Security attacks and detection schemes in MANET
08 Sep 2014-pp 1-6
TL;DR: In this paper a survey on MANET attacks and detection schemes is presented to understand different types of attacks and Detection schemes required to avoid those attacks.
Abstract: A Mobile adhoc network (MANET) is considered a collection of wireless mobile nodes that are capable of communicating with each other without the use of a network infrastructure. MANET is particularly vulnerable due to its fundamental characteristics, such as open peer-to-peer architecture, shared wireless medium, stringent resource constraints, highly dynamic network topology and nodes openness to physical capture. Security is most important service for all kind of network communications. MANET should provide security that increases people's confidence on MANET. In this paper a survey on MANET attacks and detection schemes are presented. This helps to understand different types of attacks and detection schemes required to avoid those attacks.
Citations
More filters
TL;DR: This article reports the low-cost implementation of GPS spoofing attack and WiFi attack on UAVs, and suggests solutions to them.
Abstract: Communication security is critically important for the success of Unmanned Aerial Vehicles (UAVs). With the increasing use of UAVs in military and civilian applications, they often carry sensitive information that adversaries might try to get hold of. While UAVs consist of various modules to enable them to function properly, potential security vulnerabilities may also exist in those modules. For example, by launching a GPS spoofing attack or WiFi attack, adversaries can capture the targeted UAV and access the sought after information. In fact, it has become easy to launch such attacks. In this article, we report our low-cost implementation of these attacks and suggest solutions to them.
116 citations
TL;DR: This paper provides a survey of attacks related to the wireless infrastructures of IoT, and to the most used short-range wireless communication technologies in the resource-constrained part of IoT in particular, and provides a taxonomy of these attacks based on a security service-based attack classification.
Abstract: The Internet of Things, abbreviated as IoT, is a new networking paradigm composed of wireless and wired networks, geographically distributed and interconnected by a “secured” backbone, essentially, the Internet. It connects billions of heterogeneous devices, called Things, using different communication technologies and provides end-users, all over the world, with a variety of smart applications. IoT constitutes a new evolution for the Internet in terms of diversity, size, and applications. It also invites cybercriminals who exploit IoT infrastructures to conduct large scale, distributed, and devastating cyberattacks that may have serious consequences. The security of IoT infrastructures strongly depends on the security of its wired and wireless infrastructures. Still, the wireless infrastructures are thought to be the most outspread, important, and vulnerable part of IoT. To achieve the security goals in the wireless infrastructures of IoT, it is crucial to have a comprehensive understanding of IoT attacks, their classification, and security solutions in such infrastructures. In this paper, we provide a survey of attacks related to the wireless infrastructures of IoT in general, and to the most used short-range wireless communication technologies in the resource-constrained part of IoT in particular. Namely, we consider Wi-Fi, Bluetooth, ZigBee, and RFID wireless communication technologies. The paper also provides a taxonomy of these attacks based on a security service-based attack classification and discusses existing security defenses and mechanisms that mitigate certain attacks as well as the limitations of these security mechanisms.
75 citations
01 Mar 2016
TL;DR: The major attacks that can target the operation of ad hoc routing protocol are discussed and a detailed survey of the well-known secured ad hoc routed protocols for mobile ad hoc networks is presented.
Abstract: Mobile Ad hoc NETwork (MANET) is a collection of self-organizing mobile nodes without any help of centralized administration or established infrastructure. Due to this characteristic, MANETs are particularly vulnerable to various security threats. In addition, the design of most MANET routing protocols assumes that there is no malicious node in the network. Hence, several efforts and researches have been made toward the design of a secure and robust routing protocol for ad hoc networks. In this paper, we discuss the major attacks that can target the operation of ad hoc routing protocol. A detailed survey of the well-known secured ad hoc routing protocols for mobile ad hoc networks is presented. In order to analyze the existent solutions for securing ad hoc routing protocols in a structured manner, we have classified them into three categories: solutions based on cryptography, solutions based on one-way hash chain and hybrid solutions. This paper also gives a brief summary and comparison of various protocols available for secured routing in MANET.
31 citations
08 May 2017
TL;DR: A new classification of attacks in MANET is presented according to the principal main factors leading to this attack such as sources of attacks, attacker behavior and involved nodes.
Abstract: The vulnerabilities of Mobile Ad Hoc Networks (MANETs) are subject of numerous kinds of attacks. Many classification schemas and taxonomies of MANET attacks have been proposed in the literature in order to understand the technique of the attack as well as the behavior of attackers. The following paper presents a new classification of attacks in MANET. We distinguish three leading classes of attacks in MANET: In the first class, we make a large analysis of attacks according to the OSI models. In the second, the classification is performed according to the principal main factors leading to this attack such as sources of attacks, attacker behavior and involved nodes. In the third, we performed the analysis according to the target service chosen by the attacker.
21 citations
Cites methods from "Security attacks and detection sche..."
...In this study, we focus on different types of attacks and classify them into the three following categories: First, various attempts have been made by various researchers[5], [6], [7], [8], [9], [10], [11], [12], [1], [4], [13], [14] to classify the attacks on the OSI model....
[...]
15 Jul 2020
TL;DR: A comprehensive survey on various attacks and the proposed solutions by the various researchers and also analysis and comparison of results for the simulated proposed solutions are presented.
Abstract: Vehicular Ad-hoc network (VANET) is a very promising and upcoming technologyusedfor traffic management and for facilitating road safety along with entertainment system. Implementation of VANET requires building trust among the vehicle owners. Without developing trust, it cannot make any vehicle owners to be a part of vehicular network and without active participation of vehicle owners, V ANETs cannot be completely implemented. Therefore, providing security and maintaining the owner's privacy has become a major issue in V ANETs. To provide better security and maintain privacy, one should understand the various possible attacks on the network and the nature of their behavior. Various research papers over the years have discussed about V ANET architecture, Application areas, Challenges and security issues. Most of the papers discuss about the security services and the related work on security but a deeper understanding on each type of attacks on network will help any researcher to develop a security mechanism and the proposed solution can work optimally against one or multiple security attacks. This paper presents a comprehensive survey on various attacks and the proposed solutions by the various researchers and also analysis and comparison of results for the simulated proposed solutions.
15 citations
References
More filters
[...]
TL;DR: It is shown that, without a logically centralized authority, Sybil attacks are always possible except under extreme and unrealistic assumptions of resource parity and coordination among entities.
Abstract: Large-scale peer-to-peer systems face security threats from faulty or hostile remote computing elements. To resist these threats, many such systems employ redundancy. However, if a single faulty entity can present multiple identities, it can control a substantial fraction of the system, thereby undermining this redundancy. One approach to preventing these "Sybil attacks" is to have a trusted agency certify identities. This paper shows that, without a logically centralized authority, Sybil attacks are always possible except under extreme and unrealistic assumptions of resource parity and coordination among entities.
4,816 citations
"Security attacks and detection sche..." refers methods in this paper
...Trusted certification: In this detection mechanism [25], Centralized authority is set up for providing single identities for the nodes....
[...]
26 Sep 2002
TL;DR: A generic mechanism based on reputation to enforce cooperation among the nodes of a MANET to prevent selfish behavior is suggested and can be smoothly extended to basic network functions with little impact on existing protocols.
Abstract: Countermeasures for node misbehavior and selfishness are mandatory requirements in MANET. Selfishness that causes lack of node activity cannot be solved by classical security means that aim at verifying the correctness and integrity of an operation. We suggest a generic mechanism based on reputation to enforce cooperation among the nodes of a MANET to prevent selfish behavior. Each network entity keeps track of other entities’ collaboration using a technique called reputation. The reputation is calculated based on various types of information on each entity’s rate of collaboration. Since there is no incentive for a node to maliciously spread negative information about other nodes, simple denial of service attacks using the collaboration technique itself are prevented. The generic mechanism can be smoothly extended to basic network functions with little impact on existing protocols.
1,746 citations
TL;DR: The security issues related to this problem are identified, the challenges to security design are discussed, and the state-of-the-art security proposals that protect the MANET link- and network-layer operations of delivering packets over the multihop wireless channel are reviewed.
Abstract: Security has become a primary concern in order to provide protected communication between mobile nodes in a hostile environment. Unlike the wireline networks, the unique characteristics of mobile ad hoc networks pose a number of nontrivial challenges to security design, such as open peer-to-peer network architecture, shared wireless medium, stringent resource constraints, and highly dynamic network topology. These challenges clearly make a case for building multifence security solutions that achieve both broad protection and desirable network performance. In this article we focus on the fundamental security problem of protecting the multihop network connectivity between mobile nodes in a MANET. We identify the security issues related to this problem, discuss the challenges to security design, and review the state-of-the-art security proposals that protect the MANET link- and network-layer operations of delivering packets over the multihop wireless channel. The complete security solution should span both layers, and encompass all three security components of prevention, detection, and reaction.
970 citations
"Security attacks and detection sche..." refers background in this paper
...These factors have changed the battle field situation for the MANET against the security threads [19]....
[...]
...state-of-the-art security proposals that protect the MANET link- and network layer operations of delivering packets over the multihop wireless channel [19]....
[...]
...Availability of network services, confidentiality and integrity of the data can be achieved by assuring that security issues have been met [19]....
[...]
TL;DR: This article studies the routing security issues of MANETs, and analyzes in detail one type of attack-the "black hole" problem-that can easily be employed against the MANets, and proposes a solution for the black hole problem for ad hoc on-demand distance vector routing protocol.
Abstract: A mobile ad hoc network consists of a collection of wireless mobile nodes that are capable of communicating with each other without the use of a network infrastructure or any centralized administration. MANET is an emerging research area with practical applications. However, wireless MANET is particularly vulnerable due to its fundamental characteristics, such as open medium, dynamic topology, distributed cooperation, and constrained capability. Routing plays an important role in the security of the entire network. In general, routing security in wireless MANETs appears to be a problem that is not trivial to solve. In this article we study the routing security issues of MANETs, and analyze in detail one type of attack-the "black hole" problem-that can easily be employed against the MANETs. We also propose a solution for the black hole problem for ad hoc on-demand distance vector routing protocol.
936 citations
"Security attacks and detection sche..." refers background in this paper
...Hence it has extensive applications, such as disaster recovery, rescue mission, tactical battlefield, mining operations, maritime communications, vehicle network, casual meeting, campus network and so on [18][15]....
[...]
...Since neither the pure proactive nor the reactive approach is sufficient, hybrid protocols make use of both reactive and proactive approaches by adapting the protocols to the specific conditions and is in general the optimal choice [15]....
[...]
...On the contrary, reactive protocols, also known as source-initiated on-demand driven protocols, do not periodically update the routing information and routes are created only when desired by source node [15]....
[...]
19 Sep 2003
TL;DR: The rushing attack is presented, a new attack that results in denial-of-service when used against all previous on-demand ad~hoc network routing protocols, and Rushing Attack Prevention (RAP) is developed, a generic defense against the rushing attack for on- demand protocols.
Abstract: In an ad hoc network, mobile computers (or nodes) cooperate to forward packets for each other, allowing nodes to communicate beyond their direct wireless transmission range. Many of the proposed routing protocols for ad hoc networks operate in an on-demand fashion, as on-demand routing protocols have been shown to often have lower overhead and faster reaction time than other types of routing based on periodic (proactive) mechanisms. Significant attention recently has been devoted to developing secure routing protocols for ad~hoc networks, including a number of secure on-demand routing protocols, that defend against a variety of possible attacks on network routing. In this paper, we present the rushing attack, a new attack that results in denial-of-service when used against all previous on-demand ad~hoc network routing protocols. For example, DSR, AODV, and secure protocols based on them, such as Ariadne, ARAN, and SAODV, are unable to discover routes longer than two hops when subject to this attack. This attack is also particularly damaging because it can be performed by a relatively weak attacker. We analyze why previous protocols fail under this attack. We then develop Rushing Attack Prevention (RAP), a generic defense against the rushing attack for on-demand protocols. RAP incurs no cost unless the underlying protocol fails to find a working route, and it provides provable security properties even against the strongest rushing attackers.
727 citations
"Security attacks and detection sche..." refers background in this paper
...This attack makes route discovery process difficult [27]....
[...]
...Whenever Attacker receives a route request packet from the source node, it floods the packet quickly throughout the network before other nodes, which also receive the same route request packet can react [27]....
[...]