A Case Study: Security Issues In Mobile Ad Hoc Network

A Mobile Ad Hoc Network (MANET) is a self-organizing, infrastructure less, multi-hop network. The wireless and distributed nature of MANETs poses a great challenge to system security designers. Security problems in MANETs have received much attention in the last few years. Most research efforts have been focused on specific security areas, such as establishing trust infrastructure, securing routing protocols, or intrusion detection and response etc. There are several security issues in Mobile Ad Hoc Network having their own advantages and disadvantages. In this paper, we review some security issues in MANET as well as their current solutions.

1.    Introduction: A Mobile Ad hoc Network (MANET) is a system of wireless mobile nodes that dynamically self-organize in arbitrary and temporary network topologies .A MANET consists of mobile platforms, known as nodes, which are free to move at any speed in any direction and organize themselves randomly. The nodes in the network function as routers, clients, and  servers .In MANET, all the nodes are actively discovered the topology and the message is transmitted to the destination over multiple-hops. Usually, the endpoints and routers are indistinguishable in MANET. Applications of MANETs include the battlefield applications, rescue work, as well as civilian applications like an outdoor meeting, or an ad-hoc classroom. With the increasing number of applications to harness the advantages of Ad Hoc Networks, more concerns arise for security issues in MANETs
A.     Features of MANET: In the mobile ad hoc network, nodes can directly communicate with all the other nodes within their radio ranges; whereas nodes that not in the direct communication range use intermediate node(s) to communicate with each other. In these two situations, all the nodes that have participated in the communication automatically form a wireless network, therefore this kind of wireless network can be viewed as mobile ad hoc network. The mobile ad hoc network has the following typical features [1].

1) Unreliability of wireless links between nodes. Because of the limited energy supply for the wireless nodes and the mobility of the nodes, the wireless links between mobile nodes in the ad hoc network are not consistent for the communication participants.

2) Constantly changing topology. Due to the continuous motion of nodes, the topology of the mobile ad hoc network changes constantly: the nodes can continuously move into and out of the radio range of the other nodes in the ad hoc network, and the routing information will be changing all the time because of the movement of the nodes.

3) Lack of incorporation of security features in statically configured wireless routing  protocol not meant for ad hoc environments. Because the topology of the ad hoc networks is changing constantly, it is necessary for each pair of adjacent nodes to incorporate in the routing issue so as to prevent some kind of potential attacks that try to make use of vulnerabilities in the statically configured routing protocol.
B.     Security Services: Most authors limit the issues of security to five [2, 3]: confidentiality, integrity, authenticity (or authentication), availability and non-repudiation:
Authentication: means that correct identity is known to communicating partner.
Confidentiality: means certain message Information is kept secure from unauthorized party.
Integrity: means that a message being transferred is never corrupted.
Non-repudiation: means the origin of a message cannot deny having sent the message;
Availability:  means the normal service provision in face of all kinds of attacks.
Among all the security services, authentication is probably the most complex and important issue in MANETs since it is the bootstrap of the whole security system. Without knowing exactly who we are talking with, it is worthless to protect our data from being read or altered. Once authentication is achieved in MANET, confidentiality is a matter of encrypting the session using whatever key material the communicating party agrees on. These security services may be provided singly or in combination. The vital  characteristics of MANETs are lack of infrastructure, dynamic topology, multi-hop communication and distributed coordination among all the nodes. Because of the features listed above, the mobile ad hoc networks are more prone to suffer from the malicious behaviors than the traditional wired networks. MANETs lack central administration and prior organization, so the security concerns are different than those that exist in conventional networks. Wireless links make MANETs more susceptible to attacks. It is easier for hackers to eavesdrop and gain access to confidential information. It is also easier for them to enter or leave a wireless network because no physical connection is required. They can also directly attack the network to delete messages, inject false packets, or impersonate a node. Therefore, we need to pay more attention to the security issues in the mobile ad hoc networks.

2.    Securities Issues: Before going to the solutions that can help secure the mobile   adhoc network, it is necessary to find out how we can judge a mobile ad hoc network is secure or not, or in other words, what should be covered in the security issues for the mobile ad hoc network when we want to inspect the security state of the mobile ad hoc network.  In the following, we briefly introduce some widely-used issues:
1) Availability: The term Availability means that a node should maintain its ability to provide all the designed services regardless of the security state of it Availability is defined as the property of maintaining the network up and running under hostile conditions. This security issue is challenged mainly during the denial-of-service attacks, in which all the nodes in the network can be the attack target and thus some selfish nodes make some of the network services unavailable, such as the routing protocol or the key management service [4].
2)  Attacks from malicious nodes: There are numerous kinds of attacks in the mobile ad hoc network, almost all of which can be classified as the following two types [5]:
(i) External attacks, in which the attacker aims to cause congestion, propagate fake routing information or disturb nodes from providing services.
(ii) Internal attacks, in which the adversary wants to gain the normal access to the network and participate the network activities, either by some malicious impersonation to get the access to the network as a new node, or by directly compromising a current node and using it as a basis to conduct its malicious behaviors.

3) Integrity: Integrity guarantees the identity of the message transmitted. Integrity ensures that message received is same as the message sent and message is not corrupted in transit.
   
4) Non-repudiation: Non-repudiation refers to the impossibility of a message sender to deny, later, to have sent that message. If a node recognizes that the message it has received is erroneous, it can then use the incorrect message as evidence to notify other nodes that the node sending out the improper message should have been compromised.

5) Authenticity: Authenticity is essentially assures that participants in communication are genuine and not impersonators [6]. It is necessary for the communication participants to prove their identities as what they have claimed using some techniques so as to ensure the authenticity.

6) Anonymity: Anonymity means that all the information that can be used to identify the owner or the current user of the node should default be kept private and not be distributed by the node itself or the system software. This criterion is closely related to privacy preserving, in which we should try to protect the privacy of the nodes from arbitrary disclosure to any other entities.

7) Confidentiality: Confidentiality ensures that information is accessible only to those authorized to have access and it is one of the cornerstones of information security. In other words, in order to maintain the confidentiality of some confidential information, we need to keep them secret from all entities that do not have the privilege to access them.
3.    Security Solution:
A.     Cryptography: Cryptography is the practice and study of hiding information. Traditional cryptographic mechanisms, such as digital signature and public key encryption, still play vital roles for the security of the ad hoc networks. All these mechanisms require a key management service to keep track of key and node binding and assist the establishment of mutual authentication between communication nodes. Traditionally, the key management service is based on a trusted entity called a certificate authority (CA) to issue public key certificate of every node. Threshold cryptography [7] is used to provide robust and ubiquitous security support for the ad hoc networks.
The goal of threshold cryptography (TC) is to split a cryptographic operation among multiple users so that some predetermined number of users can perform the desired.

B.     Intrusion Detection: According to the definition in the Wikipedia, an Intrusion Detection System (or IDS) generally detects unwanted manipulations to systems [8]. Two different methodologies of intrusion detection are commonly used [9, 10]: anomaly intrusion detection and misuse intrusion detection. 
Anomaly-detection systems are usually slow and inefficient and are prone to miss insider attacks. Misuse-detection systems cannot detect new types of attack. Hybrid systems using both techniques are often deployed in order to minimize these shortcomings [9, 11].  A distributed and cooperative architecture for better intrusion detection was proposed in [12]. Based on the proposed architecture [12], a statistical anomaly detection approach is used. The detection is done locally in each node and possibly through cooperation with all nodes in the network.

C .    Trust evaluation based security solution: Trust modeling is a technical approach to represent trust for digital processing. .In this the decision-making on data protection approach, secure route selection, and any other activities related to security should be based on trust analysis and evaluation. The trust evaluation mechanism is introduced into each Personal Trusted Bubble (PTB). The trust relationship between the host bubble and other bubbles is evaluated digitally according to the knowledge accumulated and subjective factors of the bubble owner. In each bubble, there is a trust matrix which stores the knowledge used for trust evaluation on every other bubble. Details of this approach can be found in [13].
 
D.     Secure Routing: Efficient and secure routing of packets is a primary MANET challenge. Unlike fixed networks, routing information in an ad hoc network could become a target for adversaries to bring down the network. As we have already discussed in the previous section that there are two types of threats. The first one comes from external attackers. The attacks include injecting erroneous routing information, replaying old routing information, and distorting routing information. With these ways, the attackers can successfully partition a network or introduce excessive traffic load into the network, thus cause retransmission and ineffective routing. Using cryptographic schemes, such as encryption and digital signature can defend against the external attacks. The second threat comes from compromised nodes, which might send malicious routing information to other nodes. Typical attacks fallen into this category are black hole attacks, routing table overflow attacks, impersonation and information disclosure, etc. [14]. The internal attacks from malicious nodes are more severe because it is very difficult to detect because the compromised nodes can also generate valid signature.  In [14], a secure routing solution is proposed for the black hole problem.

4.    Conclusion: In this survey paper, we have dealt with a specific type of networks called mobile ad hoc network of networks. In this paper we discussed about features of MANET and Security Services then we inspect the some security issues in the mobile ad hoc networks, which may be a main disturbance to the operation of it. We have also focused on the current security solutions for the mobile ad hoc networks. Because of the emergence of the concept pervasive computing, there is an increasing need for the network users to get connection with the world anytime at anywhere, which inspires the emergence of the mobile ad hoc network. However, with the convenience that the mobile ad hoc networks have brought to us, there are also increasing security threats for the mobile ad hoc network, which need to gain enough attention.

5.    References:
1.    Marco Conti, (2003)  Body, Personal and Local Ad Hoc Wireless Networks, in Book The Handbook of Ad Hoc Wireless Networks (Chapter 1), CRC Press LLC.
2.    J.  Clerk  Maxwell, (1892)  “A Treatise on Electricity and Magnetism,”, 3rd ed., vol. 2. Oxford:  Clarendon,  pp.68-73.
3.    I .S. Jacobs  and C.P. Bean, (1963) “Fine particles, thin films and exchange anisotropy,” in Magnetism, vol. III, G.T. Rado and H. Suhl, Eds. New York: Academic pp. 271-350.
4.    C. Ouellet, “Title of paper with only first word capitalized,” J. Name Stand. Abbrev., in press.
5.    Y. Yorozu, M. Hirano, K. Oka, and Y. Tagawa, (1987) “Electron spectroscopy studies on magneto-optical media and plastic substrate interface,” IEEE Transl. J. Magn. Japan, vol. 2, pp. 740-741, [Digests 9th Annual Conf. Magnetics Japan, p. 301, 1982].
6.    Amitabh Mishra and Ketan M. Nadkarni, (2003) Security in  Wireless Ad Hoc      Networks, in Book The Handbook   of Ad Hoc Wireless Networks (Chapter 30), CRC  Press LLC.
7.    Jiejun-K, Petros-Z, Haiyun-Luo, Songwu-Lu, Lixia-Zhang, (2001) Providing robust and ubiquitous security support for mobile ad-hoc networks.  Proceedings  Ninth International Conference on  Network Protocols. ICNP 2001, Riverside, CA, USA, 11-14 Nov. 2001
8.    Intrusion-detection system, from Wikipedia, the free  encyclopedia   http://en.wikipedia.org/wiki/ Intrusion detection_system.
9.    J. S. Balasubramaniyan et al., (1998) “An Architecture for Intrusion   Detection using Autonomous Agents,” Proceedings of the Fourteenth Annual Computer Security Applications Conference.
10.    S. Kumar and E. Spafford, (1994) “An Application of Pattern Matchin in Intrusion Detection,” Technical Report 94-013, Dept. of Computer Science, Purdue University.
11.    M. Asaka et al., (1999) “A Method of Tracing Intruders by Use of Mobile Agents,” in proceedings of the Internet Society.
12.    Yongguang Zhang, Wenke Lee, (2000)  Intrusion Detection in Wireless  Ad-Hoc Networks. Proceedings of MobiCom 2000, Sixtth  Annual International Conference on Mobile Computing and  Networking, Boston, MA, USA, 6-11 Aug.
13.    Zheng, Yan, Peng Zhang, Teemupekka  Virtanen   ”Trust_evaluation_based_security _solution_in _adhoc_networks ”
14.    HongMei Deng, Wei Li, Dharma P. Agrawal, (2002)  Routing Security in Wireless Ad Hoc Networks. IEEE Communications Magazine,October 2002, pp70-75.