Chapter-1
Introduction to
MANET
Introduction to MANET
P a g e | 1
Chapter 1 Introduction to MANET
Past few years, have witnessed a rapid escalation in the field of mobile
computing due to proliferation of inexpensive, widely available
wireless devices. Thus, it has opened vast opportunity for researchers
to work on Ad Hoc Networks.
In a MANET, nodes within one another’s wireless transmission range
can communicate directly; however, nodes outside one another’s
range have to rely on some other nodes to relay messages [140]. Thus,
a multi-hop scenario occurs, where several intermediate hosts relay
the packets sent by the source host to make them reach the
destination node.
MANET is one that comes together as needed, not necessarily with any
support from the existing infrastructure or any other kind of fixed
stations [4, 29, 30, 97]. This statement can be formalized by defining
an ad hoc network as an autonomous system of mobile hosts (MHs)
(also serving as routers) connected by wireless links, the union of
which forms a communication network modeled in the form of an
arbitrary communication graph. This is in contrast to the well-known
single hop cellular network model that supports the needs of wireless
communication by installing base stations (BSs) as access points. In
these cellular networks, communications between two mobile nodes
completely rely on the wired backbone and the fixed (BSs). In a
MANET, no such infrastructure exists and the network topology may
dynamically change in an unpredictable manner since nodes are free
to move.
As for the mode of operation, ad hoc networks are basically peer-to-
peer multi-hop mobile wireless networks where information packets
are transmitted in a “store-and-forward” manner from a source to an
arbitrary destination, via intermediate nodes as shown in Figure 1.1.
As the MHs move, the resulting change in network topology must be
Introduction to MANET
P a g e | 2
made known to the other nodes so that outdated topology information
can be either updated or removed. For example, MH2 in Figure 1.1
changes its point of attachment from MH3 to MH4, other nodes in the
network should now use this new route to forward packets to MH2
[30].
Asymmetric link
Symmetric link
Figure 1.1: A Mobile Ad-Hoc network (MANET)
In Figure 1.1, it is assumed that it is not possible to have all MHs
within range of one another [30]. If all MHs are close-by within radio
range, no routing issues to be addressed. In real situations, the power
needed to obtain complete connectivity may be, at least, infeasible, not
to mention issues such as battery life and spatial reusability. Figure
1.1 raises another issue of symmetric (bi-directional) and asymmetric
(unidirectional) links. As it will be seen later on, some of the protocols
that consider symmetric links with associative radio range, i.e., if (in
Figure 1.1) MH1 is within radio range of MH3, then MH3 is also within
radio range of MH1.
This is to say that the communication links are symmetric. Although
this assumption is not always valid, it is usually made so because
routing in asymmetric networks is a relatively hard task [107].
In certain cases, it is possible to find routes that could avoid
asymmetric links, since it is quite likely that these links looming fail.
Symmetric links, with all MHs having identical capabilities and
responsibilities are discussed.
MH3
MH2
MH5
MH1
MH6
MH7
MH4
MH2
Introduction to MANET
P a g e | 3
The issue of symmetric and asymmetric links is one among the several
challenges encountered in a MANET. Another important issue is that
different nodes often have different mobility patterns. Some MHs are
highly mobile, while others are primarily stationary. It is difficult to
predict a MH's movement and pattern of movement [30].
The dynamic nature of MANETs makes network open to attacks and
unreliability. Routing is always the most significant part for any
networks. Each node should not only work for itself, but should also
be cooperative with other nodes. MANETs are vulnerable to various
security attacks [22, 59, 139, 140]. Hence, finding a secure and
trustworthy end-to-end path in MANETs is a genuine challenge.
1.1 Applications of MANETs
The deployment of a MANETs is easy due to the absence of setting up
any infrastructure for communication. Mostly such kind of networks
are required in military application and emergency rescue operations.
But slowly MANETs have entered with the areas of gaming, sensing,
conferencing, collaborative and distributed computing [3]. This
dynamic network is yet to capture most of the commercial
applications. Research is still going on in this direction so that the
MANET can be deployed in any area where a faster and cheaper
network can be setup instantly for data communication.
In the following Table 1.1, overview of some of the applications of
Mobile Ad Hoc Networks [7, 29, 30, 119] is provided.
Introduction to MANET
P a g e | 4
Table 1.1: Application of Mobile Ad hoc Networks
Application Description
Military
Services:
Military services are one of the most discussed and
common application area of mobile ad hoc networks
where installation of any fixed infrastructure is not
possible in the enemy territories or inhospitable
terrains. In this environment MANET provides the
required communication mechanism in no time. Here,
the soldiers are considered to be the mobile nodes. So
the network is required to remain connected even
though the soldiers move freely. This support is
provided by the MANET. Another application in this
area can be the coordination of the military objects
and the personnel in the battlefield. For example, the
leader of a group of soldiers may want to pass a
message to all the soldiers or a group of soldiers
involved in the operation. In this situation, a secure
and reliable routing protocol should be able to do the
job.
Emergency
Services:
These arise as a result of natural disasters when the
entire communications infrastructure is in disarray
(for example, Tsunamis, hurricanes, earthquake etc.)
where restoring communications quickly is essential.
By using ad hoc networks, an infrastructure could be
set up in hours instead of days/weeks required for
wire-line communications.
Education: Universities and campus settings, Virtual classrooms,
Ad hoc communications during meetings or lectures.
Introduction to MANET
P a g e | 5
Sensing and
Gaming:
Sensor network is a special case of ad hoc networks
where mobility is generally not considered. However
the battery power is a key factor in sensors. Each
sensor is equipped with a transceiver, a small micro-
controller and an energy source. The sensors relay
information from other devices to transport data to a
central monitor. The sensors are used to sense the
environmental condition such as temperature,
pressure, humidity etc. In this case they form an ad
hoc network to collect intended information. The
mobility can also be incorporated into the sensor
network where they are meant to study the behavior of
tornados or to study the behavior of patients in the
hospital.
Multi-user games, robotics pets.
Personal
Area
Networking:
Personal communicating devices like laptops, PDAs,
mobile phones create a network to share data among
one another called the Personal Area Network (PAN).
The PAN covers a very short range for communication
and can be used for ad hoc communication among the
devices or for connecting to a backbone network.
1.2 Characteristics and Features of MANETs
Ad hoc networks have many features, which make them quite distinct
from wired networks and thus require innovative ways to implement
the network functionalities. Table 1.2 summarizes some of the
characteristics of MANETs [26, 30, 119, 125].
Introduction to MANET
P a g e | 6
Table 1.2: Characteristics of MANETs.
Characteristics Description
Wireless medium: The wireless medium used by the nodes to
communicate with each other has time-varying
coverage and asymmetric propagation properties.
It is less reliable and more prone to interference
compared to a wired medium.
Dynamic
Topologies:
Nodes are free to move arbitrarily with different
speeds; thus, the network topology may change
randomly and at unpredictable times.
Infrastructureless
Network:
Network is not depending on any fix infrastructure
for its operation.
Power
Management:
As the nodes are not fixed, they rely on batteries
as their power source. Thus mechanisms and
protocols devised for such networks need to keep
the energy constraint in mind.
Peer-to-Peer
nature:
These are not fixed nodes with pre-defined roles.
Thus, all protocols need to be designed for
distributed environments composed of “peers" and
need to be robust enough to handle these
distributed dynamic topologies. These different
characteristics of wireless ad hoc networks require
different techniques than the wired networks,
especially at the three lower-most layers, to
effectively perform the network functions. The
widely adopted standard for wireless networks, at
the physical and data-link layer is IEEE 802.11
(for wireless local area networks).
Limited
computing and
energy resources:
There are limited computing power, memory, and
disk size due to the limited battery capacity, as
well as limitation on device size, weight, and cost.
Introduction to MANET
P a g e | 7
Limited service
coverage:
Due to device, distance between devices, network
condition limitations, service implementation for
wireless devices is more challenging as compared
to the wired networks and their elements and at
the same time MANETs faces many constraints.
Higher
interference
results in lower
reliability:
Infrared signals suffer interference from sunlight
and heat sources, and can be shielded/absorbed
by various objects and materials. Radio signals
usually are less prone to being blocked; however,
they can be interfered by other electrical devices.
The broadcast nature of transmission means all
devices are potentially interfering with one
another. Self-interference also happens due to
multipath.
Highly variable
network
conditions:
Higher data loss rates due to interference.
User movement causes frequent disconnection.
Channel changes occur as users move around.
Received power diminishes with distance.
Limited
Bandwidth:
Wireless links continue to have significantly lower
capacity than infrastructure networks. In addition,
the realized throughput of wireless
communications - after accounting for the effects
of multiple access, fading, noise, and interference
conditions, etc., is often much less than a radio's
maximum transmission rate.
Introduction to MANET
P a g e | 8
1.3 Challenges of MANETs
MANETs have been a very popular field of research for last few years.
Almost every characteristic of the network has been explored to some
level. Yet, no ultimate resolution to any of the problems has been
found. On the contrary, more questions crop up which need to be
addressed. Table 1.3 outlines some of the major challenges that ought
to be addressed [26, 30, 119, 125].
Table 1.3 : Major challenges of MANETs
Challenges Descriptions
Routing in
Dynamic
Topology:
In MANET, the presence of node mobility changes
the link of connectivity between the nodes very
frequently. The existing conventional Bellman Ford
routing algorithm or classic Link State algorithms
are not applicable for such dynamic network where
the topology changes with the free movement of the
nodes.
Topology
maintenance:
Updating information of dynamic links among
nodes in MANETs is a major challenge.
Lack of central
Infrastructure:
There exist several solutions in a cellular network
to handle the mobility of the nodes while routing is
the major concern. But, MANET doesn’t have a
centralized monitoring authority and the lack of
any central facility decreases the routing efficiency
as well as the throughput.
Scalability: In MANETs, the nodes are constrained with the
limited battery power, computation capability and
storage capacity. As the network size increases, the
number of packets forwarded by each node also
increases. This drains the node resources fast,
making it dead in a short period.
Introduction to MANET
P a g e | 9
Similarly, topology maintenance overhead in a
scalable dynamic network is another challenging
issue. This ultimately affects the QoS of the
network.
Cooperativeness: Routing algorithm for MANETs usually assumes
that nodes are cooperative and non-malicious. As a
result a malicious attacker can easily become an
important routing agent and disrupt network
operation by violating the protocol specifications.
Energy
Efficiency:
Portable mobile devices are mostly operated by the
batteries whose life span is very limited. Further,
the nodes in the MANET have to perform the role of
an end system (transmitter or receiver) as well as
an intermediate system (forwarding packets of
other nodes) which causes more battery drainage.
Security and
Privacy:
Mobility implies higher security risks such as peer-
to-peer network architecture or a shared wireless
medium accessible to both legitimate users and
malicious attackers.
Autonomous: No centralized administration entity is available to
manage the operation of the different mobile nodes
in MANETs.
Poor
Transmission
Quality:
This is an inherent problem of wireless
communication caused by several error sources
that result in degradation of the received signal.
Introduction to MANET
P a g e | 10
1.4 Overview of IEEE 802.11
The Institute of Electrical and Electronics Engineers (IEEE) 802.11 is
a prominent standard for wireless local area networks (WLANs), which
is adopted by many vendors of WLAN products. The IEEE 802.11 is
the first digital wireless data transmitting standard, which deals with
the physical and MAC layers in WLANs. It was brought out in year
1997.
Under the IEEE 802.11 standard, Mobile Terminals (MTs) can operate
in two modes [3, 32, 60]: (i) Infrastructure mode, in which MTs can
communicate with one or more Access Points (APs) which are
connected to a WLAN and (ii) Ad Hoc Mode, in which MTs can
communicate directly with each other without using an AP.
A wireless access point is required for infrastructure mode wireless
networking. Hence it offers the advantage of scalability, centralized
security management and better connectivity. In the ad hoc mode of
wireless networks, the nodes can directly communicate with each
other without using any access point. To set up an ad hoc wireless
network, each wireless adapter must be configured for ad hoc mode
versus the infrastructure mode. An ad hoc network tends to feature a
small group of devices all in very close proximity to each other. In this
network the performance degrades as the number of nodes increases.
Ad hoc networks cannot bridge to wired LANs or the internet without
the presence of a special purpose gateway node.
1.4.1 Physical Layer: IEEE 802.11 supports three options for
the medium to be used at the physical level – one is based on infrared
[32, 129] and the other two are based on radio transmission. The
physical layer is subdivided conceptually into two parts – Physical
Medium Dependent Sublayer (PMD) and Physical Layer Convergence
Protocol (PLCP).
Introduction to MANET
P a g e | 11
PMD handles encoding, decoding, and modulation of signals. The
PLCP abstracts the functionality that the physical layer has to offer to
the MAC layer. PLCP offers a Service Access Point (SAP) that is
independent of the transmission technology, and a Clear Channel
Assessment (CCA) carrier sense signal to the MAC layer. The SAP
abstracts the channel which can offer up to 1 or 2 Mbps data
transmission bandwidth. The CCA is used by the MAC layer to
implement the Carrier Sense Medium Access with Collision Avoidance
(CSMA/CA) mechanism.
The following are the three choices for the physical layer in the
original 802.11 standard : (i) Frequency Hopping Spread Spectrum
(FHSS) operating in 2.4 GHz Industrial, Scientific, and Medical (ISM)
band, at data rates of 1 Mbps [using 2 – level Gaussian Frequency
Shift Keying (GFSK) modulation scheme] and 2 Mbps (using 4-level
GFSK); (ii) Direct Sequence Spread Spectrum (DSSS) operating in the
2.4 GHz ISM band, at data rates of 1 Mbps (using differential binary
phase shift keying(DBPSK)) (iii) infrared operating at wavelengths in
850-950 mm range, at data rates of 1 Mbps and 2 Mbps using Pulse
Position Modulation (PPM) scheme.
1.4.2 Basic MAC Layer Mechanism: The IEEE 802.11 MAC
has become ubiquitous and gained widespread popularity as a de
facto layer-2 standard for wireless networks. Wireless transmissions
are inherently broadcast in nature and contentions to access the
shared channel need to be resolved carefully in order to avoid
collisions. Currently, the IEEE 802.11 standards include a basic
medium access protocol Distributed Coordination Function (DCF) and
an optional Point Coordination Function (PCF). The multihop or
single-hop ad hoc operation is supported by the DCF, which is based
on the Carrier Sense Medium Access with Collision Avoidance
(CSMA/CA) random access scheme, in which retransmission of
collided packets is managed according to binary exponential backoff
rules.
Introduction to MANET
P a g e | 12
To avoid the hidden terminal problem an optional Request to Send
(RTS)- Clear to Send (CTS) mechanism is implemented. The PCF is a
centralize-scheduling and polling-based protocol, which is designed to
support collision free and transmission of real time traffic in wireless
networks. When the PCF is in operation, the AP controls medium
access and avoids simultaneous transmissions by the nodes.
Inter-Frame Spacing (IFS): Inter-frame spacing refers to the time
interval between the transmissions of two successive frames by any
station. There are for types of IFS: SIFS, PIFS, DIFS, and EIFS, in
order from shortest to longest. They denote priority levels of access to
the medium. Shorter IFS denotes a higher priority to access the
medium, because the waiting time to access the medium is lower.
The exact values of the IFS are obtained from the attributes specified
in the Physical Layer Management Information Based (PHYMIB) and
are independent of the station bit rate
Short inter-frame spacing (SIFS): SIFS is the shortest of all
the IFSs and denotes highest priority to access the medium. It is
defined for short control messages such as acknowledgement for
data packets.
PCF inter-frame spacing (PIFS): PIFS is the waiting time whose
value lies between SIFS and DIFS and it is used for real-time
services.
DCF inter-frame spacing (DIFS): DIFS is used by stations that
are operating under the DCF mode to transmit packets. This is
for asynchronous data transfer within the contention period
Extended inter-frame spacing (EIFS): EIFS is the longest of all
the IFSs and denotes the least priority to access the medium.
IEFS is used for resynchronization whenever physical layer
detects incorrect MAC frame reception.
Introduction to MANET
P a g e | 13
Carrier Sense Medium Access with Collision Avoidance
(CSMA/CA): CSMA/CA is the MAC layer mechanism used by IEEE
802.11 WLAN. This technique cannot be used in the context of WLAN
effectively because the error rate in WLANs is much higher and
allowing collisions will lead to a drastic reduction in throughput.
Morever, detecting collisions in the wireless medium is not always
possible. The technique adopted here is therefore one of collision
avoidance.
1.5 The Network Simulator (NS2)
Simulation has proved to be a valuable tool in many research areas
where analytical methods are not applicable and experimentation is
not feasible. Researchers generally use simulation to analyze system
performance prior to physical design or to compare multiple
alternatives over a range of system conditions.
There are various simulators like NS-2 [143], Glomosim [150], Qualnet
[151] and Opnet [152] are available to carry out research work in
Wireless and Wired Networking. Network Simulator (NS version 2) is
an object-oriented, discrete event driven network simulator developed
at University of California, Berkely written in C++ and OTcl and and
freely available for academic research purpose. To conduct
performance analysis of our proposed solutions presented in this
thesis, the popular NS2 simulator [143] has been extensively used.
NS 2 was chosen primarily because it is a proven simulation tool
utilised in many previous research studies on MANETs [15] and has
been validated and verified in [68, 123].
Introduction to MANET
P a g e | 14
1.5.1 Random Waypoint Mobility (RWP) Model
Mobile nodes in a MANET often move from one location to another,
but finding ways to model these movements is often not obvious. In
order to thoroughly evaluate communication protocols for MANETs
such as Ad Hoc On Demand Distance Vector (AODV), it is necessary
to develop and use mobility models that realistically capture the
movements of mobile nodes.
The Random Waypoint Mobility (RWP) [86] is the most popular
mobility models used in MANETs research and is itself the focal point
of most research activity [76, 20, 48]. The model defines a collection of
nodes which are placed randomly within a confined simulation space.
Then, each node selects a random destination inside the simulation
area and travels towards it at a certain speed “s”. Once it has reached
its destination, the node pauses for some time “t”, before it chooses
another random destination and repeats the process.
NS2 comes with a built in CMU tool called ‘setdest’ that can be used
to generate a large number of nodes and their movements. Setdest is
available under the “ns2.34/indep-utils/cmu-scen-gen/setdest”
directory. Setdest generates the position of nodes during the start of
the simulation, their movement speed and direction throughout the
simulation.
Introduction to MANET
P a g e | 15
1.6 Security issues in MANETs: Threats,
Vulnerabilities and Attacks
Any system which is required to be secured might have weakness or
vulnerabilities which would be targeted by an attacker [7, 122].
Threat: Threat is the means through which the ability or intent of an
agent to adversely affect an automated system, facility or operation
can be manifested. All methods or things used to exploit a weakness
in a system, operation or constitute threat agents. Examples of threats
include attackers, intelligence service etc. Following factors cause
threat in MANETs [7].
Absence of infrastructure — certification/authentication author-
abilities are absent.
Dynamically changing network topology — this puts security of
routing protocols under threat.
Power and computational limitations — these can prevent the
use of complex encryption algorithms.
Vulnerability: Vulnerability is any hardware or software flaw that
leaves an information system open for potential exploitation. The
exploitation can be of various types, such as gaining unauthorized
access to information or disrupt critical processing.
Channel vulnerability — broadcast wireless channels allow
message eavesdropping and injection easily.
Node vulnerability — when nodes do not reside in physically
protected places, they easily fall under attack.
Attack: Attack is an attempt to bypass the security controls on a
computer system. The attack may alter, release, or deny data.
Examples of attacks include actions such as obtaining illegitimate
Introduction to MANET
P a g e | 16
privileges, inserting data falsely, modifying information, analyzing
network traffic, obtaining illegitimate access to the system or disrupt
network operation using malicious software [7].
These attacks can be classified into following types:
External Attacks: External attacks are carried out by nodes that do
not belong to the network. They cause congestion, send false routing
information or cause unavailability of services.
Internal Attacks: Internal attacks are from compromised nodes that
are part of the network. In an internal attack the malicious node from
the network gains unauthorized access and impersonates as a
genuine node. It can analyze traffic between other nodes and may
participate in other network activities.
Different attacks are of two kinds (i) Passive attacks and (ii)
Active attacks [7]:
1. Passive Attack: In this type of attack, an attacker passively
listens to the packet or frame exchanges in the wireless medium by
sniffing the airwaves. Since an attacker only listens to the packets
that are passing by without modifying or tampering with the packets,
these attacks mainly target the confidentiality attribute of the system.
However, this process of gathering information might lead to active
attacks later on. This kind of attack is easier to launch.
Traffic Monitoring and Analysis: In this type of attack,
adversaries monitor packet transmission to infer important
information such as a source, destination, and source-destination
pair, analyse that information to use for different attacks.
Introduction to MANET
P a g e | 17
Eavesdropping: Eavesdropping is another kind of attack that
usually happens in the mobile ad hoc networks. Transmission in
adhoc networks use shared wireless medium and in broadcasting
manner. All nodes in range can hear transmission without any extra
efforts. This type of attack aims at obtaining some confidential
information that needs to be kept secret during the communication.
Syn Flooding: In this type of attack, an attacker may repeatedly make
new connection request until the resources required by each
connection are exhausted or reach a maximum limit. It produces
severe resource constraints for legitimate nodes. This attack is like
Denial of Service (DoS) type.
2. Active Attack: Active attacks are those attacks where the
attacker takes malicious action in addition to passively listening to on-
going traffic e.g. attacker might choose to modify packets, inject
packets or even disrupt network service. The misbehaving node has to
bear some energy costs in order to perform some harmful operation
like changing the data. Active attacks cause damage and are
malicious which often threaten integrity, availability of the network.
These type of attacks can be internal or external [7].
Generic Attacks against Routing: Routing is very
important function in MANETs. It can also be easily misused, leading
to several types of attack. Routing protocols in general are prone to
attacks from malicious nodes. These protocols are usually not
designed with security in mind and often are very vulnerable to node
misbehavior. This is particularly true of MANET routing protocols
because they are designed for minimizing the level of overhead and for
allowing every node to participate in the routing process.
Making routing protocol efficient always increases the security risk of
the protocol and allows a single node to significantly impact the
operation of the protocol.
Introduction to MANET
P a g e | 18
Following are some of the examples of attacks that can be launched
against MANET routing protocols [89, 113, 126, 129]:
Black Hole Attack: In this type of attack, attacker node sends false
message to all or route requesting node, claiming to possess shortest
path from it to destination node. So all or requesting node update
their routing table and send data toward attacker (malicious) node(s).
Malicious node(s) may drop all incoming packets.
Wormhole Attack: In this type of attack, attacker(s) make tunnel
between them & grub data, pass it from tunnel and replay it at other
end which disturbs routing. Figure 1.2 describes wormhole attack.
Figure 1.2 : Wormhole Attack
This type of attack could prevent discovery of any routes and may
create a wormhole even for packet not address to itself because of
broadcasting [53, 57]. Wormhole are hard to detect & do damage to
network.
Introduction to MANET
P a g e | 19
Gray hole Attack: In this type of attack, attacker node(s) involves
itself in data transmission path (attacker node work in on off mode) to
drop data packet on certain probability like packet intended for
specific node or drop packets at certain time interval or every nth
packet or at specific time of the day or some portion of packet. It is
very hard to detect because attacker node works in on off mode with
probability therefore data forwarded by it in network is so hard to
identify.
Location disclosure Attack: This type of attack is a part of the
information disclosure attack. The malicious node(s) leaks information
regarding the location or the structure of the network. It itself may
also use the location information for further attack. It gathers the
node location information such as a route map and knows nodes
situated on the target route. Figure 1.3 show Location disclosure
Attack.
Figure 1.3: Location disclosure Attack
As shown in figure 1.3 node M1 collect all topology information &
either discloses it to other malicious node M2 or itself uses for attack
on any other node for example M1 would send fake Message to S.
Introduction to MANET
P a g e | 20
Flooding: In this type of attack, attacker (malicious) node(s)
broadcast false packets or ghost packets which have wrong routing
information & drain valuable resources like battery, processing power,
and bandwidth. It leads to increased traffic in network, keeping nodes
busy and reduced network performance.
Denial of Service (DoS) attack: This type of attack has similarity
with Flooding type of attacks. This type of attack is any event that
diminishes or eliminates a network’s capacity to perform its expected
function. These attacks are launched against server resources or
network bandwidth by preventing authorized users from accessing
resources. For example, an attack may target a system by exhausting
limited wireless resources such as bandwidth, storage space, battery
power, CPU, or system memory. Networks and applications can be
attacked by modifying routing information or changing system
configuration, thereby directly attacking data integrity.
Selfish Nodes attack: In this type of attack, a node doesn’t harm
others in network but this type of malicious node uses network for its
own purpose but it doesn’t involve traffic transmission to other nodes.
By doing so, they save their resources like battery and computation
power.
Man-in-the-Middle attack: In this type of attack, attacker node(s)
diverts all data packets traffic between sender & receiver node through
itself. In many cases, it impersonates as receiver for sender & as
sender for receiver. Figure 1.4 depicts Man-in-the-Middle Attack.
Introduction to MANET
P a g e | 21
Figure 1.4: Man-in-the-Middle Attack
As shown in figure 1.4 for data transmissions going on between
nodes S to D, malicious node M diverts all packets through it by
sending fake reply messages.
Impersonation attack/ Identity Spoofing: In this type of attack,
malicious node(s) uses other node’s identity like IP or MAC address for
attack.
Sybil attack: In this type of attack, malicious node acts as several
different nodes with their identities rather its own identity. This allows
it to forge the result of a voting used for threshold security methods
[38, 71, 88].
Introduction to MANET
P a g e | 22
Rushing attack: In this type of attack, an adversary node which
receives a Route Request packet from the source node floods the
packet quickly throughout the network before other nodes which also
receive the same Route Request packet can react. Nodes that receive
the legitimate Route Request packets assume those packets to be
duplicates of the packet already received through the adversary node
and hence discard those packets. Any route discovered by the source
node would contain the adversary node as one of the intermediate
nodes. Hence, the source node would not be able to find secure
routes. It is extremely difficult to detect such attacks in MANETs [56].
Routing Table/ Cache Poisoning: In this kind of attack, malicious
nodes in the networks send fictitious routing updates or modify
genuine route update packets that are sent to other uncompromised
nodes. Routing table poisoning may result in sub-optimal routing,
congestion in portions of the network, or even make some parts of the
network inaccessible.
MANETs research challenges include efficient routing and Security,
Media Access Control and Power Consumption etc. [11]. Several
characteristics of an ad hoc network make it much more difficult to
keep its secure as compared to the infrastructure-based network.
Introduction to MANET
P a g e | 23
1.7 Research Problem
MANETs are creating much research interest both in academia and
the telecommunication industries. The principal attractions of
MANETs are related to the ease with which they can be deployed due
to their infrastructure-less, not require any centralized
administration. Interestingly, designing adequate security schemes for
these innovative networks is very challenging. One of the challenging
security problems in MANETs is the secure routing in presence of
selfish or adversarial entities which drop the packets they agreed to
forward; and in doing this selfish or adversarial entities can disrupt
the network traffic and cause various communication problems.
Several research works have been proposed to provide secure route
discovery and detection and prevention of attacks. Each one has its
own limitations and constraints. Many existing solutions address
ways to provide security using cryptography and/or trust based
security are presented in the literature covered in section 3.3 and 3.4
of the thesis.
Introduction to MANET
P a g e | 24
1.8 Motivation and Objectives
Early research works assumed a friendly and co-operative
environment and focus on problem such as simple routing, multihop
routing and wireless channel access. Now, security has become a
primary concern to provide secure, protected communication between
nodes in a potentially hostile environment. Moreover, unique feature
of MANETs present a new set of security challenges. Several
researchers aim at securing the routing messages of existing routing
protocols such as AODV and DSR etc. and they proposed solutions
based on cryptographic mechanisms to make routing protocol secure,
however, this mechanism require a key management service to keep
track of key and node binding. Also it needs a trusted entity called the
certificate authority (CA) to issue public key certificate for every node
in the network. This is “hard security” mechanisms and too expensive
for MANETs. As a result, we were motivated to develop a trust based
secure routing protocol for MANETs.
The objective of carried out research work is to propose routing
protocols and techniques for secure route discovery and maintain it by
preventing different attacks, thus ensuring the transfer of data
packets over the network safely. In detail the objectives can be laid
down as below:
A. To gain in-depth knowledge of Mobile Ad hoc Networks and its
working.
B. To understand the issues and challenges of deployment and
maintenance of MANETs.
C. Propose architecture for AODV reactive routing protocol to
enhance security feature and efficiency.
D. Proposed routing protocol to provide secure route discovery and
maintenance to prevent Blackhole and DoS attack.
E. To propose another approach for survival from insider attacks
like Route Disruption and Route Invasion.
Introduction to MANET
P a g e | 25
1.9 Contributions of the thesis
The contributions of our research work are as follows.
A new trust based mechanism Trust based On Demand Routing
Protocol “TSDRP” is proposed and studied for prevention of blackhole
and DoS attack in benign and malign environment. Simulation results
show the effects of numbers of malicious nodes, traffic load, mobility
speed, pause time and network sizes to help understand the impact of
the packet dropping attack and its mitigation. This study shows that a
trust based prevention mechanism can help improving the packet
delivery performance. TSDRP does not violate the concept of MANETs,
as it is not using any kind of cryptographic key management functions
and is independent from the centralized trusted architecture.
Through the proposed technique NDTAODV, we tendered an
effective mechanism to provide security in AODV against resource
depletion attacks (resource depletion by aggressive RREQ control
packet flooding), results shows that the proposed algorithm prevent
the malicious nodes, isolates them from the active route and increases
packet delivery fraction. Performance of NDTAODV is better in the
malign environment (presence of attacks) whereas NDTAODV and
normal AODV perform almost similar in the benign environment
(absence of flooding attack). This makes AODV more robust.
A new approach AODVSEC is proposed: AODVSEC is not imposing
any lengthy complex processing (e.g. cryptography) on the mobile
node. Compared results demonstrate that the AODVSEC having least
processing time which obviously saves computational power than the
SAODV routing protocol. Also AODVSEC prevent the insider attacks
launched through actively forged RREP control message by just using
RREQ-ACK cach and validation of RREP with RREQ_ACK.
Introduction to MANET
P a g e | 26
1.10 Organisation of the thesis
Thesis begins with an introduction to MANET in Chapter 1. Different
routing protocols of MANET are explained in Chapter 2, whereas
various secure routing protocols are discussed in Chapter 3. Chapter
4 describes our proposed TSDRP: Trust based secure on demand
routing protocol to prevent blackhole and DoS attacks. Chapter 5
contains our proposed NDTAODV: Neighbour Defence Technique for
AODV to Mitigate Flood Attack in MANETs. Chapter 6 details about
our proposed novel technique AODVSEC to prevent insider attacks.
The conclusions and summary of our research work are presented in
Chapter 7. In Chapter 8, we give limitations of our work and thus
outline scope for future work.
Chapter Summary
This chapter discussed with basic concepts of ad hoc networks
includes their application, characteristics and unique challenges like
attacks, threats and vulnerabilities associated with securing MANETs.
Use of network simulator and mobility model are also described.
In the last research problem, motivation and objectives of research,
contributions of the thesis and organization of the thesis are
discussed.