Download attacks in mobile adhoc networks: a survey

ISSN:2249-5789
Opinder Singh et al, International Journal of Computer Science & Communication Networks,Vol 6(4),194-197
ATTACKS IN MOBILE ADHOC NETWORKS: A
SURVEY
Opinder Singh†, Dr. Jatinder Singh‡, and Dr. Ravinder Singh‡
†
Research Scholar, IKG PTU, Kapurthala, Punjab.
‡
IKG PTU, Kapurthala, Punjab.
†
[email protected], ‡ [email protected], ‡ [email protected]
AbstractAbstract A MANET is an infrastructure-less type network, which
consists of number of mobile nodes with wireless network interfaces.
In order to make communication among nodes, the nodes
dynamically establish paths among one another. Here each node
participates in routing by forwarding data to other nodes. Though
each node in MANET will act as host as well as router. In MANET
nodes can directly communicate to all other nodes within the radio
communication range. If a node could not have direct
communication then they can use intermediate nodes to
communicate with other nodes. For this reason, Security is a
primary concern to provide protected communication between nodes
in ad hoc networks and chances of having the vulnerabilities are
also more. In this paper we discuss various types of vulnerabilities
in MANET. Different types of attacker attempts different approaches
to decrease the network performance, throughput. In this paper the
principle focus is on various types of attacks in MANETs.
Keywords: MANET, Security, vulnerabilities, Attacks.
I. INTRODUCTION
Mobile Ad hoc Networks (MANET) are the wireless
networks of mobile computing devices without any support
of a fixed infrastructure. The mobile nodes in a MANET self
organize together in some arbitrary fashion. A MANET is an
autonomous collection of mobile users that communicate
over relatively bandwidth constrained wireless links. Since
the nodes are mobile, the network topology may change
rapidly and unpredictably over time. These networks can be
applied between persons or between vehicles in areas which
are depleted of fixed infrastructure. Two nodes can directly
communicate with each other if they are within the radio
range. If the nodes are not within the radio range they can
communicate with each other using multi hop routing. The
wireless link between the nodes in mobile networks is highly
vulnerable. This is because nodes can continuously move
causing the frequent breakage of the link. The power
available
Fig.1. Mobile Ad hoc network.
for transmission is also strictly limited. The topology of the
network is highly dynamic due to the continuous breakage
and establishment of wireless link Nodes continuously move
into and out of the radio range. This gives rise to the change
in routing information. The network is decentralized; where
all network activity including discovering the topology and
delivering messages must be executed by the nodes
themselves i.e. routing functionality will be incorporated into
mobile
nodes. MANET is more vulnerable than wired network due to
mobile nodes, threats from malicious nodes inside the
network. Because of vulnerabilities, MANET is more prone
to malicious attacks. MANET has following vulnerabilities
[1, 2]:
• Lack of centralized node
• Scalability
• Limited power supply
• Adversary inside the Network
• Limited Resources
• Dynamic topology
• Bandwidth constraint
• No predefined Boundary
MANET often suffer from security attacks because of its
features like open medium, dynamic topology, lack of central
monitoring and management, cooperative algorithms and no
clear defense mechanism. These factors have changed the
IJCSCN | August-September 2016
Available [email protected]
194
ISSN:2249-5789
Opinder Singh et al, International Journal of Computer Science & Communication Networks,Vol 6(4),194-197
battle field situation for the MANET against the security
threats [3].
II.
to disrupt all other communications. This process is known as
scrambling.
c. Reactive Jamming Attack
LAYERWISE VARIOUS ATTACKS IN MANET
There are various attacks in different layers of MANET.
These attacks are responsible for reducing network
performance. The layerwise distribution of these attacks in
MANETs is shown in the figure 1.
In reactive jamming attack a signal is transmitted by the
attacker the moment it notice that another node has initiated a
transmission, leading to collision in other half i.e. in the
second portion of the message.
A. Physical Layer
B. MAC Layer/ Data Link Layer
Physical layer attacks are hardware based attacks and require
assistance from hardware resources to occur. The execution
of these attacks is very simple as for these attacks we do not
require in depth knowledge about the technology being used.
Various types of attacks in Physical layer are [5]:
MAC layer incorporates functionality uniquely designed to
WMN. In it, the ability to search networks, participate and
leave networks, and coordinate to the radio medium is
included.
The protocols used in link layer / MAC layer are susceptible
to many DoS attacks. MAC layer attacks can be classified as
to what effect it has on the state of the network as a whole.
The effects can be measured in terms of route discovery
failure, energy consumption, link breakage, initiating route
discovery and so on. This layer suffers from basically two
types of attacks [6,7]:
a. MAC Misbehavior Attack
MAC misbehavior attack is responsible for disrupting
operations of routing protocol and its effect will be
considerable only when more communication takes place
between neighbouring nodes.
b. Selfish Attack
These attacks are done by selfish nodes that either deny
forwarding the packets or drop the packets intentionally in
order to reduce the performance of network. Performance is
reduced by conserve battery power or gains unwanted share
of bandwidth. Packet dropping is one of the major attacks by
selfish node. This type of attack is responsible for congestion
in network. These attacks exploit the routing protocol to their
own advantage because most of the routing protocols have no
mechanism to detect whether the packets are being forwarded
or not except the Dynamic Source Routing protocol.
C. NETWORK LAYER
Figure 1: Classification of attacks on MANET
In this type of attack an attacker transmits noise constantly
over a period of time. Due to this attack all communications
during this period are blocked.
Network layer protocols extend connectivity from
neighboring
1-hops nodes to all other nodes in MANET. The connectivity
between mobile hosts over a potentially multi-hop wireless
link strongly relies on cooperative reactions among all
network nodes. Different types of network layer attacks are
[8,9]:
b. Periodic Jamming Attack
a. Wormhole attack:
In this type of attack a short signal is periodically transmitted
by the malicious node. These transmissions further scheduled
It is caused due to formation of a low-latency link that is
formed so that packets can travel from one to the other end
faster than normally via a multi-hop route. The wormhole
a. Trivial Jamming Attack
IJCSCN | August-September 2016
Available [email protected]
195
ISSN:2249-5789
Opinder Singh et al, International Journal of Computer Science & Communication Networks,Vol 6(4),194-197
attack is a threat against the routing protocol and is
challenging to detect and prevent. In this type of attack, an
adversary can convince the distant nodes that are only one or
two hops away through the wormhole causing confusion in
the network routing mechanisms.
b. Blackhole attack:
It is very common attack in MANET. In this type of attack an
nasty node broadcasts to all of its neighbor nodes that it has
the smallest route to the destination node without looking into
its routing table. Source will forward its data to this nasty
node. And after getting all the data it drops all of the data
and does not forwards to the destination.
c. Grayhole attack or Selective packet drop attack
network. By doing so no node is able to answer RREP
packets to these flooded RREQ. In data flooding the attacker
get into the network and set up paths between all the nodes in
the network. Once the paths are established the attacker
injects an immense amount of useless data packets into the
network which is directed to all the other nodes in the
network. These immense unwanted data packets in the
network congest the network. Any node that serves as
destination node will be busy all the time by receiving useless
and unwanted data all the time. The aim of the flooding
attack is to exhaust the network resources: bandwidth and to
consume a node’s resources, such as battery power and
computational or to disrupt the routing operation to cause
severe degradation in network.
D. TRANSPORT LAYER ATTACKS
Gray hole attack is modified form of black hole attack. In this
type of attack malicious node’s behavior is exceptionally
unpredictable. In black hole attack the attacker places itself in
between the source and destination node. The attacker attracts
the data packets to it by advertising itself having the shortest
route to destination and then they capture the data packet and
drops it. But in gray hole attack the data packets are dropped
randomly or in some statistical manner. For instance they
may drop packets from a particular node or in some other
pattern. A malicious node in this type of attack can behave
normal at some time. So, it is very difficult to predict this
type of attack in MANET.
The objectives of TCP-like Transport layer protocols in
MANET include setting up of end to end connection, reliable
delivery of packets, flow control, congestion control. Like
TCP protocols in the Internet, the mobile node is vulnerable
to the classic SYN flooding attack or session hijacking
attacks. However, a MANET has a higher channel error rate
when compared with wired networks. Because TCP does not
have any mechanism to distinguish between whether a loss is
due to congestion, randomized error, or malicious attacks,
TCP multiplicatively decreases its congestion window upon
experiencing losses, which degrades network performance
significantly [11,12].
d. Byzantine attack:
a. SYN flooding attack:
This type of attack can be launched by a single or group of
malicious nodes. This type of attack can be launched by
creating routing loops, forwarding packets in a long route
instead of optimal path or selectively drop packets. Byzantine
attack is responsible for disruption or degradation of the
whole network. Attacks where the adversary has full control
of an authenticated device and can perform arbitrary behavior
to disrupt the system.
This type of attack is part of Denial of Service (DoS) attacks,
in which attacker creates a large number of half opened TCP
connection with victim node . These half opened connection
are never completes the handshake to fully open the
connection.
For two nodes to communicate using TCP, they must first
establish a TCP connection using a threeway handshake. The
sender sends a SYN message to the receiver with a randomly
generated Initial Sequence Number. The receiver also
generates another Initial Sequence Number and sends a SYN
message including the Initial Sequence Number as an
acknowledgement of the received SYN message. The sender
sends acknowledgement to the receiver. In this way the
connection is established between two communicating parties
using TCP three way handshakes.
e. Sybil attack:
It is caused when an attacker uses a malicious device to
create a large number of entities in order to gain influence in
the network traffic. The ID of these malicious nodes can be
the result due to fake network additions or duplication of
existing legitimate identities. The sybil attack usually targets
fault tolerant schemes including distributed storage, topology
maintenance, and multi-hop routing.
f. Flooding attack:
The flooding attack is easy to implement but cause the most
damage. This kind of attack can be achieved either by using
RREQ or Data flooding. In RREQ flooding the attacker
floods the RREQ in the whole network which takes a lot of
the network resources. This can be achieved by the attacker
node by selecting such I.P addresses that do not exist in the
IJCSCN | August-September 2016
Available [email protected]
b. Session hijacking:
This type of attacker takes the advantage that, all the
communications are authenticated only at the beginning of
session setup, but not thereafter. Session hijacking is a critical
error and gives a malicious node the opportunity of behaving
as a legitimate system. In this type of attack attacker first
spoofs the IP address of destination machine and then
determines the correct sequence number that is expected by
196
ISSN:2249-5789
Opinder Singh et al, International Journal of Computer Science & Communication Networks,Vol 6(4),194-197
the target and performs a DoS attack on the victim. As a
result, the target system becomes unavailable for some time.
E. APPLICATION LAYER ATTACKS
Application layer attacks can be mobile viruses or worm
attacks, and repudiation attacks.
a. Mobile virus or worm attacks:
The application layer comprises of user data. It supports
many protocols such as HTTP, SMTP, TELNET, and FTP,
which bring forth many vulnerabilities and access points for
attackers. In this type of attack malicious node attacks include
Viruses, Worms, Spywares, and Trojan horses that can
replicate themselves and damage operating system or the
entire network [13].
b. Repudiation attack:
Repudiation attack in MANETs refers to a denial of
participation in all or part of the communication processes by
a malicious node. For example a selfish node can deny the
processing of an online bank transaction. Firewalls at the
network layer to check incoming and outgoing packets and
end-to end encryption mechanisms used at transport layer are
not sufficient for packet security.
III. CONCLUSION
Due to the mobility and open media nature, the mobile ad hoc
networks are much more prone to all kind of security risks,
such as information disclosure, intrusion, or even denial of
service. As a result, the security needs in the mobile ad hoc
networks are much higher than those in the traditional wired
networks. Due to continue growth of mobile adhoc networks,
the need for more effective security mechanisms is also
increasing. In this paper we have discussed various types of
attacks in MANETs. A detail study of countermeasures for
these attacks is required in order to minimize or eliminate
their impact. More efficient and robust techniques for the
countermeasures of various types of attacks should be
proposed in order to make MANETs more secure and their
extension in other fields.
IV. ACKNOWLEDGEMENT
Authors are highly thankful to the Department of RIC, IKG
Punjab Technical University, Kapurthala, Punjab, India for
providing opportunity to conduct this research work.
REFERENCES
[1] Sachin Lalar, "Security in MANET: Vulnerabilities,
Attacks & Solutions", "International Journal of
Multidisciplinary and Current Research", Volume 2, Jan-Feb,
2014, ISSN: 2321-3124.
IJCSCN | August-September 2016
Available [email protected]
[2] Jatinder Singh, Lakhwinder Kaur, and Savita Gupta, "A
Cross-Layer Based Intrusion Detection Technique for
Wireless Networks", “International Arab Journal of
Information Technology”, Volume 9, No. 3, May 2012 and
ISSN: 1683-3198.
[3] Gagandeep, Aashima, Pawan Kumar, “Analysis of
Different Security Attacks in MANETs on Protocol Stack AReview”, International Journal of Engineering and Advanced
Technology (IJEAT), , Volume-1, Issue-5, June 2012 and
ISSN: 2249 – 8958.
[4] Satria Mandala, Md. Asri Ngadi, A.Hanan Abdullah, “A
Survey on MANET Intrusion Detection”, “International
Journal of Computer Science and Security”, Volume 2, Issue
1, 2013 and ISSN:1985-1553.
[5] Shekhar saini, Rajesh Kumar, “Comparison of layerwise
attacks in MANETs”, “ACEEE”, proc. of “Int. Conf. on
Emerging Trends in Engineering and Technology”
[6] Saritha Reddy Venna, Ramesh Babu Inampudi, “A
Survey on Security Attacks in Mobile Ad Hoc
Networks”,”International Journal of Computer Science and
Information Technologies (IJCSIT)”, Vol. 7, 2016, ISSN:
0975-9646.
[7] Sachin Lalar, “International Journal of Multidisciplinary
and
Current
Research”,
“Security in
MANET:
Vulnerabilities, Attacks & Solutions”, 2014, Vol.2, ISSN:
2321-3124.
[8] Priyanka Goyal, Sahil Batra, Ajit Singh, ”A Literature
Review of Security Attack in Mobile Ad-hoc
Networks”,
“International
Journal
of
Computer
Applications”, Volume 9– No.12, November 2010,
ISSN:0975-8887.
[9] Y. Hu, A. Perrig, D. Johnson (March 2003),Packet
Leashes: A Defense against Wormhole Attacks in Wireless Ad
Hoc Networks. Proceedings of The 22nd Annual Joint
Conference of the IEEE Computer and Communications
Societies (INFOCOM 2003).
[10] G S Mamatha, Dr s c Sharma “Network Layer Attacks
And Defense Mechanisms In MANETS-A Survery”
International Journal of Computer Applications (0975 –
8887)Volume 9– No.9, November 2010.
[11] Athira V Panicker, Jisha G, ”Network Layer Attacks
and Protection in MANET : A Survey”, “International
Journal of Computer Science and Information Technologies”,
Vol. 5, 2014, ISSN : 3437-3443.
[12] B. Kannhavong, H. Nakayama, Y. Nemoto, N. Kato, A.
Jamalipour. A survey of routing attacks in mobile ad hoc
networks. Security in wireless mobile ad hoc and sensor
networks, October 2007.
[13] CH.V. Raghavendran, G. Naga Satish, P. Suresh Varma,
“
Security Challenges and Attacks inMobile Ad Hoc
Networks”
“I.J. Information Engineering and Electronic Business”, vol.
3, 2013.
[14] Abhay Kumar Rai, Rajiv Ranjan Tewari & Saurabh Kant
Upadhyay, Different Types of Attacks on Integrated MANETInternet Communication , International Journal of Computer
Science and Security (IJCSS) Volume (4): Issue (3).
197