2. i
Abstract
Because of the designation of the mobile ad hoc networks (MANet), namely to build up a dynamic
wireless network, which has no antecedent and strictly defined infrastructure, within areas with
limited or no available organized infrastructure, is possible for two types of parties to participate
in MANet - authentic network users as well as malicious attackers. This fact certainly arises the
question about the security. In this paperwork we pay attention to the common attacks within
MANet, which differ in their essence such as Blackhole attack, Flooding attack, jamming, Worm-
hole attack, traffic monitoring and analysis, DoS etc. and what can be done as countermeasures
against them.
5. List of Figures iv
List of Abbreviations
AODV Ad hoc On-demand Distance Vector
CTS Clear To Send
DoS Denial of Service
DSSS Direct Sequence Spread Spectrum
e.g. for example
FHSS Frequency Hopping Spread Spectrum
GSM Global System for Mobile Communications
i.e. id est
LAN Local Area Network
MANet Mobile Ad hoc Network
MIMA Man-in-the-middle Attack
MPR Multipoint Relay
OLSR Optimized Link State Routing
OSI Open System Interconnection
PDA Personal Digital Assistant
RREP Route Reply
RREQ Route Request
RTS Request To Send
SSL Secure Socket Layer
TCB Transmission Control Block
TCP Transmission Control Protocol
TLS Transport Layer Security
6. 1 Introduction 1
1 Introduction
In a world of fast developing technologies and internet network, accessible for everyone, where
there are no clear boundaries between the functionality of the "gadgets" and the possibility to com-
municate is not an option but necessity, the mobile ad hoc networks (MANet) play significant role.
As a dynamic network, which has no antecedent and strictly defined infrastructure (e.g. Wireless
Access Points), MANet makes possible the connection between different types of mediums with-
out any additional infrastructure e.g. mobile phones, laptops, personal digital assistants (PDAs),
tablets, iPads etc.. Its assembly and configuration costs nothing because every single participant
can play the role of a router, so no preparation or build-up of an infrastructure is needed. In other
words MANet is a self-configuring and self-organizing network. For these reasons a certain level
of security cannot be established within the network. In this paperwork we will pay attention to
the structure of MANet and the specific security levels within the network. For the better under-
standing of the infrastructure of MANet we will make also a comparison to the standard wireless
networks. As we present the assembly and the configuration, we will show the vulnerabilities of
the network and the different types of attacks, which are common for MANet and what can be
done as countermeasures against them.
In order to examine the structure and security within MANet, presenting some of the attacks, which
are typical for the network, the structure of this paperwork is build-up as it follows. Chapter 2 fo-
cuses on the theoretical fundamentals of the MANet infrastructure and presents some differences
in comparison to the standard WLANs. It also pays attention to the specific security network lay-
ers, which can be applied to this network. Prior to introducing the common attacks within MANet,
the different types of attacks will be classified in order to make clear, which attack against which
level of MANet security can be used. An analysis of the well-known attacks against MANet will
be performed in chapter 3, as well as countermeasures, which can strengthen up the security level
of the network. Chapter 4 will conclude with a summary on the MANet infrastructure and a crit-
ical view on the security level of the network, which have already been examined in detail in this
paperwork. Before we start with the examination of the existing attacks against MANet, we will
make clear some of the basic terms which are used in this paper.
7. 2 Preliminaries 2
2 Preliminaries
2.1 MANet
What is MANet? A mobile ad hoc network (Figure 2.1) is a dynamic self-configuring wireless
network of mobile devices (nodes), in which every single node can act as router. This router can
possess multiple hosts and wireless devices. The nodes are free to move about arbitrarily [7],
but they can interact with each other though there is no strictly defined structure or centralized
administration, using wireless connections [5]. Moreover they can connect via different types
of wireless connections (e.g. standard Wi-Fi connection, cellular or satellite transmissions) to
various networks [1]. This collection of mobile nodes "may operate in isolation, or may have
gateways to and interface with a fixed network."[7] Because of its properties, MANet finds very
good application within areas, where it is not possible or expensive and completely unprofitable to
build up a predefined, fixed infrastructure.
Figure 2.1: Structure of MANet
Regarding the way of communication between two nodes within wireless networks, there are
two types applicable to MANet - single-hop and multiple-hop network. By single-hop network
(Figure 2.2), two nodes are in direct transmission range or more exactly they can interact with one
another directly, without a forwarding of the communication transfer over a third node [4].
8. 2.1 MANet 3
Figure 2.2: Single-Hop Networks
In this specific structure, base station plays a significant role. It is involved in the communication
with every mobile node, by taking care of the channel assignment for RTS (Request To Send) and
CTS (Clear To Send) packets. Within the single-hop networks usually are reused 7 frequencies, as
the neighboring cells are using different frequencies.
Figure 2.3: Multi-Hop Networks
By multi-hop network (Figure 2.3), the communication transfer between two nodes is forwarded
over a third node [4]. As in the both figures ( 2.3, 2.2) is shown, there can exist base stations within
the network, but as already mentioned above they are not typical for MANet infrastructure (e.g.
standard wireless networks possess base stations or access points and the participants communicate
with one another, using this predefined infrastructure). In order to show what is the most common
structure of the network (MANet) we will examine Figure 2.4.
In comparison to the typical wireless network, by MANet there is no need of predefined infras-
tructure such as access points or base stations. As mentioned, within MANet every participant
(node) can play the role of a router and can establish multiple connections to other participating
9. 2.1 MANet 4
Figure 2.4: Common Infrastructure of MANet
nodes by partitioning the available bandwidth to multiple channels, if they are in the range of
coverage. Therefore MANet infrastructure can changes dynamically as e.g.:
• one or more nodes quit the network, because they are not within the range of transmission
coverage
• one or more nodes quit the network, because they are not within the range of transmission
coverage and they join another MANet infrastructure
• one or more nodes quit the network, because they just terminate their connection to the
network
• one or more nodes join the network, because they are within the range of transmission cov-
erage
As there is no strictly defined infrastructure in MANet, it is also possible to exist a hybrid
network (please see Figure 2.5), where:
1. mobile nodes can establish connection with one another within the network(MANet)
2. mobile nodes(nodes 1 and 2) can establish connection with one another over the base sta-
tion(e.g. access point)
3. mobile nodes (node 2) can establish connection to other nodes, which are not participants
within this particular MANet, but part of other network (node 3), e.g. Wi-Fi, other MANet
or cable connection
The application range of MANet spread over areas in which there is no strictly defined infras-
tructure and networks with different size has to be configured fast and dynamic. The mobile ad hoc
networks find application in battlefield communications, law enforcement, mobile conferences,
10. 2.2 Security layers in MANet 5
Figure 2.5: Hybrid Infrastructure within MANet
home networks, virtual class rooms etc. [5]. Though the variety of application all security solu-
tions for MANet have to provide security services such as authenticity, confidentiality, integrity,
anonymity and availability to the mobile users.
• Availability - Normal services required by authorized entities has to granted even if con-
nection ports are inaccessible or data routing or/and forwarding algorithms are not working
because of various attacks.
• Confidentiality - The actual data has to be protected against identifying from unauthorized
entities, so the information exchanged can be analyzed and comprehended only by the com-
municating nodes
• Integrity - The data exchanged between two nodes is not falsified (modified) in any way
during the process of transmission within the network.
• Non-repudiation - A non-repudiation service grants that a receiver cannot deny that a mes-
sage had been received, and a sender cannot deny that a message had been sent.
• Authenticity - Grants a confidence that a single node or entity is authentic - confirmation that
a node is the same as it claims to be.[10]
2.2 Security layers in MANet
In order to present some of the existing attacks in MANet in chapter 3 we will make clear what are
the different levels of security within the network and then classify them. In a standard network
(Local Area Network or LAN) there are 7 OSI layers (Physical, Data link, Network, Transport,
Session, Presentation, Application layer). In comparison to LAN or WLAN, the security of MANet
can be divided into 5 OSI layers: Application layer, Transport layer, Network layer, Data link layer
11. 2.2 Security layers in MANet 6
and Physical layer [5]. If we consider the security of MANet compared to e.g. WLAN, the attacks
on application layer of MANet cannot be determined as typical ones, because it depends on what
type of wireless medium the authentic user uses (e.g. laptop, desktop computer with wireless,
PDA, GSM etc.). Therefore the type of the applications running on one medium differs from this
running on another. So such type of attacks is not common within MANet. According to the
specific layer there are various types of attacks which differ in their essence. For example typical
attacks against the Physical layer are Jamming and Eavesdropping; against the Data link layer -
traffic monitoring and analysis; against the Network layer - Blackhole attack, Wormhole attack,
Flooding attack, Colluding misrelay attack; against the Transport layer - Session hijacking and
SYN flooding. Against the Application layer can be executed the following attacks - repudiation
and data corruption, but as we have already mentioned the attacks against the application layer are
not typical for MANet, because of the big variety of involved wireless mediums. Along with the
one-level-attacks, which focus on only one security layer, there are attacks which affect more than
one / multiple layers within MANet such as Denial of Service attack or Man-in-the-Middle attack.
A classification list of these attacks can be seen in Table 2.1.
MANet security layer Attacks
Multi-layer attacks DoS, impersonation, replay, MIMA
Application layer Repudiation, data corruption
Transport layer Session hijacking, SYN flooding
Network layer Blackhole attack, Wormhole attack, Flooding attack,
Colluding misrelay attack, Byzantine attack, Link Spoofing attack
Data link layer Traffic monitoring and analysis,
disruption MAC(802.11), WEP weakness
Physical layer Jamming, interception, eavesdropping
Table 2.1: Classification of Attacks
Because of the wide range of the attacks, which can be applied against MANet, we will stick up
to the most common attacks, which can be executed within the network, mentioned in Table 2.2.
MANet security level Attacks
Section 3.1: Physical layer Eavesdropping, Jamming/Interception
Section 3.2: Data link layer Traffic monitoring and analysis
Section 3.3: Network layer Flooding attack, Blackhole attack,
Link Spoofing attack, Wormhole attack
Section 3.4: Transport layer SYN flooding, Session hijacking
Section 3.5: Multiple-layers Denial of Service (DoS) attack
Table 2.2: Common Attacks within MANet
12. 3 Attacks on MANet 7
3 Attacks on MANet
3.1 Attacks on MANet physical layer
In this section we will pay attention to the Jamming/Interception attack and the Eavesdropping,
attacks which are specifically applied and work against MANet physical layer.
1. Eavesdropping
2. Jamming/Interception
The attacks against the physical layer of MANet such as Jamming, Interception or Eavesdrop-
ping are very generic in their essence. Using them an attacker exploits the property that more than
one host within MANet share a single wireless medium, which naturally is dispersing airwave
signals so other participants (or participating nodes) in its range can receive this signals. The at-
tackers can easily intercept the transmission, managing to tune up a receiver on the same frequency
used for exchanging of data. The Eavesdropping is a passive attack. The idea is to inject falsified
messages into the network as an intruder intercepts and obtains the exchanged data between two
authorized users. On other hand Jamming and Interception attacks (Figure 3.1) are active attacks.
As the Eavesdropping, they are also used to disrupt the communication between two interacting
nodes, by decreasing the radio signals to noise ratio. An attacker can achieve an obstruction of
concrete radio signal, generating another stronger one (using transmitter of his own), so the mes-
sages between the interacting nodes to be corrupted or lost [6, 2]. So, by using e.g. Jamming, an
attacker can execute a DoS attack, disrupting the communication between two nodes and causing
severe damages.
Figure 3.1: Jamming/Interception
13. 3.2 Attacks on MANet data link layer 8
As the approach by Eavesdropping, Jamming/Interception is to interfere the signal between two
communicating authentic nodes, so the countermeasures against these attacks are oriented at the
changing or "masking" the signal in some way. The first countermeasure, which can deal firmly
with the eavesdropping attack and minimize the risk of interception, is the implementation of
the so called Frequency Hopping Spread Spectrum (FHSS) technology. FHSS is a method for
sending/receiving a signal, using different frequencies, which are changed at fix time intervals.
In other words it is a way to encode the signal, and both the receiver and transmitter have to be
synchronized, using the same "random" frequency pattern. Though the signal is transmitted over a
single channel, it appears to be an obscure duration impulse noise for eavesdroppers, and the risk
of interference is minimized because of the multi-frequency pattern [2].
The second countermeasure is the implementation of Direct Sequence Spread Spectrum (DSSS)
technology. The idea weaved into this method is to spread an output signal via a predefined Bit-
sequence(please see Figure 3.2). The original Bit-sequence or the data input is concealed using
spreading code in such way, that one original data bit equals to multiple bits in the transmitted
signal [2]. (Spreading code bits XOR Data input bits = Transmitted Signal)
Figure 3.2: Processing of Data Signal by DSSS
3.2 Attacks on MANet data link layer
In this section we will pay attention to the traffic monitoring and analysis, which is applicable on
the MANet data link layer.
1. traffic monitoring and analysis
Traffic monitoring and analysis is not an actual attack, but an instrument to prepare such one.
Via traffic monitoring and analysis an attacker can receive information about the participating
users within the network e.g. who is communicating with whom, how often, for how long, as
well as find out what are their communication functionalities e.g. which applications by particular
node are using bandwidth, for how long etc.. Having such specific information (if an attacker
has already identified a target for his attack or has revealed the relationships of communication),
for a malicious node is easier to choose how to attack a victim node, aiming efficiency. For all
these reasons the traffic monitoring and analysis has to be considered as a massive threat to the
14. 3.3 Attacks on MANet network layer 9
communication security within MANet [2, 3]. As the traffic monitoring is no actual attack, but a
good preparation tool for an attack we won’t present any countermeasures in this section.
3.3 Attacks on MANet network layer
In this section we will pay attention to the attacks, which are specifically applied and work against
MANet network layer: flooding attack, Blackhole attack, link spoofing attack and Wormhole at-
tack. They will be presented as it follows:
1. Flooding attack
2. Blackhole attack
3. Link spoofing attack
4. Wormhole attack
3.3.1 Flooding attack
There are different types of flooding attacks, which have the goal to disrupt the routing discovery or
the maintenance phase within MANet. Basically, via flooding attack a malicious node/an attacker
aims the exhaustion of the network resources (e.g. network bandwidth) as well as consuming
the resources of an authentic network user (e.g. computational and battery power). Furthermore
an attacker can influence the network performance, by hindering the proper execution of routing
algorithm (in routing discovery phase) [5, 2]. By RREQ flooding (or routing table overflow) is
possible for an attacker to send multiple RREQs to non-existing recipient in a very short period
of time, using the AODV protocol of MANet. In other words the malicious node represents false
(non-existing) routes to all authentic nodes within the network, preventing the creation of new
actual ones and causing routing table overflow by the authentic users. The avalanche of RREQs
all over the network leads to consummation of the battery power and the network bandwidth,
causing DoS [5, 2]. As a countermeasure against the flooding attack every network participant
(actual authentic user or simply node) can compute and monitor the evaluation of all neighbors’
RREQ, and in case of outmatching of the RREQs’ limit, which is preliminarily defined, the specific
neighbor node comes with its ID in a blacklist. By this way the authentic/actual node "knows",
that it should not receive any RREQs from its neighbors, recorded in its blacklist. Furthermore the
efficiency of this countermeasure can be enhanced if the RREQ limit is not preliminarily defined
(fixed), but is computed on hand of statistical analysis over RREQ, so the risk of attack with
varying flooding rates to be minimized [5].
3.3.2 Blackhole attack
As the flooding attack, the Blackhole attack also concerns the AODV routing protocol in the net-
work layer of MANet. The completion of the attack proceeds in two steps: 1. an attacker or
15. 3.3 Attacks on MANet network layer 10
malicious node has to modify the network topology in order to create auspicious "environment"
for the attack. It presents itself as a legitimate route within the network, aiming to intercept the
data exchange between two authentic nodes. 2. Analog to interception attack in the MANet phys-
ical layer, where the attacker obstructs concrete radio signal, generating another stronger one, in
the second step of Blackhole attack the malicious node consumes the intercepted data packages; it
simply receives the information and does not forward it to the end user (destination node) [2].
Figure 3.3: Blackhole Attack
In the following paragraph, we will take a closer look at the Blackhole attack showed in Fig-
ure 3.3. The source node sends RREQs all over the network to find out the possible legitimate
routes. As the attacker receives the RREQ sent by the source node he forwards it to the destination
node and send a RREP back to the source node in order to present him as a legitimate route. After
he is picked up by the source node for the transfer of the data as an authentic user within MANet,
the attacker only intercepts the data flow, i.e. receives the information and does not forward it
to the end user (destination node). Of course, there is always a chance that the neighbors’ nodes
could detect the sequence of the falsified RREQ or RREP messages and put the malicious node in
their blacklists, terminating the data flow over it [5, 2]. Aiming more efficiency by the attack, as
well as minimization of the risk of being exposed, the malicious node can intercept not entirely the
data transfer between two interacting nodes, but can selectively forward packets. In addition, the
attacker can sufficiently modify some messages sent from particular nodes not from all.
3.3.3 Link Spoofing Attack
Just in the opposite of the Blackhole attack, where the attacker try to intercept the data flow between
two of its neighbors, by the link spoofing attack the attacker aims to intercept or terminate the
routing operations between two non-neighbor nodes. Using the OLSR protocol the malicious node
sends a fake links to the two-hop neighbors of the target, and as a result the "victim" node selects it
16. 3.3 Attacks on MANet network layer 11
as a MPR. After being an approved MPR, the attacker can perform falsifying of data, modification
or dropping of the routing traffic [5].
Figure 3.4: Link Spoofing Attack
In the following paragraph, we will take a closer look at the link spoofing attack showed in
Figure 3.4. Before the actual attack the target node has selected both nodes (one-hop neighbors)
and the attacker as MPRs. So the attacker has to advertise a fake link with the two-hop neighbor of
the target node. Because of this the attacker sends a "HALLO"- message to the neighbor (presented
by red line in Figure 3.4) and then sends a message with the fake link to the target (presented by
blue arrow in Figure 3.4). As performing the last step, the attacker forces the target node to choose
him as an only MPR, because according to the OLSR protocol specification a node has to select
its neighbor as MPR if it "is the minimum set that reaches node’s two-hop neighbors."[5]
As a countermeasure against the link spoofing attack there is a solution by which every single
node within the network is driven to notify its two-hop neighbors and doing so all participants
can acquire a view of the complete topology in "three-hop radius". So if a link spoofing attack is
executed it will be simultaneously detected [5].
3.3.4 Wormhole attack
The wormhole attack is one of the most efficient and merciless attacks, which can be executed
within MANet. Therefore two collaborating attackers should establish the so called wormhole link
(using private high speed network e.g. over Ethernet cable or optical link): connection via a direct
low-latency communication link between two separated distant points within MANet. As soon as
this direct bridge (wormhole link) is built up one of the attackers captures data exchange packets,
sends them via the wormhole link to the second one and he replays them [5].
17. 3.4 Attacks on MANet transport layer 12
Figure 3.5: Wormhole Attack
In the following paragraph, we will take a closer look at the Wormhole attack showed in Fig-
ure 3.5. The target node sends RREQs all over the network to find out the possible legitimate
routes. As the attacker 1 receives the RREQ sent by the target node he forwards it to the attacker
2 over the wormhole link between them (presented by red line in Figure 3.5). As the colluding
attacker 2 receives the RREQ, transmit it to the destination node. The destination node on its part
sends a RREP back to the target node over the wormhole link between the colluding attackers. In
order to present them as a legitimate route, the colluding attackers forward the RREP to the target
node. After they are picked up by the target node for the transfer of the data as authentic users
within MANet, the attackers can intercept the data flow, i.e. receive the information and does not
forward it to the end user (destination node), or selectively forward data packages in order to not
being caught. As a countermeasure against the Wormhole attack, there is a cryptography-based
solution proposed in "Preventing Wormhole Attacks on Wireless Ad Hoc Networks: A Graph
Theoretic Approach"[8], for the application of Local Broadcast Keys as well as "a distributed
mechanism for establishing them in randomly deployed networks."[8]
3.4 Attacks on MANet transport layer
In this section we will pay attention to the specific attacks, which are applicable on the MANet
transport layer: Session hijacking and SYN flooding attacks.
1. SYN flooding
2. Session hijacking
By SYN flooding attack the goal of the attacker (malicious node) is to achieve multiple half
opened TCP connections with an authentic user, and to keep them so without completing the
18. 3.4 Attacks on MANet transport layer 13
whole phase of synchronization [2]. During a normal phase of synchronization ( Figure 3.6: TCP
Handshake) between two authentic users:
1. "A" sends a packet with flag SYN to "B" (synchronize, sequence number = X). On the side
of "B" the Transmission Control Block (TCB) is initialized to "SYN-RECEIVED" state [9].
2. "B" sends a packet with flags SYN, ACK to "A" (synchronize acknowledge, sequence num-
ber = Y, acknowledge number = X+1).
3. "A" sends a packet with flag ACK to "B" (acknowledge, sequence number = X+1, acknowl-
edge number = Y+1). As on the side of "B" the TCB transitions to "ESTABLISHED" state
[9]. So the phase of TCP Handshake is completed and the connection between "A" and "B"
is built up.
Figure 3.6: TCP Handshake
During the attack, both the address of the malicious node and the status of the half opened
connection are in the memory of the network stack, in order to finish the SYN-phase later and to
establish the connection. Because the resources of the authentic user are limited, it is possible to
achieve flooding via SYN-messages and exhaust all resources of it. If this is achieved the authentic
node (victim-user) cannot initialize any other connection, and leads to DoS. This type of attack is
very powerful and efficient, because the SYN-messages are very small in size and their generation
does not demand a long computing time. By this reason the defender needs more resources (e.g.
computing and battery power) compared to the resources that the attacker needs for the execution
of this attack.
By session hijacking attack the goal of the attacker (malicious node) is to steal the identity of a
victim node and to achieve session with a target node. This type of attack is executed in two steps.
First, the malicious node takes over the identity of the victim node as it spoofs the IP address of
the victim and computes the particular sequence number, expected by the target node. Second, the
attacker executes a DoS attack on the victim, aiming to continue the session with the target.
Considering the weak security level of the transport layer in MANet the participants within the
network are not protected against both SYN flooding and session hijacking attacks. As a counter-
measure against these attacks can be used the implementation of the Secure Socket Layer (SSL)
and Transport Layer Security (TLS) protocols, which are based on asymmetric crypto algorithms.
19. 3.5 Multi-layer attacks on MANet 14
Their property - to secure the connections within networks, can be used to grant security by data
exchange between nodes [2].
As another very efficient countermeasure against the SYN flooding attack can be implemented
SYN Cookies. The connection establishment between two authentic nodes within the network will
proceed as it follows:
1. "A" sends a packet with flag SYN to "B" (synchronize, sequence number = X). On the side
of "B" the TCB is encoded into Sequence Number and destroyed [9].
2. "B" sends a packet with flags SYN, ACK to "A" (synchronize acknowledge, sequence num-
ber = Y, acknowledge number = X+1) as well as cookie [9].
3. "A" sends a packet with flag ACK to "B" (acknowledge, sequence number = X+1, acknowl-
edge number = Y+1) and in addition to ACK, "A" has to return the cookie. As on the side of
"B" the TCB is recovered from the acknowledged Sequence Number in ACK segment [9].
So the connection establishment with SYN cookies between "A" and "B" is completed and
the normal data exchange can proceed [9].
3.5 Multi-layer attacks on MANet
In this section we will pay attention to the multi-layer attacks within MANet (e.g. DoS, imperson-
ation, replay, man-in-the-middle attacks), and mainly Denial of Service. A multi-layer attack is an
attack which can be executed from more than one layer within a network. As we already mentioned
in section 3.1, Denial of Service can be launched, using Jamming attack on the MANet physical
layer. Moreover, it is possible to execute DoS via flooding attack (please, see section 3.3.1) on
MANet network layer, via SYN flooding and session hijacking (please, see section 3.4) on MANet
transport layer, as well as via malicious applications on the MANet application layer. Considering
the wide spectrum of possibilities to execute DoS makes this attack very unpredictable, effective
and powerful one. Furthermore, assuming that one attack can consist of other different attacks,
there are many possibilities to execute such combined-attack. For example an attacker can start
with an eavesdropping attack on the Physical layer, afterwards making traffic monitoring and anal-
ysis (on MANet Data link layer) he can proceed with SYN flooding attack or Session hijacking
attack on the Transport layer as well as with flooding attack on the Network layer causing DoS
attack or he can launch link spoofing attack, aiming to intercept or terminate the routing operations
between authentic users within the network.
20. 4 Conclusion 15
4 Conclusion
This paper pays attention to the complex and fast changing infrastructure of the mobile ad hoc
network as well as the common attacks, which occur within MANet. The theoretical fundamentals
of its dynamic infrastructure and the different types of security layers are represented to give an
overview on the system. Afterwards it offers an explanation on which specific layer what type
of attack can be executed and also what countermeasures can be taken in order to prevent this
specific attack. Because MANet is a dynamic network, which has no antecedent and strictly de-
fined infrastructure, there is also no clear line of defence. The very big variety of devices (e.g.
mobile phones, laptops, personal digital assistants (PDAs), tablets, iPads etc.), which can partic-
ipate within the network and the different security level by every single user present obstacles to
unify, standardize a security level for MANet. As we presented in chapter 3 of this paper there are
many different types of attacks such as Jamming/Interception and eavesdropping in the Physical
layer, traffic monitoring and analysis in the Data link layer, Blackhole attack, Wormhole attack,
Flooding attack and Link spoofing attack in the Network layer, Session hijacking and SYN flood-
ing in the Transport layer, which can be executed within MANet. Also there are multiple-layer
attacks, which can be started from more than one layer within the network and combined-attacks,
i.e. an attack consists of other different attacks. So in order to improve the level of security within
MANet, the weaknesses of each layer should be handled. Therefore it should be implemented
FHSS, DSSS technologies in the physical layer. Traffic analysis can be prevented by using traffic
padding and traffic rerouting techniques. The introduction of black and notification lists as well as
dynamic computation for the RREQ limit on the Network layer will minimize the risk of flooding
attack and link spoofing attack. Besides, the application of Local Broadcast Keys can prevent the
execution of the Wormhole attack. Implementation of modified, for the needs of MANet, SSL
and TLS protocols, based on asymmetric crypto algorithms will secure the connections within the
network. Furthermore, an introduction of SYN cookies will strengthen up the security level of the
transport layer.
Considering the application of all deployment scenarios on MANet, it is almost impossible to
implement this big variety of countermeasures, because of the limited power within the network
as well as the high complexity by the implementation process. Nevertheless, disregarding the
weaknesses, the Mobile Ad hoc Networks have wide range of application, because of their basic
properties - to establish connection between completely different types of mediums without any
predefined infrastructure and to change dynamically their topology. So they will play an enormous
role for the further development of various sectors e.g. health care, automotive, telecommunica-
tions and education.
21. Bibliography v
Bibliography
[1] MANET (Mobile Ad Hoc Network), http://www.techterms.com/definition/manet.
[2] Mihaela Cardei; Bing Wu; Jianmin Chen; Jie Wu. A Survey on Attacks and Countermeasures
in Mobile Ad Hoc Networks. Wireless/Mobile Network Security, page 38, 2006.
[3] Srihari Nelakuditi; Chase Gray; Jason Byrnes. Pair-wise resistance to traffic analysis in
MANETs. Mobile Computing and Communications Review, 12:20–22, 2008.
[4] Adrian Heißler. Schwarmintelligenzbasiertes Routing in mobilen Ad-hoc-netzen, volume 1.
GRIN, 2008.
[5] Rashid Hafeez Khokhar; Md Asri Ngadi; Satria Mandala. A Review of Current Routing
Attacks in Mobile Ad Hoc Networks. International Journal of Computer Science and Security,
2:12, 2008.
[6] Panos Lekkas; Randall Nichols. WIRELESS SECURITY: Models, Threats, and Solutions.
McGraw-Hill, 2002.
[7] J. Macker; S. Corson. Mobile Ad hoc Networking (MANET): Routing Protocol Performance
Issues and Evaluation Considerations. page 12, January 1999.
[8] L. Lazos; R. Poovendran; C. Meadows; L. W. Chang; P. Syverson. Preventing Wormhole At-
tacks on Wireless Ad Hoc Networks: A Graph Theoretic Approach. Wireless Communications
and Networking Conference, 2005 IEEE, 2:1193–1199, 2005.
[9] Verizon Federal Network Systems; Wesley M. Eddy. Defenses Against TCP SYN Flooding
Attacks. The Internet Protocol Journal, 9(4), December 2006.
[10] Miao Ma; Yan Zhang; Jun Zheng. Handbook of research on wireless security. Number
978-1599048994. 2008.
