The document summarizes routing security in ad hoc wireless networks. It discusses the characteristics of ad hoc wireless networks and routing protocols used, including proactive, reactive, and hybrid protocols. It then covers various security attacks on routing protocols like passive attacks, active attacks, impersonation attacks, and attacks using modification or fabrication. Finally, it discusses some security mechanisms and routing protocols that aim to provide security, such as SEAD, Ariadne, SAR, and SRP.
switching techniques in data communication and networkingHarshita Yadav
it is a detailed presentation on switching techniques. it includes the three types of switching technique. it is described in such manner that you can learn switching without any difficulties.
Medium Access Control :-
1.Distributed Operation
2.Synchronization
3.Hidden Terminals
4.Exposed terminals
5.Throughput
6.Access delay
7.Fairness
8.Real-time Traffic support
9.Resource reservation
10.Ability to measure resource availability
11.Capability for power control
Adaptive rate control
Use of directional antennas
switching techniques in data communication and networkingHarshita Yadav
it is a detailed presentation on switching techniques. it includes the three types of switching technique. it is described in such manner that you can learn switching without any difficulties.
Medium Access Control :-
1.Distributed Operation
2.Synchronization
3.Hidden Terminals
4.Exposed terminals
5.Throughput
6.Access delay
7.Fairness
8.Real-time Traffic support
9.Resource reservation
10.Ability to measure resource availability
11.Capability for power control
Adaptive rate control
Use of directional antennas
Beginners: Bandwidth, Throughput, Latency & Jitter in mobile networks3G4G
A short presentation & video looking at what is meant by Bandwidth, Throughput, Latency & Jitter in mobile networks. We will look at simple examples to explain the concepts and also look at definitions from viewpoint of standards bodies like 3GPP, ITU, etc.
This ppt describes about the Different protocols of Ad-Hoc Network .It is a pure survey report which will make clarification about each protocols used in ad-hoc network and helps to future generation to make more publishing of recent trends of ad-hoc networks.
Beginners: Bandwidth, Throughput, Latency & Jitter in mobile networks3G4G
A short presentation & video looking at what is meant by Bandwidth, Throughput, Latency & Jitter in mobile networks. We will look at simple examples to explain the concepts and also look at definitions from viewpoint of standards bodies like 3GPP, ITU, etc.
This ppt describes about the Different protocols of Ad-Hoc Network .It is a pure survey report which will make clarification about each protocols used in ad-hoc network and helps to future generation to make more publishing of recent trends of ad-hoc networks.
Implementation of dynamic source routing (dsr) in mobile ad hoc network (manet)eSAT Journals
Abstract Generally, the Base station (BS) is fixed in the mobile communication system however in Mobile Ad hoc network, Base Station (BS)s is not used, thus it is named as infrastructure less network which can manage its network independently. The Routing protocol plays an important role and a lot of research has been done in this area. This paper presents a protocol for routing mobile ad hoc network (MANET) that uses dynamic source routing. This protocol adapts quickly to the change in the routing path as the host is changing its location frequently. DSR allows the network to be fully self-organising and self-configuring without the need for any existing network. The protocol is composed of the two mechanisms of route discovery and route maintenance work together to search for the shortest path and also to maintain source route to arbitrary destination in the Mobile ad hoc network, we used optimize routing protocol in Mobile ad hoc network (MANET).This optimization is done on DSR (Dynamic Source Routing) protocol using ANT algorithm. The performance of DSR is analyzed using Qualnet 5.2 with respect to QOS (Quality of Service) of throughput, end to end delay, Routing overhead, Average hop count. All the parameter are analyzed in three different scenario of velocity, pause time and traffic connection. All the result are compared with the result of standard DSR routing protocol. The comparison shows that the DSR-ant has better performance than standard DSR. By using Ant algorithm, the DSR optimization can be improved with a smaller delay and the number of hop to transfer information between nodes. Keywords: MANET, DSR, ANT Algorithm
Secure dynamic source routing protocol for defending black hole attacks in mo...nooriasukmaningtyas
Wireless Ad Hoc Network is a dynamically organized network on emergency
situations, in which a group of wireless devices send data among themselves
without requiring any base stations for forwarding data. Here the nodes itself
perform the functions of routing. This important characteristic of mobile ad
hoc networks allows the hassle free set up of the network for
communications in different crisis such as battlefield and natural disaster
zones. Multi hop communication in MANET is achieved by the cooperation
of nodes in forwarding data packets. This feature of MANET is largely
exploited to launch a security attack called black hole attack. A light weight
solution called SEC-DSR is proposed to defend the network from black hole
attack and enables communication among nodes even in the presence of
attackers. In this scheme, by analyzing only the control packets used for
routing in the network, the compromised nodes launching the attack are
identified. From the collective judgment by the participating nodes in the
routing path, a secure route free of black hole nodes is selected for
communication by the host. Simulation results validate and ensure the
effectiveness of the proposed solution tested on an ad hoc network with
compromised black hole nodes.
Mobile Ad-hoc Network is group of wireless mobile device with restricted broadcast range and no use of base Infrastructure. The secure routing model helps for reduced honest elicitation and free riding problem. The term honest elicitation means it forward high recommendation for malicious node in order to avoid itself. It means the high recommendation for colludingmalicious node. When operating in hostile or suspicious setting, MANETs require privacy and ,communication security in routing protocol. In this paper we present the type of attacks and operation on network layer with routing protocol technique i.e. based on an on-demand locationbased anonymous MANET routing protocol called SMRT (secure MANET routing technique ,with trust model) that achieves security and privacy against insider and outsider adversaries.
DESIGN OF A SCHEME FOR SECURE ROUTING IN MOBILE AD HOC NETWORKScscpconf
Security has become a primary concern in order to provide protected communication between
mobile nodes in a hostile environment. Unlike the wireline networks, the unique characteristics
of mobile ad hoc networks pose a number of nontrivial challenges to security design, such as
open peer-to-peer network architecture, shared wireless medium, stringent resource constraints,
and highly dynamic network topology. These challenges clearly make a case for building
multifence security solutions that achieve both broad protection and desirable network
performance. So,we focus on the fundamental security problem of protecting the multihop
network connectivity between mobile nodes in a MANET. We identify the security issues related
to this problem, discuss the challenges to security design, and review the state of-the-art security
proposals that protect the MANET link- and network-layer operations of delivering packets over the multihop wireless channel.
Performance Analysis of Malicious Node in the Different Routing Algorithms in...ijsrd.com
An ad hoc network is a collection of mobile nodes that dynamically form a provisional network. It operates without the use of existing infrastructure. Two on- demand routing protocols used in Ad-Hoc networks is AODV (Ad-Hoc On demand Distance Vector) protocol and DSR (Dynamic Source Routing) protocol. The security of the AODV protocol is compromised by a particular of attack called “Black Hole†attack. In this attack, a malicious node advertises itself as having the shortest path with highest sequence number to the node whose packets it wants to intercept. To reduce the probability, it is proposed to wait and check the replies from all the neighboring nodes to find a safe route. AODV protocol provides better performance than the DSR in the presence of Black holes with minimal additional delay and Overhead. Computer simulation using NS2 simulator on Linux operating system shows the behavior of malicious node. In this paper, we simulate and analyzed which routing method is best or suitable in different malicious behaviors
International Journal of Engineering Research and DevelopmentIJERD Editor
Electrical, Electronics and Computer Engineering,
Information Engineering and Technology,
Mechanical, Industrial and Manufacturing Engineering,
Automation and Mechatronics Engineering,
Material and Chemical Engineering,
Civil and Architecture Engineering,
Biotechnology and Bio Engineering,
Environmental Engineering,
Petroleum and Mining Engineering,
Marine and Agriculture engineering,
Aerospace Engineering.
Performance Analysis of Routing Protocols (ADSDV, OLSR and TORA) in Wireless ...ijsrd.com
In routing process a node i.e. source transmit the data packets to another node i.e. destination. Routing in wireless networks have great challenges due to mobility, limited transmission range, There are several familiar routing protocols like DSDV, AODV, DSR, etc. which have been proposed for providing communication among all the nodes in the network. This paper presents a performance comparison of proactive and reactive protocols ADSDV, OLSR and TORA based on metrics such as throughput, packet delivery ratio and average end-to-end delay by using the NS-2 simulator.
Survey on Efficient and Secure Anonymous Communication in ManetsEditor IJCATR
Mobile ad-hoc networks require anonymous communications in order to thwart new wireless passive attacks; and to protect new
assets of information such as nodes locations, motion patterns, network topology and traffic patterns in addition to conventional identity and
message privacy. The transmitted routing messages and cached active routing entries leave plenty of opportunities for eavesdroppers.
Anonymity and location privacy guarantees for the deployed ad hoc networks are critical in military and real time communication systems,
otherwise the entire mission may be compromised. This poses challenging constraints on MANET routing and data forwarding. To address
the new challenges, several anonymous routing schemes have been proposed recently.
Study of Attacks and Routing Protocol in Wireless Networkijsrd.com
Wireless mesh networks (WMNs) are attractive as a new communication paradigm. Ad hoc routing protocols for WMNs are classified into: (1) proactive, (2) reactive, and (3) hybrid approaches. In general, proactive routing is more suitable for a stationary network, while reactive routing is better for a mobile network with a high mobility. In many applications, a node in WMN is mobile but it can fluctuate between being mobile. Wireless mesh networks is an emergent research area, which is becoming important due to the growing amount of nodes in a network.
Abstract Mobile Ad Hoc Network(MANETs) is a wireless communications technology in which devices may move around. There is no fixed structure or network that all the participating nodes form. It is a very flexible network. These characteristicsof MANET make it very unsafe and prone to various attacks.Although many research focus on how to deliver packets fromone node to another, very less importance had been given tothe security. Current techniques of addressing security on thefixed structured wired network are only useful to protect thetransmitted message on the end nodes, the security of routinginformation among the mobile nodes in the hostile environmentwhere mobile Ad Hoc networks are usually used has beeninadequately addressed. Security and routing has been treatedseparately incase of wired network but that cannot be done inwireless network since routing itself can be a major reason fordata loss or theft if done in a casual manner making it prone toattack from malicious node.Hence the routing and security hasto be looked into as one and not separately. Making the routingsecured can make the MANET a more reliable network. We havemade the routing mechanism secured but extending Fuzzy logic toit. Fuzzy logic in deciding the route makes it less prone to attacksand thus ensuring enhanced security. The proposed scheme ofsecure routing will be demonstrated by using simulation on NS2. Keywords AODV, SAODV, Fuzzy Logic, Black holeattack.
Enhance the Throughput of Wireless Network Using Multicast RoutingIOSR Journals
Abstract: Wireless Mesh Network is designed static or limited mobility environment .In multicast routing for wireless mesh networks has focused on metrics that estimate link quality to maximize throughput andtoprovide secure communication. Nodes must collaborate in order to compute the path metric and forward data.Node identify the novel attacks against high- throughput multicast protocols in wireless mesh network.. The attacks exploit the local estimation and global aggregation of the metric to allow attackers to attract a large amount of traffic These attacks are very effective based on high throughput metrics. The aggressive path selection is a double-edged sword: It is maximizes throughput, it also increases attack effectiveness. so Rate guard mechanism will be used.Rate guard mechanism means combines Measurement-based detection and accusation-based reaction techniques.The attacks and the defense using ODMRP, a representative multicast protocol for wireless mesh networks, and SPP, an adaptation of the well-known ETX unicast metric to the multicast setting. Keywords— Wireless mesh network,high throughput metrics, secure multicast routing,metric manipulation attacks, Byzantine attacks
Enhance the Throughput of Wireless Network Using Multicast RoutingIOSR Journals
Wireless Mesh Network is designed static or limited mobility environment .In multicast routing for
wireless mesh networks has focused on metrics that estimate link quality to maximize throughput
andtoprovide secure communication. Nodes must collaborate in order to compute the path metric and
forward data.Node identify the novel attacks against high- throughput multicast protocols in wireless
mesh network.. The attacks exploit the local estimation and global aggregation of the metric to allow
attackers to attract a large amount of traffic These attacks are very effective b a s e d on high
throughput metrics. The aggressive path selection is a double-edged sword: It is maximizes throughput,
it also increases attack effectiveness. so Rate guard mechanism will be used.Rate guard mechanism
means combines Measurement-based detection and accusation-based reaction techniques.The attacks
and the defense using ODMRP, a representative multicast protocol for wireless mesh networks, and
SPP, an adaptation of the well-known ETX unicast metric to the multicast setting
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
1. Routing Security in Ad Hoc
Wireless Networks
Presented by
J.Jaffer Basha
M.Elanthendral
II Year – CSE
Sree Sowdambika College of Engineering
Aruppukottai
2. Wireless Networks
Wireless networks provide rapid, access to
information and computing, limiting the
barriers of distance, time, and location for
many applications ranging from collaborative,
distributed mobile computing to disaster
recovery
3. Ad Hoc Wireless Networks
Collection of wireless mobile hosts forming a
temporary network
Every device has the role of router and actively
participates in data forwarding.
Communication between two nodes can be
performed directly if the destination is within the
sender’s transmission range, or through
intermediate nodes acting as routers if the
destination is outside sender’s transmission
range.
4. Characteristics of
Ad Hoc Wireless Networks
Characteristics which differentiate Ad Hoc
wireless networks from other networks are:
Dynamic Network Topology
Distributed Operations
Limited Energy Resources
5. Routing
Routing is an important operation for data
exchange between wireless devices.
Main routing responsibilities are exchanging the
routing information, finding a feasible path
between source and destination.
6. Routing Protocol
The major requirements of a routing protocol are
Minimum route acquisition delay
Quick route reconfiguration in case of path breaks
Loop-Free routing
Distributed routing protocol
Low control overhead
Scalability with network size
QoS support as demanded by the application
Support of time sensitive traffic
Security and Privacy.
7. Routing Protocols in Ad Hoc
Wireless Networks
The design of routing protocols should take these
factors into consideration.
Based on the routing information update mechanism,
routing protocols in ad hoc wireless networks can be
classified as
Proactive (or table-driven) protocols
Reactive (or on-demand) protocols
Hybrid routing protocols.
8. Proactive Routing Protocols
Nodes exchange routing information periodically
to maintain accurate routing information.
The path can be computed rapidly based on the
updated information available in the routing
table.
The algorithm used is DSDV.
9. DSDV
Finds shortest paths between nodes using Bellman-Ford
algorithm.
Each node maintains a routing table
For each entry, the following fields are maintained:
the destination address
next hop on the shortest path to that destination
a destination sequence number
10. DSDV
Sequence numbers are used for
preventing loop formation.
Each entry in the routing table has a
sequence number.
If a node receives an update with a
smaller sequence number, then that
update is ignored.
Path is adopted if it has a greater
sequence number, or if it has the same
sequence number but a lower metric.
11. DSDV
Destination Next Metric Seq. Nr Install Time
A A 0 A-550 001000
B B 1 B-102 001200
C B 3 C-588 001200
D B 4 D-312 001200
When a broken link is detected, the node
creates a routing update with next odd
sequence number and metric value of
infinity.
12. Reactive Routing Protocol
A route discovery mechanism is initiated only when a
node does not know a path to a destination it wants
to communicate with.
Perform better with significantly lower overheads
than proactive routing protocols
Has two main operations
Route discovery
Route maintenance
Various reactive protocols have been proposed
Ad Hoc On-demand Distance Vector (AODV)
Dynamic Source Routing (DSR)
13. DSR
Is a source routing protocol, each data packet
carries the source-destination path in its
header.
Using this information, intermediate nodes can
determine who is the next hop this packet
should be forwarded to.
Every entry has an expiration time after which
the entry is deleted in order to avoid stale
information.
14. Each Route Request contains sequence number
generated by source node, to prevent loop
formation.
An intermediate node checks the sequence
number, and forwards the Route Request only if
this message is not a duplicate.
Receiving the Route Reply, the sender starts
sending data to the receiver.
15. If a node detects a failure, it sends a Route
Error message to the source.
All routes that contain this hop are truncated.
If the source does not have an alternative path
to the destination, it has to re-initiate the path
discovery mechanism.
16. DSR has several optimization techniques.
Know a path to the destination to reply to
the Route Request message instead of
forwarding the request.
Path discovery can use an expanding ring
search mechanism when sending the Route
Request messages in close destinations, thus
avoiding broadcasting in the whole network.
17. Hybrid Routing Protocols
Some routing protocols are hybrid of
proactive and reactive mechanisms.
examples of hybrid routing protocols:
Zone Routing Protocol (ZRP)
Core Extraction Distributed Ad Hoc Routing
Protocol (CEDAR)
18. Zone Routing Protocol (ZRP)
The network is divided in zones .
The intra-zone routing protocol is a proactive
routing protocol, the inter-zone routing protocol is
a reactive routing protocol.
When a node transmit data to a destination within
the same zone, then this is done using the
proactive routing protocol.
If the destination is in another zone, then the
source node border casts the Route Request until it
reaches the destination zone.
Node of the destination zone sends then back a
Route Reply message.
If a broken link is detected, the path reconstruction
can be done locally
19. Security Attacks on
Routing Protocol
Secure system can be achieved by preventing
attacks or by detecting them and providing a
mechanism to recover for those attacks.
Attacks on ad hoc wireless networks can be
classified as
Active attacks
Passive attacks
20. Passive Attacks
Intruder snoops the data exchanged without
altering it.
The goal of the attacker is to obtain information
that is being transmitted.
These attackers are difficult to detect, since the
network is not disrupted
Powerful encryption mechanism can alleviate
these attackers.
21. Active Attack
Attacker actively participates in disrupting
network services.
Attack by modifying packets or by introducing
false information in the ad hoc network.
Confuses routing procedures and degrades
network performance. Active attacks can be
divided into
Internal Attack
External Attack
22. Internal Attack
From compromised nodes that were once
legitimate part of the network.
Since they are part of the network, they are
much more severe and difficult to detect when
compared to external attacks.
23. External Attack
Carried by nodes that are not legitimate part of
the network.
Such attacks can be defended by using
encryption, firewalls and source authentication.
24. Attacks using Impersonation
An intruder consume another node resources or
to disturb normal network operation.
An attacker node achieves impersonation by
misrepresenting its identity.
This can be done by changing its own IP or MAC
address to that of some other legitimate node.
Some strong authentication procedures can be
used to stop attacks by impersonation.
25. Impersonation
Man-in-the-Middle Attack
The attacker can impersonate the receiver with
respect to the sender, and the sender with
respect to the receiver.
without having either of them realize that they
have been attacked.
26. Attacks using Modification
This attack disrupts the routing function by
having the attacker illegally modifying the
content of the messages.
Misrouting Attack: A non-legitimate node
sends data packet to the wrong destination.
Detour Attack: The traffic is diverted to other
routes that appear to be shorter and might
contain malicious nodes which could create
other attacks.
Blackmail Attack: Causes false identification
of a good node as malicious node.
27. Attacks using Fabrication
An intruder generates false routing messages,
such as routing updates and route error
messages, in order to disturb network operation
or to consume other node resources.
28. Security Mechanism and
Solutions for Routing Protocol
Message encryption and digital signatures are two
important mechanisms for data integrity and user
authentication.
There are two types of data encryption mechanisms
Symmetric
Asymmetric
Symmetric : Use the same key (the secret key) for
encryption and decryption of a message
Asymmetric : Use one key (the public key) to
encrypt a message and another key (the private key)
to decrypt it.
29. Message Authentication Code (MAC) is used.
Cryptographic checksum, computed by the
message initiator as a function of the secret key
and the message being transmitted and it is
appended to the message.
The recipient re-computes the MAC in the
similar fashion.
If the MAC computed by the receiver matches
the MAC received with the message then the
recipient is assured that the message was not
modified.
30. Secure Efficient Ad hoc
Distance Vector
Secure Efficient Ad hoc Distance Vector (SEAD)
is a proactive routing protocol, based on the
design of DSDV.
SEAD routing tables maintain a hash value for
each entry.
31. The key feature of the proposed security protocol
is the use one-way hash chain function H.
Each node computes a list of hash values h0, h1,
・ ・ ・ , hn, where hi = H(hi−1) and 0 < i ≤ n,
based on an initial random value h0.
If a node knows H and a trusted value hn, then
it can authenticate any other value hi, 0 < i ≤ n
by successively applying the hash function H and
then comparing the result with hn.
32. To authenticate, a node adds a hash value to
each routing table entry.
For a metric j and a sequence number i, the
hash value hn−i+j is used to authenticate the
routing update entry for that sequence number
Since an attacker cannot compute a hash value
with a smaller index than the advertised value.
33. ARIADNE
Design of ARIADNE is based on DSR.
It assumes that sender and receiver share
secret keys for message authentication.
The initiator (or sender) includes a MAC
computed with an end-to-end key and the
target (or destination) verifies the authenticity
and freshness of the request using the shared
key.
Pre-hop hashing mechanism, a one-way hash
function that verifies that no hop is omitted, is
also used in Ariadne.
Provides a strong defense against attacks that
modify and fabricate routing information.
34. Security Aware Routing (SAR)
Is an on demand routing protocol based on
AODV
The initiator of the route in SAR includes a
security metric in the route request.
This security metric is the minimum trust
level of the nodes that can participate in
the route discovery.
Only those nodes that have this minimum
security level can participate in the route
discovery.
All other nodes that are below that trust
level will drop the request packets.
35. SAR uses sequence numbers and timestamps to
stop replay attacks.
Threats like interception and subversion can be
prevented by trust level key authentication.
Modification and fabrication attacks can be
prevented
36. Secure Routing Protocol (SRP)
SRP defends against attacks that disrupt the
route discovery process.
Set up a security association without the
need of cryptographic validation of the
communication data by the intermediate
nodes.
SRP assumes that this SA can be achieved
through a shared key KST between the
source S and target T.
37. The SRP uses an additional header called SRP
header to the underlying routing protocol
packet.
SRP header contains the following fields:
the query sequence number QSEC
query identifier number QID
96 bit MAC field
Discard a route request message if SRP header
is missing.
Otherwise, forward the request towards
destination after extracting QID, source, and
destination address.
38. When the target T receives request packet, it
verifies.
If QSEC >=QMAX, the request is dropped.
Otherwise it calculates the keyed hash of the
request fields and if the output matches SRP
MAC then authenticity of the sender and
integrity of the request are verified.
If the two routes match then S calculates the
MAC by using the replied route, the SRP header
fields, and the secure key between source and
destination.
If the two MAC match then the validation is
successful and it confirms that the reply did
came from the destination T.
39. Security Protocols for Sensor
Network (SPINS)
It provides important network services like
data confidentiality
two party data authentication
data freshness
Through Secure Network Encryption Protocol
(SNEP) and secure broadcast through Micro
Timed Efficient Stream Loss-tolerant
Authentication (μTESLA).
μTESLA an enhanced version of TESLA,
uses symmetric cryptographic techniques
for authentications and asymmetry
cryptography only for the delayed
disclosure of keys.
40. CONCLUSION
Achieving a secure routing protocol is an
important task that is being challenged by the
unique characteristics of an ad hoc wireless
network.
In this paper we discuss security services and
challenges in an ad hoc wireless network
environment.
The current security mechanisms, each defeats
one or few routing attacks. Designing routing
protocols resistant to multiple attacks remains a
challenging task.