7,352 research outputs found

    Performance comparisons of AODV, secure AODV and adaptive secure AODV routing protocols in free attack simulation environment.

    Get PDF
    There have been various secure routing protocols proposed for mobile ad hoc networks. Most of these protocols are analyzed by three standard techniques: simulation, security analysis and real network testbed. In this paper, Ad Hoc On-Demand Distance Vector (AODV) routing protocols was selected as the basis of the entire simulations. Due to the needs of securing the routing in the wireless ad hoc networks, Secure AODV (SAODV) was developed to add security to original AODV which includes cryptographic operations that can have a significant impact on the routing performance. To get better performance while maintaining the secure routing, Adaptive SAODV (A-SAODV) was developed based on the SAODV implementation, which was claimed to introduce some improvement on the routing compared to the SAODV. Based on this justification, some analysis and studies are made on the performance and impacts using AODV, Secure AODV (SAODV) and Adaptive Secure AODV (A-SAODV) in a free-attack simulation environment to analyze these routing protocols and make some comparisons on the performance. The collection of simulation results will show the performance impact of security implementation into the original AODV after the implementations of SAODV and A-SAODV into the networks

    Securing routing protocols in mobile ad hoc networks

    Get PDF
    A Mobile Ad Hoc Network (MANET) is more prone to security threats than other wired and wireless networks because of the distributed nature of the network. Conventional MANET routing protocols assume that all nodes cooperate without maliciously disrupting the operation of the protocol and do not provide defence against attackers. Blackhole and flooding attacks have a dramatic negative impact while grayhole and selfish attacks have a little negative impact on the performance of MANET routing protocols. Malicious nodes or misbehaviour actions detection in the network is an important task to maintain the proper routing protocol operation. Current solutions cannot guarantee the true classification of nodes because the cooperative nature of the MANETs which leads to false exclusions of innocent nodes and/or good classification of malicious nodes. The thesis introduces a new concept of Self- Protocol Trustiness (SPT) to discover malicious nodes with a very high trustiness ratio of a node classification. Designing and implementing new mechanisms that can resist flooding and blackhole attacks which have high negative impacts on the performance of these reactive protocols is the main objective of the thesis. The design of these mechanisms is based on SPT concept to ensure the high trustiness ratio of node classification. In addition, they neither incorporate the use of cryptographic algorithms nor depend on routing packet formats which make these solutions robust and reliable, and simplify their implementations in different MANET reactive protocols. Anti-Flooding (AF) mechanism is designed to resist flooding attacks which relies on locally applied timers and thresholds to classify nodes as malicious. Although AF mechanism succeeded in discovering malicious nodes within a small time, it has a number of thresholds that enable attacker to subvert the algorithm and cannot guarantee that the excluded nodes are genuine malicious nodes which was the motivation to develop this algorithm. On the other hand, Flooding Attack Resisting Mechanism (FARM) is designed to close the security gaps and overcome the drawbacks of AF mechanism. It succeeded in detecting and excluding more than 80% of flooding nodes within the simulation time with a very high trustiness ratio. Anti-Blackhole (AB) mechanism is designed to resist blackhole attacks and relies on a single threshold. The algorithm guarantees 100% exclusion of blackhole nodes and does not exclude any innocent node that may forward a reply packet. Although AB mechanism succeeded in discovering malicious nodes within a small time, the only suggested threshold enables an attacker to subvert the algorithm which was the motivation to develop it. On the other hand, Blackhole Resisting Mechanism (BRM) has the main advantages of AB mechanism while it is designed to close the security gaps and overcome the drawbacks of AB mechanism. It succeeded in detecting and excluding the vast majority of blackhole nodes within the simulation time

    Routing Protocols to Enhance Security in MANETS

    Get PDF
    Mobile ad hoc networking (MANET) is gradually emerging to be very important in the growth of wireless technology. This is anticipated to offer a range of flexible services to mobile and nomadic users by means of integrated homogeneous architecture. The proper routing protocol is necessary for better communication in MANET. One of the existing reliable protocols is Ad Hoc On-Demand Vector Routing (AODV) protocol which is a reactive routing protocol for ad hoc and mobile networks that maintains routes only between nodes that wants to communicate. There are various security issues to be considered in this protocol. In order to provide security for AODV protocol, Secure Ad Hoc On-Demand Vector Routing (SAODV) can be used. SAODV is an extension of the AODV routing protocol that can be used to shield the route discovery process by providing security characteristics like integrity and authentication. For secure protocol, digital signature, hash chains, etc., can be used in routing. This paper surveys on various techniques available for securing the mobile ad hoc network

    A Survey on Security Analysis of Routing Protocols

    Get PDF
    Mobile ad hoc networking (MANET) is gradually emerging to be very important in the growth of wireless technology. This is anticipated to offer a range of flexible services to mobile and nomadic users by means of integrated homogeneous architecture. The proper routing protocol is necessary for better communication in MANET. One of the existing reliable protocols is Ad Hoc On-Demand Vector Routing (AODV) protocol which is a reactive routing protocol for ad hoc and mobile networks that maintains routes only between nodes that wants to communicate. There are various security issues to be considered in this protocol. In order to provide security for AODV protocol, Secure Ad Hoc On-Demand Vector Routing (SAODV) can be used. SAODV is an extension of the AODV routing protocol that can be used to shield the route discovery process by providing security characteristics like integrity and authentication. For secure protocol, digital signature, hash chains, etc., can be used in routing. This paper surveys on various techniques available for securing the mobile ad hoc network

    Securing mobile ad hoc network routing protocols

    Get PDF
    Master'sMASTER OF ENGINEERIN

    Protocols for secure routing and transmission in mobile ad hoc network: a review

    Get PDF
    Mobile ad hoc network security is a new area for research that it has been faced many difficulties to implement. These difficulties are due to the absence of central authentication server, the dynamically movement of the nodes (mobility), limited capacity of the wireless medium and the various types of vulnerability attacks. All these factor combine to make mobile ad hoc a great challenge to the researcher. Mobile ad hoc has been used in different applications networks range from military operations and emergency disaster relief to community networking and interaction among meeting attendees or students during a lecture. In these and other ad hoc networking applications, security in the routing protocol is necessary to protect against malicious attacks as well as in data transmission. The goal of mobile ad hoc security is to safeguard the nodes’ operation and ensure the availability of communication in spite of adversary nodes. The node operations can be divided into two phases. The first phase is to discover the route (s) path. The second phase is to forward the data on the available discovered routes. Both stages need to protect from attacks; so many protocols have been proposed to secure the routing and data forwarding. This is a review study to mobile ad hoc protocols for securing routing as well as protocols for securing packets forwarding. Furthermore, it will present the characteristics and the limitations for each protocol and attributes

    Securing and enhancing routing protocols for mobile ad hoc networks

    Get PDF
    1. CONTEXTO1.1. MANETMANET (Mobile and Ad hoc NETworks) (Redes móviles sin cables) son redes formadas por nodos móviles. Se comunican sin cables i lo hacen de manera 'ad hoc'. En este tipo de redes, los protocolos de enrutamiento tienen que ser diferentes de los utilizados en redes fijas.Hoy en día, existen protocolos de enrutamiento capaces de operar en este tipo de redes. No obstante, son completamente inseguras y confían en que los nodos no actuarán de manera malintencionada. En una red donde no se puede contar con la presencia de servidores centrales, se necesita que los nodos puedan comunicarse sin el riesgo de que otros nodos se hagan pasar por aquellos con quien quieren comunicarse. En una red donde todo el mundo es anónimo conceptos como identidad y confianza deben ser redefinidos.1.2. AODVAd Hoc On-Demand Vector Routing (AODV) es un protocolo de enrutamiento reactivo para redes MANET. Esto significa que AODV no hace nada hasta que un nodo necesita transmitir un paquete a otro nodo para el cual no tiene ruta. AODV sólo mantiene rutas entre nodos que necesitan comunicarse. Sus mensajes no contienen información de toda la ruta, solo contienen información sobre el origen i el destino. Por lo tanto los mensajes de AODV tienen tamaño constante independientemente del numero de nodos de la ruta. Utiliza números de secuencia para especificar lo reciente que es una ruta (en relación con otra), lo cual garantiza ausencia de 'loops' (bucles).En AODV, un nodo realiza un descubrimiento de ruta haciendo un 'flooding' de la red con un mensaje llamado 'Route Request' (RREQ). Una vez llega a un nodo que conoce la ruta pedida responde con un 'Route Reply' (RREP) que viaja de vuelta al originador del RREQ. Después de esto, todos los nodos de la ruta descubierta conocen las rutas hacia los dos extremos de la ruta.2. CONTRIBUTIONS2.1. SAODVSAODV (Secure Ad hoc On-Demand Distance Vector) es una extensión de AODV que protege el mecanismo de descubrimiento de ruta. Proporciona funcionalidades de seguridad como ahora integridad i autenticación.Se utilizan firmas digitales para autenticar los campos de los mensajes que no son modificados en ruta y cadenas de hash para proteger el 'hop count' (que es el único campo que se modifica en ruta).2.2. SAKMSAKM (Simple Ad hoc Key Management) proporciona un sistema de gestión de llaves que hace posible para cada nodo obtener las llaves públicas de los otros nodos de la red. Además, permite que cada nodo pueda verificar la relación entre la identidad de un nodo y la llave pública de otro.Esto se consigue a través del uso de direcciones estadísticamente únicas y criptográficamente verificables.2.2.1. Verificación pospuestaEl método 'verificación pospuesta' permite tener rutas pendientes de verificación. Estas serán verificadas cuando el procesador disponga de tiempo para ello y (en cualquier caso) antes de que esas rutas deban ser utilizadas para transmitir paquetes.2.3. Detección de atajosCuando un protocolo de enrutamiento para redes MANET realiza un descubrimiento de ruta, no descubre la ruta más corta sino la ruta a través de la cual el mensaje de petición de ruta viajó más rápidamente. Además, debido a que los nodos son móviles, la ruta que era la más corta en el momento del descubrimiento puede dejar de ser-lo en breve. Esto causa un retraso de transmisión mucho mayor de lo necesario y provoca muchas más colisiones de paquetes.Para evitar esto, los nodos podrían realizar descubrimientos de atajos periódicos para las rutas que están siendo utilizadas. Este mismo mecanismo puede ser utilizado para 'recuperar' rutas que se han roto.1. BACKGROUND1.1. MANETMANET (Mobile and Ad hoc NETworks) are networks formed by nodes that are mobile. They use wireless communication to speak among them and they do it in an ad hoc manner. In this kind of networks, routing protocols have to be different than from the ones used for fixed networks. In addition, nodes use the air to communicate, so a lot of nodes might hear what a node transmits and there are messages that are lost due to collisions.Nowadays, routing in such scenario has been achieved. Nevertheless, if it has to be broadly used, it is necessary to be able to do it in a secure way. In a network where the existance of central servers cannot be expected, it is needed that nodes will be able to communicate without the risk of malicious nodes impersonating the entities they want to communicate with. In a network where everybody is anonymous, identity and trust need to be redefined.1.2. AODVAd Hoc On-Demand Vector Routing (AODV) protocol is a reactive routing protocol for ad hoc and mobile networks. That means that AODV does nothing until a node needs to transmit a packet to a node for which it does not know a route. In addition, it only maintains routes between nodes which need to communicate. Its routing messages do not contain information about the whole route path, but only about the source and the destination. Therefore, routing messages have a constant size, independently of the number of hops of the route. It uses destination sequence numbers to specify how fresh a route is (in relation to another), which is used to grant loop freedom.In AODV, a node does route discovery by flooding the network with a 'Route Request' message (RREQ). Once it reaches a node that knows the requested route, it replies with a 'Route Reply' message (RREP) that travels back to the originator of the RREQ. After this, all the nodes of the discovered path have routes to both ends of the path. 2. CONTRIBUTIONS2.1. SAODVThe Secure Ad hoc On-Demand Distance Vector (SAODV) is an extension of the AODV routing protocol that can be used to protect the route discovery mechanism providing security features like integrity and authentication.Two mechanisms are used to secure the AODV messages: digital signatures to authenticate the non-mutable fields of the messages, and hash chains to secure the hop count information (the only mutable information in the messages).The information relative to the hash chains and the signatures is transmitted with the AODV message as an extension message.2.2. SAKMSimple Ad hoc Key Management (SAKM) provides a key management system that makes it possible for each ad hoc node to obtain public keys from the other nodes of the network. Further, each ad hoc node is capable of securely verifying the association between the identity of a given ad hoc node and the public key of that node.This is achieved by using statistically unique and cryptographically verifiable address.2.2.1. Delayed VerificationDelayed verification allows to have route entries and route entry deletions in the routing table that are pending of verification. They will be verified whenever the node has spared processor time or before these entries should be used to forward data packages.2.3. Short Cut DetectionWhen a routing protocol for MANET networks does a route discovery, it does not discover the shortest route but the route through which the route request flood traveled faster. In addition, since nodes are moving, a route that was the shortest one at discovery time might stop being so in quite a short period of time. This causes, not only a much bigger end-to-end delay, but also more collisions and a faster power consumption.In order to avoid all the performance loss due to these problems, nodes could periodically discover shortcuts to the active routes that can be used with any destination vector routing protocol. The same mechanism can be used also as a bidirectional route recovery mechanism.Postprint (published version

    Securing and enhancing routing protocols for mobile ad hoc networks

    Get PDF
    1. CONTEXTO1.1. MANETMANET (Mobile and Ad hoc NETworks) (Redes móviles sin cables) son redes formadas por nodos móviles. Se comunican sin cables i lo hacen de manera 'ad hoc'. En este tipo de redes, los protocolos de enrutamiento tienen que ser diferentes de los utilizados en redes fijas.Hoy en día, existen protocolos de enrutamiento capaces de operar en este tipo de redes. No obstante, son completamente inseguras y confían en que los nodos no actuarán de manera malintencionada. En una red donde no se puede contar con la presencia de servidores centrales, se necesita que los nodos puedan comunicarse sin el riesgo de que otros nodos se hagan pasar por aquellos con quien quieren comunicarse. En una red donde todo el mundo es anónimo conceptos como identidad y confianza deben ser redefinidos.1.2. AODVAd Hoc On-Demand Vector Routing (AODV) es un protocolo de enrutamiento reactivo para redes MANET. Esto significa que AODV no hace nada hasta que un nodo necesita transmitir un paquete a otro nodo para el cual no tiene ruta. AODV sólo mantiene rutas entre nodos que necesitan comunicarse. Sus mensajes no contienen información de toda la ruta, solo contienen información sobre el origen i el destino. Por lo tanto los mensajes de AODV tienen tamaño constante independientemente del numero de nodos de la ruta. Utiliza números de secuencia para especificar lo reciente que es una ruta (en relación con otra), lo cual garantiza ausencia de 'loops' (bucles).En AODV, un nodo realiza un descubrimiento de ruta haciendo un 'flooding' de la red con un mensaje llamado 'Route Request' (RREQ). Una vez llega a un nodo que conoce la ruta pedida responde con un 'Route Reply' (RREP) que viaja de vuelta al originador del RREQ. Después de esto, todos los nodos de la ruta descubierta conocen las rutas hacia los dos extremos de la ruta.2. CONTRIBUTIONS2.1. SAODVSAODV (Secure Ad hoc On-Demand Distance Vector) es una extensión de AODV que protege el mecanismo de descubrimiento de ruta. Proporciona funcionalidades de seguridad como ahora integridad i autenticación.Se utilizan firmas digitales para autenticar los campos de los mensajes que no son modificados en ruta y cadenas de hash para proteger el 'hop count' (que es el único campo que se modifica en ruta).2.2. SAKMSAKM (Simple Ad hoc Key Management) proporciona un sistema de gestión de llaves que hace posible para cada nodo obtener las llaves públicas de los otros nodos de la red. Además, permite que cada nodo pueda verificar la relación entre la identidad de un nodo y la llave pública de otro.Esto se consigue a través del uso de direcciones estadísticamente únicas y criptográficamente verificables.2.2.1. Verificación pospuestaEl método 'verificación pospuesta' permite tener rutas pendientes de verificación. Estas serán verificadas cuando el procesador disponga de tiempo para ello y (en cualquier caso) antes de que esas rutas deban ser utilizadas para transmitir paquetes.2.3. Detección de atajosCuando un protocolo de enrutamiento para redes MANET realiza un descubrimiento de ruta, no descubre la ruta más corta sino la ruta a través de la cual el mensaje de petición de ruta viajó más rápidamente. Además, debido a que los nodos son móviles, la ruta que era la más corta en el momento del descubrimiento puede dejar de ser-lo en breve. Esto causa un retraso de transmisión mucho mayor de lo necesario y provoca muchas más colisiones de paquetes.Para evitar esto, los nodos podrían realizar descubrimientos de atajos periódicos para las rutas que están siendo utilizadas. Este mismo mecanismo puede ser utilizado para 'recuperar' rutas que se han roto.1. BACKGROUND1.1. MANETMANET (Mobile and Ad hoc NETworks) are networks formed by nodes that are mobile. They use wireless communication to speak among them and they do it in an ad hoc manner. In this kind of networks, routing protocols have to be different than from the ones used for fixed networks. In addition, nodes use the air to communicate, so a lot of nodes might hear what a node transmits and there are messages that are lost due to collisions.Nowadays, routing in such scenario has been achieved. Nevertheless, if it has to be broadly used, it is necessary to be able to do it in a secure way. In a network where the existance of central servers cannot be expected, it is needed that nodes will be able to communicate without the risk of malicious nodes impersonating the entities they want to communicate with. In a network where everybody is anonymous, identity and trust need to be redefined.1.2. AODVAd Hoc On-Demand Vector Routing (AODV) protocol is a reactive routing protocol for ad hoc and mobile networks. That means that AODV does nothing until a node needs to transmit a packet to a node for which it does not know a route. In addition, it only maintains routes between nodes which need to communicate. Its routing messages do not contain information about the whole route path, but only about the source and the destination. Therefore, routing messages have a constant size, independently of the number of hops of the route. It uses destination sequence numbers to specify how fresh a route is (in relation to another), which is used to grant loop freedom.In AODV, a node does route discovery by flooding the network with a 'Route Request' message (RREQ). Once it reaches a node that knows the requested route, it replies with a 'Route Reply' message (RREP) that travels back to the originator of the RREQ. After this, all the nodes of the discovered path have routes to both ends of the path. 2. CONTRIBUTIONS2.1. SAODVThe Secure Ad hoc On-Demand Distance Vector (SAODV) is an extension of the AODV routing protocol that can be used to protect the route discovery mechanism providing security features like integrity and authentication.Two mechanisms are used to secure the AODV messages: digital signatures to authenticate the non-mutable fields of the messages, and hash chains to secure the hop count information (the only mutable information in the messages).The information relative to the hash chains and the signatures is transmitted with the AODV message as an extension message.2.2. SAKMSimple Ad hoc Key Management (SAKM) provides a key management system that makes it possible for each ad hoc node to obtain public keys from the other nodes of the network. Further, each ad hoc node is capable of securely verifying the association between the identity of a given ad hoc node and the public key of that node.This is achieved by using statistically unique and cryptographically verifiable address.2.2.1. Delayed VerificationDelayed verification allows to have route entries and route entry deletions in the routing table that are pending of verification. They will be verified whenever the node has spared processor time or before these entries should be used to forward data packages.2.3. Short Cut DetectionWhen a routing protocol for MANET networks does a route discovery, it does not discover the shortest route but the route through which the route request flood traveled faster. In addition, since nodes are moving, a route that was the shortest one at discovery time might stop being so in quite a short period of time. This causes, not only a much bigger end-to-end delay, but also more collisions and a faster power consumption.In order to avoid all the performance loss due to these problems, nodes could periodically discover shortcuts to the active routes that can be used with any destination vector routing protocol. The same mechanism can be used also as a bidirectional route recovery mechanism

    Detection and Prevention of Blackhole Attack in the AOMDV Routing Protocol

    Get PDF
    Mobile ad-hoc network is a collection of dynamically organized nodes where each node acts as a host and router. Mobile ad-hoc networks are characterized by the lack of preexisting infrastructures or centralized administration. So, they are vulnerable to several types of attacks, especially the Blackhole attack. This attack is one of the most serious attacks in this kind of mobile networks. In this type of attack, the malicious node sends a false answer indicating that it has the shortest path to the destination node by increasing the sequence number and decreasing the number of hops. This will have a significant negative impact on source nodes which send their data packets through the malicious node to the destination. This malicious node drop received data packets and absorbs all network traffic. In order overcome this problem, securing routing protocols become a very important requirement in mobile ad-hoc networks. Multipath routing protocols are among the protocols affected by the Blackhole attack. In this paper, we propose an effective and efficient technique that avoids misbehavior of Blackhole nodes and facilitates the discovery for the most reliable paths for the secure transmission of data packets between communicating nodes in the well-known Ad hoc On-demand multi-path routing protocol (AOMDV). We implement and simulate our proposed technique using the ns 2.35 simulator. We also compared on how the three routing protocols AOMDV, AOMDV under Blackhole attack (BHAOMDV), and the proposed solution to counter the Blackhole attack (IDSAOMDV) performs. The results show the degradation on how AOMDV under attack performs, it also presents similarities between normal AOMDV and the proposed solution by isolating misbehaving node which has resulted in increase the performance metrics to the standard values of the AOMDV protocol
    corecore