A Survey on Security methods in Mobile Ad Hoc Networks

ABSTRACT

A MANET is formed by a group of infrastructure less mobile nodes. These nodes are independently
moving and exchanging information one another over a wireless channels. Due to some unique
characteristics of MANET frequent dynamically varying network topology, shared broadcast radio
channel, lack of centralized control and limited availability of resources such as CPU processing capacity,
memory power, battery power and bandwidth data transaction in the MANET becomes difficult task.
The wireless node needs to coordinate to each other to grant significant network service. The data
routing is an essential function in the security of entire network. This paper discusses the security issues
of MANET and the various techniques proposed by the researchers to detect and prevent major attacks
in MANET.

Keywords – MANET, Security, Nodes, Routing, Topology

INTRODUCTION

The Mobile Ad-hoc Network (MANET) is a set of mobile nodes connected with wireless links. It do not
having a centralized administration mechanism. Each mobile nodes function as a “router” to forward the
data packet to other specific node in the network. MANET having a dynamic topology, so that nodes can
easily entering or leaving the network at any time interval and their streaming in the entire network is
arbitrary for this reasons the name Mobile Ad-hoc Network. In addition most of mobile nodes are
resource constrained in computing capability, battery power and therefore traditional routing protocols
are not suitable for MANET.A MANET have several applications particularly army, marine
communication, vehicle networks, campus network ,casual meeting and so on. In MANET every node as
both host as well as router to move packets to the destination node in the network still it is not in the
communication scope of sender. MANET has several distinctive features for instance dynamic topology,
distributed services, and there are other characteristics of MANET specifically narrow bandwidth and
finite battery power, these characteristics causes MANET further vulnerable to various types of attacks
namely black hole attack, worm hole attack, link spoofing attack.

Black hole attack

A black hole attack is a one type attack where a malicious node invites packets in the network by
informal request that it has the shortened path to the destination node. It is a type of denial-of-service
attack, this type of attack is very difficult to detect to detect and prevent. The malicious nodes design a
chain and work simultaneously to have extra serious attack is termed as cooperative black hole attack.

Worm hole attack

It is related to black hole attack the malicious resources is not at all a single node relatively groups of
cooperating nodes particularly connected by a high speed channel. It forms a tunnel in that packets will
be trapped and no packets can escape, It holds the packets within itself without forwarding.

1
Link spoofing attack

A malicious node can manage the data or routing traffic either dropping or modifying the routing traffic,
it also perform Dos attacks in this data.

Gray hole attack

In this type of attack the malicious node drops a part or all the data packets dispatched without
notification.

In this paper survey is performed on various detection methods and its limitations of black hole attack
and other types of attacks in MANET to develop a sufficient detection method for improving the
performance of MANET.

A SURVEY OF SECURITY METHODS IN MANET

1. Securing Data Forwarding against Black hole Attacks in Mobile Ad Hoc Networks

In this paper the author proposed a Advanced homomorphic encryption method, in this method
the message is split in to g parts and each part of the message is encrypted by using an enhanced
homomorphic encryption scheme. The same encrypted part of the message is transmitted to all active
paths in the group. Thus the same redundant message may be arrived at the receiver. Then the same
copy of the message can be discarded if the same message id and message split id are contained in the
parts.

The encrypted message is sent to each of the groups. The same copy of the message is reputedly
sent to n groups. The receiver can recover the whole message even the data are dropped due to black
hole attack. Data is recovered through another path available in the group. Entire message can not be
display to an attacker even if the node is compromised because the attacker gets only a part of the
encrypted message, not the entire message. Therefore the original data is recovered successfully.

In this method having end to end delay due to message splitting and encryption process.

2. Mitigating Wormhole Attack in MANET Using Absolute Deviation Statistical Approach

In this paper the author proposed Absolute Deviation Covariance and Correlation algorithm. This
algorithm is used for avoiding and Preventing Wormhole attack. It generates a set of possible route
between source and destination, and then sends RREQ packet to each path, followed by RREP packet is
received from the each path, after receiving RREP packets successfully, the corresponding route is added
into the route list. Note the time delay for each route based on time taken to receive a RREP packet
from each route. This algorithm calculates time delay and means absolute deviation for each route
based on the trust information received in the RREP packet. Finally select the route within the optimum
absolute deviation covariance range (i.e. average delay) otherwise discord the routes.

The limitation of this algorithm is computation complexity for absolute deviation covariance and
correlation.

2
 3. Graph –Based Wormhole Attack Detection in Mobile Ad hoc Networks(MANETs)

In this paper the proposed method detect the wormhole attack, based on the number of links that
connect a source and destination in the network. The proposed model is able to detect all wormhole
links where there length is greater than four hops. This approach is based on the routing information
contained in the exchanged messages, as well as on the routing tables of a node. The proposed model
works based on the path length between two suspects nodes.

The limitation of this model is, it does not have a separate mechanism for isolation of malicious nodes.

4. A Linear Time Approach to Detect Wormhole Tunnels In Mobile Ad hoc Networks Using 3PAT
And Transmission Radius(3 PATw)

This approach uses to apply two algorithms for identifying the wormholes in the network.

Transmission Radious Based (TRB) and 3PAT are the two algorithm

The Transmission Radius Based algorithm is used for identifying whether two nodes are neighbors or
not. To identifying neighbors of node, the communication boundary of each node is taken for
considerations. The TRB algorithm is used for identifying the correct route in the network.

The 3PAT algorithm is used for identifying the malicious behavior in the route, based on the time factor
value of sending and receiving a RREQ and RREP message packets. This time factor value is calculated by
using hub number and the Round Trip Time (RTT).whenever a node not receiving a packet in a defined
period, it produces error message making us to check for malicious behavior.

In this proposed approach implements 3PATw algorithm, it is developed by using 3PAT and TRB
algorithms. This proposed algorithm improves the packet delivery ratio and detection rate.

The limitations of proposed algorithm is the Transmission Radius Based algorithm takes huge number of
packets exchanges to find out real neighbors, this will reduce the performance of the network and the
3PAT algorithm efficiently detect the single black hole node, it can not able to detect a collaborative
attack

5. Detection of Malicious Node in Mobile Ad-hoc Network

The proposed approach uses selective acknowledgment method. This method is an enhancement of
Adaptive Acknowledgement method (AACK).Before applying this proposed method nodes in the
network must be clustered by using standard clustering algorithm. The selective acknowledgement
ensures the neighbor node reliability. This method uses Bayesian interference statistical approach to
estimate its neighbor node reliability; based on the reliability factor the malicious node is identified. The
source node sends a data packet to the destination node via the intermediate node, once the
destination node receives the data packet, it must send the acknowledgement to source node via the
intermediate node within a given time period. Then the intermediate node and destination nodes are
considered as a genuine node in the network. Otherwise these nodes are detected as malicious node.

The limitation of this method is there is a probability of wrong prediction of nodes reliability and high
computation cost.

3
6. Selfish Node Detection IDSM Based Approach using Individual Master Cluster Node.

In this proposed approach uses Intrusion Detection System Monitoring. The clustering
techniques are used for malicious node detection. After clustering, a single master node monitor’s
nodes behavior in all cluster nodes. In this suggested method one pioneer node from every cluster is
selected and then one master cluster –head is selected among different cluster-heads.

The pioneer node collects the data from the different cluster-heads, and test the malicious
behavior in the network. If the unauthorized node is found, it is deleted from the network. It increases
the energy efficiency of the network.

The limitation of this method is a single node can monitor the entire network is challenging
tasks.

7. Markov Chain based Opportunistic Routing Protocol to enhance the performance of the MANET

In this paper the author proposed Markov chain based Opportunistic Routing Protocol to improve a
successful data transmission in MANET.

The existing Markov Chain based protocol is modified by adding the opportunistic routing algorithm, to
increase the probability of successful transmission. The proposed method also uses markov decision
making method for best route selection.

The Limitations of proposed method is, it is implemented for a network of 100 nodes, if a network size is
increases by adding new nodes the probability of successful optimal route selection is reduced.

This proposed method uses a less no of parameter for optimum route selection.

8. SUPERMAN: Security using Pre-Existing Routing for Mobile Ad-hoc Networks

The author proposed a security framework called SUPERMAN for protecting both routing and
communication security. This proposed framework provides a set of functions like node authentication,
access control and communication security mechanism. It provides secure access to virtually closed
networks.

SUPERMAN is a frame work that operates at the network layers (3 layers) of OSI model. It is designed to
provide a complete secured communication framework for MANET without modifying the routing
protocol. The data packets including SUPERMAN can be transferred from transport layer to data link
layer through network layer. The SUPERMAN framework processes the packets and provides
confidentiality and integrity at the network layer and node authentication at the transport and data
link layers. SUPERMAN addresses all eight security dimensions specified in X.805. It gives additional
security services compared to IP Sec.

The limitation of proposed framework is security overhead due to packet processing and node
authentication.

4
9. EPPN: Extended Prime Product Number based Wormhole Detection Scheme for MANETs

The author proposed a new routing protocol naming extended prime product number (EPPN) based on
the hop count. EPPN scheme includes some meta- information with RREQ and RREP packets.

EPPN is AODV based routing method to protect wormhole attack during communication process. In this
method the Source Node (SN) is needed to calculate the hop count between source and destination
node based on the Prime Product Number (PPN).The prime product number is a product of all node ids
between the source and destination in the path.

The hop count between source and destination is obtained depending on the current active route. The
hop count model is integrated into existing AODV protocol.

In this method first the route is selected on the basis of RREP and then hop count model calculates the
hop count between source and destination. Finally wormhole detection method will be executed based
on the calculated hop count. If the calculated hop count is grater than the received hop count in the
route, then the malicious node is isolated.

The limitation of the proposed framework is, it does not having the parameters needed to measure
latency and end to end delay.

This approach having the possibility of false positive and false negative rate (i.e., error in data reporting)

10. A Secure AODV Routing Protocol with node Authentication

This paper proposes a node authentication mechanism to secure AODV routing protocol. This proposed
model enables node authentication before path initiation by adding digital certificate in Hello Packets,
So that any unauthorized node can not participate in the routing process. The certificate Authority (CA)
issues a certificate to each node participating in the routing for validating itself. The Verification of
certificate is done by use of cryptography. This Certificate contains IP address of a node, Public key of a
node, Time stamp of certificate created, Time stamp of certificate expire and private key of CA.

Steps for node validation before the route discovery process.

1. At any moment Node transmit HELLO message to its nearest nodes. This HELLO message Packet
contains certificate of a node and private key of CA.
2. When nearest node receives the HELLO packet, it decrypts the received embedded certificate
with the public key.
3. If nearest node efficiently decrypt the certificate and find the IP, Public Key of sender and time
stamp then it confirm the sender as authenticated node.
4. If the receiver cannot decrypt the received certificate efficiently then the HELLO Packet is
generated by unauthorized node, so the receiver does not add the node to its neighbor list, If it
is already present in the neighbor list then the receiver deletes the unauthorized node.

This proposed method having end to end delay due to individual node authentication mechanism.

5
11. Distributed Combined Authentication and Intrusion Detection with Data Fusion in High –Security
Mobile Ad hoc Networks.

The proposed approach uses Intrusion detection system with multimodal biometrics systems, to
improve the security Data fusion is performed by using Dempster-Shafer theory

The author proposed three concepts for improving the security of MANET.

1. Biometric-Based user Authentication

This model is used for authentication purposes to address a common security concern.

The biometric sensors are used for identifying location information. More than one biometric
sensors are used at every time period in the proposed system to increase the strength of user
authentication.

2. Intrusion Detection System

Intrusion detection is a Procedure of observing computer networks and systems for

contraventions of security policies.

The proposed method uses the IDS for preventing signature based attacks and behaviour based
attacks.

3. Data Fusion of Biometric Sensors and Intrusion Detection System

To maintain the security state of the network, the biometric authentication and IDS observation
values are combined.

The Dempster-Shafer method is used for data fusion.

The limitations of this proposed method is computation complexity due to distributed scheduling
problem, the performance of proposed system is reduced due to these constraints.

12. Recommendation Based Trust model with an Effective Defense Scheme for MANET.

This approach proposed Recommendation based trust management model to remove the malicious
nodes in a packet delivery route.

The recommendation based trust uses clustering techniques to dynamically detecting the attacks.
Clustering is performed based on number of interactions, compatibility of information and closeness
between the nodes.

The author proposed a recommendation based trust management model to provide the security in the
routing protocol between source and destination nodes, based on the trust value of each node in the
path. The proposed model uses a Bayesian Statistical approach for computing a trust value of a node
and beta probability distributions for some assumptions in calculation.

The parameters used by the Bayesian statistical approach to compute a trust value is number of
interactions based on time, compatibility of information and distance between the nodes.

6
The model has three components to evaluate trust (a) Trust Computation Component (b)
Recommendation Manager Component (c) Cluster Manager Component

(a) Trust Computation Component

This model is used to calculate the trust value of each node.

(b) Recommendation Manager Component

It request and gathers recommendations for a node from a list of recommending nodes.

(c) Cluster Manager Component

This model filters dishonest recommendations from the list.

The proposed trust model computation performs node evaluation for finding trustworthy neighbor
node. If the trust value is found satisfied after the node evaluation, the network activities are assigned to
a nodes. This model is developed to remove attacks related to bad-mouthing, ballot-stuffing and
collusion in MANET.

The limitations of this proposed model is unable to detect the location and time dependent attacks.

7
 Comparison of Security issues and Detection Schemes in MANET

What
Sr. Routing
Title Methods Used problem it Results Limitations
No Protocol
solves

Securing Data Splitting a Secure Data AODV Provides High end-

1 forwarding against message into forwarding higher packet to-end
Black hole Attacks in multiple paths against delivery ratio delay.
Mobile Ad Hoc and using Blackhole and Increased
Networks homomorphic Attacks. throughput network
encryption Make data overhead.
method transmission
be reliable
and secure in
the presence
of malicious
nodes in
MANET.
2 Mitigating Absolute Detecting AODV Minimizes Only 73%
wormhole Attack Deviation Wormhole wormhole efficient
in MANET using Covariance and attack attack by than
Absolute Deviation Absolute avoiding classical
Statistical Deviation wormhole covariance
Approach Correlation tunnels. method.
algorithm Takes only
270 seconds,
less time than
classical
covariance
3 Graph-Based Geographical Detecting Modified The detection It works
Wormhole Attack measurements Wormhole AODV model has a based on
Detection in attack called high detection certain
Mobile Ad hoc Add information WARP rate of distance
Networks to the packet to malicious between
(MANETs) restrict its behavior. two
maximum suspect
allowed distance nodes.

It does not
provide a
mechanism
for
isolation of
malicious
nodes.

Sr. Title Methods Used What Routing Results Limitations

8
 problem it
No Protocol
solves
4 A Linear Time 3PATw and Detection of AODV Detection of The no of
Approach to detect Transmission wormhole wormhole wormhole
Wormhole Tunnels radius based tunnel in tunnels with tunnels
in Mobile Ad hoc algorithm. mobile Ad hoc high accuracy increases,
Networks using Network and also in the time
3PAT and 3PATw algorithm quick time. taken also
Transmission used for increases.
Radius(3PATw) malicious node
detection
TRB algorithm
used for
detecting the
tunnel.
5 Detection of Selective Detection of AODV Identify the It
malicious node in acknowledgment malicious malicious node efficiently
Mobile Ad-hoc node in in the works only
Networks mobile Ad-hoc network. with
Networks. Increase the limited
packet delivery number of
ratio. nodes.

Reduce the
network
overhead.
6 Selfish node Selfish node Identify the AODV Detect and
detection IDSM detection in selfish node. isolate the
based approach MANET by malicious
using individual Monitoring the node.
master cluster entire network
node using the single Network
node efficiency is
increased by
minimum
energy
consumption.

Providing
reliable QOS
throughout
the network.

Sr. Title Methods Used What Routing Results Limitations

9
 problem it
No Protocol
solves
7 Markov Chain Finds routes in Link failure in i.CORMAN Enhance the If network
based adaptive manner, dynamic ii. Markov- probability of size
Opportunistic based on current environment Chain based successful increases,
Routing Protocol to channel condition protocol transmission. the
enhance the in dynamic throughput
performance of wireless Selecting the is also
the MANET environment best route by decreases.
applying
markov Less no of
decision parameters
making are used
method. for optimal
route
Reduces the selection.
path breaking
8 SUPERMAN: A novel Secure Addressing SAODV and Providing Increases
Security using Pre- framework, this the issues of SOLSR security to all the security
Existing Routing for framework secure data overhead.
Mobile Ad hoc providing node communicatio communicated
Networks. authentication, n during over a MANET
access control limited
and network
communication resource in
security. MANET.
9 EPPN:Extended EPPN based on To detect and AODV Protect against This
Prime Product hop count model. mitigate the wormhole algorithm
Number based Hop count effect of attacks during has high
Wormhole between source wormhole communicatio probability
Detection Scheme and destination is attack n process and of false
for MANETs obtained packet positive
depending upon forwarding. and false
the current active negative
route. rate.
10 Secure AODV Node Securing the AODV Mitigating
routing protocol authentication routing many potential
with node before route protocol. security
authentication establishment by attacks like
embedding digital wormhole
certificate in attack, man in
Hello Packet. middle attack.
It allows only
legitimate
nodes can be
part of the
routing
process.

Sr. What Routing

Title Methods Used Results Limitations
No problem it Protocol
10
 solves
11 Distributed Multimodal Continuous Improve the Computati
combined Biometric-Based user-device security on
authentication and user authentication performance complexity
intrusion detection Authentication in high in high security due to
with data fusion in and Intrusion security MANET. distributed
high security Detection mobile Ad hoc scheduling.
mobile Ad hoc networks High transition
networks (MANET) probability
with optimum
cost

Less
information
leakage.
12 Recommendation A Challenges in AODV Packet loss can The
based trust model recommendation building a be decreased proposed
with an effective based trust model trust model in the system
defense scheme with a defense that adopts presence of performanc
for MANETs scheme to filter recommenda dishonest e is lacked
attacks related to tions by other recommending due to
dishonest nodes in the node in the location
recommendation network. network. and time
s like bad- dependent
mounting, ballot- The PDR rate is attacks.
stuffing and increased over
collusion for 80%
mobile Ad-hoc
networks. The defense
algorithm is
capable of
mitigating the
influence of
dishonest
nodes.

PROPOSED WORK

11
The proposed system plans to address two issues

a) Security issue of an mobile Ad-hoc Networks particularly black hole and wormhole attack
The proposed method is designed to identify the malicious node by using unique factors like
node identity, prime product number and the number of hop count between source and
destination node in the current active route. After detection of malicious node, the node must
be isolated from the network.
b) Providing solution for node clustering challenges

Implementing effective and innovative node clustering algorithm by considering different performance
metrics of mobile node (node mobility, battery level, packet delivery ratio etc), from these approach
selecting a node having high Sustainable Cell (SC) rate as a cluster header to improve the network
stability.

CONCLUSION AND FUTURE WORK

A MANET having many applications but as a result of exclusive characteristics it is further vulnerable to
security attacks. The security of absolute network depends upon routing. It is not achievable to discover
common solution that can be used to identify the black hole attack in MANET. In this paper the author
summarize the prominent methods used to detecting and preventing black hole attacks in MANET. The
existing solutions are categorized and presented in a tabular form. The author concludes that efficient
method must be proposed to overcome the limitations of existing system. Our study presenting that
many solutions have been proposed they still are not suitable for infrequent coordinated black hole
attack. So the future work we proposed to simulate absolute solution to detect infrequent coordinated
black hole attack.

12