SlideShare a Scribd company logo

Ad-HOc presentation

Download as PPT, PDF
E
Elanthendral Mariappan

The document summarizes routing security in ad hoc wireless networks. It discusses the characteristics of ad hoc wireless networks and routing protocols used, including proactive, reactive, and hybrid protocols. It then covers various security attacks on routing protocols like passive attacks, active attacks, impersonation attacks, and attacks using modification or fabrication. Finally, it discusses some security mechanisms and routing protocols that aim to provide security, such as SEAD, Ariadne, SAR, and SRP.

TechnologyBusiness
1 of 41
Downloaded 278 times
1
2
3
4
5
6
7
8
9
10
Most read
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
Routing Security in Ad Hoc Wireless Networks Presented by J.Jaffer Basha M.Elanthendral II Year – CSE Sree Sowdambika College of Engineering Aruppukottai
Wireless Networks  Wireless networks provide rapid, access to information and computing, limiting the barriers of distance, time, and location for many applications ranging from collaborative, distributed mobile computing to disaster recovery
Ad Hoc Wireless Networks  Collection of wireless mobile hosts forming a temporary network  Every device has the role of router and actively participates in data forwarding.  Communication between two nodes can be performed directly if the destination is within the sender’s transmission range, or through intermediate nodes acting as routers if the destination is outside sender’s transmission range.
Characteristics of Ad Hoc Wireless Networks  Characteristics which differentiate Ad Hoc wireless networks from other networks are:  Dynamic Network Topology  Distributed Operations  Limited Energy Resources
Routing  Routing is an important operation for data exchange between wireless devices.  Main routing responsibilities are exchanging the routing information, finding a feasible path between source and destination.
Routing Protocol  The major requirements of a routing protocol are  Minimum route acquisition delay  Quick route reconfiguration in case of path breaks  Loop-Free routing  Distributed routing protocol  Low control overhead  Scalability with network size  QoS support as demanded by the application  Support of time sensitive traffic  Security and Privacy.
Routing Protocols in Ad Hoc Wireless Networks  The design of routing protocols should take these factors into consideration.  Based on the routing information update mechanism, routing protocols in ad hoc wireless networks can be classified as  Proactive (or table-driven) protocols  Reactive (or on-demand) protocols  Hybrid routing protocols.
Proactive Routing Protocols  Nodes exchange routing information periodically to maintain accurate routing information.  The path can be computed rapidly based on the updated information available in the routing table.  The algorithm used is DSDV.
DSDV  Finds shortest paths between nodes using Bellman-Ford algorithm.  Each node maintains a routing table  For each entry, the following fields are maintained:  the destination address  next hop on the shortest path to that destination  a destination sequence number
DSDV  Sequence numbers are used for preventing loop formation.  Each entry in the routing table has a sequence number.  If a node receives an update with a smaller sequence number, then that update is ignored.  Path is adopted if it has a greater sequence number, or if it has the same sequence number but a lower metric.
DSDV Destination Next Metric Seq. Nr Install Time A A 0 A-550 001000 B B 1 B-102 001200 C B 3 C-588 001200 D B 4 D-312 001200  When a broken link is detected, the node creates a routing update with next odd sequence number and metric value of infinity.
Reactive Routing Protocol  A route discovery mechanism is initiated only when a node does not know a path to a destination it wants to communicate with.  Perform better with significantly lower overheads than proactive routing protocols  Has two main operations  Route discovery  Route maintenance  Various reactive protocols have been proposed  Ad Hoc On-demand Distance Vector (AODV)  Dynamic Source Routing (DSR)
DSR  Is a source routing protocol, each data packet carries the source-destination path in its header.  Using this information, intermediate nodes can determine who is the next hop this packet should be forwarded to.  Every entry has an expiration time after which the entry is deleted in order to avoid stale information.
 Each Route Request contains sequence number generated by source node, to prevent loop formation.  An intermediate node checks the sequence number, and forwards the Route Request only if this message is not a duplicate.  Receiving the Route Reply, the sender starts sending data to the receiver.
 If a node detects a failure, it sends a Route Error message to the source.  All routes that contain this hop are truncated.  If the source does not have an alternative path to the destination, it has to re-initiate the path discovery mechanism.
 DSR has several optimization techniques.  Know a path to the destination to reply to the Route Request message instead of forwarding the request.  Path discovery can use an expanding ring search mechanism when sending the Route Request messages in close destinations, thus avoiding broadcasting in the whole network.
Hybrid Routing Protocols  Some routing protocols are hybrid of proactive and reactive mechanisms.  examples of hybrid routing protocols:  Zone Routing Protocol (ZRP)  Core Extraction Distributed Ad Hoc Routing Protocol (CEDAR)
Zone Routing Protocol (ZRP)  The network is divided in zones .  The intra-zone routing protocol is a proactive routing protocol, the inter-zone routing protocol is a reactive routing protocol.  When a node transmit data to a destination within the same zone, then this is done using the proactive routing protocol.  If the destination is in another zone, then the source node border casts the Route Request until it reaches the destination zone.  Node of the destination zone sends then back a Route Reply message.  If a broken link is detected, the path reconstruction can be done locally
Security Attacks on Routing Protocol  Secure system can be achieved by preventing attacks or by detecting them and providing a mechanism to recover for those attacks.  Attacks on ad hoc wireless networks can be classified as  Active attacks  Passive attacks
Passive Attacks  Intruder snoops the data exchanged without altering it.  The goal of the attacker is to obtain information that is being transmitted.  These attackers are difficult to detect, since the network is not disrupted  Powerful encryption mechanism can alleviate these attackers.
Active Attack  Attacker actively participates in disrupting network services.  Attack by modifying packets or by introducing false information in the ad hoc network.  Confuses routing procedures and degrades network performance. Active attacks can be divided into  Internal Attack  External Attack
Internal Attack  From compromised nodes that were once legitimate part of the network.  Since they are part of the network, they are much more severe and difficult to detect when compared to external attacks.
External Attack  Carried by nodes that are not legitimate part of the network.  Such attacks can be defended by using encryption, firewalls and source authentication.
Attacks using Impersonation  An intruder consume another node resources or to disturb normal network operation.  An attacker node achieves impersonation by misrepresenting its identity.  This can be done by changing its own IP or MAC address to that of some other legitimate node.  Some strong authentication procedures can be used to stop attacks by impersonation.
Impersonation Man-in-the-Middle Attack  The attacker can impersonate the receiver with respect to the sender, and the sender with respect to the receiver.  without having either of them realize that they have been attacked.
Attacks using Modification  This attack disrupts the routing function by having the attacker illegally modifying the content of the messages.  Misrouting Attack: A non-legitimate node sends data packet to the wrong destination.  Detour Attack: The traffic is diverted to other routes that appear to be shorter and might contain malicious nodes which could create other attacks.  Blackmail Attack: Causes false identification of a good node as malicious node.
Attacks using Fabrication  An intruder generates false routing messages, such as routing updates and route error messages, in order to disturb network operation or to consume other node resources.
Security Mechanism and Solutions for Routing Protocol  Message encryption and digital signatures are two important mechanisms for data integrity and user authentication.  There are two types of data encryption mechanisms  Symmetric  Asymmetric  Symmetric : Use the same key (the secret key) for encryption and decryption of a message  Asymmetric : Use one key (the public key) to encrypt a message and another key (the private key) to decrypt it.
 Message Authentication Code (MAC) is used.  Cryptographic checksum, computed by the message initiator as a function of the secret key and the message being transmitted and it is appended to the message.  The recipient re-computes the MAC in the similar fashion.  If the MAC computed by the receiver matches the MAC received with the message then the recipient is assured that the message was not modified.
Secure Efficient Ad hoc Distance Vector  Secure Efficient Ad hoc Distance Vector (SEAD) is a proactive routing protocol, based on the design of DSDV.  SEAD routing tables maintain a hash value for each entry.
 The key feature of the proposed security protocol is the use one-way hash chain function H.  Each node computes a list of hash values h0, h1, ・ ・ ・ , hn, where hi = H(hi−1) and 0 < i ≤ n, based on an initial random value h0.  If a node knows H and a trusted value hn, then it can authenticate any other value hi, 0 < i ≤ n by successively applying the hash function H and then comparing the result with hn.
 To authenticate, a node adds a hash value to each routing table entry.  For a metric j and a sequence number i, the hash value hn−i+j is used to authenticate the routing update entry for that sequence number  Since an attacker cannot compute a hash value with a smaller index than the advertised value.
ARIADNE  Design of ARIADNE is based on DSR.  It assumes that sender and receiver share secret keys for message authentication.  The initiator (or sender) includes a MAC computed with an end-to-end key and the target (or destination) verifies the authenticity and freshness of the request using the shared key.  Pre-hop hashing mechanism, a one-way hash function that verifies that no hop is omitted, is also used in Ariadne.  Provides a strong defense against attacks that modify and fabricate routing information.
Security Aware Routing (SAR)  Is an on demand routing protocol based on AODV  The initiator of the route in SAR includes a security metric in the route request.  This security metric is the minimum trust level of the nodes that can participate in the route discovery.  Only those nodes that have this minimum security level can participate in the route discovery.  All other nodes that are below that trust level will drop the request packets.
 SAR uses sequence numbers and timestamps to stop replay attacks.  Threats like interception and subversion can be prevented by trust level key authentication.  Modification and fabrication attacks can be prevented
Secure Routing Protocol (SRP)  SRP defends against attacks that disrupt the route discovery process.  Set up a security association without the need of cryptographic validation of the communication data by the intermediate nodes.  SRP assumes that this SA can be achieved through a shared key KST between the source S and target T.
 The SRP uses an additional header called SRP header to the underlying routing protocol packet.  SRP header contains the following fields:  the query sequence number QSEC  query identifier number QID  96 bit MAC field  Discard a route request message if SRP header is missing.  Otherwise, forward the request towards destination after extracting QID, source, and destination address.
 When the target T receives request packet, it verifies.  If QSEC >=QMAX, the request is dropped.  Otherwise it calculates the keyed hash of the request fields and if the output matches SRP MAC then authenticity of the sender and integrity of the request are verified.  If the two routes match then S calculates the MAC by using the replied route, the SRP header fields, and the secure key between source and destination.  If the two MAC match then the validation is successful and it confirms that the reply did came from the destination T.
Security Protocols for Sensor Network (SPINS)  It provides important network services like  data confidentiality  two party data authentication  data freshness  Through Secure Network Encryption Protocol (SNEP) and secure broadcast through Micro Timed Efficient Stream Loss-tolerant Authentication (μTESLA).  μTESLA an enhanced version of TESLA, uses symmetric cryptographic techniques for authentications and asymmetry cryptography only for the delayed disclosure of keys.
CONCLUSION  Achieving a secure routing protocol is an important task that is being challenged by the unique characteristics of an ad hoc wireless network.  In this paper we discuss security services and challenges in an ad hoc wireless network environment.  The current security mechanisms, each defeats one or few routing attacks. Designing routing protocols resistant to multiple attacks remains a challenging task.
THANK YOU

More Related Content

PPTX
Cdma2000
vivek kumar
 
PPTX
Cognitive radio networks
sangitaholkar
 
PPTX
Handover
Manish Srivastava
 
PPTX
Handover in Mobile Computing
KABILESH RAMAR
 
PPT
Mobile Computing UNIT-I TO III
Ramesh Babu
 
PPTX
3G System
Md. Mashiur Rahman
 
PPT
Wireless routing protocols
barodia_1437
 
PDF
Issues in routing protocol
Pradeep Kumar TS
 
Cdma2000
vivek kumar
 
Cognitive radio networks
sangitaholkar
 
Handover
Manish Srivastava
 
Handover in Mobile Computing
KABILESH RAMAR
 
Mobile Computing UNIT-I TO III
Ramesh Babu
 
3G System
Md. Mashiur Rahman
 
Wireless routing protocols
barodia_1437
 
Issues in routing protocol
Pradeep Kumar TS
 

What's hot (20)

PPTX
Adhoc Wireless Network
YunusKhan38
 
PDF
Data-Centric Routing Protocols in Wireless Sensor Network: A survey
Ali Habeeb
 
PPTX
MOBILE COMPUTING MANETS,ROUTING ALGORITHMS
Pallepati Vasavi
 
PPTX
SPACE DIVISION MULTIPLE ACCESS (SDMA) SATELLITE COMMUNICATION
Soumen Santra
 
PPT
Umts system architecture
Midhun S
 
PPTX
Mobile Ad hoc Networks
Jagdeep Singh
 
PPTX
Frequency Reuse
Tempus Telcosys
 
PPSX
Mac protocols of adhoc network
shashi712
 
PPTX
Gprs architecture
DeekshithaReddy23
 
PDF
EC8702 adhoc and wireless sensor networks iv ece
GOWTHAMMS6
 
PPT
Imt 2000
bharanisamratelesela
 
PPTX
Lte(long term evolution) 4G LTE
kaishik gundu
 
PDF
Wireless communication, UNIT 3, EC students, 8th sem
SURESHA V
 
PPT
Mobile Radio Propagations
METHODIST COLLEGE OF ENGG & TECH
 
PPTX
Wsn unit-1-ppt
Swathi Ch
 
PPTX
Broadband isdn
Er Varun Kumar
 
PPTX
W cdma
Deepak Kumar Dhal
 
PPTX
Gsm architecture
Naveen Sihag
 
PPT
Data link control
Iffat Anjum
 
PPTX
IntServ & DiffServ
Technical Advisor at Iraqi Government
 
Adhoc Wireless Network
YunusKhan38
 
Data-Centric Routing Protocols in Wireless Sensor Network: A survey
Ali Habeeb
 
MOBILE COMPUTING MANETS,ROUTING ALGORITHMS
Pallepati Vasavi
 
SPACE DIVISION MULTIPLE ACCESS (SDMA) SATELLITE COMMUNICATION
Soumen Santra
 
Umts system architecture
Midhun S
 
Mobile Ad hoc Networks
Jagdeep Singh
 
Frequency Reuse
Tempus Telcosys
 
Mac protocols of adhoc network
shashi712
 
Gprs architecture
DeekshithaReddy23
 
EC8702 adhoc and wireless sensor networks iv ece
GOWTHAMMS6
 
Imt 2000
bharanisamratelesela
 
Lte(long term evolution) 4G LTE
kaishik gundu
 
Wireless communication, UNIT 3, EC students, 8th sem
SURESHA V
 
Mobile Radio Propagations
METHODIST COLLEGE OF ENGG & TECH
 
Wsn unit-1-ppt
Swathi Ch
 
Broadband isdn
Er Varun Kumar
 
W cdma
Deepak Kumar Dhal
 
Gsm architecture
Naveen Sihag
 
Data link control
Iffat Anjum
 
IntServ & DiffServ
Technical Advisor at Iraqi Government
 
Ad

Viewers also liked (20)

PPTX
Ad-Hoc Networks
Mshari Alabdulkarim
 
PDF
Lecture 5 6 .ad hoc network
Chandra Meena
 
PPTX
Ad hoc networks
Darpan Dekivadiya
 
PPTX
Mobile ad hoc network
skobu
 
PPT
Manet
Rajan Kumar
 
PDF
Ad hoc Networks
Darpan Dekivadiya
 
PPT
Mobile Ad hoc network
Md. Mashiur Rahman
 
PDF
Lecture 11 14. Adhoc routing protocols cont..
Chandra Meena
 
PPT
MANET
Siraj Memon
 
PPTX
Manet ppt
sandeep Kaur
 
PPTX
Routing Protocols in WSN
Darpan Dekivadiya
 
PPSX
Adhoc and routing protocols
shashi712
 
DOC
Packet filtering using jpcap
Elanthendral Mariappan
 
PPT
Farmacoepi Course Leiden 0210 Part 2
RobHeerdink
 
PPT
Day 9 routing
CYBERINTELLIGENTS
 
PPTX
Energy Efficient Routing Approaches in Ad-hoc Networks
Kishan Patel
 
PDF
Hybrid wireless protocols
Muhammad Mustafa
 
PDF
Implementation of dynamic source routing (dsr) in mobile ad hoc network (manet)
eSAT Journals
 
PDF
IEEE HARDWARE TITLES 2015-16
Spiro Vellore
 
PPTX
Review on design of advanced opportunistics routing in manet
yatin1988
 
Ad-Hoc Networks
Mshari Alabdulkarim
 
Lecture 5 6 .ad hoc network
Chandra Meena
 
Ad hoc networks
Darpan Dekivadiya
 
Mobile ad hoc network
skobu
 
Manet
Rajan Kumar
 
Ad hoc Networks
Darpan Dekivadiya
 
Mobile Ad hoc network
Md. Mashiur Rahman
 
Lecture 11 14. Adhoc routing protocols cont..
Chandra Meena
 
MANET
Siraj Memon
 
Manet ppt
sandeep Kaur
 
Routing Protocols in WSN
Darpan Dekivadiya
 
Adhoc and routing protocols
shashi712
 
Packet filtering using jpcap
Elanthendral Mariappan
 
Farmacoepi Course Leiden 0210 Part 2
RobHeerdink
 
Day 9 routing
CYBERINTELLIGENTS
 
Energy Efficient Routing Approaches in Ad-hoc Networks
Kishan Patel
 
Hybrid wireless protocols
Muhammad Mustafa
 
Implementation of dynamic source routing (dsr) in mobile ad hoc network (manet)
eSAT Journals
 
IEEE HARDWARE TITLES 2015-16
Spiro Vellore
 
Review on design of advanced opportunistics routing in manet
yatin1988
 
Ad

Similar to Ad-HOc presentation (20)

PDF
Lecture 9 10 .mobile ad-hoc routing protocols
Chandra Meena
 
PPTX
Mona
Neha Yadav
 
PDF
A Survey on Secured Routing In AD HOC Networks for Various Attacks
IRJET Journal
 
PDF
International Journal of Engineering Research and Development
IJERD Editor
 
PPTX
Mane ts
Nunna Swathi
 
PPT
Manet By Vikas mainanwal
VIKASH MAINANWAL
 
DOCX
A adaptive neighbor analysis approach to detect cooperative selfish node in m...
Jyoti Parashar
 
PDF
Unit8 tgb
Vivek Maurya
 
PDF
Aodv
Akshita Sharma
 
DOC
Routing security in ad hoc wireless network
Elanthendral Mariappan
 
PDF
Routing in Mobile Ad hoc Networks
Sayed Chhattan Shah
 
PDF
manet.pdf
JJospinJeya
 
PDF
Security threats in manets a review
ijitjournal
 
PDF
SZRP.pdf
ismail eljadidi
 
PPTX
Lecture 7
Syed Ariful Islam Emon
 
PPTX
MobileAdHocRoutingProtocols.pptx
HirazNor
 
PDF
Secure routing Adhoc Networks
Muhammad Yousuf Khan
 
PDF
Ad-hoc routing protocols
Rama Raman
 
PPTX
Adhoc Sensor Networks1.pptx
kapss043
 
PPTX
Introduction to mobile ad hoc network (m.a.net)
Sohebuzzaman Khan
 
Lecture 9 10 .mobile ad-hoc routing protocols
Chandra Meena
 
Mona
Neha Yadav
 
A Survey on Secured Routing In AD HOC Networks for Various Attacks
IRJET Journal
 
International Journal of Engineering Research and Development
IJERD Editor
 
Mane ts
Nunna Swathi
 
Manet By Vikas mainanwal
VIKASH MAINANWAL
 
A adaptive neighbor analysis approach to detect cooperative selfish node in m...
Jyoti Parashar
 
Unit8 tgb
Vivek Maurya
 
Aodv
Akshita Sharma
 
Routing security in ad hoc wireless network
Elanthendral Mariappan
 
Routing in Mobile Ad hoc Networks
Sayed Chhattan Shah
 
manet.pdf
JJospinJeya
 
Security threats in manets a review
ijitjournal
 
SZRP.pdf
ismail eljadidi
 
Lecture 7
Syed Ariful Islam Emon
 
MobileAdHocRoutingProtocols.pptx
HirazNor
 
Secure routing Adhoc Networks
Muhammad Yousuf Khan
 
Ad-hoc routing protocols
Rama Raman
 
Adhoc Sensor Networks1.pptx
kapss043
 
Introduction to mobile ad hoc network (m.a.net)
Sohebuzzaman Khan
 

More from Elanthendral Mariappan (6)

DOC
Image+processing
Elanthendral Mariappan
 
DOC
Ex11 mini project
Elanthendral Mariappan
 
RTF
Ex3 lisp likelist in java
Elanthendral Mariappan
 
DOC
Cybercrimes
Elanthendral Mariappan
 
DOC
Autonomic computer
Elanthendral Mariappan
 
DOC
Autonomic computer
Elanthendral Mariappan
 
Image+processing
Elanthendral Mariappan
 
Ex11 mini project
Elanthendral Mariappan
 
Ex3 lisp likelist in java
Elanthendral Mariappan
 
Cybercrimes
Elanthendral Mariappan
 
Autonomic computer
Elanthendral Mariappan
 
Autonomic computer
Elanthendral Mariappan
 

Recently uploaded (20)

PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
A Presentation on Artificial Intelligence
memembruh336
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Encapsulation theory and applications.pdf
gurumoop
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
KodekX | Application Modernization Development
KodekX
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 

Ad-HOc presentation

  • 1. Routing Security in Ad Hoc Wireless Networks Presented by J.Jaffer Basha M.Elanthendral II Year – CSE Sree Sowdambika College of Engineering Aruppukottai
  • 2. Wireless Networks  Wireless networks provide rapid, access to information and computing, limiting the barriers of distance, time, and location for many applications ranging from collaborative, distributed mobile computing to disaster recovery
  • 3. Ad Hoc Wireless Networks  Collection of wireless mobile hosts forming a temporary network  Every device has the role of router and actively participates in data forwarding.  Communication between two nodes can be performed directly if the destination is within the sender’s transmission range, or through intermediate nodes acting as routers if the destination is outside sender’s transmission range.
  • 4. Characteristics of Ad Hoc Wireless Networks  Characteristics which differentiate Ad Hoc wireless networks from other networks are:  Dynamic Network Topology  Distributed Operations  Limited Energy Resources
  • 5. Routing  Routing is an important operation for data exchange between wireless devices.  Main routing responsibilities are exchanging the routing information, finding a feasible path between source and destination.
  • 6. Routing Protocol  The major requirements of a routing protocol are  Minimum route acquisition delay  Quick route reconfiguration in case of path breaks  Loop-Free routing  Distributed routing protocol  Low control overhead  Scalability with network size  QoS support as demanded by the application  Support of time sensitive traffic  Security and Privacy.
  • 7. Routing Protocols in Ad Hoc Wireless Networks  The design of routing protocols should take these factors into consideration.  Based on the routing information update mechanism, routing protocols in ad hoc wireless networks can be classified as  Proactive (or table-driven) protocols  Reactive (or on-demand) protocols  Hybrid routing protocols.
  • 8. Proactive Routing Protocols  Nodes exchange routing information periodically to maintain accurate routing information.  The path can be computed rapidly based on the updated information available in the routing table.  The algorithm used is DSDV.
  • 9. DSDV  Finds shortest paths between nodes using Bellman-Ford algorithm.  Each node maintains a routing table  For each entry, the following fields are maintained:  the destination address  next hop on the shortest path to that destination  a destination sequence number
  • 10. DSDV  Sequence numbers are used for preventing loop formation.  Each entry in the routing table has a sequence number.  If a node receives an update with a smaller sequence number, then that update is ignored.  Path is adopted if it has a greater sequence number, or if it has the same sequence number but a lower metric.
  • 11. DSDV Destination Next Metric Seq. Nr Install Time A A 0 A-550 001000 B B 1 B-102 001200 C B 3 C-588 001200 D B 4 D-312 001200  When a broken link is detected, the node creates a routing update with next odd sequence number and metric value of infinity.
  • 12. Reactive Routing Protocol  A route discovery mechanism is initiated only when a node does not know a path to a destination it wants to communicate with.  Perform better with significantly lower overheads than proactive routing protocols  Has two main operations  Route discovery  Route maintenance  Various reactive protocols have been proposed  Ad Hoc On-demand Distance Vector (AODV)  Dynamic Source Routing (DSR)
  • 13. DSR  Is a source routing protocol, each data packet carries the source-destination path in its header.  Using this information, intermediate nodes can determine who is the next hop this packet should be forwarded to.  Every entry has an expiration time after which the entry is deleted in order to avoid stale information.
  • 14. Each Route Request contains sequence number generated by source node, to prevent loop formation.  An intermediate node checks the sequence number, and forwards the Route Request only if this message is not a duplicate.  Receiving the Route Reply, the sender starts sending data to the receiver.
  • 15. If a node detects a failure, it sends a Route Error message to the source.  All routes that contain this hop are truncated.  If the source does not have an alternative path to the destination, it has to re-initiate the path discovery mechanism.
  • 16. DSR has several optimization techniques.  Know a path to the destination to reply to the Route Request message instead of forwarding the request.  Path discovery can use an expanding ring search mechanism when sending the Route Request messages in close destinations, thus avoiding broadcasting in the whole network.
  • 17. Hybrid Routing Protocols  Some routing protocols are hybrid of proactive and reactive mechanisms.  examples of hybrid routing protocols:  Zone Routing Protocol (ZRP)  Core Extraction Distributed Ad Hoc Routing Protocol (CEDAR)
  • 18. Zone Routing Protocol (ZRP)  The network is divided in zones .  The intra-zone routing protocol is a proactive routing protocol, the inter-zone routing protocol is a reactive routing protocol.  When a node transmit data to a destination within the same zone, then this is done using the proactive routing protocol.  If the destination is in another zone, then the source node border casts the Route Request until it reaches the destination zone.  Node of the destination zone sends then back a Route Reply message.  If a broken link is detected, the path reconstruction can be done locally
  • 19. Security Attacks on Routing Protocol  Secure system can be achieved by preventing attacks or by detecting them and providing a mechanism to recover for those attacks.  Attacks on ad hoc wireless networks can be classified as  Active attacks  Passive attacks
  • 20. Passive Attacks  Intruder snoops the data exchanged without altering it.  The goal of the attacker is to obtain information that is being transmitted.  These attackers are difficult to detect, since the network is not disrupted  Powerful encryption mechanism can alleviate these attackers.
  • 21. Active Attack  Attacker actively participates in disrupting network services.  Attack by modifying packets or by introducing false information in the ad hoc network.  Confuses routing procedures and degrades network performance. Active attacks can be divided into  Internal Attack  External Attack
  • 22. Internal Attack  From compromised nodes that were once legitimate part of the network.  Since they are part of the network, they are much more severe and difficult to detect when compared to external attacks.
  • 23. External Attack  Carried by nodes that are not legitimate part of the network.  Such attacks can be defended by using encryption, firewalls and source authentication.
  • 24. Attacks using Impersonation  An intruder consume another node resources or to disturb normal network operation.  An attacker node achieves impersonation by misrepresenting its identity.  This can be done by changing its own IP or MAC address to that of some other legitimate node.  Some strong authentication procedures can be used to stop attacks by impersonation.
  • 25. Impersonation Man-in-the-Middle Attack  The attacker can impersonate the receiver with respect to the sender, and the sender with respect to the receiver.  without having either of them realize that they have been attacked.
  • 26. Attacks using Modification  This attack disrupts the routing function by having the attacker illegally modifying the content of the messages.  Misrouting Attack: A non-legitimate node sends data packet to the wrong destination.  Detour Attack: The traffic is diverted to other routes that appear to be shorter and might contain malicious nodes which could create other attacks.  Blackmail Attack: Causes false identification of a good node as malicious node.
  • 27. Attacks using Fabrication  An intruder generates false routing messages, such as routing updates and route error messages, in order to disturb network operation or to consume other node resources.
  • 28. Security Mechanism and Solutions for Routing Protocol  Message encryption and digital signatures are two important mechanisms for data integrity and user authentication.  There are two types of data encryption mechanisms  Symmetric  Asymmetric  Symmetric : Use the same key (the secret key) for encryption and decryption of a message  Asymmetric : Use one key (the public key) to encrypt a message and another key (the private key) to decrypt it.
  • 29. Message Authentication Code (MAC) is used.  Cryptographic checksum, computed by the message initiator as a function of the secret key and the message being transmitted and it is appended to the message.  The recipient re-computes the MAC in the similar fashion.  If the MAC computed by the receiver matches the MAC received with the message then the recipient is assured that the message was not modified.
  • 30. Secure Efficient Ad hoc Distance Vector  Secure Efficient Ad hoc Distance Vector (SEAD) is a proactive routing protocol, based on the design of DSDV.  SEAD routing tables maintain a hash value for each entry.
  • 31. The key feature of the proposed security protocol is the use one-way hash chain function H.  Each node computes a list of hash values h0, h1, ・ ・ ・ , hn, where hi = H(hi−1) and 0 < i ≤ n, based on an initial random value h0.  If a node knows H and a trusted value hn, then it can authenticate any other value hi, 0 < i ≤ n by successively applying the hash function H and then comparing the result with hn.
  • 32. To authenticate, a node adds a hash value to each routing table entry.  For a metric j and a sequence number i, the hash value hn−i+j is used to authenticate the routing update entry for that sequence number  Since an attacker cannot compute a hash value with a smaller index than the advertised value.
  • 33. ARIADNE  Design of ARIADNE is based on DSR.  It assumes that sender and receiver share secret keys for message authentication.  The initiator (or sender) includes a MAC computed with an end-to-end key and the target (or destination) verifies the authenticity and freshness of the request using the shared key.  Pre-hop hashing mechanism, a one-way hash function that verifies that no hop is omitted, is also used in Ariadne.  Provides a strong defense against attacks that modify and fabricate routing information.
  • 34. Security Aware Routing (SAR)  Is an on demand routing protocol based on AODV  The initiator of the route in SAR includes a security metric in the route request.  This security metric is the minimum trust level of the nodes that can participate in the route discovery.  Only those nodes that have this minimum security level can participate in the route discovery.  All other nodes that are below that trust level will drop the request packets.
  • 35. SAR uses sequence numbers and timestamps to stop replay attacks.  Threats like interception and subversion can be prevented by trust level key authentication.  Modification and fabrication attacks can be prevented
  • 36. Secure Routing Protocol (SRP)  SRP defends against attacks that disrupt the route discovery process.  Set up a security association without the need of cryptographic validation of the communication data by the intermediate nodes.  SRP assumes that this SA can be achieved through a shared key KST between the source S and target T.
  • 37. The SRP uses an additional header called SRP header to the underlying routing protocol packet.  SRP header contains the following fields:  the query sequence number QSEC  query identifier number QID  96 bit MAC field  Discard a route request message if SRP header is missing.  Otherwise, forward the request towards destination after extracting QID, source, and destination address.
  • 38. When the target T receives request packet, it verifies.  If QSEC >=QMAX, the request is dropped.  Otherwise it calculates the keyed hash of the request fields and if the output matches SRP MAC then authenticity of the sender and integrity of the request are verified.  If the two routes match then S calculates the MAC by using the replied route, the SRP header fields, and the secure key between source and destination.  If the two MAC match then the validation is successful and it confirms that the reply did came from the destination T.
  • 39. Security Protocols for Sensor Network (SPINS)  It provides important network services like  data confidentiality  two party data authentication  data freshness  Through Secure Network Encryption Protocol (SNEP) and secure broadcast through Micro Timed Efficient Stream Loss-tolerant Authentication (μTESLA).  μTESLA an enhanced version of TESLA, uses symmetric cryptographic techniques for authentications and asymmetry cryptography only for the delayed disclosure of keys.
  • 40. CONCLUSION  Achieving a secure routing protocol is an important task that is being challenged by the unique characteristics of an ad hoc wireless network.  In this paper we discuss security services and challenges in an ad hoc wireless network environment.  The current security mechanisms, each defeats one or few routing attacks. Designing routing protocols resistant to multiple attacks remains a challenging task.