Ad hoc routing security
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share

Ad hoc routing security

  • 403 views
Uploaded on

 

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
403
On Slideshare
403
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
14
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. SECURING AD HOC NETWORK ROUTINGHarry Sunarsa
  • 2. INTRODUCTIONOverview CharacteristicsNodes within ad hoc network are - No fixed infrastructuremobile, also known as MANET, they -Dynamic topologycommunicate with each other within radio - Energy constrainedrange through direct wireless links or multi-hop routing. - Node acts both as a host and routerThe nodes can continuously move into andout of the radio range of the other nodes inthe ad hoc network, and the routinginformation will be changing all the timebecause of the movement of the nodes
  • 3. SECURITY ISSUESSecurity Goal [4]• Availability: ensures the survivability of network services despite denial ofservice attacks.• Confidentiality : Ensures that secret information or data is never disclosed tounauthorized devices.• Integrity : Ensures that a message received is not corrupted.• Authentication: enables a node to ensure the identity of the peer node it iscommunicating with.• Non-repudiation: ensures that the origin of a message cannot deny having sentthe message.Challenge [2]:• the vulnerability of the link• limited physical protection of each of the nodes• dynamically changing of topology• the absence of a certification authority• the lack of the centralized monitoring or management point
  • 4. SECURITY ISSUESThreat•External attacks come from outside intruders, i.e. non participants in theprotocol, whose objective is the disruption of normal routing operation• To defend against the external attacks, nodes can protect routing information inthe same way they protect data traffic.• A compromised node is categorized as internal attack.• the most severe threat for MANETs, it may broadcast wrong routing informationto other nodes• Detection of compromised nodes through routing information is also difficult dueto dynamic topology of Adhoc networks.•Routing protocols for Adhoc networks must handle outdated routing informationto accommodate dynamic changing topology.
  • 5. ROUTING PROTOCOL ISSUES Attacks using modification of protocol fields of messages • The level of trust in a traditional Ad-hoc network cannot be measured or enforced, enemy nodes or compromised nodes may participate directly in the route discovery and may intercept and filter routing protocol packets to disrupt communication. • Malicious nodes can easily cause redirection of network traffic and DOS attacks by simply altering these fields • in Figure 5, a malicious node M could keep traffic from reaching X by consistently advertising to B a shorter route to X than the route to X, which C is advertising.
  • 6. ROUTING PROTOCOL ISSUES Attacks using modification of protocol fields of messages • The attacks can be classified as remote redirection attacks and denial of service attacks  Remote redirection with modified route sequence number (AODV) • Remote redirection attacks are also called black-hole attacks[7]. • a malicious node uses routing protocol to advertise itself as the shortest path to nodes whose packets it wants to intercept • Protocols such as AODV instantiate and maintain routes by assigning monotonically increasing sequence numbers to routes towards a specific destination • any node may divert traffic through itself by advertising a route to a node with a destination sequence number greater than the authentic value. • Figure 5 illustrates an example ad hoc network. Suppose a malicious node, M, receives the RREQ that originated from S for destination X after it is re-broadcast by B during route discovery. • M redirects traffic towards itself by unicasting to B a RREP containing a significantly higher destination sequence num for X than the authentic value last advertised by X.
  • 7. ROUTING PROTOCOL ISSUES Attacks using modification of protocol fields of messages  Redirection with modified hop count (AODV) • by modifying the hop count field in route discovery messages. • When routing decisions cannot be made by other metrics, AODV uses the hop count field to determine a shortest path. • The malicious nodes can attract route towards themselves by resetting the hop count field of the RREP to zero. • Once the malicious node has been able to insert itself between two communicating nodes it is able to do anything with the packets passing between them. • It can choose to drop packets to perform a denial of service attack, or alternatively use its place on the route as a first step in man-in-the-middle attack.
  • 8. ROUTING PROTOCOL ISSUES Attacks using modification of protocol fields of messages  Denial of service with modified source routes • DSR is a routing protocol, which explicitly states routes in data packets. • These routes lack any integrity checks and a simple denial-of- service attack can be launched in DSR by altering the source routes in packet headers. • Modification to source routes in DSR may also include the introduction of loops in the specified path. • Although DSR prevents looping during the route discovery process, there are insufficient safeguards to prevent the insertion of loops into a source route after a route has been salvaged.
  • 9. ROUTING PROTOCOL ISSUES Attacks using impersonation • Current Ad-hoc routing protocols do not authenticate source IP address. A malicious node can launch many attacks by altering its MAC or IP address. • Both AODV and DSR are susceptible to this attack. • In this type of attack, nodes may be able to join the network undetectably, or send false routing information, masquerading as some other trusted node
  • 10. ROUTING PROTOCOL ISSUES Attacks using fabrication • Generation of false routing messages is termed as fabrication messages. Such attacks are difficult to detect.  Falsifying route error messages in AODV or DSR • AODV and DSR implement path maintenance measures to recover broken paths when nodes move. • The vulnerability is that routing attacks can be launched by sending false route error messages. • Suppose node S has a route to node X via nodes A, B, and C, as in Figure 5. A malicious node M can launch a denial of service attack against X by continually sending route error messages to B spoofing node C, indicating a broken link between nodes C and X. • B receives the spoofed route error message thinking that it came from C. • B deletes its routing table entry for X and forwards the route error message on to A, who then also deletes its routing table entry. If M listens and broadcasts spoofed route error messages whenever a route is established from S to X, M can successfully prevent communications between S and X.
  • 11. ROUTING PROTOCOL ISSUES Attacks using fabrication  Route cache poisoning in DSR • This is a passive attack that can occur in DSR due to promiscuous mode of updating routing table which is employed by DSR. • Occurs when information stored in routing table at routers is deleted, altered or injected with false information. • DSR Nodes learn the routes from packet’s headers, which a node is processing along a path, routes in DSR may also be learned from promiscuously received packets. • A node overhearing any packet may add the routing information contained in that packets header to its own route cache. • The vulnerability is that an attacker could easily exploit this method of learning routes and poison route caches. • Suppose a malicious node M wanted to poison routes to node X. If M were to broadcast spoofed packets with source routes to X via itself, neighboring nodes that overhear the packet transmission may add the route to their route cache.
  • 12. ROUTING PROTOCOL ISSUES Attacks using fabrication  Routing table overflow attack • In routing table overflow attack, the attacker attempts to create route to non-existent nodes. • The goal of the attacker is to create enough routers to prevent new routes from being created or overwhelm the protocol. • Implementation and flush out legitimate routes from routing tables. • Proactive routing algorithms attempt to discover routing information even before they are needed, while reactive algorithms create only when they are needed. This makes proactive algorithms more vulnerable to table overflow attacks.
  • 13. SOLUTION TO AD HOC ROUTING Installing extra facilities in the network to mitigate routing misbehavior • Misbehaving nodes can reduce network throughput and result in poor robustness. • A technique to identify and isolate such nodes is proposed in [10] by installing a watchdog and a pathrater in the Ad-hoc network on each node. • The watchdog identifies misbehaving nodes, while the pathrater avoids routing packets through these nodes. • When a node forwards a packet, the node’s watchdog verifies that the next node in the path also forwards the packet. • The watchdog does this by listening promiscuously to the next node’s transmissions. If the next node does not forward the packet, then it is misbehaving. • The pathrater uses this knowledge of misbehaving nodes to choose the network path that is most likely to deliver packets.
  • 14. SOLUTION TO AD HOC ROUTINGWatchdog S A B C D Figure 6: Watchdog’s operation. • when A transmits a packet for B to forward to C, A can often tell if B transmits the packet. • If encryption is not performed separately for each link, which can be expensive, then A can also tell if B has tampered with the payload or the header. Advantages The watchdog mechanism can detect misbehaving nodes at forwarding level and not just the link level.
  • 15. SOLUTION TO AD HOC ROUTINGWatchdog• The watchdog is implemented by maintaining a buffer of recently sent packets and comparing each overheard packet with the packet in the buffer to see if there is a match.• If so, the packet in the buffer is removed and forgotten by the watchdog, since it has been forwarded on.• If the packet has remained in the buffer for longer than a certain timeout, the watchdog increments a failure tally for the node responsible for forwarding on the packet.• If the tally exceeds a certain threshold bandwidth, it determines that the node is misbehaving and sends a message to the source notifying it of the misbehaving node.
  • 16. SOLUTION TO AD HOC ROUTINGWatchdog - Weakness Ambiguous collision• It prevents A from overhearing transmissions from B• A packet collision occur at A while it is listening for B to forward on a packet.• A does not know if the collision was caused by forwarding on a packet as it should or if B never forwarded the packet and the collision was caused by other nodes in A’s neighborhood.• Because of this uncertainty, A should instead continue to watch B over a period of time. 2 1 1 S A B C D Figure 7: Ambiguous Collision.
  • 17. SOLUTION TO AD HOC ROUTINGWatchdog - Weakness Receiver collision• node A can only tell whether B sends the packet to C, but it cannot tell if C receives it.• If a collision occurs at C when B first forwards the packet, A only sees B forwarding the packet and assumes that C successfully receives it.• Thus, B could skip retransmitting the packet and evade detection. S A B C D Figure 8: Receiver Collision
  • 18. SOLUTION TO AD HOC ROUTINGWatchdog - Weakness False misbehavior• It can occur when nodes falsely report other nodes as misbehaving.• A malicious node could attempt to partition the network by claiming that some nodes following it in the path are misbehaving.• For instance, node A could report that node B is not forwarding packets when in fact it is. This will cause S to mark B as misbehaving when A is the culprit.• This behavior, however, will be detected. Since A is passing messages onto B (as verified by S), then any acknowledgements from D to S will go through A to S, and S will wonder why it receives replies from D when supposedly B dropped packets in the forward direction.• In addition, if A drops acknowledgements to hide them from S, the node B will detect this misbehavior and will report it to D.
  • 19. SOLUTION TO AD HOC ROUTINGWatchdog - Weakness Limited transmission power• Another problem is that a misbehaving node that can control its transmission power can circumvent the watchdog.• A node could limit its transmission power such that the signal is strong enough to be overheard by the previous node but too weak to be received by the true recipient. Multiple colluding nodes• Multiple nodes in collusion can mount a more sophisticated attack. For example, B and C could collude to cause mischief. In this case, B forwards a packet to C but does not report to A when C drops the packet. Because of its limitation, it may be necessary to disallow two consecutive un- trusted nodes in a routing path.
  • 20. SOLUTION TO AD HOC ROUTINGWatchdog - Weakness Partial dropping• A node can circumvent the watchdog by dropping packets at a lower rate than the watchdog’s configured minimum misbehavior threshold.• Although the watchdog will not detect this node as misbehaving, this node is forced to forward at the threshold bandwidth.• In this way the watchdog serves to enforce this minimum bandwidth. For the watchdog to work properly it must know where a packet should be in two hops.
  • 21. SOLUTION TO AD HOC ROUTINGPathrater• The pathrater is run by each node.• It combines the knowledge of misbehaving nodes with link reliability data to pick. The most reliable route.• Each node maintains a rating for every other node it knows about in the network. It calculates a path metric by averaging the node ratings in the path.• This metric gives a comparison of the overall reliability of different paths and allows pathrater to emulate the shortest length path algorithm when no reliability information has been collected.• If there are multiple paths to the same destination, the path with the highest metric is selected. Since the pathrater depends on knowing the exact path a packet has traversed, it must be implemented on top of a source routing protocol.
  • 22. SOLUTION TO AD HOC ROUTINGPathrater• When anode in the network becomes known to the pathrater (through route discovery), the pathrater assigns it a “neutral” rating of “0.5”. A node always rates itself with a “1.0”.• This ensures that when calculating path rates, if all other nodes are neutral nodes (rather than suspected misbehaving nodes); the pathrater picks the shortest length path.• The pathrater increments the ratings of nodes on all actively used paths by 0.01 at periodic intervals of 200 ms.• An actively used path is one on which the node has sent a packet within the previous rate increment interval. The maximum value a neutral node can attain is 0.8. The node’s rating is decreased by 0.05 when a link break during packet forwarding and the node becomes unreachable.• The lower bound rating of a “neutral” node is 0.0. The pathrater does not modify the ratings of nodes that are not currently in active use.
  • 23. SOLUTION TO AD HOC ROUTINGPathrater• When the pathrater calculates the path metric, negative path values indicate the existence of one or more suspected misbehaving nodes in the path (special highly negative value is assigned by watchdog, -100 in the simulations,).• If a node is marked as misbehaving due to a temporary malfunction or incorrect accusation it would be preferable if it were not permanently excluded from routing.• Therefore nodes that have negative ratings should have their ratings slowly increased or set back to a non-negative value after a long timeout.
  • 24. SOLUTION TO AD HOC ROUTINGSecurity Aware Routing - SAR
  • 25. SOLUTION TO AD HOC ROUTING Security Aware Routing - SAR• makes use the trust levels (security attributes assigned to nodes) to make informed and secure routing decision.• Current routing protocols discover the shortest path between two nodes. But SAR can discover a path with desired security attributes (E.g. a path through nodes with a particular shared key).• A node initiating route discovery sets the sought security level for the route i.e. the required minimal trust level for nodes participating in the query/reply propagation.• Nodes at each trust level share symmetric encryption keys. Intermediate nodes of different levels cannot decrypt in-transit routing packets or determine whether the required security attributes can be satisfied and drop them.• Only the nodes with the correct key can read the header and forward the packet. So if a packet has reached the destination, it must have been propagated by nodes at the same level, since only they can decrypt the packet, see its header and forward it.DrawbacksA lot of encryption overhead, since each intermediate node has to performs it.
  • 26. SOLUTION TO AD HOC ROUTINGSAODV - Implementation SAR extends AODV• Most of AODV’s original behavior such as on-demand discovery using flooding, reverse path maintenance and forward path setup via Route Request and Reply (RREP) messages is retained.• The RREQ packet has an additional field called RQ_SEC_REQUIREMENT that indicates the required security level for the route the sender wishes to discover.• An intermediate node at the required trust level, updates the RREQ packet by updating another new field, RQ_SEC_GUARANTEE field. The RQ_SEC_GUARANTEE field contains the minimum security offered in the route.• This can be achieved if each intermediate node at the required trust level performs an ‘AND’ operation with RQ_SEC_GUARANTEE field it receives and puts the updated value back into the RQ_SEC_GUARANTEE field before forwarding the packet.• When an RREQ successfully traverses the network, the RQ_SEC_GUARANTEE represents the minimum security level in the entire path from source to destination.• the destination copies this from the RREQ to the RREP, into a new field called RP_SEC_GUARANTEE field. The sender can use this value to determine the security level on the whole path, since the sender can find routes which offer more security than asked for, with which he can make informed decisions.
  • 27. SOLUTION TO AD HOC ROUTING Authenticated Routing for Ad-hoc Networks - ARAN• ARAN is presented in [14], introduces authentication, message integrity and non-repudiation to an Ad-hoc environment.• ARAN is composed of two distinct stages. The first stage is simple and requires little extra work from peers beyond traditional ad hoc protocols. Nodes that perform the optional second stage increase the security of their route, but acquire additional cost for their ad hoc peers who may not comply (e.g., if they are low on battery resources).• ARAN makes use of cryptographic certificates for the purposes of authentication and non-repudiation.
  • 28. SOLUTION TO AD HOC ROUTINGARAN, Stage 1 Preliminary Certification• Before entering the Ad-hoc network, each node requests a certificate from T. For a node A, T -> A: CertA = [IPA, KA+, t, e]KT-• All nodes must maintain fresh certificates with the trusted server and must know T’s public key. End-to-End authentication• The goal of stage 1 is for the source to verify that the intended destination was reached.• Source node , A, begins route instantiation to a destination X by broadcasting to its neighbors a route discovery packet (RDP): A -> broadcast: [RDP, IPX, CertA, NA, t]KA-• all signed with As private key. Each time A performs route discovery, it monotonically increases the nonce. Nodes then store the nonce they have last seen with its timestamp.
  • 29. SOLUTION TO AD HOC ROUTINGARAN, Stage 1• Intermediate node for RDP , Each node records the neighbor from which it received the message. Let As neighbor be B. B -> broadcast: [[RDP, IPX, CertA, NA, t]KA-]KB-, CertB• Upon receiving the broadcast, Bs neighbor C validates the signature with the given certificate.• C then rebroadcasts the RDP to its neighbors, first removing Bs signature. C -> broadcast: [[RDP, IPX, CertA, NA, t]KA-]KC-, CertC• Destination node, unicasts a Reply (REP) packet back along the reverse path to the source. X -> D: [REP, IPA, CertX, NA, t]KX-• Intermediate node for REP, All REPs are signed by the sender. D -> C: [[REP, IPA, CertX, NA, t]KX-]KD-, CertD• C validates Ds signature, removes the signature, and then signs the contents of the message before unicasting the RDP to B• C -> B: [[REP, IPA, CertX, NA, t]KX-]KC-, CertC• Source node, verifies that the correct nonce was returned by the destination as well as the destinations signature. Only the destination can answer an RDP packet.
  • 30. SOLUTION TO AD HOC ROUTINGARAN, Stage 2• The disadvantage of ARAN is that it requires that nodes keep one routing table entry per source-destination pair that is currently active. This is certainly more costly than per-destination entries in non-secure ad hoc routing protocols.• Stage 2 is done only after Stage 1 is over. This is because the destination certificate is required in this stage.• This stage is primarily used for discovery of shortest path in a secure fashion. Since a path is already discovered , data transfer can be pipelined with Stage 2s shortest path discovery operation.• Source, by broadcasting a Shortest Path Confirmation (SPC) message to its neighbors A -> broadcast: SPC, IPX, CertX, [[IPX, CertA, NA, t]KA- ]KX+• This signed message is encrypted with Xs public key so that other nodes cannot modify the contents
  • 31. SOLUTION TO AD HOC ROUTINGARAN, Stage 2• Intermediate Node , a neighbor B that receives the message rebroadcasts the message after including its own cryptographic credentials. B ->broadcast: SPC, IPX, CertX, [[[IPX, CertA, NA, t]KA-]KX+]KB-, CertB]KX+• Nodes that receive the SPC packet create entries in their routing table so as not to forward duplicate packets. The entry also serves to route the reply packet from the destination along the reverse path.• Destination Node, it checks that all the signatures are valid. X replies to the first SPC it receives and also any SPC with a shorter recorded path by sending Recorded Shortest Path (RSP) message . X -> D: [RSP, IPA, certX, NA, route]KX-• The source eventually receives the packet and verifies that the nonce corresponds to the SPC is originally generated.AdvantagesThe onion-like signing of messages prevents nodes in the middle from changing the pathin several ways. First, to increase the path length of the SPC, malicious nodes require anadditional valid certificate. Second, malicious nodes cannot decrease the recorded pathlength or alter it because doing so would break the integrity of the encrypted data.
  • 32. SOLUTION TO AD HOC ROUTINGARAN, Route Maintenance• Nodes keep track of whether routes are active. When no traffic has occurred on an existing route for that routes lifetime, the route is simply de-activated in the route table.• Data received on an inactive route causes nodes to generate an Error (ERR) message that travels the reverse path towards the source.• Nodes also use ERR messages to report links in active routes that are broken due to node movement. All ERR message must be signed.• For a route between source A and destination X, a node B generates the ERR message for its neighbor C as follows: B -> C: [ERR, IPA, IPX, CertC, NB, t]KB-• This message is forwarded along the path towards the source without modification.• Because messages are signed, malicious nodes cannot generate ERR messages for other nodes
  • 33. SOLUTION TO AD HOC ROUTINGARAN, Key Revocation• ARAN attempts a best effort key revocation that is backed up with limited time certificates.• Calling the revoked certificate cert r, the transmission appears as• T -> broadcast: [revoke, Cert-R]KT-• Any node receiving this message re-broadcasts it to its neighbors.• Any neighbor of the node with the revoked certificate needs to reform routing as necessary to avoid transmission through the now-untrusted node.
  • 34. SOLUTION TO AD HOC ROUTINGSecure Routing Protocol – SRP [11]• SRP is applied as an extension of a multitude of existing routing protocols such as DSR [12] and ZRP [13].• counters the malicious behavior that guarantees the acquisition of correct topological information in a timely manner.• . i.e., the route replies that are validated and accepted by the querying node provide accurate connectivity information, despite the presence of strong adversaries [13].• Achieved with the existence o a security association between the pair of end nodes only, without the need for intermediate node to cryptographically validate control traffic.
  • 35. SOLUTION TO AD HOC ROUTINGSecure Routing Protocol – SRP [11]• Here is assumed that a security association (a shared key KST) is established between source (S) and destination (T).• The route request packet is identified by a random query identifier (rnd#) and a sequence number (sq#).• S constructs a Message Authentication Code (MAC) which is a hash of source, destination, random query identifier, sequence number and KST• MAC = h(S, T, rnd#, sq#, KST)• In addition the identifiers (IP addresses) of the traversed intermediate nodes are accumulated in the route request packet.• The intermediate nodes maintain a limited amount of state information regarding relayed queries (by storing their random sequence number), so that previously seen route requests are discarded.
  • 36. SOLUTION TO AD HOC ROUTINGSecure Routing Protocol – SRP [11]• More than one route request packet reaches the destination through different routes.• The destination T calculates a MAC covering the route reply contents and then returns the packet to S over the reverse route accumulated in the respective request packet.• The destination responds to one or more route request packets to provide the source with an as diverse topology picture as possible.Advantages:• Computing the MAC is not computationally expensive.• Message integrity is preserved.• If confidentiality of data is required, the pay load could be encrypted with the shared key KST
  • 37. SOLUTION TO AD HOC ROUTINGSecure Routing Protocol – SRP [11]• the query request is denoted as a list { QST; n1, n2, …. nk}• QST denotes the SRP header for a query searching for T and initiated by S.• ni , i not = {1,k} are the IP addresses of the intermediate nodes and n1= S, nk= T.• Similarly, a route reply is denoted as { RST; n1, n2, …. nk}
  • 38. SOLUTION TO AD HOC ROUTINGSecure Routing Protocol – SRP [11]Case 1• When M receives { QST; S} it tries to mislead S by generating{ RST; S, M1, T} i.e. it fakes that destination T is its neighbor.• This is possible in a regular routing protocol, but not here, since only T can generate the MAC which is verified by S.Case 2• If M1 discards request packets that it receives, it narrows the topology view of S.• But at the same time it practically removes itself from S’s view.• Thus it cannot inflict harm to data flows originating from S, and route chosen by S would not include M1.
  • 39. SOLUTION TO AD HOC ROUTINGSecure Routing Protocol – SRP [11]Case 3• When M1 receives { RST; S,1, M1, S, 4, T} it tampers with its contents and relays{ RST; S, 1, M, Y, T}.• Y being any sequence of nodes. S readily discards the reply due to the integrity protection provided by MAC.Case 4• When M2 receives { QST; S, 2, 3 } it corrupts the accumulated route and relays { QST; S, X, 3, M2} to its neighbors, where X is a false IP address.• This request arrives at T, which constructs the reply and routes it over {T, M2, 3, X, S} towards S.• but when node 3 receives the reply it cannot forward it any further since X is not its neighbor and the reply is dropped.
  • 40. SOLUTION TO AD HOC ROUTINGSecure Routing Protocol – SRP [11]Case 5• If M1 replays route requests to consume network resources, they will be discarded by intermediate nodes, since they maintain a list of query identifiers seen in the past.• The query identifier is a random number, so that it is not guessable by the malicious node.Case 6• If M1 attempts to forward { QST; S, M*} i.e. it spoofs its IP address.• Consequently S would accept { RST; S, M*, 1, 4, T} as a route• But the connectivity information conveyed by such a reply is correct.
  • 41. SOLUTION TO AD HOC ROUTINGAttack on SRPTunneling• If 2 nodes collude during the 2 phases (request and reply) of a single route discovery, then the protocol could be attacked. e.g.: if M1 received a route request, it can tunnel it to M2• i.e. discover a route to M2 and send the request encapsulated in a data packet. Then M2 broadcasts a request with the route segment between M1 and M2 falsified {QST; S, M1, Z, M2}.• T receives the request and constructs a reply which is routed one {T, M2, Z, M1, S}. M2 receives the reply and tunnels it back to M1, which then returns it to S. As a result the connectivity information is only partially correct.Replay• If M1 rewrites the RND# with some other random number, its neighbors think that it is a genuine packet and keep forwarding it, thus wasting their resources.• Only when the packet reaches the destination this misuse can be detected using the MAC.
  • 42. Conclusion• Routing protocol threats are usually specific to particular security weakness(not necessary design weakness) of the protocol, which can be categorizedusing different criteria.• However, proposed routing solutions are capable to operate with dynamictopology but in terms of security measure they provide partial or no solution[4].• Thus implementation of secure routing protocol is still one of the challengeswithin ad hoc network.
  • 43. References1. Wenjia Li and Anupam Joshi, “Security Issues in Mobile Ad Hoc Networks A Survey”.2. Jean-Pierre Hubaux, Levente Buttyan and Srdan Capkun, “The Quest for Security in Mobile Ad hocNetworks”, Proceedings of the ACM Symposium on Mobile Ad hoc Networking and Computing, MobiHOC 2001.3. Hao Yang, Haiyun Luo, Fan Ye, Songwu Lu, and Lixia Zhang, “Security in Mobile Ad Hoc Network Challenge andSolutions”, IEEE Wireless Communications, February 20044. L. Zhou, Z. J. Haas. Securing Ad Hoc Networks. IEEE Network, 13(6): 24-30, Nov/Dec 1999.5. Preetida Vinayakray-Jani, “Security within Ad hoc”, Position Paper, PAMPAS Workshop, Sept. 16/17 2002, London.6. Dr. Harsh Sadawarti and Anuj K. Gupta, “Secure Routing Techniques for MANETs”, International Journal of ComputerTheory and Engineering, Vol. 1, No. 4, October2009, 1793-8201.7. F.Wang, B. Vetter, and S.Wu, “Secure Routing Protocols: Theory and Practice,” Technical Report, North Carolina StateUniversity, May 19978. [http://citeseer.nj.nec.com/400961.html.2000.H. Dang,W. Li, and D. P. Agrawal, “Routing security in wireless ad hocnetworks”, IEEE Communications Magazine, 0163-6804, pp. 70-75, October 2002.]9. A. K. Bayya, S. Gupte, Y. K. Shukla, A. Garikapati, “Security in Ad-hoc Networks”.10. S. Marti, T.J. Giuli, Kevin Lai and Mary Baker, Mitigating Routing Misbehavior in Mobile Ad Hoc Networks.Proceedings of MOBICOM 2000, August 2000. 11. P. Papadimitratos and Z.J. Haas. “Secure routing for mobile ad hoc networks,” SCS Communication Networks andDistributed Systems Modeling and Simulation Conference (CNDS 2002), Jan 2002. 12. D.B. Johnson, D.A Maltz, and J. Broch, “DSR: The Dynamic Source Routing Protocol for Multi-Hop Wireless Ad hocNetworks,” Ad Hoc Networking, C.E. Perkins, Ed., Addison-Wesley, 2001, 139-172.13. Z. J. Haas, M. Perlman, “The Performance of Query Control Schemes of the Zone Routing Protocol” IEEE/ACMTransactions on Networking, vol. 9, no. 4, pp. 427-438, Aug 2001.14. B. Dahill, B. N. Levine, E. Royer, and C. Shields, “A secure routing protocol for ad hoc networks,” in Proceedings ofthe International Conference on Network Protocols (ICNP), pp. 78-87, 2002.15. F. Stajano and R. Anderson, “The Resurrecting Duckling: Security Issues for Ad Hoc Wireless Networks,” SecurityProtocols, 7th International Workshop, LNCS, Springer-Verlag, 1999.16. Seung Yi, P. Naldurg and R. Kravets, “Security-Aware Ad-Hoc Routing for Wireless Networks”.