some options such updates in order. as enforcing access control to routing tables using  Authenticity: Routing updates must originate from credentials and providing non repudiation by chaining authenticated nodes and users. Mutual authentication is the signatures are extremely expensive and impractical to basis of a trust relationship. Simple passwords can be used implement and enforce in a generalized routing protocol. for weak authentication. Each entity can append a public key certificate, attested by a trusted third party to claim its 5. PROPOSED SOLUTION - HASHING TECHNIQUES authenticity. The certifying authority can implement a password based login or a challenge-response mechanism Hash Function: Hashing techniques available are to authenticate the identity in the first place. The receiving based on the concept of a hash function that transforms a node can then verify this claim by examining the given input of arbitrary length to a value of a fixed length, certificate. One of the problems in ad hoc networking is the called the hash value. The transformation is done in a absence of a centralized authority to issue and validate manner that it is computationally infeasible to transform the certificates of authenticity. hash value to the original value. Hash functions are very  Authorization: An authenticated user or node is issued efficient as they do not involve heavy computations and an unforgeable credential by the certificate authority. hence are applied in the area of security for message These credentials specify the privileges and permissions authentication and integrity checks. associated by the users or the nodes. Currently, credentials The problem with hash functions is collision. are not used in routing protocol packets, and any packet Collision is a situation where a hash function generates the can trigger update propagations and modifications to the same hash value for more than one different input values. routing table. Collisions are possible in a hash function due to the fact that  Integrity: The information carried in the routing updates it transforms an input of any length to an output of fixed can cause the routing table to change and alter the flow of length, meaning a mapping from a larger set to a smaller set. packets in the network. Therefore, the integrity of the The solution to this problem is achieved through the content of these messages must be guaranteed. This can be adoption of appropriate collision resolution or avoiding accomplished by using message digests and digital techniques. There can be three ways in which the collisions signatures. can be handled: first by selecting a hash function that is more and more collision resistant, second by putting the  Non-repudiation: Routers cannot repudiate ownership processing in an environment to minimize the chance of of routing protocol messages they send. A major concern collisions and third by resolving when the collision really with the updates is the trust model associated with the takes place. The choice of a hash function, its propagation of updates that originate from distant nodes. implementation and its associated collision resolution Ad-hoc nodes obtain information from their neighbors and technique depends on problem area that is being solved. forward it to their other neighbors. These neighbors may The popular examples of hashing functions found forward it to other neighbors and so on. In most existing to be used in different places are HMAC, MD5, SHA-1. protocols, nodes cannot vouch for the authenticity of One way hash chain: A unique way of using hash functions updates that are not generated by their immediate is „one way hash chain‟. This concept was firstly used to neighbors. In order to preserve trust relationships, it provide one time password authentication and later for one becomes necessary to form a chain of routers (using time use of digital cash. One way hash chain is the list of signatures to protect integrity) and authenticate every one values that are generated by applying a hash function on an in turn, following the chain to the source. This is necessary initial value repeatedly. Every value, except the initial one, because trust relationships are not transitive. Alternative is therefore generated by applying hash function to its solutions that avoid chaining include the path attribute previous value exactly one time. This way, any value from mechanism developed for Secure BGP and secure distance that list can be authenticated by providing the previous vector routing. value in the sequence as a key. Therefore the values of a  Confidentiality: In addition to integrity, sometimes it chain can be used in the reverse order of their generation. may be necessary to prevent intermediate or non-trusted The problem with hash chain is to synchronize the nodes from understanding the contents of packets as they authentication process with the revealing of the validating are exchanged between routers. Encrypting the routing keys. A message will be incorrectly invalidated if time protocol packets themselves can prevent unauthorized duration in which the validating key (the previous hash users from reading it. Only routers that have the decryption value from the hash chain) is being advertised is missed key can decrypt these messages and participate in the Many of the implementations of one way hash chains in ad routing. This is employed when a node cannot trust one or hoc network are based on TESLA[4] protocol which was more of its immediate neighbors to route packets correctly, initially developed for authenticating broadcast messages. etc. 1230 | P a g e
  • 5. Vijaya Bhaskar .Ch, Nagaraju.M, Chaitanya Kumar.N / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 2, Issue4, July-August 2012, pp.1227-1231 Hash Trees: Hash tree is a tree of hash values that has protocols, but neither work discusses the mechanisms for been built up on a set of some initial values. The lowest detecting the status of these links. layer of the tree comprise of the initial values as the leaf nodes, In the next layer of the tree the initial values are 7. CONCLUSION individually converted to their corresponding hash values In this paper, the security threats for an ad hoc while in the subsequent layers, the hash values are network has been analyzed and presented with the security computed by utilizing more than one values of the lower objectives that need to be achieved. The paper represents the layer. Eventually we have a top hash value representing the first step of research to analyze the security threats, to root of the tree. The top hash value can be used to understand the security requirements for ad hoc networks, authenticate any of the values within the tree. and to identify existing techniques, as well as to propose new mechanisms to secure ad hoc networks. Hashing has 6. RELATED WORK been used as one of the tools. More skilled technical work Most of the work done around using Hashing has to be done to deploy these security mechanisms in an ad techniques is around authenticating messages and route hoc network and to investigate the impact of these security table entries. Bayyaet al [3] demonstrate the use of hashing mechanisms on the network performance depending up on as part of password based authenticated key exchange. The the requirements. problems given in this protocol are (1) the need of a strong shared secret (2) the need to constantly change the shared 8. REFERENCES secret which in turn may prove to be computationally [1] W. Stallings,” Network and Internetwork Security expensive. Adrian et al [ ] used symmetric cryptography to Principles and Practice”, Prentice Hall, Englewood secure ad hoc networks by using one way hash chains or Cliffs, NJ, 1995. Markle hash tree as part of SEAD protocol for proactive [2] NIST, Fed. Inf. Proc. Standards, “Secure Hash routing. In this protocol the elements of hash chain are Standard,” Pub. 180, May 1993. used directly to authenticate the sequence number and [3] Bayya, Arun. Security in Ad-hoc Networks, other metric in each entry. The problems identified with Computer Science Department. University of SEAD protocol are (1) no provision of a secure initial key Kentucky distribution (2) count-to-infinity problem where the routing [4] D. B. J. Yih-Chun Hu, Adrian Perrig. Ariadne: A table update of one node forces the routing table update in secure on-demand routing protocol for ad-hoc another node which in tern forces the update in the first networks. In Proceedings of the Eighth Annual node and so on (3) observes greater network traffic. Adrian International Conference on Mobile Computing et al [5], in one of the variants of their routing protocols and Networking (MobiCom 2002), Sept. 2002. named „Secure On-Demand Routing Protocol‟ based [5] Y. Hu, D. Johnson, and A. Perrig, “Sead: Secure authentication on TESLA which in turn depends on using Efficient Distance Vector Routing for Mobile hashing in the form of MAC for authenticating messages. Wireless Ad Hoc Networks,” IEEE WMCSA, TESLA also takes care of constantly changing keys with 2002. the help of one-way key chains which are published on a [6] Abhay Kumar Rai, Rajiv Ranjan Tewari & Saurabh time synchronization pattern. The problem associated with Kant Upadhyay, Adrian is strict time synchronization. Zapata [7] in its “Different Types of Attacks on Integrated proposed protocol, SAODV [7] uses a new one-way hash MANET-Internet chain for each Route Discovery to secure the metric field Communication,” International Journal of in an RREQ packet. It also uses asymmetric cryptography Computer Science and to initially authenticate participating nodes. Adding two Security (IJCSS) Volume: 4 Issue: 3. issues to create security will demand more mathematics [7] Manel Guerrero Zapata, N. Asokan. Securing Ad and slow down causing end to end delay. Maintenance of Hoc Routing Protocol. WiSe 2002 PKI infrastructure is always a problem in case of asymmetric primitives being used. [8] Pradip M. Jawandhiya et. al. / International Journal of Engineering Science and Technology Vol. 2(9), Cheung [5] and Hauser et al. [5] describe symmetric-key 2010, 4063-4071. approaches to the authentication of updates in link state 1231 | P a g e