Security Vulnerabilities in Mobile Ad Hoc Networks

Transcription

1 Security Vulnerabilities in Mobile Ad Hoc Networks Vinay Kumar Nassa Associate Prof (Deptt of ECE) Dronacharya College of Engineering, Gurgaon , ABSTRACT Science and technology play a vital role in the present fast-growing world. In recent years, pervasive computing has enjoyed a tremendous rise in popularity. Here some security issues related to the routing protocols for mobile ad hoc networks (MANETs) are presented. A mobile ad-hoc network is a self-configuring network of mobile routers, connected by wireless links, which are free to move randomly and organize themselves arbitrarily. These types of networks operate in the absence of any fixed infrastructure which makes them easy to deploy but it becomes difficult to make use of the existing routing techniques for network services. This poses a number of challenges in ensuring the security of the communication. Because of the changing topology special routing protocols have been proposed to face the routing problem in MANETs. The paper contains two major sections: one presenting the routing protocols in brief and their comparison, the other presenting threats faced by the ad-hoc network environment and provides intrusion detection systems. Attempt is to explain the reputation based intrusion detection system respective strengths and problems. The paper closes with a conclusion and an outlook on evolving trends in secure ad-hoc routing. KEYWORDS: Ad Hoc Network, security attacks, bandwidth, denial of Service (DoS), intrusion Detection System (IDS), reputation. 1. INTRODUCTION Mobile ad-hoc networks inherently have very different properties from conventional networks. Adhoc networks [4] [5] are infrastructure-less networks in which each node participating in the network acts as a sender and router, forwarding packets to other nodes, emphasizing on a routing protocol different from traditional routing protocols. As the mobile nodes have limited transmission range, it is necessary that multihop routing be used by one node to exchange data with other nodes in the same or another network, so each mobile node acts as a host and also as a router, thus forwarding packets for other nodes, that are not within the direct transmission range of each other. Mobile ad-hoc networks are a new paradigm of wireless communication for mobile nodes. There is no fixed infrastructure for mobile switching. The primary reason ad-hoc networks are also called infrastructure-less networks is that the mobile nodes in the network dynamically establish routes to other nodes in the network on fly (while moving). Ad-hoc networks are often called ubiquitous computing, which means that computers are everywhere and information is anywhere anytime. Each node has a wireless interface and communicates with other nodes. Some of the examples of the nodes of ad-hoc networks are laptop computers and personal digital assistants (PDAs) that communicate directly with each other. The mobile nodes play a very vital role in such type of networks because they form their communications as per their need. They work as both sender and receiver and hence require some routing protocols. As we know that these nodes are changing their position frequently so we need some routing protocols that quickly adapt to new topology. These nodes can be laptops and personal digital assistants (PDAs) having limited resources such as storage capacity, bandwidth and battery power. These reveal the fact that routing protocols must act in a smart way to utilize these resources at their best. A Mobile Adhoc Networks (MANETs) are a collection of mobile nodes that are dynamically and arbitrarily located in such a manner that the International Journal of Science Technology & Management Page 67

2 interconnections between the nodes are capable of changing on a continual basis. The main features of MANETs are ease of deployment and absence of the need for any infrastructure and it makes ideal network for many applications. Examples of such applications are disaster relief, conferencing, interactive information sharing, file transfer and warfare situations, where setting up of infrastructure is very difficult range. Then, the intermediate nodes are the routers. Challenges to MANETs include changing network topology, a limited transmission range, low availability of bandwidth due to wireless environment and consumption of higher control packets for establishing and maintaining. The wireless nature of communication and lack of any security infrastructure raises several security problems. Wireless ad hoc networks are vulnerable to various attacks. These include passive eavesdropping, active interfering, impersonation, modification of packets and denial of-service. Intrusion prevention measures, such as strong authentication and redundant transmission, can be used to tackle some of these attacks. However, these techniques can address only a subset of the threats, and moreover, are costly to implement due to the limited memory and computation power on nodes. 1.1 Working of Mobile Ad hoc Networking There are two different types of wireless networks: The easiest network topology is where each node is able to reach all the other nodes with a traditional radio relay system with a big range. There is no use of routing protocols with this kind of network because all nodes can see the others. The second kind uses also the radio relay system but each node has a smaller range, therefore one node has to use neighboring nodes to reach another node that is not within its transmission Figure 1: Working of a Ad-Hoc Network Any routing protocol must encapsulate an essential set of security mechanisms. These are mechanisms that help prevent, detect, and respond to security attacks. There are five major security goals that need to be addressed in order to maintain a reliable and secure ad-hoc network environment. They are mainly: Confidentiality: Protection of any information from being exposed to unintended entities. In adhoc networks this is more difficult to achieve because intermediates nodes (that act as routers) receive the packets for other recipients, so they can easily eavesdrop the information being routed. Availability: Services should be available whenever required. There should be an assurance of survivability despite a Denial International Journal of Science Technology & Management Page 68

3 of Service (DOS) attack. On physical and media access control layer attacker can use jamming techniques to interfere with communication on physical channel. On network layer the attacker can disrupt the routing protocol. On higher layers, the attacker could bring down high level services e.g. key management service. Authentication: Assurance that an entity of concern or the origin of a communication is what it claims to be or from. Without which an attacker would impersonate a node, thus gaining unauthorized access to resource and sensitive information and interfering with operation of other nodes. Integrity: Message being transmitted is never altered. Non-repudiation: Ensures that sending and receiving parties can never deny ever sending or receiving the message. All the above security mechanisms must be implemented in any ad-hoc networks so as to ensure the security of the transmissions along that network. Thus whenever considering any security issues with respect to a network, we always need to ensure that the above mentioned 5 security goals have been put into effect and none most) of them are flawed. 2. ROUTING PROTOCOLS 1. Proactive Routing Protocols: Herein the nodes keep updating their routing tables by periodical messages. This can be seen in Optimized Link State Routing Protocol (OLSR) and the Topology Broadcast based on Reverse Path Forwarding Protocol (TBRPF). 2. Reactive or On Demand Routing Protocols: Here the routes are created only when they are needed. The application of this protocol can be seen in the Dynamic Source Routing Protocol (DSR) and the Ad-hoc On-demand Distance Vector Routing Protocol (AODV). The most common ad-hoc protocols are the Ad-hoc On-demand Distance Vector routing protocol and the Destination-Sequenced Distance-Vector routing protocol and the Dynamic Source Routing. All these protocols are quite insecure because attackers can easily obtain information about the network topology. This is because in the AODV and DSR protocols, the route discovery packets are carried in clear text. Thus a malicious node can discover the network structure just by analyzing this kind of packets and may be able to determine the role of each node in the network. With all this information more serious attacks can be launched in order to disrupt network operations. Both academic and industrial efforts are currently being done in the development of the routing protocols for ad-hoc networks. The academic research has been carried out on developing new routing protocols for ad-hoc networks and its implementation. Industrial efforts have helped to have some widely accepted routing protocols for adhoc networks. Blue Tooth supported devices have implementations of ad-hoc routing protocols like DSR and DSDV. Basically there are two types of routing protocols: International Journal of Science Technology & Management Page 69

4 authentication, or attract packets destined to other nodes. The goal is basically to attract all packets to the attacker for analysis or to disable the network. Such attacks can be detected and the nodes can be identified. 4. INTRUSION DETECTION SYSTEMS Figure 2: Classification of Routing Protocols 3. ATTACKS FACED BY ROUTING PROTOCOLS Due to their underlined architecture, ad-hoc networks are more easily attacked than a wired network. The attacks prevalent on ad-hoc routing protocols can be broadly classified into passive and active attacks. A Passive Attack does not disrupt the operation of the protocol, but tries to discover valuable information by listening to traffic. Passive attacks basically involve obtaining vital routing information by sniffing about the network. Such attacks are usually difficult to detect and hence, defending against such attacks is complicated. Even if it is not possible to identify the exact location of a node, one may be able to discover information about the network topology, using these attacks. An Active Attack, however, injects arbitrary packets and tries to disrupt the operation of the protocol in order to limit availability, gain Intrusion detection is described as the process of smartly monitoring the incidents happening in the networked information system, examining them for sign an intrusion of security policy. The main goal of intrusion detection system is to protect the privacy, integrity and availability of important networked security systems [6]. Intrusion detection system is a significant part of protective measures of networked information systems from misuse. When intrusion detection system is suitably organized, it can offer alert telling that a system is under attack. It is significant for intrusion detection system to reach maximal functioning. However, intrusion detection system is typified under two views which are as follows: 1. The information source: host typed, multiphase typed or network typed; 2. The intrusion detection model; irregularly detection or abuse detection. 3. Intrusion detection tries to detect the attacks by investigative information records observed by processes on the same network. These attacks are usually split into two groups, host-typed attacks and network-typed attacks. Host- typed attack detection programs usually use program call data from an audit process that tracks all system calls made on behalf of every user on a particular computer. These audit processes typically run on every monitored computer. Network-typed attack detection programs normally use network traffic information from a network sniffer [9]. Various computer networks, with the extensively accepted Ethernet (IEEE 802.3) network, employ a common medium for interaction. In an abuse detection typed intrusion detection system, intrusions are detected by seeking behavior that communicates to known signature of intrusion. International Journal of Science Technology & Management Page 70

5 In contrast, irregularity typed intrusion detection system detects intrusions via searching for anomalous network traffic. The intrusion detection system can be classified at a macroscopic level as the detector which processes data arrival from the system to be secure. The detector can also start probes to activate the audit process, like demanding version codes for uses. It utilizes three types of data: 1. Configuration data regarding the present situation of the system. 2. Long term data describing the method employed to observe intrusion. 3. Audit data related to the incidents that are occurrence to the system. The responsibility of the detector is to remove unnecessary data from the audit trail. Then it shows either an artificial vision of the security related actions adopted through normal practice of the system, or an artificial vision of the present security situation of the system. A decision is then adopted to assess the possibility that these events can be considered as symptoms of an intrusion. The barrier can then apply a corrective action to either strop the events from being implemented or modify the situation of the system in return to a protected state. Figure 3 shows the Intrusion detection system. Figure 3: Intrusion detection system Intrusion detection systems (1DS), especially those which are reputation-based, are a new paradigm and are being used for enhancing security in different areas. These systems are lightweight, easy to use and are capable to face a wide variety of attacks as long as they are observable. Among these mechanisms some of the popular ones are CORE, CONFIDANT, OCEAN and SAFE. 4.1 Reputation-Based IDS Reputation-based IDS do not rely on the conventional use of a common secret to establish confidential and secure communication between two parties. Instead, they are simply based on each other s observations [3]. To be more precise, every node in the network monitors the emission of its neighboring nodes and derives a reputation value for them. If any misbehavior is detected, this information is broadcasted to the neighboring nodes in order to help them to protect themselves against this fraud [1]. Different architectures using the reputation concept for securing packet forwarding have been proposed so far [8]. The reputation herein is simply bound to how good routers the nodes are. Monitoring the packet loss carried out by the is one of the main tasks of these reputation-based systems [7]. The monitoring operation was implemented in CORE and CONFIDANT using a packet International Journal of Science Technology & Management Page 71

6 overhearing technique based on the promiscuous mode. 4.2 Issues related Security There are few basic problems in MANET that need to be kept in mind while designing any security solution. First, it is often hard to differentiate intrusions and normal operations or conditions in MANET because of the dynamically changing topology and volatile physical environment. Second, mobile nodes are autonomous units that are capable of roaming independently in unrestricted geographical topology. This means that nodes with inadequate physical protection can be captured, compromised, or hijacked. Third, decision-making in ad hoc networks is usually decentralized and many ad-hoc network algorithms rely on the cooperative participation of all nodes. Most ad hoc routing protocols are also cooperative in nature and hence can be easily misguided by false routing information [10].It is observed that without countermeasure the effect of misbehavior dramatically decreases network performance. Intrusion prevention measures, such as authentication and encryption can be used as the first line of defense against attacks in MANET. However, even if these prevention schemes can be implemented perfectly, they still cannot eliminate all attacks, especially the internal or insider attacks. Also, they are costly to implement on mobile nodes from the point of view of limited computation power and energy needed. Another possible solution to this problem is similar to the concept of economic incentives, but the problem with them is that they need a centralized banking system and tamper proof hardware, and a more basic question is who will pay and how much? 4.3 Working of Reputation-Based IDS Reputation-based systems are used for enhancing security in ad hoc networks as they model cooperation between the nodes which is inspired from our social behavior. As in our daily life, when we meet somebody for the first time, we build a reputation about him or her from our personal (firsthand) and somebody else (secondhand) experience. Reputation-based systems are built on this principle. Such systems are used to decide who to trust, and to encourage trustworthy behavior. Resnick and Zeckhauser identify three goals for reputation systems [8]. a. To provide information to distinguish between a trustworthy principal and an untrustworthy principal. b. To encourage principals to act in a trustworthy manner, and c. To discourage untrustworthy principals from participating in the service the reputation mechanism is present to protect. Walchdog and Path-rater arc some essential cornponents of any Reputation-based Intrusion detection System [2]. Complementing DSR with a watchdog increases throughput of mobile ad- hoc networks. Misbehavior Detection and Reputation Systems may or may not be distributed. Here fully distributed means whether information regarding one s reputation is immediately propagated in the whole network or not. In the later case nodes are fully dependent on their own personal view about other nodes reputation and behavior. Distributed IDS protocols either rely only on firsthand information or on positive secondhand information. CONFIDANT and CORE fall into this category. Sorne basic problems with this approach of global reputation systems arc: Every node has to maintain O (n) reputation information where n is number of nodes in network. Extra traffic generation in reputation exchange. Extra computation in accepting indirect reputation information (secondhand information), especially Bayesian Estimation. Security issues in reputation exchange such as reputation data packets can he modified. International Journal of Science Technology & Management Page 72

7 6. CONCLUSION Mobile ad-hoc networks have properties that increase their vulnerability to attacks. Unreliable wireless links are vulnerable to jamming and by their inherent broadcast nature facilitate eavesdropping. Constraints in bandwidth, computing power, and battery power in mobile devices can lead to application-specific trade-offs between security and resource consumption of the device. Mobility/Dynamics make it hard to detect behavior anomalies such as advertising bogus routes, because routes in this environment change frequently. Selforganization is a key property of ad-hoc networks. They cannot rely on central authorities and infrastructures, e.g. for key management. Latency is inherently increased in wireless multi-hop networks, rendering message exchange for security more expensive. Multiple paths are likely to be available. This property offers an advantage over infrastructure-based local area networks that can be exploited by diversity coding. Mobile ad hoc networks have a number of significant security issues which cannot be solved alone by Intrusion detection systems. Physical security of nodes is another very important issue. Reputation systems are used to establish trust and encourage trustworthy behavior and cooperation among nodes. 7. REFERENCES [1] Buchegger, S., & Le Boudec.,J.Y. (2003). The effect of rumor spreading in reputation systems for mobile ad-hoc networks. In Proceedings of WiOpt 03: Modeling and Optimization in Mobile, Ad Hoe and Wireless Networks. Sophia-Antipolis, France. [2] Buchegger. C.T.. & Le Boudec, J.Y. (2004). A test-bed for-misbehavior detection in mobile ad hoc networks-how much can watchdogs really do? In WMCSA: Proceedings of the Sixth IEEE Workshop on Mobile Computing Systems and Applications. [4] C.-K. Toh, (1997), Wireless ATM and Ad-hoc Protocols and Architectures Kluwer Academic Press. [5] Das, Samir; Castenda, Robert; Yan, Jiangtao, (1998) Comparative Performance Evaluation of Routing Protocols for Mobile, Ad-Hoc Networks, Proceedings of IEEE International Conference on Computer Communications and Networks, San Antonio, Oct. 1998,( pp ). [6]Debar, H. An Introduction to Intrusion Detection Systems, IBM Research Zurich Research Lab, Saumerstrasse, 2000 [7] Marti S. Giuli, T.J. Lai. K.. & Baker. M. (2000). Mitigating routing misbehavior in mobile ad hoe networks. In Proceedings of the 6 th Annual International Conference on Mobil Computing and Networking Table of Contents, (pp ) [8]Resnick, P., & Zeckhauser. R. (2002). Trust among strangers in Internet transactions: Empirical analysis of ebay s reputation system. In M. R. Bave (Ed.). The economics of the internet and commerce: Advances in applied microeconomics (Vol. II. pp ). Amsterdam, Elsevier Science. [9]Siraj A., Bridges, SM. and Vaughn, R. B. Fuzzy Cognitive Maps for Decision Support In an Intelligent Intrusion D[tection System. Joint 9 IFSA World Congress and 20 NAFIPS International Conference, Volume 4, 2001, pp [10]Yan. P., & Mitchell, C..J. (2003). Reputation methods for routing security Mobile ad- hoc networks. In Proceedings of Sympo TIC 03, Joint 1ST Workshop on Mobile Future and Symposium on Trends in Communications, Bratislava. [3] Buchegger, S.. & Le Boudec. J.Y. (2005). Selfpolicing mobile ad hoc networks by reputation systems. IEEE commutations Magazine. International Journal of Science Technology & Management Page 73