Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security in Mobile Ad Hoc Networks Thao p Le Department of Computer Sciences, Wichita State University.

Similar presentations


Presentation on theme: "Security in Mobile Ad Hoc Networks Thao p Le Department of Computer Sciences, Wichita State University."— Presentation transcript:

1 Security in Mobile Ad Hoc Networks Thao p Le Department of Computer Sciences, Wichita State University

2 Outline of Presentation Induction to MANET (Mobile Ad-Hoc Network) Induction to MANET (Mobile Ad-Hoc Network) Ad Hoc Networks Architecture Ad Hoc Networks Architecture Attacks to Ad Hoc Networks Attacks to Ad Hoc Networks Challenge of Ad Hoc Networks Challenge of Ad Hoc Networks Security Solution Security Solution Conclusion Conclusion

3 Introduction Ad hoc networks are collections of mobile nodes with links that are made or broken in an arbitrary way. Ad hoc networks are collections of mobile nodes with links that are made or broken in an arbitrary way. No centralized controller and infrastructure. No centralized controller and infrastructure. Allows free mobility Allows free mobility Node acts as host and router to assist in transmitting data to other nodes in its range. Can be quickly and inexpensively setup Can be quickly and inexpensively setup Applications: military, emergency and disaster situations.

4

5 MANETs: Advantages Can access information and services regardless of geographic position Can access information and services regardless of geographic position Can set up computer networks at any place and time Can set up computer networks at any place and time

6 Ad Hoc Networks Architecture Rapid setup time Ad hoc mode only needs the setting up of radio network interface card (NICs) in the user devices. Rapid setup time Ad hoc mode only needs the setting up of radio network interface card (NICs) in the user devices. Better performance possible The question of performance with ad hoc mode is certainly doubtful. Better performance possible The question of performance with ad hoc mode is certainly doubtful. Limited network access. There is no distribution system with ad hoc wireless LANs, users dont have effective access to the internet and other wired network services. Limited network access. There is no distribution system with ad hoc wireless LANs, users dont have effective access to the internet and other wired network services.

7 Ad Hoc Networks Architecture (cont.) Difficult network management Network management becomes a headache with ad hoc networks because of the fluidity of the network topology and lack of a centralized device. Difficult network management Network management becomes a headache with ad hoc networks because of the fluidity of the network topology and lack of a centralized device.

8 Attacks to Ad Hoc Networks Two types of attacks target Ad Hoc network Two types of attacks target Ad Hoc network External attacks: External attacks: MAC layer jamming MAC layer jamming Traffic analysis Traffic analysis Internal attacks: Internal attacks: Compromised host sending false routing information Compromised host sending false routing information Fake authentication and authorization Fake authentication and authorization Traffic flooding Traffic flooding

9 Challenge of Ad Hoc Networks Dynamic topology Dynamic topology Movement, node failure, etc. Movement, node failure, etc. Heterogeneous and decentralized control Heterogeneous and decentralized control Limited resources Limited resources Bandwidth, processing ability, energy Bandwidth, processing ability, energy Unfriendly environment Unfriendly environment Selfish nodes, malicious attackers Selfish nodes, malicious attackers

10 Challenge of Ad Hoc Networks (cont.) Authentication and accounting Authentication and accounting No fixed membership No fixed membership Security concern Security concern Open medium without any centralized control Open medium without any centralized control Real time services Real time services Dynamic topology and slow routing information distribution Dynamic topology and slow routing information distribution Limited bandwidth Limited bandwidth Congestion is typically the norm rather than the exception. Congestion is typically the norm rather than the exception.

11 Problems with Security Measures Deficiencies of intrusion prevention Deficiencies of intrusion prevention Increases the overhead during normal operations of Ad Hoc networks Increases the overhead during normal operations of Ad Hoc networks Restriction on power consumption and computation capability prevent the usage of complex encryption algorithms Restriction on power consumption and computation capability prevent the usage of complex encryption algorithms Flat infrastructure increases the difficulty for the key management and distribution Flat infrastructure increases the difficulty for the key management and distribution Cannot guard against internal attacks Cannot guard against internal attacks

12 Security Solution The Multi-fence Approach in Security Solution The Multi-fence Approach in Security Solution The proactive approach attempts to prevent security threats in the first place. The proactive approach attempts to prevent security threats in the first place. The reactive approach seeks to detect threats a posteriori (derived by reasoning from observed facts) and react accordingly. The reactive approach is widely used to protect packet forwarding operations. The reactive approach seeks to detect threats a posteriori (derived by reasoning from observed facts) and react accordingly. The reactive approach is widely used to protect packet forwarding operations.

13 Security Solution (cont.) Ad hoc Secure Routing Ad hoc Secure Routing Source Node Routing( DSR) Source Node Routing( DSR) Distance Vector Routing (DSDV and AODV) Distance Vector Routing (DSDV and AODV) Link State Routing: Secure Link State Routing (SLSP) Link State Routing: Secure Link State Routing (SLSP) Other Routing Protocols: ARAN Other Routing Protocols: ARAN

14 Conclusion The research on MANET security is still in its early stage. The existing proposals are typically attack-oriented in that they first identify several security threats and then enhance the existing protocol or propose a new protocol to thwart such threats. Because the solutions are designed explicitly with certain attack models in mind, they work well in the presence of designated attacks but may collapse under anticipated attacks. Therefore, a more ambitious goal for ad hoc network security is to develop a multi-fence security solution that is embedded into possibly every component in the network, resulting in in-depth protection that offers multiple lines of defense against many both known and unknown security threats. The research on MANET security is still in its early stage. The existing proposals are typically attack-oriented in that they first identify several security threats and then enhance the existing protocol or propose a new protocol to thwart such threats. Because the solutions are designed explicitly with certain attack models in mind, they work well in the presence of designated attacks but may collapse under anticipated attacks. Therefore, a more ambitious goal for ad hoc network security is to develop a multi-fence security solution that is embedded into possibly every component in the network, resulting in in-depth protection that offers multiple lines of defense against many both known and unknown security threats.

15 Sources [1] Cavin et al., "On the accuracy of MANET simulators," Proc. ACM Workshop on Princ. Mobile Computing [1] Cavin et al., "On the accuracy of MANET simulators," Proc. ACM Workshop on Princ. Mobile Computing [2] K.-W. Chin, et al., "Implementation Experience with MANET Routing Protocols," ACM SIGCOMM Computer Communications Review, Nov. 2002, pp Available online. [2] K.-W. Chin, et al., "Implementation Experience with MANET Routing Protocols," ACM SIGCOMM Computer Communications Review, Nov. 2002, pp Available online. [3] Frodigh, et al, "Wireless Ad Hoc Networking: The Art of Networking without a Network," Ericsson Review, No. 4, online. [4] M. S. Corson et al., "Internet-Based Mobile Ad Hoc Networking," IEEE Internet Computing, July-August 1999 [3] Frodigh, et al, "Wireless Ad Hoc Networking: The Art of Networking without a Network," Ericsson Review, No. 4, online. [4] M. S. Corson et al., "Internet-Based Mobile Ad Hoc Networking," IEEE Internet Computing, July-August 1999 [5] C. Elliott and B. Heile, "Self-Organizing, Self-Healing Wireless Networks," Proc IEEE [5] C. Elliott and B. Heile, "Self-Organizing, Self-Healing Wireless Networks," Proc IEEE [6] K. Kim, "A New Mobile Environment: Mobile Ad Hoc Networks (MANET)," IEEE [6] K. Kim, "A New Mobile Environment: Mobile Ad Hoc Networks (MANET)," IEEE [7] C. Perkins and E Royer, Ad Hoc On-Demand Distance Vector Routing, 2nd IEEE Wksp. Mobile Comp. Sys.and Apps., 1999 [7] C. Perkins and E Royer, Ad Hoc On-Demand Distance Vector Routing, 2nd IEEE Wksp. Mobile Comp. Sys.and Apps., 1999


Download ppt "Security in Mobile Ad Hoc Networks Thao p Le Department of Computer Sciences, Wichita State University."

Similar presentations


Ads by Google