Security in Mobile Ad Hoc Networks Thao p Le tple@cs.wichita.edu Department of Computer Sciences, Wichita State University Outline of Presentation Induction to MANET (Mobile Ad-Hoc Network) Ad Hoc Networks Architecture Attacks to Ad Hoc Networks Challenge of Ad Hoc Networks Security Solution Conclusion Introduction Ad hoc networks are collections of mobile nodes with links that are made or broken in an arbitrary way. No centralized controller and infrastructure. Allows free mobility Node acts as host and router to assist in transmitting data to other nodes in its range. Can be quickly and inexpensively setup Applications: military, emergency and disaster situations. MANETs: Advantages Can access information and services regardless of geographic position Can set up computer networks at any place and time Ad Hoc Networks Architecture Rapid setup time Ad hoc mode only needs the setting up of radio network interface card (NICs) in the user devices. Better performance possible The question of performance with ad hoc mode is certainly doubtful. Limited network access. There is no distribution system with ad hoc wireless LANs, users don’t have effective access to the internet and other wired network services. Ad Hoc Networks Architecture (cont.) Difficult network management Network management becomes a headache with ad hoc networks because of the fluidity of the network topology and lack of a centralized device. Attacks to Ad Hoc Networks Two types of attacks target Ad Hoc network • External attacks: MAC layer jamming Traffic analysis • Internal attacks: Compromised host sending false routing information Fake authentication and authorization Traffic flooding Challenge of Ad Hoc Networks Dynamic topology Heterogeneous and decentralized control Limited resources Movement, node failure, etc. Bandwidth, processing ability, energy Unfriendly environment Selfish nodes, malicious attackers Challenge of Ad Hoc Networks (cont.) Authentication and accounting Security concern Open medium without any centralized control Real time services No fixed membership Dynamic topology and slow routing information distribution Limited bandwidth Congestion is typically the norm rather than the exception. Problems with Security Measures Deficiencies of intrusion prevention • • • • Increases the overhead during normal operations of Ad Hoc networks Restriction on power consumption and computation capability prevent the usage of complex encryption algorithms Flat infrastructure increases the difficulty for the key management and distribution Cannot guard against internal attacks Security Solution The Multi-fence Approach in Security Solution • • The proactive approach attempts to prevent security threats in the first place. The reactive approach seeks to detect threats a posteriori (derived by reasoning from observed facts) and react accordingly. The reactive approach is widely used to protect packet forwarding operations. Security Solution (cont.) Ad hoc Secure Routing • • • • Source Node Routing( DSR) Distance Vector Routing (DSDV and AODV) Link State Routing: Secure Link State Routing (SLSP) Other Routing Protocols: ARAN Conclusion The research on MANET security is still in its early stage. The existing proposals are typically attack-oriented in that they first identify several security threats and then enhance the existing protocol or propose a new protocol to thwart such threats. Because the solutions are designed explicitly with certain attack models in mind, they work well in the presence of designated attacks but may collapse under anticipated attacks. Therefore, a more ambitious goal for ad hoc network security is to develop a multi-fence security solution that is embedded into possibly every component in the network, resulting in in-depth protection that offers multiple lines of defense against many both known and unknown security threats. Sources [1] Cavin et al., "On the accuracy of MANET simulators," Proc. ACM Workshop on Princ. Mobile Computing [2] K.-W. Chin, et al., "Implementation Experience with MANET Routing Protocols," ACM SIGCOMM Computer Communications Review, Nov. 2002, pp. 49-59. Available online. [3] Frodigh, et al, "Wireless Ad Hoc Networking: The Art of Networking without a Network," Ericsson Review, No. 4, 2000. online. [4] M. S. Corson et al., "Internet-Based Mobile Ad Hoc Networking," IEEE Internet Computing, July-August 1999 [5] C. Elliott and B. Heile, "Self-Organizing, Self-Healing Wireless Networks," Proc. 2000 IEEE [6] K. Kim, "A New Mobile Environment: Mobile Ad Hoc Networks (MANET)," IEEE [7] C. Perkins and E Royer, “Ad Hoc On-Demand Distance Vector Routing,” 2nd IEEE Wksp. Mobile Comp. Sys.and Apps., 1999