Management of MANET Security Issues

1
Management of MANET Security Issues

• Presenter Aqeel-ur-Rehman

2
Agenda

• Introduction
• Mobile Ad-Hoc Networks (MANET)
• MANET Protocols
• Research Trends
• Security Challenges
• Security Solutions
• Summary
• Conclusion and the Future
• References

3
Introduction
Wireless Network

• wireless communication does not have the
  constraint of physical cables
• Different radio frequency (RF) spectrum ranges
  are used in wireless networks

4
Introduction
Wireless Technologies
5
Introduction
Types of Wireless Networks

• According to the relative mobility of hosts and
  routers, there are three different types of
  wireless networks
• Fixed Wireless Network
• Wireless Network with Fixed Access Points
• Mobile Ad hoc Network (MANET)

6
Introduction
Fixed Wireless Networks

• Fixed hosts and routers use wireless channels to
  communicate with each other.

For Example wireless network formed by fixed
network devices using directed antennas, as shown
in Figure.
7
Introduction
Wireless Network with Fixed Access Points

• Mobile hosts use wireless channels to communicate
  with fixed access points.

For Example Number of mobile laptop users in a
building that access fixed access points, as
illustrated in Figure.
8
Introduction
Mobile Ad hoc Network

• A mobile ad hoc network is formed by mobile hosts.

For Example vehicle-to-vehicle and ship-to-ship
networks that communicate with each other by
relying on peer-to-peer routings, as shown in
Figure.
9
Introduction
Mobile Ad hoc Network

• The MANET model is usually illustrated as shown
  in Figure.

Nodes i, j, and k are mobile nodes in the
network. The dashed circles shown in the figure
imply the radio coverage areas of nodes
10
Introduction
Mobile Ad hoc Network

• Another kind of ad hoc network has fixed nodes
  having relatively static connectivity.

For Example A sensor network is typically a fixed
ad hoc network. Network components in a sensor
network are wireless sensors instead of
general-purpose computers
11
Mobile Ad-Hoc Networks
Characteristics and Complexities

• Autonomous and infrastructure-less
• Multi-hop routing
• Dynamic network topology
• Device heterogeneity
• Energy constrained operation
• Bandwidth constrained variable capacity links

12
Mobile Ad-Hoc Networks
Characteristics and Complexities

• Limited physical security
• Network scalability
• Self-creation, self-organization and
  self-administration

13
Mobile Ad-Hoc Networks
Application
14
Mobile Ad-Hoc Networks
Application
15
MANET Protocols
Classification

• Researchers traditionally classify Protocols as
• Proactive Protocols
• Reactive Protocols
• Hybrid of the two, based on the way they find new
  routes or update existing ones.

16
MANET Protocols
Classification

• Proactive routing protocols keep routes
  continuously updated,
• while Reactive routing protocols react on demand
• Routing protocols can also be classified as
• Link State Protocols
• more reliable, easier to debug and less
  bandwidth-intensive
• Distance-Vector Protocols
• more complex and more compute- and
  memory-intensive

17
MANET Protocols
Classification

• Routers using a link state routing protocol
  maintain a full or partial copy of the network
  topology and costs for all known links.
• Routers using a distance-vector protocol keep
  only information about next hops to adjacent
  neighbors and costs for paths to all known
  destinations.

18
MANET Protocols
Examples
19
(No Transcript)
20
Survey - 1
Research Trends

• According to a survey of more than 1300 MANET
  related papers in IEEE/ IEE Electronic Library
  (IEL online) from 1998 to 2003, some of the
  issues like routing and power management
  attracted much attention of the researchers.
  Figure showing the trends for various issues
  (grouped in 15 categories) over the six year
  (1998 to 2003).

C. R. Dow, P. J. Lin, S. C. Chen, J. H. Lin,
and S. F. Hwang, A Study of Research Trends and
Experimental Guidelines in Mobile Ad-hoc
Networks, Proceedings of the 19th International
Conference (AINA 05), IEEE 2005.
21
Research Trends
22
Conclusion Survey 1
Research Trends

• The Quantity of papers shows that the Routing,
  Power management and Bandwidth management are
  larger than the other issues
• While the IP addressing and fault tolerance
  issues are very few in quantity.
• These trends shows the maturity of some issues
  like routing and power management and the
  potential study value for IP addressing and fault
  tolerance.

23
Conclusion Survey 1
Research Trends

• The growth rate for radio interface and the
  security are greater than the other issues.
• Similarly the issues of mobility management and
  fault tolerance are also positive. It shows that
  these issues have more potential study values in
  the near future.

24
Survey - 2
Research Trends

• Another survey that grouped the MANET issues in
  10 different categories showing the same trends
  as above.

Ramiro Liscano, Spontaneous Networking
Bridging the gap between ad hoc networking and ad
hoc communications, Wireless Industry Congress,
Ottawa, Canada, 2003.
25
Research Trends
26
Research Trends
27
Conclusion Survey 2
Research Trends

• In above Figure, it is very much clear that
  quantity of papers in the basic networking issue
  is very high that shows the maturity and the
  research undergoing on that issue.
• Analysis also showing that the service and
  security issue require more attention of the
  researchers i.e. this issue has more study
  potential in the future.

28
Issues in Ad Hoc Networks
Major Issues
29
Issues in Ad Hoc Networks
Major Issues
30
Security Challenges
What is Security?

• Confidentiality
• Integrity
• Availability
• Non-repudiation
• Authenticity
• Privacy (location, data, identity, existence)

31
Security Challenges
Challenges in Ad Hoc

• Shared radio channel
• Insecure environment
• Lack of central authority
• Lack of permanent association
• Limited resources
• Physical vulnerability

32
Security Challenges
Attacks on MANET
33
Security Solutions
Approaches

• Security is not a single layer issue
• But, it is a Multi-Layer/ Cross-Layer issue
• HOW ??
• To have comprehensive security we need
• Protocol Security
• Communication Security
• Physical Security

34
Security Solutions
Approaches

• To achieve above mentioned securities, many
  solution have been proposed and are under
  research
• Major solutions are for
• Protocol Security
• Authentication and Key Management Schemes
• Trust Management

35
Security Solutions
Protocol Security

• Why we need Protocol Security ???
• Answer Protocols were designed by assuming and
  expecting (not Enforced) that all nodes are
  cooperative
• They are having inherent shortcomings that leads
  to the malicious activities

36
Protocol Security
Routing Protocol Attack???

• Redirect traffic
• Packet forwarding to wrong destination
• Create routing loops
• Network congestion and channel contention in
  certain area
• Multiple colluding attackers may partition the
  network
• Solution??? Secure Protocols

37
Protocol Security
Secure Protocols

• Requirements
• Detection of malicious nodes
• Guarantee of correct route discovery
• Confidentiality of network topology
• Stability against attacks

38
Secure Protocols
Examples
39
Security Solutions
Authentication and Key Management Schemes

• When we talk about Key Management
• First we should know that where are the keys
  used???
• CRYPTOGRAPHY
• Study of principles, techniques and algorithms
  by which information is transformed into a
  distinguished version.
• Four main goals of Cryptography
• Confidentiality Authentication
• Integrity Non-Repudiation

40
Security Solutions
Authentication and Key Management Schemes

• Process of Encryption and Decryption is governed
  by the Keys
• Key
• Small amount of information used by the
  cryptographic algorithms
• When a key is to be kept secret to ensure the
  security of the system, it is called a secret key
• Key Management
• The secure administration of cryptographic keys

41
Security Solutions
Authentication and Key Management Schemes

• Keys can be Public and Private
• Private Key Cryptography
• Also Known as Symmetric Key Algorithm
• Fast
• Requires a secret key to be shared between the
  sender and the receiver

42
Security Solutions
Authentication and Key Management Schemes

• Public Key Cryptography
• Also Known as Asymmetric Key Algorithm
• based on mathematical principles which make it
  infeasible or impossible to obtain one key from
  another
• one of the keys can be made public while the
  other remains secret (private)

43
Security Solutions
Authentication and Key Management Schemes

• Key Management Approaches
• The primary goal of key management is to share a
  secret (some information) among a specified set
  of participants.
• Examples
• Password-Based Group System
• Threshold Cryptography
• Self Organized Public Key Management for MANETs

44
Security Solutions
Trust Management

• Why and Where the Trust is needed???
• In Ad Hoc network every node work as Router ?
  Forward Packets of other nodes
• We need, first of all, the Trusted Users
  (authentic users) and Secondly we need that the
  users maintain their Trust (do not become the
  Selfish Node)
• Different Solutions are proposed

45
Trust Management
Solutions

• KPI (Key Pre-Distribution Infrastructure)
• Trusting the Device instead trusting the owner
  (User)
• Mobility Helps Security
• Its simply mimic human behavior if people want
  to communicate each other, they just get close to
  each other in order to exchange information and
  establish mutual credential (they used secure
  channel like infrared or wire)

46
Trust Management
Solutions

• SAFE (Secure pAcket Forwarding in ad hoc
  nEtworks)
• Every node is responsible to monitor its
  neighbors
• Reputation values are assigned based on the
  successful forwarding transaction (1, 0, -1)
• Currency Based Solution (Nuglets)
• Network is market where services are exchanged
• Virtual economy where nodes pay for service
• Currency nuglets
• Only data packets require nuglets
• Works with many protocols
• Misbehavior not forbidden, only discouraged

47
Trust Management
Solutions

• Token Based Cooperation Enforcement
• Tokens
• o Required to participate in a network
• o Granted collaboratively by neighbors
• o Need to be renewed
• Mechanism components
• o Neighbor verification
• o Neighbor monitoring
• o Intrusion reaction
• o Security enhanced routing protocol

48
Summary

• Classification of Wireless Networks
• Available Wireless Technologies
• MANET Characteristics, Complexities and
  Applications
• MANET Protocols Classification
• MANET Major Issues
• Security Challenges and their available Solutions

49
Conclusion and the Future

• Importance of MANET cannot be denied as the world
  of computing is getting portable and compact.
• Unlike wired networks, MANET pose a number of
  challenges to security solutions due to their
  unpredictable topology, wireless shared medium,
  heterogeneous resources and stringent resource
  constraints etc.
• Security is not a single layer issue but a
  multilayered issue
• It requires a multi fence security solution that
  provides complete security spanning over the
  entire protocol stack

50
Conclusion and the Future

• The Study of this important issue reveals that
  security is divided into different directions of
  the work like secure routing, key exchange,
  distribution and management, secure architecture,
  intrusion detection and protection etc.
• The Security research area is still open as many
  of the provided solutions are designed keeping a
  limited size scenario and limited kind of attacks
  and vulnerabilities

51
Conclusion and the Future

• As in wired network role definition has been very
  crucial in security, keeping the same idea in
  mind we can apply the role based security in
  MANETs.
• Community based solution can be used in role
  specification. Under this scenario policy
  distribution techniques, grouping policy,
  membership management are the major areas to work
  on.
• Agent oriented solutions are very useful in many
  areas. Similarly MANETs security can also be
  exploited due to its distributed nature.

52
References

• Michal Grega, Jakub Jakubiak, Krzysztof Marcisz,
  Szymon Szott, Security in Ad Hoc Networks
• H Yang, H Y. Luo, F Ye, S W. Lu, and L Zhang,
  Security in Mobile Ad hoc Networks Challenges
  and Solutions, IEEE Wireless Communications.
  February 2004.
• Adam Burg, Seminar on Ad Hoc Network Specific
  Attacks
• Tao Lin, Mobile Ad-hoc Network Routing
  Protocols Methodologies and Applications, Ph.D.
  Dissertation, Computer Engineering, Virginia
  Polytechnic Institute and State University,
  Blacksburg, Virginia, 2004.
• Yacine Rebahi, Vicente .E Mujica-V, Cyprien
  Simons and Dorgham Sisalem, SAFE Securing pAcket
  Forwarding in ad hoc nEtworks, 5th Workshop on
  Applications and Services in Wireless Networks,
  ASWN 2005, June 29th - July 1st, 2005.
• M. Ramkumar, N. Memon, KPI A Security
  Infrastructure for Trusted Devices,
  Pre-Conference. Workshop, 12th Annual Network and
  Distributed System Security Symposium, San Diego,
  California, 2 February 2005.
• L. Buttyan, J. Hubaux, Stimulating Cooperation
  in Self-Organizing Mobile Ad Hoc Networks, ACM
  Journal for Mobile Networks, Special Issue on
  Mobile Ad Hoc Networking, 2002.

53
References

• H. Yang, X. Meng, S. Lu, SCAN Self-Organized
  Network-Layer Security in Mobile Ad-Hoc
  Networks, IEEE Journal on selected areas in
  Communications, February 2006.
• C. R. Dow, P. J. Lin, S. C. Chen, J. H. Lin, and
  S. F. Hwang, A Study of Research Trends and
  Experimental Guidelines in Mobile Ad-hoc
  Networks, Proceedings of the 19th International
  Conference (AINA 05), IEEE 2005.
• Srdjan Capkun, Jean-Pierre Hubaux, Levente
  Buttyan, Mobility Helps Security in Ad Hoc
  Networks, Fourth ACM International Symposium on
  Mobile Ad Hoc Networking and Computing,
  Annapolis, Maryland, USA, June 1-3, 2003.
• Jeroen Hoebeke, Ingrid Moerman, Bart Dhoedt and
  Piet Demeester, An Overview of Mobile Ad Hoc
  Networks Applications and Challenges, 2005.
• Ramiro Liscano, Spontaneous Networking Bridging
  the gap between ad hoc networking and ad hoc
  communications, Wireless Industry Congress,
  Ottawa, Canada, 2003.

54

• Thank you for your
• Patience and Attention

55
Routing Protocol Attack
Examples

• In DSR
• Deletion of Node
• Switching the order of appending new node in the
  list
• Modification of the source route listed in the
  RREQ or RREP (i.e. Rushing Attack)

56
Routing Protocol Attack

Examples

• In AODV
• Make change in distance metric
• Advertising routing updates with large sequence
  numbers and invalidate all other routing updates

57
Attacks on MANET
Impersonation
58
Attacks on MANET
Wormhole
59
Attacks on MANET
Rushing
60
Attacks on MANET
DoS and Flooding
61
Security Challenges
Attacks Classification
62
Security Solutions

Threshold Cryptography

• Group-sharing private key system, where the
  groups cooperation is required to perform
  cryptography
• (n,t1) threshold cryptography Shamirs
  scheme
• Whole service has a public/private key pair K/k
• All nodes know K, and trust certificates signed
  with k
• k is divided into n shares
• k1 k2 kt kt1 -gt k
• Any subset of up to k - 1 shares does not leak
  any information on the secret.
• Shamirs scheme is perfectly secure and does not
  depend on the computational power of any party.