Final Project

Mobile Ad hoc Network Security Issues
By
Sheraz Salim
Student ID 20388626
Presented to Faculty of
School of Computing, Engineering and Physical Sciences
University of Central Lancashire
In Partial Fulfilment
Of the Requirements
For MSc Computer Networking
Name: Sheraz Salim Master Project CO4804

Page
1
Acknowledgement
I always thank to ALL-MIGHTY ALLAH, who gave me power and courage to

complete this project. I would like to thank Zaki-El-Haroun for his supervision during
this project and Helen Campbell for supporting and gaudiness during this tough time.
I also have good regards for the facility of school of Computing, Engineering and
Physical Science, University of Central Lancashire including Chris, who always
support us for the simulation software problems. I would also like to express my
sincere thank to my friends who support me all this time during thesis first and
foremost, Noman Qazi and Hamid Khan.
Finally, I would like to dedicate this thesis to my parents, brother and sister. Without
their support it wasn’t possible to complete this project.

Page
2
Abstract
Mobile ad hoc network also know as MANET is a promising technology which give
connectivity where existing technologies communication like infrastructure failed or
unable to provide the services due to catastrophic failure. MANET technology
received a huge attention from the exciting researchers and industry sectors to make
them more affordable better and valuable in communication environment, where as
MANET nodes are highly self organized even with a collection of few mobile node.
All these fantasizing features, and marvellous connectivity with other mobile node
and making a enormous network, despite when it come to security it pose a large
threats to the existing network which formed by MANET nodes. Here in this project
we implemented Pulse Jammer, Misbehaving nodes and Byzantine attack on AODV
routing protocol on MANET simulation environment. To perform the simulations
we used OPNET MODELLER 15.0 as network simulator for our proposed work.
The result showed MANET posed a high security risk attack either from internal or
from external attack.

Page
3
Table of Contents
Table of Contents.............................................................................4
Introduction......................................................................................9
CHAPTER 1.....................................................................................10
Mobile Ad hoc Wireless Network..........................................................10
Introduction.........................................................................................10
Background.........................................................................................11
Aim of thesis........................................................................................13
Related Work.......................................................................................13
Research Object..................................................................................14
Work Plan............................................................................................14
Scope 14
Chapter No. 2.................................................................................17
Physical Layer Attacks....................................................................17
Jammer Attack.....................................................................................17
Interference Problem...........................................................................18
De-Packaging Attack...........................................................................18
Eavesdropping Attack..........................................................................19
Defence against Physical layer Attack.................................................19
Summary.............................................................................................20
Chapter No. 3.................................................................................21
Data Link Layer Attacks.................................................................21
IEEE 802.11 attack..............................................................................21
Virtual Jamming attack 802.11............................................................21
Traffic Monitoring and Analysis Attack................................................22
IEEE 802.11 WEP weakness.................................................................22
Single adversary attack (SAA).............................................................23
Colluding adversaries attack (CAA).....................................................23
Defence against Data link layer...........................................................24
Summary.............................................................................................24
Chapter No. 4.................................................................................25
Network Layer Attack.....................................................................25
Routing Protocol..................................................................................25
Proactive (Table Driven Routing Protocols).........................................26

Page
4
Reactive (On- Demand Routing Protocols) .........................................27
Other Routing Protocol........................................................................27
Comparison of Proactive, Reactive and Hybrid Routing Protocol in
MANET 28
Attack on Network Layer.....................................................................28
Routing attacks....................................................................................29
Routing table overflow attack..............................................................29
Routing table poisoning attack............................................................30
Route cache poisoning attack.............................................................30
Packet forwarding attacks or Advance attacks....................................30
Black hole attack.................................................................................30
Wormhole Attack.................................................................................31
Classification of wormhole attack........................................................31
Wormhole using Encapsulation...........................................................31
Wormhole using out of band channel..................................................32
Open wormhole attack........................................................................33
Closed wormhole attack......................................................................33
Half open wormhole attack..................................................................34
Wormhole with high power transmission.............................................34
Jellyfish attack.....................................................................................34
Gray holes attacks...............................................................................34
Byzantine attack..................................................................................35
Packet Replication...............................................................................35
Rushing attack.....................................................................................35
Defence against Network layer attacks...............................................35
SUMMARY............................................................................................36
Chapter No.5 .................................................................................36
Transport layer Attack....................................................................36
Transport layer acknowledgement spoofing........................................37
Replaying acknowledgement...............................................................37
Changing sequence number................................................................37
SYN flooding attack.............................................................................37
Session hijacking.................................................................................38
Defence against Transport layer attacks.............................................38
Summary.............................................................................................39

Page
5
Chapter No. 6.................................................................................40
Application layer Attacks................................................................40
Application layer attacks MANET.........................................................40
Malicious attack ..................................................................................40
Repudiation attack..............................................................................41
Defence against application layer attack............................................41
Summary.............................................................................................41
Chapter No.7 .................................................................................42
Cross layer security Attack.............................................................42
Internal attack.....................................................................................42
External attack....................................................................................42
Passive attack......................................................................................42
Modification attack..............................................................................43
Man-in-middle attack...........................................................................43
Fabrication attack................................................................................44
Location Disclosure..............................................................................44
Information Discloser attacks..............................................................45
Summary.............................................................................................45
Chapter No. 8.................................................................................46
MANET Security Services................................................................46
Authentication.....................................................................................46
Confidentiality.....................................................................................46
Integrity 47
Availability...........................................................................................47
Non-Repudiation..................................................................................47
Summary.............................................................................................48
Chapter No 9..................................................................................49
Simulation Modelling and Implementation.....................................49
Discrete Event Simulator (DES)...........................................................49
Continuous simulation.........................................................................49
Test bed Labs......................................................................................49
Simulation tool.....................................................................................50
The Architecture of OPNET..................................................................50
Construction of Model in OPNET MODELER..........................................51

Page
6
Network Level......................................................................................51
Node level............................................................................................51
Process 52
OPNET MODELER wireless support......................................................52
Research Methodology........................................................................52
Research Design and Problem Identification.......................................52
Building a simulation environment in OPNET MODELER......................53
Pulse Jammer attack Scenario............................................................53
Misbehaviour Nodes Scenario.............................................................53
Byzantine attack Scenario..................................................................53
Network Model.....................................................................................54
MANET Node........................................................................................54
Traffic Model........................................................................................54
MANET Traffic......................................................................................54
Application configuration ....................................................................55
Profile Configuration............................................................................63
Mobility Configuration..........................................................................63
Performance Metrics............................................................................64
Normal Traffic Response Results.........................................................65
Chapter 10.....................................................................................66
Attack on Different Scenarios.........................................................66
Scenario 1, Pulse Jammer Attack Setup and Results...........................66
Scenario 2, Misbehaving Nodes and Experimental Results.................69
Scenario 3, Byzantine Attack and Experimental Result ......................72
Chapter 11.....................................................................................75
Conclusion and Future directions........................................................75
References...........................................................................................77
List of Figures
Figure 1.1 Mobile Ad hoc Network…………………………………………….........13

Page
7
Figure 2.1: Waveguide Directional Wireless Antenna……………………………….21
Figure 3.1 Virtual Jamming attack 802.11…………………………………………...24
Figure 4.1 MANET malicious node access attack on network………........................31
Figure 4.2 MANET malicious node attack on network……………………………...31
Figure 4.3 Black hole attack in MANET……………………………………………..34
Figure 4.4 Wormhole attack………………………………………………………….35
Figure 5.4 SYN flooding attack……………………………………………………...40
Figure 5.5 Session Hijacking…………………………………………………………40
Figure 9.2 OPNET MODELER Documentation……………………………………..53
Figure 9.4 Network Model with AODV routing protocol…………………………...59
Figure 9.5 MANET node model……………………………………………………..60
Figure 9.6 show the parameter set for traffic model…………………………………61
Figure 9.9 showing the detail parameters of Profile configuration……......................62
Figure 9.10 showing the values set for mobility of nodes in network……………….63
Figure 9.11.1 Normal Network Throughput……………………………………….. ..63
Figure 9.11.2 Normal Network Delay………………………………………………..63
Figure 9.11.3 Time average response time on AODV……………………………….63
Figure 10.1 Jammer node configurations……………………………….....................65
Figure 10.2 Throughput result of Jammer attack on network………………………..66
Figure 10.3 Misbehaving node configurations………………………………………68
Figure 10.4 Throughput result of Misbehaving node on network…………………...69
Figure 10.5 Byzantine nodes configuration………………………………………….71
Figure 10.6 Throughput result of Byzantine attack………………………………….72
Figure 10.7 Byzantine attack nodes dropping the routing table……………………..72

Page
8
List of Tables
Table 1.Attack on Mobile Ad hoc Wireless Network……………………………….16
Table 2.Security issues in Mobile Ad hoc Network…………………………………17
Table 3 Defence line prevention against Mobile Ad hoc Network………………….18
Table 4.Comparison of Routing Protocols…………………………………………..30
Table 5.A Review of Security Parameters in Mobile Ad-hoc networks…………….50
Introduction
Mobile Ad hoc network is the new advancement in field of telecommunication
technology which changes the entire concept of communication. This technology is

Page
9
formed as a collaboration of self organized node which formed few hundred to
thousand of nodes. MANET are easy to deploy in all condition, due to the help of this
technology we can not relay on access point and traditional wired networks or on
infrastructure, this technology give us a freedom of move around. These mobile nodes
formed a temporary network where infrastructure failed or damaged by a natural
disaster. It helps soldier in the battle field ground to communicate with command
control centre and disaster relief, emergency operations, earth quack etc.
Wireless network are of two kinds, Infrastructure and infrastructure less. MANET is
infrastructure less; where as infrastructure need to connect with wired network in
order to provide transmission as MANET infrastructure less doesn’t need any wired
network. MANET node act as router and host at the same time to forward the packet
for other nodes.
Since last few years, MANET gain popularity from all sectors, military, education,
industry, and research etc. As many number of paradigm like Wireless Mesh Network
and wireless sensor network are tested and implement successfully around the world.
There is no doubt; the MANET has a bright future prospective. As an example in real
life VANET which based on Mobile Ad hoc Network are commonly used in motor
vehicle to prevent road accident, perhaps this technology revolve around us and make
us excited to get deeper look at in.
CHAPTER 1
Mobile Ad hoc Wireless Network
Introduction
The advent of wireless technology is one of the biggest breakthroughs of modern
technology. This technology enables the users to utilize the freedom of movement and
the use of the equipment while on the move. Initially the use of wireless technology
was restricted for the military purposes to provide cutting edge to the defence forces.

Page
10
However, during the 1980s there was an explosive growth of this technology. For
general public the first interaction with the wireless technology was the mobile phone.
Initially the technology was expensive to use and difficult to maintain. But with the
rapid advancement in this field the technology became affordable and with the
implementation of fourth generation of wireless networks the entire concept has
changed. In recent year Mobile Ad hoc Network (MANET) seek much attention from
industry and academic researchers from all around the globe. This technology has
come with its own flavour as they are easy to deploy in disaster areas and for
emergency operations due to its nature of design and operation, such as an
environment where a collection of few mobile nodes can form a temporary network
without a need of any centralized networks, with the collaboration of each other nodes
they carry forwarding packets to destination nodes, thus due to limited transmission
range on radio wireless medium. Each node act host and router at the same time to
forwards the packet. Mobile Ad hoc Network do not relay on wired network routing
protocols. To function properly in radio wireless medium Mobile Ad hoc Network use
a Ad hoc routing protocols, these protocols are entirely different than tradition wired
network as routing path breaks and connected due to self organized nodes to discover
multi hop routes through network to any other node. This functionality is also known
as infrastructure less.
Background
Wireless network provide connectivity between end nodes like PDA, Notebooks,
Mobile phones etc, without the use of wires. The transmission occurs on
electromagnetic waves, know as radio waves. Wireless network can be combination
of switches, routers and hosts without any wired connected to each other, they must
functional wirelessly. A router is responsible for packet forwarding in the network and
host are source or destination of the data flow. Wireless network giving edge compare
to traditional networks as there is no physical cable required for data transfer.
Wireless communication gives a freedom for routers and host to move freely in
wireless communication zone network. To accompany this freedom wireless
communication relay on channel know as radio frequency RF, however the detail of
wireless communication is not a scope of this project go to [T.S. Rappaport, 1996]
Wireless networks are attached with a centralized fixed network such as Access Point
(AP). The Access Point (AP) acts as a middle man between the wireless user and the
fixed network, as wireless users are on the move from one place to another AP keeps

Page
11
them connected to a wireless network. The existence of these networks are not
feasible as fixed network also know as infrastructure, it limited support to the
adaptability of wireless network. Therefore this technology is not reliable where no
fixed infrastructure is present like rural areas.
In recent advancement technologies such as Bluetooth and 802.11 launched a

paradigm of wireless system called as Mobile Ad hoc Networks (MANET). The
speciality of this technology is that it could be managed even in lack of fixed
infrastructure. This technology is efficient, effective, quick, and easy to deploy.
MANET consists of independent mobile nodes connected by wireless medium, each
mobile node acts host and operates as an end system, and also acts as router for all
nodes in the network. MANET are heterogeneous as path between each single pair
may have multiple links, each mobile node is free to roam while communicate with
other nodes and self organize. This forms a relationship of different kind of links to
become a part of the same network [H. Bakht, 2004]
Figure 1.1 Mobile Ad hoc Network.[Mishra et al. 2003]
While Mobile Ad hoc network have many advantages over the traditional wired
network, but when it come to security it pose a immense set of disputes. Firstly
Mobile Ad hoc network face the dispute of secure communication in wireless
medium. [Imrich et al. 2003] focused the MANET communication threats that pose
the radio wireless medium of Mobile Ad hoc network are;
 The wireless medium has no complete or no certainty visible limitations

outside of which stations are known to be incapable to obtain network frames.

Page
12
 The wireless medium is defenceless from outside the channel signals.
 The wireless medium is considerably less undependable then wired media
 The phenomena of hidden terminal and exposed terminal may occur.
Secondly, nodes having no security on the network may face threats from active
attack as impersonation to passive attacks as eavesdropping which lead network to
deceased and degrade the performance and resources. Vulnerable malicious node
attempts to intercept the radio wireless transmission and modify the packets without
the knowledge of authorized nodes. Likewise, various attacks Denial of Service could
be launch easily to start sending packets through vulnerable nodes which give false
update information to disturbed and poison the routing information in the network. As
result the network is destroyed and the motive of attack will be successful.
Aim of thesis
It is try to provide as much as information in regards of malicious node, the
techniques, methodology and tools which are assume as attacker approach to harm or
hijack the network resources in light of few attacks that are analysis on OPNET
MODELER 15, We believe implementing few number of attacks on MANET with
having enough knowledge of the attack as prospective of attacker thinking, can help
to investigate future more and bring them into the light of the weakness of the
network and having better understanding to secure the network. This thesis briefly
provides the detail information regards into MANET attacks.
Related Work
A lot of research has already been published regarding Mobile Ad hoc Network
security. This section presents some of the research literature related of MANET
security. [Yannick et al. 2008] have proposed security trust monitoring layer which let
other MANET domain or individual node to cooperate and substitute security
information, in response to prevent from the misbehaving nodes. [Mike and Breno,
2009] claim’s the algorithms SRP and Ariadne are insecure and subject to hidden
channel attack. Nevertheless, they come with a new approach and form a novel route
discovery algorithm and named “enairA”. [Junfang et al. 2006] define a threshold
cryptography which consists of three requirements of ring signature, correctness,

Page
13
anonymity and security against malicious node in network. [Yang and Xiaoyao, 2007]
proposed a technique to secure a routing protocol for MANET, Rubin logic to analyze
non-repudiation of protocols; unfortunately, this protocol is based erroneous
assumption. [Claude et al. 2007] have focused on routing security issues in MANET
and describe solution of Byzantine behaviours attacks problem. In this project, the
emphasis is given on the OSI layer model which identities the loophole in security
issues.
Research Object
During the research vulnerabilities and security issues are focus which posed a great
thread to MANET security. Giving a brief account of security issues which will be
analyzed individual OSI layer reference model for MANET to elaborate it, namely as
application layer, transport layer, network layer, data link layer and physical layer. It
is hope the study of this project gives a good understanding of security challenges and
solution in MANET.
 What are the potential severe threats in MANET security? Which threats are
dangerous in term of network resources attacks?
 What are the precaution and how to protect security to make it secure as using
state of the art security mechanism?
 How simulation attacks are realistic and their impact on practical network?
 What are the future directions which take the MANET security to compromise
with malicious and vulnerabilities?
Work Plan
OSI (Open System Interconnect) divide networking concept as a guide line to
understand the function of each single layer. Each single layer provides detail
information of the attacker prospective that can be launch attack on network. It is
believe that taking this approach will identify with the concept and methodology of
attacks on OSI layer as a reference model.
Scope
It is tried to define the security measurement precisely which could reflect MANET
attacks. As a matter of fact, a security defence lines always must be taken at early

Page
14
stages of any basic design of network either its traditional wired network or wireless
ad hoc network. This thesis high-lighted the security threats which serious harm the
MANET network topologies in terms of each layers as show in table 1 [B. Wu et al.
2006a], and in table 2 security issue in MANET [H. Yang et al. 2004a] table 3 show
the defence line against to prevent from these layers.
Layer Attacks
Repudiation, Trojan virus, Wormhole

Application Layer
and Malware.
Transport Layer Session hijacking, SYN flooding
Wormhole attack, Black hole attack,

Byzantine attack, Routing attack,
Network Layer
Resource consumption attack, location
disclosure attack.
Traffic analysis and monitoring,

Data link Layer
disruption
Physical Layer Jamming, interceptions, eavesdropping
Table 1.Attack on Mobile Ad hoc Wireless Network
Layer Security issues
Application layer Identifying and stop viruses, Trojan,

vulnerable code and application
exploitation
Transport layer Securing the data reliability by using

authenticating and secure communication.
Network layer Securing the ad hoc routing protocol as

well as forwarding protocols.
Link layer Securing the MAC protocol and give link

layer a security mechanism
Physical layer Securing the signal from denial of service

(DoS) jamming attack
Table 2. Security issues in Mobile Ad hoc Network

Page
15
Layer Defence line
Application layer Identifying and stop viruses, Trojan,

vulnerable code and application
exploitation
Transport layer Use of Transport Layer Security (TLS),

Secure Socket Layer (SSL), and Private
Communications Transport (PCT) as
public key cryptography
Network layer Use of secure routing protocols, IPSec

and Packet leashes.
Link layer Use of 802.1X and NAV field for

encryption
Physical layer Use of different spread spectrum

techniques
Table 3 Defence line prevention against Mobile Ad hoc Network

Page
16
Chapter No. 2
Physical Layer Attacks

Physical layer is the lowest layer of OSI reference model. This is commonly
shortened as “PHY”. The physical layer has a priority compare to other layer of
OSI/ISO reference model as it is the only layer where data is physically moved across
the network. The physical layer function is encoding, signalling, data transmission,
reception and physical network design. On wireless networks it functions as radio
transceiver, and packet transmission through physical medium. The function of
physical layer on wireless is to transmit the single in the radio wireless waves to its
destination or to finding path with collaboration of other nodes which are present in
the network. When physical layer receive the single it pass it to other lower layer.
Radio wireless signal in MANET are highly vulnerable on physical layer, as wireless
radio signals travel throughout the open air as having their limited frequency range.
Consequently radio wireless communication is easy to jam or intercept as its nature of
using open airwaves. Any malicious node can hear the wireless signal and disrupt the
transmission in the network.
As many attacks are executed and widely discussed in literature on wireless network,
thus physical layer is one of important layers of OSI reference model to secure in
order to protect the radio signal from many malicious attacks that can launch attack on
this layer. Launching attacks on physical layers are Jamming transmission,
interference, eavesdropping etc., is mostly applied and in common practice on this
layer. Attacker goal is to weak the strength of radio signal but also jamming the
transmission to bring the network resources down.
Jammer Attack
Jammer attack is commonly used to wipe out the transmission on the target wireless
networks. Jammer attack responsibility is to prevent nodes from sending and
receiving packets on network. Jammer function on physical layer to generate the
packet at a high constant rate on wireless medium to keep the medium busy,
consequently node on network can’t access the wireless medium due to the noise
jammer created in wireless medium. In this attack, the malicious node hire a device
called Jammer which is later used to observing the wireless radio frequency, until

Page
17
attacker match the frequency at which receiving node receiving the signal from the
sender in the network. Attacker matches the frequency with the help of Jammer
frequency device of the targeted networks and transmits radio signals with generating
a continuous high radio frequency (RF) which is powerful signal that overwhelmed
within the range of network transmission. Subsequently messages are lost due to high
noise in the spectrum. Jammer attacks are considered as brutal force attack. Jammer
attacks can be classified as constant jammer, deceptive jammer and random jammer.
Interference Problem
In wireless network interference has seen commonly, it occurs when set of nodes
clash with other devices which are using the same Radio Frequency (RF). Each
MANET node station use 802.11 network card to transmits packet in the network
when no other node transmitting the packets. If any other node happens to sending
packet, other node will have to wait to get the wireless medium free. Radio Frequency
(RF) occupies the unwanted interference Radio Frequency signals that interrupt the
normal operations as 802.11 protocol defined by IEEE get interfering Radio
Frequency single of sufficient amplitude and frequency which can appear as bogus
802.11 nodes transmitting a packet. This cause genuine 802.11 station to wait for
indefinite periods of time until interfering signal goes away. The sources of Radio
Frequency Interface which may cause the problem are 2.4GHZ this could be any
interference single including microwaves, wireless phones, and Bluetooth devices. [L.
Gavrilovsak and R. Prasad. 2006] discuses the wireless devices interference
coexistence with different technologies using the same frequency band and the
sharing the spectrum are problem for researcher, he emphasis the technologies Wi-Fi,
MANET which share the spectrum and frequency are already facing the problem of
crowded bandwidth boldering for spectrum etc, radio interface design, dynamic
frequency and network topologies selection.
De-Packaging Attack
Attack on MANET node can take place by de-packaging [Amitabh, 2008] De-
packaging is the process of removal of chip which is mostly attached in nodes for
transmitting signal. By dissolving the chip in resin silicon fuming acid which is the
first step towards decode the chip, by using micro probing or electro-beam
microscopy to read the ALU in processor, ROM cell etc can obtain easily. Physical
attack on chip is relatively hard cause of the expensive infrastructure requirements.

Page
18
One the process of de-packaging chip is done it can give useful information for
launching attack to the network.
Eavesdropping Attack
Eavesdropping attack is the process of gathering information by snooping on
transmitted data on legitimate network. Eavesdrop secretly overhear the transmission,
however, the information remain intact but privacy is compromised. This attack is
much easier for malicious node to carry on as evaluate to wired network.
Eavesdropping attack in MANET shared the wireless medium, as wireless medium
make it more vulnerable for MANET malicious nodes can intercept the shared
wireless medium by using promiscuous mode which allow a network device to
intercept and read each network packet that arrives. The attacker node intercepts the
transmission as every MANET node is equipped with transceiver in range of the
communication which can be decode by means of malicious node to target the
authorized node on the network, malicious node can obtain the sensitive information
etc, modify the routing route or poison the routing table. This can seriously harm the
network resource and degrade the network performance. There are number of
hardware tools that allow promiscuous mode, such as Prisme2 network card with
using eavesdropping and high power antenna to intercepting wireless traffic as shown
in figure 2.1
Figure 2.1: Waveguide Directional Wireless Antenna
Defence against Physical layer Attack

Physical layer security has a primary concern in MANET due to the signal broadcast. To
avoid signal jamming communication Denial-of-Service (DoS) attack on physical layer is to

Page
19
change the spread spectrum such as direct-sequence CDMA if attack is launched on physical
medium in order to protect point to point wireless link. The disadvantage of this technique is
nodes have to pre-exchange for spreading code. Other technique is to employ over come to
this problem without spread spectrum in jamming attack is to use a high transmission power
or use high redundancy low rate channel code.
Summary
MANET nodes are easy to deploy due to its design as all the transmission is based on radio
frequency on wireless medium. Links are discovered and break often, radio frequency is
much easier to interference with other device on the network. These entire drawbacks give the
advantage to malicious attacker opportunity to attack on legitimate networks. Physical layer
play a vital role to transmit data on entire network if physical layer is attack all the
communication paralyse, The security of physical layer on MANET is an issue for providing
the secure communication as well interference of other device using the same frequency on
the network can exploit the communication to place on.

Page
20
Chapter No. 3
Data Link Layer Attacks

Data link layer is second lowest layer of OSI reference model; it is commonly known
as link layer. It ensures the reliable communication link between neighbour nodes,
data link layer define the different network and protocol characteristics. Like Logical
link control (LLC), Media Access Control (MAC), Data Framing, Addressing, and
Error Detection and Handling. In wireless networks like MANET nodes provide
multipoint peer-to-peer network architecture. Their connectively is maintain by one
hop among to the entire network by using link layer protocol and the network layer
protocol extent the connectivity to other nodes in the network. Malicious nodes can
launch attack on link layer by distracting the collaboration of protocol of this layer.
[B. Wu et al. 2006b]
IEEE 802.11 attack

The vulnerability on DoS attacks in link layer IEEE 802.11 has been investigated
malicious node has to keep the most of binary exponential back off scheme. In order
to happen as expected malicious node damage frame easily by putting few extra bits
on the frame and overlook the ongoing communication. The mechanism of this
procedure is understood when IEEE 802.11 node transmit the binary exponential each
node wait for it term and get back-off until the transmission is in progress. Malicious
node keep the wireless medium busy and start loaded frames transmitting which tend
to capture the wireless channel by sending data non-stop as result neighbours nodes
back-off endlessly. Therefore other nodes find the wireless medium busy and keep
back-off so the performance of the network degrades this way.
Virtual Jamming attack 802.11

In virtual jamming attack malicious node sent RTS packets continuously on the
transmission with unlimited period of time. During this entire process malicious node
effectively jam the transmission with a large segment of transmission on the wireless
channel with small expenditure of power. This attack is much effective than physical
layer jamming as this attack consume less battery power compare to the other physical
layer jamming attack. For example node M is a malicious node and it starting sending
a false RTS packet to node R with a large frame. When nodes G and H receive packet

Page
21
on wireless channel they both become blocked for a certain amount of time as apply
for node M as figure show in 3.1. [Ashikur and Pawel, 2006]
RTS
CTS
G BUSY BUSY
BUSY BUSY
H
Figure 3.1 Virtual Jamming attack 802.11
Traffic Monitoring and Analysis Attack

These attacks are to identify the characteristics of communication on radio wireless
transmission which could lead it for future useful information for malicious attacker
to launch attack against the targeted network. This attack identify the communication
nodes and their physical location, information like the amount of data transmitted,
number of nodes in the network, channel frequency and spread spectrum etc. WLAN,
cellular network and even satellite network suffer from these vulnerabilities. These
attacks are not considerable for MANET but they are fall into other WLAN attacks
IEEE 802.11 WEP weakness

IEEE 802.11 introduce the security in 1999 for 802.11 which is known as Wired
Equivalent Privacy WEP, unfortunately it suffer from many back draws, weakness

Page
22
like RC4 chipper etc. IEEE 802.11 WEP security criticized due to many reasons, few
are;
• Key management and key size
When IEEE 802.11 releases the WEP standard; it didn’t define key
management lacking interoperable key management of poor quality and key
tend to be long lived. Therefore wireless network which come with WEP
security key have to share key between each single node on network. It was a
big problem as it has to be programmed with the same key on other nodes in
network. If synchronize the key it is difficult to change all over the network
have to compromised. 802.11 do not specify WEP key size other than 40 bits.
• Small Initialization Vector
Initialization vector used in WEP size 24 which provides 16,777,216 different

RC4 cipher sent in clear and lead to randomly cipher key recovery which is
also called as analytical attack, the attack can decrypt consequent packet
which were encrypted in same IV.
• Poor ICV algorithm
WEP cryptography algorithm is based on CRC-32, it is use for distinguish

noise and general error in transmission. CRC-32 works well for checksum but
not good in cryptography perspective, it may put the security on the edge and
cause privacy integrity attacks. [Jim Geier, 2003]
Single adversary attack (SAA)

In this attack malicious node intrude into an authorized target network and starting
generating IEEE 802.11 massive flow signals to authorized nodes on the target
network, the goal of malicious node is to drain the battery power of authorized nodes
and to reduce the available channel capacity of authorized nodes on network. This
attack is known as single adversary attack.
Colluding adversaries attack (CAA)

In this attack two or more malicious nodes involve having understanding to contribute
using 802.11 signal and start generating the signals to each other. Hence the channel
get busy for other nodes therefore the targeted nodes in the network cannot

Page
23
communication to each other. This attack is called colluding adversaries attack.
[Yihong et al, 2004]
Defence against Data link layer

End to end services are provided by encryption which reply on lower layers of OSI
function, such as data link layer which gives the security mechanism of 802.11 WEP
apparently which fails. To secure the link layer security such as 802.1X should be use
it will protect the frames over the air portion of connection between nodes, the
advantage of using 802.11X is it protect upper layer attacks by rejecting access to
network resources before authentication completed [Andreas et al, 2006]. Security
vulnerabilities are exponential back off mechanism scheme, however the NAV filed is
still challenging as many proposed schemes such as ERA-802.11 [A. Perrig et al,
2000].
Summary
Data link layers provide MANET connectivity from one hop communication between
direct neighbours through media access control (MAC) protocols. As MAC has its
own mechanism to transfer data on network, therefore vulnerable activities could
happen on this layer by violating the NAV field of RTS/CTS frames. Many security
mechanisms are proposed to prevent attacks on MANET like AES/CCMP and RSN.

Page
24
Chapter No. 4
Network Layer Attack

Network layer is the third lowest layer of OSI reference model. The function of
network layer in OSI layer model is to provide the services for exchanging the
individual piece of data/information over the network between identified end devices.
To achieve the integrity four basic processes are involved in it. [Cisco System, 1998]
• Addressing
• Encapsulation
• Routing
• De-capsulation
The main network layer process in MANET is ad hoc routing and packet forwarding.
In MANET the nodes act as host and router. Therefore router discovery and router
maintains in the MANET is effectively concern. Thus attacking on MANET routing
protocol not only disrupt the communication on the network even worst it paralyzed
the whole communication all over the network. Therefore, a security in network layer
plays a vital role to ensure the secure data communication in the network. To evaluate
the security threats in network layers, threats in network layer are classified as:
• Routing protocols
• Attacks on network layer.
Routing Protocol
Routing is process of moving packets from source network to a destination
network in internetworking devices. Routing protocols use a routing algorithm
which is a mathematical formula to forward the packet to its destination. The
routing algorithm varies from one routing algorithm to another etc OSPF, BGP.
In wireless network two types of communication paradigm exists, which use
different routing algorithm due to the nature of it use, infrastructure uses the
traditional wired routing and in Mobile Ad hoc wireless network nodes are
connected by wireless link through physical layer and data link layer, thus the
network topology may keep changing randomly due to the movement of nodes.
Routing protocols that are used in traditional wired network finding a path to

Page
25
route the data flow, for example packets from a source node to destination node,
cannot be apply directly due to the nature of Ad hoc wireless network, as
frequent path breaks during ongoing sessions, disruption commonly occur during
transmission/receiving. Situation like them are not reliable links in traditional
wired network where all node are fixed. Traditional wired network protocol find
path easily when path break. Convergence is slow in wired networks. Therefore,
routing protocols for ad hoc network must be able to perform effective and
efficient mobility as they are dynamic and no centralized infrastructure present.
Many routing protocols have been proposed in MANET. The aims of these
routing protocols are to provide a reliable and secure communication and remove
fault in existing protocols.
Proactive (Table Driven Routing Protocols)

Proactive protocols maintain up-to-date routing table information in their
routing tables and regularly update the changes in the topologies as appears.
When a topology changes occurs then nodes on the network broadcast the
update routing table throughout the entire network to maintain up-to-date
routing information. They work similar to the traditional wired network
routing protocols etc RIP, RIP2. The protocols from this class are not
feasible for large number of network as this cause more overhead in their
routing tables and consume more bandwidth.
The examples of different varieties of table driven protocols are given

below:
• Topology Dissemination Based on Reverse Path Forwarding (TBRPF)

• Destination Sequenced Distance vector routing (DSDV)
• Optimised Link State Routing Protocols (OLSR)
• Cluster Gateway switch Routing Protocols (CGSR)
• Fish eye State Routing Protocol (FSR)
• Wireless Routing Protocol (WRP)

Page
26
Reactive (On- Demand Routing Protocols)
Reactive protocols are also known as On-Demand Routing Protocols, their
function is entirely different than proactive routing protocols. They do not
maintain the routing information of the network topology; they get
necessary information of the topology when they are required. Additionally
these protocols do not share routing information frequently.
The examples of different varieties of proactive protocols are given below:
• Dynamic Source Routing Protocol (DSR)

• Ad Hoc On Demand Distance Vector Routing Protocol (AODV)
• Temporally Ordered Routing Algorithm (TORA)
• Associativity Based Routing (ABR)
• Location aided Routing (LAR)
Other Routing Protocol

Routing protocols function as a backbone of the network; a number of
routing protocols are invented according to network requirements and
according to their hierarchical routing. Proactive and reactive protocol are
mostly discussed in MANET however there are two other routing classes of
protocol called Hybrid and Hierarchical. The Hybrid routing protocol is a
combination of reactive and proactive protocols. The Hierarchical routing
protocols used for scalable routing scheme and set up a hierarchy which is
fallow in way of anti trail. The example of Hierarchical routing protocol is;
• Hazy Sighted Link State HSR

• Zone Routing Protocol ZRP
• Distributed Dynamic Routing Algorithm DDR

Page
27
Comparison of Proactive, Reactive and Hybrid Routing
Protocol in MANET
Routing Protocol Advantages Disadvantage
Proactive Rapid establishment of Convergence time is slow,

routes and less delay. resources amount is used
Routing information is up- heavily. Routing information
to-data periodically. flooded in whole network.
Reactive Obtain the required path Routes are not up-to-date,

when necessary, saving large delay.
resources, do not exchange
routing table periodically
and Loop free.
Hybrid Up-to-data routing Required more resources for

information, limited search larger size zones. Arbitrary
cost and scalable proactive scheme within
zones.
Table 4.Comparison of Routing Protocols [Hasnaa and Houda, 2005]
Attack on Network Layer

In network layer, the attackers aim is to disturb the network traffic by attacking on
network layer, attacker injects a malicious packet between the source and the
destination nodes trying to get control of the network. Once the network is hijack
attacker can easily misguide the network and absorb the traffic. To understand this
situation we shall look at the example as given below, Figure 4.1, network of three
nodes S, X and D are formed node M is malicious node and it trying to broadcast false
RREQ packet to node X to get control of the network. Figure 4.2 shows the malicious
node successfully gets into a network with false RREQ. This example shows with
having S X therefore any malicious D
no route security between nodes node disturb the
traffic on MANET.

Page
28
M
Figure 4.1 MANET malicious node access attack on network
S X M D
Figure 4.2 MANET malicious node attack on network
Yang proposed that two kind of attack fall in network layer, routing attacks and
packet forwarding attacks. [H. Yang et al. 2004b]
Routing attacks
There are different numbers of attacks in MANET routing that can be launch
against the legitimate network by employing malicious nodes. The purpose of
these attacks is to spoil the current routing tables that has been built up by
intermediate nodes and which are handling smoothly around the network
topologies. Following are the few of them which are commonly launched to
trigger the routing protocols.
Routing table overflow attack

In routing table overflow attack vulnerable node or group of nodes advertise
route to particular none existing node, which does not exist at all, the aim is to
emphasis the legitimate nodes on the network to join the advertise route. The
goal of this attack is to originate overflow of routing table that creates a large

Page
29
amount of routes by vulnerable node to stop creating new routes from genuine
node in the network. Proactive protocol is easy to attack as proactive protocol
use discover routing information before they send route to other node on the
network. [Siddhatha and Mukesh, 2003]
Routing table poisoning attack

Routing table poisoning attack is classified as internal attack, as selfish node or
set of misbehaving node implement this attack for purpose to save the battery
life or exploit the routing. In MANET routing protocol maintain the information
regarding the routes they learn of different network topologies. Misbehaving or
selfish nodes create fabricated routing updates and modifies the original routing
route and re-broadcasting the modified original packet to other nodes on the
network. As a result network becomes inaccessible to use. [Patroklos G et al,
2005]
Route cache poisoning attack

Malicious nodes use the advantage of route information using technique
promiscuous mode where node can hear all the raw packet transmitted on the
network and can easily overhearing the packet and change the routing
information enclose in the packet header route cache. Route cache poisoning are
mostly used in on demand routing protocols, as each node had a cache route that
has the information regarding the route it has been routed to know nodes in the
network, this attack is much similar to eavesdropping attack.
Packet forwarding attacks or Advance attacks

Many new attacks on network layer have been identified which are brutal against
legitimate network and complicated to understand the attacker intelligence new
advance techniques are employing to attack on networks. In these attack many routing
protocol for MANET are proposed to enhance to solve the problem. Therefore, it is
area of interest for researcher to find the loop hole for MANET security.
Black hole attack

The black hole word is driven from the physics phenomenon, which mean
swallow. In term of MANET black hole means swallow the data packets. The
black hole uses the concept of generating false route and dropping data. The
black hole performed two steps to accomplish this.

Page
30
First black hole malicious node advertises itself having a valid fresh routing
paths etc. shortest and stable path to the destination node. Secondly, once black
hole node attract the traffic toward itself and when the flow of traffic come to
node its start dropping the forwarding packet and do not forward the packet as
result all packet through malicious node is lost. As shown in the figure 4.3
[Dagmara spiewak et al. 2007]
Wormhole Attack
Wormhole attack is similar to black hole attack both attack share the similar
phenomena, only the difference in wormhole work with a collision with other
nodes. The goal of wormhole attack is to affect the MANET routing protocols
etc AODV and DSR route discovery. First attack record the packet at one
location and tunnels it to another location by employing the techniques using
wired network or using an off link wireless channel at different radio frequency.
The tunnel between these two colluding is called wormhole.
Classification of wormhole attack

Wormhole can be classified into further five categories as proposed [Houda
and Mohamad, 2007], [Marianne et al, 2009]
• Wormhole using Encapsulation

• Wormhole using out of band channel
• Open wormhole attack
• Closed wormhole attack
• Half open wormhole attack
• Wormhole with high power transmission
Wormhole using Encapsulation

When nodes S broadcast for the RREQ to its neighbours node C and node D,
where as node A1 and node A2 are colluding attacker. Nodes A1 records the
RREQ request as forward from node C. Node A1 tunnels the RREQ to its
partner A2, and rebroadcast to its neighbours H. The request is transmitted
quicker than the request from node S to node A1. As a result node D decide a
route D-H-C-S and delete the route it had it before in its routing table. On the
other side node S choice route S-H-D which pass through A1 and A2. As shown
in the figure 4.4

Page
31
B C
M
A
E
D
RREQ A, B, C, D, E Node
Data
RREQ Malicious Node (M)
Figure 4.3 Black hole attack in MANET
Wormhole using out of band channel

This stage the attack used a band channel which is in different frequency as
compare to the target network. The goal is to accomplish using a wired link or
using out of band high bandwidth channel between malicious nodes wireless link
using a long range directional antenna. When node S send a RREQ to node C
and D neighbours, node X1 and X2 are malicious nodes and using a out of band
channel between them. Malicious node X1 forward RREQ to malicious node X2,
there X2 rebroadcast the packet to next neighbours so S get three route request
X1-X2-G compare to other route B-C-E-F-G where as the first route is shorter
than the second. [Rashid, 2008]

Page
32
X X
A I
1 2
Attacker1 Attacker 2
S D
Target
B C E F G
RREQ
RREQ through worm hole
RREP
Wireless link
Wormhole link
Figure 4.4 Wormhole attack Redraw [Rashid et al, 2008]
Open wormhole attack

In this attack malicious node keep examine the wireless medium to process the
discovering RREQ packets, in the presence of malicious node in the network
other node on the network suppose that malicious node are present on path and
they are their direct neighbours.
Closed wormhole attack

The attacker does not modify the capture packet nor did it modify the packet
field head. The attacker take the advantage when the packets are in the process to
find a route know as route discovery. At route discovery process attack tunnel

Page
33
the packet from one side of the network to another side of the network and re-
broadcast packets.
Half open wormhole attack

In this attack only one side of the packet is modify from the malicious node and
the other side of the malicious node do not modify the packet subsequently route
discovery procedure.
Wormhole with high power transmission

In this attack malicious node use maximum level of energy transmission to
broadcast a packet, When malicious node received a Route Request (RREQ) by
using route discovery process, it broadcast the Route Request (RREQ) at a
maximum level of energy of it power so the other node on the network which are
on the normal power transmission and lack of high power capability hears the
maximum energy power broadcast they rebroadcast the packet towards the
destination. By doing this malicious node get more chances to create a route
between source and destination without using colluding node.
Jellyfish attack
Jellyfish attack is much similar to black hole attack, Jellyfish attack employing
the same techniques as black hole does. Jellyfish first invade on the forwarding
packet once it get hold of the packet it start delaying the data packet for a certain
amount of time before forwarding them. By doing this network performance
significantly end to end delay and delay jitter occurred. In jellyfish attack
malicious node send/receive route request and route reply normally. The main
mechanism of jellyfish is to delay packet without any reason. [A. Rajaram and
Palaniswami. 2010]
Gray holes attacks

Gray holes attacks have two characteristics, first a malicious node broadcasting
falsely having a valid route to destination node with goal of intercepting packets.
Secondly the node drops the intercepted packets. [N. Shanthi et al. 2010]
explains Gray hole reveal its malicious behaviour in many means. It could drop
coming packet from destination while forwarding packets for other nodes on
network. Other different approach Gray holes malicious node can do is to drop

Page
34
all forwarding packet for some time may behave malicious but switch to normal
behaviour later.
Byzantine attack
These are vulnerable Byzantine attacks as set of few or numerous node work as
cooperation to launched the attack against the target network. The compromised
intermediate nodes or set of nodes worked as collusion to form an attack. The
compromised nodes create routing loops and may drop packets. Byzantine
attacks are hard to detect.
Packet Replication
In this attack malicious node generate the replicates stale packets and start
sending it to a trigger network, in result the nodes on the network get overload of
these packets and it will consume the bandwidth of the network and start
consuming the battery of the nodes as well.
Rushing attack
The authorized node in on-demand routing protocol require a RREQ packet in
attempt to find a path to destination. When a malicious node receives a RREQ
packet from a source node it rapidly broadcast it throughout the network
topology before the other nodes on the network topology receives RREQ
packets. When nodes on the network received the original packet they assume
those packet are duplicate as they already received the packet form the malicious
node and discard the original packet.
Defence against Network layer attacks

Like any other layer of OSI Model network layers have its own value in OSI layer.
Network layer not only route the packet for source or destination but also forward the
packet for other nodes at the same time on the network by using the routing tables.
Securing this layer is most effective and value able for the survival of the network.
Many attacks are launched on this layer as mention earlier on the other hand using a
secure routing protocol make the chance less for malicious node to attack on
MANET. Attacks like active such as modification can prevent using integrity
mechanism. Using IPSec can give a maximum security to the network layer while
give a confidentiality to each node on the network to transmit data securely, to
safeguard the network layer from wormhole and black hole attacks MANET node

Page
35
should use the packet leashes, Packet leashes are the general mechanism for defending
and detecting against wormhole attack. In geographical leashes each node must have
to know the location of all nodes and have synchronized clocks where as in temporal
leashes all nodes have tightly synchronized clock. [Yih-Chun Hu et al, 2002]
SUMMARY
As Network layer encapsulate the IP address and send it to lower layers to transmit
the data therefore there a number of attack which launch on this layers. As network
layer perform the function of routing protocols. More sophisticated attacks are
implemented and being studied in order to prevent and to maintain the security level
in network layer. In this thesis we try to focus and bring up all the network layer
attack as possible.
Chapter No.5
Transport layer Attack

Transport layer is the fourth layer of OSI layer model. MANET Transport layer can
be categorized in to connection oriented and connection less protocols which
maintains the end-to-end flow connection, end-to-end delivery and congestion control
of communication among nodes on the network. Transport layers DoS attacks are
vulnerable as TCP does not have mechanism to differentiate whether it loss data was a

Page
36
congestion error or malicious attack. Fallowing attacks are classified on this layer.
[Erdal and Chunming, 2009] enlighten transport layer attacks; which are as fallow.
Transport layer acknowledgement spoofing

Due to lack of security in transport layer by default malicious node take the advantage
and attack on the trigger network, in response to this victim node could configure it
out when and how the attack invade on it as MANET node on the network are mobile
therefore, the communication between node break and reconnected. In transport layer
acknowledgement spoofing attack, malicious node start sending fake packets through
wireless medium on the trigger network. The malicious sends a large amount of
acknowledgement window with false acknowledgement to network nodes in response
to this a source node send more segments than the network can handle. This action
causing the congestion on the network and the transmission on the network medium is
lost.
Replaying acknowledgement
Replaying attacks are more vulnerable than any other attack on transport layer. The
MANET transport layer protocols TCP- Reno are vulnerable on this layer; as the
function of this protocol is to acknowledgement of the same segment multiple times
signify negative acknowledgment. Malicious nodes take the advantage and start
replying acknowledgment multiple times to make the source node consider that
packets are not transmitting successfully.
Changing sequence number

In this attack a malicious node change the sequence number when the three way
handshake is in process to assure the destination node that few of the sequence
number fragments are lost during the transmission. In MANET protocols RMST and
PSFQ are easily target for this attack.
SYN flooding attack

In this attack the malicious node sent a large amount of TCP connection is created via
a victim node by only opening a half window through. Due to nature of this attack
malicious node never open the full connection to handshake. As like traditional
network do, two nodes must establish TCP connection using three way handshakes to
process the communication. Once the attack is launch the malicious node generating
vast amount of SYN data packets to faulty node.

Page
37
Figure 5.4 SYN flooding attack Hijacking [Kamanshis and Md. Liakat, 2007a]
Session hijacking
In session hijacking the malicious node spoofs the IP address of the victim and
concludes the right sequence number and implements a DoS attack. Session hijacking
giving a opportunity to a malicious node to act as a authorized node. Once the DoS
attack is performed the target nodes become occupied for time being. The malicious
node masquerades as one of end nodes of the session and hijack the session.
Figure 5.5 Session Hijacking [Kamanshis and Md. Liakat, 2007b]
Defence against Transport layer attacks

Every OSI layer has its own security challenges. Transport layer in MANET provide
the communication between end to end nodes. Transport layer attacks exist in wired
and wireless networks, these attacks engage sending large connection request to target
node. These attacks are effective and difficult to trace because of IP spoofing. Many
attacks have being studied on this layer. However there is no single approach to fix
the problems and to monitor to reduce the network damage. To implement a secure
transport layer the use of Transport Layer Security (TLS) and Secure Socket Layer
(SSL), and Private Communications Transport (PCT) are design for secure
communication between nodes based public key cryptography [Cisco Systems]

Page
38
Summary
Transport layer in MANET have high rate error compare to traditional wired network
it is due to TCP that does not have any mechanism to differentiate either data lost or
change of topology from one place to another and re-establishing the connection,
congestion error etc.

Page
39
Chapter No. 6
Application layer Attacks

Application layer is upper last OSI layer the function of this layer is to provide the
end to end communication between nodes; application layer represents the software
application that provides the network services and connection to lower layer of OSI
model. Many application layer attacks has identified in MANET as traditional wired
network and MANET share the elements and parameters to function and to perform
the application interference to share the same similarities. As MANET is self-
organised nodes therefore they are mostly like to get attack from malicious nodes.
Application layer attacks MANET

The application layer interacts with software application of the OSI layers closest to
end user. The functionality of application layer is to identifying communication
protocols like HTTP, FTP, SMTP and TELNET etc and maintaining by direction flow
of communication between end nodes on the network. Application layer faced
vulnerable activities like other OSI layers does. However the attacks launch attack on
network through malicious code and repudiation attack because this layer supports
varieties of protocol. Once get attacked node not only suffer from degrading the
network it also effect on it Operating System (OS), Trojan and Malware are the
common examples of application layer attacks. An attack can launch application
Denial-of-Service attack (DoS), it could be accomplished by attack start sending a
large amount of request to application layer. Like HTTP attack flood hundreds of
page request to web server which bring down the capability of the processing time.
This process highly build computational load on MANET server and may degradation
the network of loss of availability of the application.
Malicious attack
In this attack a malicious node attack on the operation system (OS) of the other host
node on the network. Malicious node sent a Malware or Trojan virus in to a victim
node. These attacks are severe and cause victim node to stop using the network
resources. Malicious code attacks are a vulnerable programme that attack on host
nodes. Trojan virus infects the operation system however Malware code copy itself on

Page
40
the network and keep spreading around the network. the aim of these attack are to
constrain itself on the network and whenever a new nodes get IP access it start itself
on the operation system on the node without giving any notice to node. These attacks
mostly seek the specific information on the legitimate node and sent information to
malicious node which will be used to collection personal information and specifics
information to attack on other nodes.
Repudiation attack
Transport layer and network layer security is not enough to prevent the attacker to
attack on the nodes in network. Repudiation is the attack which is by passed by a
attacker from transport and network layer. Repudiation attacks refer as denial of
participation in the communication. Repudiation attack can be seen as Malware where
as an attacker node keep accessing the system as a selfish node and deny any
conducting operation which is coming from system in order to communication on the
network.
Defence against application layer attack

MANET nodes may face large number of thread than any other network. the end to
end communication as like network layer, transport layer and application layer are
more challenging and difficult to protect compare to any other layer on OSI.
Application layer provide authentication, network filtering etc. To prevent from
application layers attacker node on legitimate network use firewall to block the un-
authorized node access to network. However, it has commonly seen in traditional
wired network employing a hardware firewall to protect the network as well as a
software wall. As it been understood MANET nodes are self-organised and highly
moveable node due to nature of its design it is not possible to place a physical firewall
in network. Despite firewall polices can define in the network and Intrusion Detection
System (IDS) can be adopted which is quite effective to prevent such attack on
MANET.
Summary
In this chapter we analyse the application layer attack on MANET. Application layer
not only provide end to end connectively but also filter the network packets. Number
of attack can be launched on application layer which are execute on OS on nodes
without any prior notice.

Page
41
Chapter No.7
Cross layer security Attack

Attack on MANET exist on number of OSI reference model, but many of few attacks
can be launched are not specifically according to OSI reference model they are know
as cross layer attacks. However MANET attacks are distinguish in to active and
passive attacks. Active and passive give a better understanding of attack which are
implemented from malicious node to legitimate networks.
7.1 Active attack
In active attack the packet transmitted over the wireless radio frequency could be
modified or corrupt during the data exchanged among network nodes from
intercepting of malicious node to trigger network. A malicious node can modify the
packet by setting up false information into packet header, as result routing events
puzzled and degrades the network performance, Active attacks can be classified in
two categories internal attack and external attack
Internal attack
Internal attack are took place inside the network, selfish nodes misbehave against
the network accordance to be faithful to network; the purpose of selfish node is to
save the battery life or its own purpose and not forwarding packet to other nodes.
These attacks on network are hard to detect compare of external attacks as attacker
is inside of the network and damage the resource of network by not cooperation.
External attack
These attacks are take place from outside the network from those node that do not
are part of the legitimate network. To prevent these attacks as a caution to use an
encryption technique mechanism and using firewall to block that access of
unauthorised node from network resources.
Passive attack
The function of the passive attack is to listening the radio frequency channel and get
as much as information on the network traffic before launch any attack whist the
passive attacks are launched to steal the important information regarding to target

Page
42
network such as eavesdropping and traffic analysis. These attacks are also harder to
detect.
Modification attack
In this attack the malicious node gather the requirement information on which
routing protocol network is running this can be accomplish by using
eavesdropping to hear the raw packet transmission. Once the required information
is gather malicious node create changes in the routing table of the target network
and broadcasting it. Due to the nature of the MANET they are mobile nodes new
path are discover and break frequently. Malicious nodes take the advantage of this
phenomenon and participate in packet forwarding process and launched the
message modification attack. [S.A. Razak et al. 2003] Further explain the
Modification attacks which can be classified as packet misrouting attacks and
impersonation attacks
a) Packet misrouting attacks
In this attack the malicious node successfully divert the legitimate network
traffic into a false path from their original path route. Attack gets control on
the transmission staying in the network longer than its lifetimes by advertising
false routes. On the other side the source node retransmits the lost packets in
order to keep the transmission maintain. However in response to this it
consume lot of bandwidth and increase overhead in the network.
b) Impersonation attack
In this attack the attack steal the identity of another node in the network
known as spoofing. Attacker start receiving the routing information packets
and forwarding them fake routes, impersonation attack are easy to implement
on ad hoc network environment because of the current routing protocols do
not authenticate the routing packets. Therefore it’s easy to loophole to
masquerade on the network for malicious nodes.
Man-in-middle attack
This attack is also known as Tunnel attack, the attacker take control of the
transmission between the source and destination by intercepting them. The

Page
43
intension of attack is to either to change sent messages or gain the useful
information on the intermediate nodes on network.
Fabrication attack
Fabrication attack is also called as tampering attack, in this attack malicious node
do not interrupting or modifying any routing table thus the attacker fabricate its
own packets and transmit it on the network to create a chaos to bring down the
network. Fabrication attacks can also be launched from the internal misbehaving
nodes like route salvaging attacks.
a) Route salvaging attacks
This attack is launched by internal nodes such as misbehaving nodes the

purpose of this attack is misbehaving node salvage their own packets duplicate
them and rebroadcast them on the network with no error messages. This attack
could be more dangerous for the network if this attack is implementing with
the collaboration of other misbehaving nodes. These attacks not only consume
unnecessary bandwidth but also drain off the resources of the other
intermediate and destination nodes.
b) Sleep deprivation attacks
The aim of this attack is to drain off limited resources in MANET nodes etc,
energy power, by keep sending the route request to the trigger nodes. Hence
routing protocol, sleep deprivation attack can be launched by flooding the
unnecessary routing packets in order to make the node unable to participate in
the network and unreachable by other nodes on the network.
Location Disclosure
A location disclosure attack can expose information about the network topology
and the location of nodes and structure which are set place. The information of
location disclosure may be very helpful in regards to adjacent to the target or
physical location. Routing hop limit is used to measure the distance and sending
ICMP error is recorded. Using these techniques attack can find out the target
nodes.

Page
44
Information Discloser attacks
In this attack a node can disclose the confidential information to malicious node,
like location or structure of the network topology which is useful for the malicious
node to launch a attack on a specific network in result malicious node gather all
the information which it need and which node is suitable to implement a attack.
Summary
The security of MANET depends on the secure communication using the secure
routing protocols, MANET deal with a lot of security threats, and each attack has its
own specification that damage or destroyed the MANET node infrastructure. Secure
communication involves the secure transmission on the wireless medium and the
communication mechanisms among nodes.

Page
45
Chapter No. 8
MANET Security Services

Security in MANET has been an active research area from past few years. There’s
only one of its kind features of MANET bring new set of security plan as its open
network architecture, shared wireless radio frequency and highly dynamic network
topology. MANET pose several security threats and challenges when it comes to
security. Security is a critical issue as MANET are dynamically move able nodes,
security is a big challenge to make the communication reliable and secure from
eavesdropping as wireless medium is more susceptible to attack. In respect to
MANET security the goal is to provide a ultimate security among node to
communicate such as authentication, confidentiality, integrity, and non-repudiation
are the basic requirement of the secure communication on the radio frequency
medium.
Authentication
Authentication is the mechanism that node use to validate the data when transmission
is taking place by authorized nodes, this process of communication is authentic.
Without authentication malicious nodes get access on the network and data can be
modify without any prior notice to authorized nodes. Authentication stop the access of
other malicious node to function or to duplicating data to assure the recipient that
message is from that source node sent to other node in network.
Confidentiality
Confidentiality purpose is to ensure the access to legitimate nodes on data, as
confidentiality could be compromised by other means through malicious nodes.
MANET data that send to other nodes have to be comprehensible to receiving node
only, there is a probability that message can be intercepted by intruder node. In
mobile ad hoc network confidentiality is vital part for securing the transmission on
wireless radio as sensitive of data. As an example the transmitted messages send on
mobile ad hoc network can be caught by adversary appearing as authenticated mobile
node by using a spoofing attack, as result this vulnerable activity s/he may get access
to that data. To avoid this problem is used a technique called data encryption.

Page
46
Integrity
Integrity ensures the process of changing or to interception of modifying the
information by authorized nodes in MANET other task of integrity is to make sure the
message transmitted on the wireless medium never corrupted, a massage can be
corrupted by malicious nodes. By doing this kind of attacks the adversary may change
or duplicate the data packet information message or could redirect the network traffic
to other routes or to a different destination node.
Availability
Availability proceeds the survivability and functioning of network to provide
guaranteed services at all the times despite malicious or misbehaviour nodes on the
network. If a malicious node or denial-of-service (DoS) attacks launch against the
network, where DoS attack can be launched at any layer of OSI model on MANET. A
malicious node use jammer to obstruct the transmission on physical layer, or data link
layer to disable the back off mechanism or on network layer to halt routing by
disturbing route discovery process. Additionally, malicious node brings down network
resources. Therefore to combat these challenges key management is fundamental for
implementation of any security framework.
Non-Repudiation
Non repudiation ensures the process of sending information among nodes on wireless
medium by sending nodes and receiving nodes. The nodes does not deny of
information that be transmitted or received by using a special mechanism called
digital signature know as cryptography which functions unique identifiers for each
other. [C. Siva Ram Murthy, 2004]
Characteristic Aim Remarks
Confidentiality Prevent the information to Data encryption

unauthorized access
Integrity avoid illegitimate deletion Hash function

modification
Availability Network resources Tackling MANET

accessible to nodes within
the network
Non-repudiation Stopping malicious nodes Using of signature on

Page
47
to access the network packets/messages
Table 5.A Review of Security Parameters in Mobile Ad-hoc networks. [Ola Mohamad
et al. ca 2010 no date]
Summary
To secure the communication on MANET network security must be a solid to giving
all the secure measurement to provide the communication. These are the first stage of
any common security services that are describe above. However security design for
MANET challenging task as nodes is moveable therefore achieving a maximum
security mechanism is challenging in MANET.

Page
48
Chapter No 9
Simulation Modelling and Implementation

Simulation is a set of parameters which is a combination of mathematical formulas
and programming languages C, C++, Java etc. It can be used in many disciplines in
the field of computer sciences and in the field of telecommunication purposes.
Simulators in networking are employing for the method to understand the
performance of network. In the computing communication there are two kinds of
simulators exits discrete event simulator and continuous simulator.
Discrete Event Simulator (DES)

In discrete event simulator (DES) the modelling of system which is define
inconsistent value changes on the condition of discrete set of point in time.
Discrete event simulator are mostly used for a packet by packet model of the
network topology in networking scenarios .While the simulation models are
measured or analysed by numbers to a certain extent of analytical methods.
Analytical simulator, which are combine the mathematical formulas like
algebraic equation, stochastic process or differential equations to solve the
model requirements. [Helena et al. 2003] [Jerry Banks et al. 2010] There are
many kind of simulator that we can distinguish for example by protocol,
processing, and technology method which employs according to user
requirement.
Continuous simulation
Continuous simulation is the system performance which can be characterized
by different equations and the simulation consists in solving the equation. It is
a simulation of a system of liner or non-liner differential equations. This set of
equations could be represented in time domain or transform domain. [Ricardo
and Mario, 1990]
Test bed Labs

Sometime the term test bed used for experimental purposes in labs where real
systems are placed in lab to get the outcome of the selected protocol or
application to measure them for future purpose or analyse the traffic of point
to point delay. However due to the implementation of selective protocol and

Page
49
applications are harder to implement they have their own drawback like the
cost of the hardware to install is expensive in terms of use and to monitor
these system [Luc Hogie et al. 2006]. In response to that most widely
simulator are used for research, academic and industry purposes.
Simulation tool
To conduct a research on MANET security issues there are different variety simulator
available. There are many kind of simulation application present which are available
for doing these tasks. Such as NS-2, OPNET, Glomosim. QualNet, OMNet++ .Our
work is based on OPNET MODELER 15.0, the reason for using this software is
because of it highly rich features, it has a leading atmosphere for network design and
modelling simulation, it support all most all industry standards network protocols,
applications and devices. [Gunnar and Olav, 2008] claim the OPNET MODELER
generally produces accurate result compare to other discrete simulators. OPNET is
recognized largely from many IT organizations. In addition to that, it’s programming
library help researchers and professionals to modify the network component to
measure the performance in the OPNET simulation. The OPNET environment
includes the study of all phases etc, Model design, data collection, simulation and
analysis.
The Architecture of OPNET

The methodology and the concept which make the OPNET user friendly is it
simple architecture. Highly rich modelling environment for modelling and
perform the evaluation of communication and distributed system are the most
appealing features. The OPNET software suits come with a number of tools,
each single suite emphasis on particular characteristic of modelling task.
These tools are classified in to three parts as shown in Figure 9.2, all these
three parts are inter-connected to make to flow of simulation data to generate.
These three phases of modelling and simulation projects are
1). Specification
2). Data collection and simulation
3). Analysis

Page
50
Re-Specification
Initial Data Collection

Specification and Simulation
Analysis
Figure 9.2 Resource: OPNET MODELER Documentation
The phases are accepted to execute in sequence path and form and simulation cycle.
Construction of Model in OPNET MODELER

OPNET MODELER use the concept model network topologies using
graphical editors or Network editing, Node and Process models, there are
many more editor for example, Packet format editor, Interface Control
Information editor, density function editor.
Network Level
In Network level topologies are design or model using network level
elements like routers, hosts and links. It used to define the network
topology of communication network. Network level is created by using
project editor tool in OPNET MODELER.
Node level
It defines the internal structure of the network level in terms of
functional element in node and the data flow. The functional element
are called modules, Modules are responsible and have the ability to
generate sending and receiving packets from other modules to perform
the function between nodes.

Page
51
Process
It define the actions of processes like protocols and algorithms and
application used in it uses a Finite State Machine (FSM) to support the
protocols, resources, applications, algorithms and queuing policies.
Each process models using C, C++ programming code to support the
extensive library for protocol programming.
OPNET MODELER wireless support

OPNET MODELER is a powerful tool that comes with many verities tools.
One tool is wireless modules that OPNET provides. It comes as a scalable
including broad range of powerful technologies
• Transmitter/receiver
• Node mobility
• Radio Frequency propagation
• Modulation
• MANET/Routing
• MAC protocols
Research Methodology
In order to understand the work that is been carried out on OPNET
MODELER simulation it generalizes to help us to understand the security
issues in MANET environment, it represents steps and stages as whole work
that implemented for security issues for MANET simulation. [J. W. Creswell,
2002] Enlighten the research methods as Quantitative and Qualitative.
According to him, Quantitative research is a inquiry strategies by mean of
certain experiments and simulation work that carry out to produce a statistical
data for analysis purpose. On the other hand, Qualitative research is
knowledge of researcher through participatory perspectives.
Research Design and Problem Identification

Conducting literature review and identifying the selective problem in MANET
and getting familiar with simulation software which also requires a time to
learn to understand the configuration parameters and simulation.

Page
52
Regarding the problem identification, I decide to carry the research on Pulse
Jammer attack, Misbehaving Node attack, and Byzantine attack as due to
wireless nature of MANET there is need for you understand these attacks
which could harm a normal network by malicious means.
Building a simulation environment in OPNET MODELER

Three scenarios are taken place in OPNET MODELER simulator by using MANET
node with IEEE 802.11, each single scenario gives the attacker specific techniques
which are used to placed in for simulation tool. In all three scenarios, AODV protocol
is implemented on all three attacks. The result of each simulation scenario showed
that MANET are highly vulnerable if no security mechanism is implementing on the
network.
Pulse Jammer attack Scenario

First attack is a Jammer attack, Pulse jammer attack is implemented on a
normal network. The number of pulse jammer is place as two in the network
of 50 nodes at different location in network respectively. As jammer attack
generates noise on the wireless radio frequency medium to stop the
communication in order to the trigger network, it causes packet lost or corrupt
of packet. The jammer attack generates noise much stronger that it
overwhelms the signal and disrupts the transmission which occurred during
the time among network nodes.
Misbehaviour Nodes Scenario

Second attack is misbehaving node attack. Misbehaving node attack is
implemented on normal network with 50 nodes, where the numbers of
misbehaving nodes are kept as 5 nodes. The purpose of misbehaving node is to
drop the packets and stop forwarding packet for other nodes in network.
Dropping packet occurs for many reasons. Misbehaving node might want to
reserve the battery power of its own. It consuming a lot of bandwidth and not
collaborating with other nodes in the network.
Byzantine attack Scenario

Third scenario is Byzantine attack it is to carry out attack on network where
Byzantine adversary dropping the packets the number of Byzantine attacker

Page
53
node is one in network. All these kind of malicious activities degrade the
network routing services.
Network Model
For experiment purpose a normal network is formed with a 50 MANET node on the
area of 80x80. The simulation run time is set as 600 seconds which is equal to 30
minutes. Seed value is set as 300. Simulation Kernel is set as optimization.
Application profile, Profile configuration, and Mobility are configured to work the
network according to our requirements. The network model is shown in figure 9.4.
The network model consists of three scenarios. Scenario one is Jammer attack with
routing implementation AODV. Scenario two is misbehaving attack with routing
implementation AODV, and the third scenario is a Byzantine attack about the routing
implementation on AODV.
MANET Node
To simulate the formed network, Mobile Ad Hoc nodes are deployed in the area.
MANET process model is used as default no changes are taken place. Each MANET
node has a receiver and a transmitter to communicate on the network with other
nodes. As it has shown in figure 9.5.
Traffic Model
Traffic model is used to generate traffic on the network. A traffic which is a set of
application which generates the packet both exponential and constant when the
simulation time starts with random destination or selected destination packet delivery.
However is it essential to define a trajectory especially where nodes in the network
are constantly moving. The figure 9.6 show the parameter set for traffic model.
MANET Traffic
MANET node is a set of functional element which processes the communication
throughout the node itself and on network which are of similar specifications. The
MANET node consists of WLAN MAC layer (wireless_lan_mac). The wireless LAN
receiver (wlan_port_rx_0_0) accept the transmission on physical layer and pass it to
(ARP,TCP/IP) where the frame encapsulation opens and the packet is forward to
network layer, network layer look at the IP address hence TCP,UDP is analyse the
format of the packet weather its TCP or UDP once clear its routed to MANET
gateway (man_rt_mgr). The wireless transmitter (wlan_port_tx_0_0) receives the

Page
54
packet from MAC layers and passes it to physical layer. The MANETs node make use
of source module (traf_src) to stimulate IP layers and generate packet which are sent
to random destination addresses.
Application configuration
Application configuration in OPNET MODELER is a set of rules which has varieties
of libraries to generate the traffic on the network according to the user requirement. In
order to simulate the OPNET MODELER simulation for each new project in the
software there is a need to configure the application configuration. For the network of
50 nodes in our network model application configuration is configured. Two
applications are defined in application configuration, HTTP, and FTP. HTTP is
configured as a heavy browsing and FTP is configured as high load. The reason for
generation high load on both application are to generate more traffic on the network
as the load on network will heaver it will be a good practice to understand the result
and having analysis on them.
Figure 9.4 Network Model with AODV routing protocol

Page
55
Page
56
Page
57
Page
58
Page
59
Page
60
Figure 9.5 MANET node model

Page
61
Figure 9.6 show the parameter set for traffic model

Page
62
Profile Configuration
Profile configuration is a profile of the nodes which they act according to define
parameters in application configuration. It is essential to define profile configuration
in the network otherwise there is no possibility of simulate the network. Profile
configuration attributes are set as two numbers of rows. First define the HTTP and
second define the FTP. Further details are shown in the figure 9.9.
Figure 9.9 showing the detail parameters of Profile configuration.
Mobility Configuration
The mobility configuration required to create the mobility option for Mobile Ad hoc
nodes. Mobility configuration attributes are set as default random waypoint as shown
in figure 9.10

Page
63
Figure 9.10, showing the values set for mobility of nodes in network.
Performance Metrics
Performance metrics are essential feature which help to understand and evaluate the
attributes and performance of the network. Performance metric are well organized in
light of security attack against MANET network, performance metrics bring up a
better understanding of understand the network.
Throughput
To analyse the network we use the throughput of each scenario for each attack which
will help understanding the results.

Page
64
Normal Traffic Response Results
Figure 9.11.1 Normal Network Throughput Figure 9.11.2 Normal Network Delay
Figure 9.11.3 Time average response time on AODV

Page
65
Chapter 10
Attack on Different Scenarios

Scenario 1, Pulse Jammer Attack Setup and Results
Pulse Jammer Node Configuration
Pulse Jammer attack can be deployed as fixed, Mobile and satellite in project editor.
Pulse jammer attack transmit noise in wireless medium hence the pulse jammer nodes
cause DoS attack with in the wireless channel. Pulse Jammer nodes transmit on a
single frequency marked by a periodic pulse train in time. To perform a jammer attack
on the network two jammers are deployed in the 50 nodes network area of 80x80.
Pulse jammer default values are change as default value shall not work well in our
network. Trajectory of the pulse jammer is configure as “vector” altitude is change to
12 instead of 0 because on 0 altitude the surface of the earth is curves on it and it will
affect the pulse jammer to transmits signal. Jammer band base frequency is set to
2,402, jammer bandwidth set 100,000, transmitter power 0.001 and pulse width 1.0.
As shown in diagram 10.1
Figure 10.1 Jammer node configurations

Page
66
Experimental Result
The Pulse Jammer attack is implemented on the 50 nodes network with routing
implementation of AODV after configuration the Jammer node. The values of run
time simulation are kept as it is as mention in network model. The result of the Pulse
Jammer attack is taking from the Jammer scenario and is compared with the normal
network scenario. The throughput of the Jammer attack reduced the traffic on the
network compare to the normal network traffic. There is significant traffic destruction
of packets transmission on network when employing a Pulse Jammer attack.
Figure 10.2 Throughput result of Jammer attack on network
Throughput
Pulse Jammer attack showed a traffic drop when jammer is implemented on the
network it not only disturbs the packet forwarding on nodes on network but also
degrade the network traffic. To analysis the traffic between normal network and Pulse
jammer network significant network packet dropping notice as pulse jammer
activation on the network keep the traffic at 20,00000 compare to the normal network

Page
67
28,00000. The minimum low traffic with pulse jammer attack is less than 20,00000 at
time of 25 minutes, and the maximum traffic at peak was notice at 12 minutes
2500000 packets. On the other hand on the traffic on normal network showed peak at
12 minutes 30,00000 and the average packet forwarding on the network is 28,00000.
Summary
The experiment of Pulse Jammer attack showed that jammer attack is harmful for
network as jammer can easily break down the communication in network nodes. With
small amount of power jammer can spoil the atmosphere of the network and network
bandwidth and resources suffer from it. A jammer attack is a severe attack on physical
layer.

Page
68
Scenario 2, Misbehaving Nodes and Experimental Results
Five Misbehaving nodes are placed on in the network to misbehave the network
traffic. The misbehaving node will drop the packets and stop forwarding it to other
nodes. In order to deploy the misbehaving node on the network, a change of attributes
is needed of the misbehaving MANET nodes. Trajectory is set as vector, AODV
routing protocol is implement with default values, Start time on the misbehaving
nodes is set as 100, whereas packet inter-arrival time second and packet size is
changed. As shown in the figure 10.3
Figure 10.3 Misbehaving node configurations

Page
69
Throughput Result
The throughput result showed in the presence of misbehaving nodes the transmission
degrade as misbehaving nodes drop the data and are not coloration in the network. As
the throughput shows the misbehaving node start dropping the packet when
simulation start compare to the normal network, the misbehaving nodes dropping
packet reach it minimum packet dropping delay at 10 minutes where packet dropping
rate is 18,00000 packet where as compare to normal network at 10 minutes time the
packet forwarding to other nodes on the network was maximum of almost 30,00000
packet. At the stage of 15 minutes the packet forwarding for misbehaving node and
normal network rate keep constant than suddenly as time passes the packet rate of
each network keep dropping for misbehaving node and packet rate keep constant for
normal network nodes. At the stage of 25minutes onward the misbehaving nodes
forwarding packet to other nodes on the network, however analysis showed the
average packet forwarding on normal network is 28,00000 packet duration time of 30
minutes on the other hand the misbehaving nodes in the network showed the packet

Page
70
Figure 10.4 Throughput result of Misbehaving node on network
forwarding is not stable and its keep degrading with the passage of time. Thus
misbehaving node reach the 28,00,000 packet forwarding at 25 minutes and start
dropping. As shown in the figure 10.4
Summary
The misbehaving nodes showed that network performance degrade if they start act
malicious and not forwarding packet on time to other nodes. As results showed the
network traffic effected badly when malicious misbehaving node start dropping the
forwarding packet to other nodes on the network.

Page
71
Scenario 3, Byzantine Attack and Experimental Result
To implement Byzantine attack on MANET nodes network one Byzantine node is
deployed in the network this malicious node drop the packet and drop the routing
packets. Before deployed the Byzantine node in the network in order to start it
function there is a need to change the attributes of the node. As the network is
operating on AODV routing protocols and its using a trajectory vector. To make a
node malicious we change the parameters of the AODV setting as shown in the figure
10.5.
Figure 10.5 Byzantine nodes configuration
Throughput
Comparison with normal network and Byzantine node attack show a throughput result
in diagram. The malicious node drops the packets and not forwarding packet for other
nodes is clearly seen in the network result. As the run time of this simulation is for 30
minutes the Byzantine node in network throughput is slightly higher than the normal
network however it shows the network is having malicious activity on the network.
The overall run time simulation can be observed from the comparison of normal
network and Byzantine attack scenario. The average packet rate to forwarding packet
on normal network is 80 on the other hand the Byzantine network the packet

Page
72
forwarding is 50. Which signify proves the network is under gone to a malicious
attack shown in figure 10.6
Figure 10.6 Throughput result of Byzantine attack
AODV Routing Table Dropping
The function of Byzantine attack is to drop the packet and also drop the routing table
which are forward to other nodes to find a short route to other destination. The
Byzantine attack in this scenario showed that it is dropping the routing table for other
nodes and behaving malicious on purpose. AODV routing table forwarding for
normal network is 32,000 but when a malicious node attack on the network with
Byzantine activities it start dropping the routing table route to forwarding for other
nodes. The average response forwarding routing table route to other nodes is 26,000
which is significantly less and clearly showed the dropping of routing route of nodes
in network as shown in figure 10.7.

Page
73
Figure 10.7 Byzantine attack nodes dropping the routing table
Summary
The Byzantine attack on AODV routing protocol showed the network routing table
dropped when malicious node activate itself, the attack spoil the transmission and
network traffic suffer badly.

Page
74
Chapter 11
Conclusion and Future directions
Significant research on MANET has done so far and are most likely to grow more and
get bigger presence in future communication infrastructure. As the use of MANET
technology is increase there’s become a security concern as a large number of
research showed that MANET are vulnerable when it come to security DoS attacks
are launched against nodes easily. Each layer of OSI model attack are identified in
project. One of the biggest issues in MANET technology is MANET routing due to
topologies moving around link get break and re-establish. Existing routing protocol
are subject to many different kind of attack which get influence from a malicious
node. On the other hand the advantage of this technology is giving a cheap
communication with self organised nodes which can be formed anyways. Due to time
constrain it was not possible to look at the other aspect of the security issues,
cryptography and intrusion detection system etc.
As only few attacks are implemented on this project. If we have given more time we
look at the other attack and try to implement in the project with more nodes and make
the network bigger. Jammer attack model which effect the transmission on network by
making noise and degrade the network performance. Misbehaving nodes attack stop
forwarding packet to other nodes and start misbehaving in the network. And
Byzantine attack drops the routing forwarding table or drops the forwarding packet to
other nodes give a significant result to understand the MANET in vulnerable
scenarios.

Page
75
Page
76
References
1 A. Rajaram, Dr. S. Palaniswami, 2010. The Trust-Based MAC-Layer Security
Protocol for Mobile Ad hoc Networks.
http://www.enggjournals.com/ijcse/doc/IJCSE10-02-02-51.pdf [Accessed Feb – April
2010]
2 A. Perrig, R. Canetti, J. Tygar. & D. Song, 2000. “The TESLA Broadcast

Authentication Protocol,”
3 Amitabh Mishra, 2008. Security and quality of services in ad hoc wireless networks,
Cambridge press, page 57.
4 Andreas Hafslund and Jon Andersson, Thales Norway AS, 2006. 2-Level
Authentication Mechanism in an Internet connected MANET.
http://www.wireless.kth.se/adhoc06/submissions_final/05_02Andreas_Hafslund.pdf
[Accessed Feb – April 2010]
5 Ashikur Rahman, Pawel Gburzynski, 2006. Hidden Problems with the Hidden
Node Problem. http://citeseerx.ist.psu.edu/viewdoc/download?
doi=10.1.1.61.365&rep=rep1&type=pdf. [Accessed Feb – April 2010]
6 B. Wu, J. Chen, J. Wu, M. Cardei, 2006. A Survey of Attacks and

Countermeasures in Mobile Ad Hoc Networks.
http://student.fau.edu/jchen8/web/papers/SurveyBookchapter.pdf [Accessed Feb –
April 2010]
7 C. Siva Ram Murthy and B. S. Manoj, 2004. Ad Hoc Wireless Network,

Architectures and Protocols, , chapter 9, page no 476.
8 Cisco Networking
http://www.cisco.com/warp/public/707/cisco-sa-20091109-tls.pdf [Accessed Feb –
April 2010]
9 Claude, Crepeau, Carlton R. Davis and Muthucumaru Maheswaran, 2007. A secure

MANET routing protocol with resilience against byzantine behaviours of malicious or
selfish nodes.

Page
77
10 Dagmara Spiewak, Thomas Engel, and Volker Fusenig, 2007. Unmasking
Threats in Mobile Wireless Ad-Hoc Network Settings.
http://wiki.uni.lu/secan-lab/docs/Spiewak2007a.pdf [Accessed Feb – April 2010]
11 Dinesh Mishra, Yogendra Kumar Jain, Sudhir Agrawal, 2009. Behavior Analysis of
Malicious Node in the Different Routing Algorithms in Mobile Ad Hoc Network.
12 Erdal Cayirci, Chunming Rong, page 116, 2009. Book Security in wireless Ad Hoc
and Sensor Network, John Wiley & Sons Ltd.
13 Gunnar Ronneberg and Olav Lysne, 2008. An OPNET-based Simulation

Model of SCI- nodes, University of Oslo.
http://citeseerx.ist.psu.edu/viewdoc/download?
doi=10.1.1.16.777&rep=rep1&type=pdf [Accessed Feb – April 2010]
14 H. Bakht, 2004. Understanding Mobile Ad hoc Network.

http://www.computingunplugged.com/issues/issue200406/00001301001.html
15 H. Yang, H. Luo, F. Ye, S. Lu, and L. Zhang, 2004. Security in Mobile Ad

hoc Networks: Challenges and Solutions, IEEE wireless Communication, Vol.11,
Issue 1, pp. 38-47.
http://netlab18.cis.nctu.edu.tw/html/AdHoc_Network/slides/Chapter3-1-Security
%20in%20Mobile%20Ad%20Hoc%20Networks.pdf [Accessed Feb – April 2010]
16 Hasnaa Moustafa and Houda Labiod, 2005. Source Routing-based Multicast Protocol
for Mobile Ad hoc Networks.
17 Helena Szczerbicka, Kishor S. Trivedi and Pawan K. Choudhary, 2003. Discrete

Event Simulation with Application to Computer Communication Systems
Performances.
18 Houda Labiod, Mohamad Badra, 2007. New technologies, mobility and security,
springer.
19 Imrich Chlamtac, Marco Conti, Jennifer J. N. Liu, 2003. Mobile ad hoc networking:
imperatives and challenges.
20 http://www.scribd.com/doc/19471793/MobileAdHocNetworkingImperativesa
ndChallenges [Accessed Feb – April 2010]

Page
78
21 J. W. Creswell, 2002. Research Design: Qualitative, Quantitative and Mixed Methods
Approach, 2nd Ed, Sage Publication Inc, California.
22 Jerry Banks, John S. Carson II, Barry L. Nelson, David M. Nicol, 2010. Discrete-
Event System Simulation, Fifth Edition, Chapter No 1, page no 16. Pearson.
23 Jim Geier, 2003. 802.11 WEP: Concepts and Vulnerability.

http://www.trainingcamp.com/usa/preclass/ceh/Reading/WEP.pdf [Accessed Feb –
April 2010]
24 Junfang Xiao, Guihua Zeng, Jian Liao and Peiwei, 2006. Huang Improved Threshold
Ring Signature for Ad-hoc Group.
25 Kamanshis and Md. Liakat, 2007, Security Threats in Mobile Ad hoc Network.
Master Thesis. Blekinge Institute of Technology.
26 L. Gavrilovska, R. Prasad, 2006. Ad Hoc Networking Towards Seamless

Communications, Signals and Communication Technology, Springer, page 49.
27 Luc Hogie, Pascal Bouvry, Frederic Guinand, 2006. An Overview of

MANETs Simulation, 2006. http://citeseerx.ist.psu.edu/viewdoc/download?
28 Marianne Azer, Sherif El- Kassas, Magdy El-Soudani, 2009. A Full Image of the
wormhole attaks, towards Introducing Complex Wormhole Attacks in wireless ad hoc
networks.
29 http://arxiv4.library.cornell.edu/ftp/arxiv/papers/0906/0906.1245.pdf
30 Mike Burmester, Member, IEEE, and Breno de Medeiros Member, 2009. On

the Security of Route Discovery in MANET’s, IEEE TRANSACTION ON MOBILE
COMPUTING, VOL 8, NO.9.
31 Mishra Amitabh, Nadkarni Ketan M., and Ilyas Mohammad, 2003.“Chapter

30: Security in wireless ad-hoc networks, the handbook of Ad hoc wireless network”.
, CRC PRESS Publisher.
32 N. Shanthi, Dr. Lganesan and Dr. K. Ramar, 2010. Study of Different attack on
multicast mobile ad hoc network.

Page
79
33 http://www.jatit.org/volumes/research-papers/Vol10No1/8Vol10No1.pdf
34 Ola Mohamad, Rosilah Hassan, Ahmed Patel, Rozilawati Razali, 2010. A

Review of Security Parameters in Mobile Ad-Hoc Networks.
http://www.ftsm.ukm.my/rosilah/files/OLA_ICICS.pdf [Accessed Feb – April 2010]
35 Patroklos G. Argyroudis and Donal O Mahohy, 2005. Secure Routing For

Mobile Ad Hoc Networks, 2005. http://citeseerx.ist.psu.edu/viewdoc/download?
36 Rashid Hafeez Khokhar, Md Asri Ngadi and Satria Mandala, 2008. A Review
of Current Routing Attacks in Mobile Ad Hoc networks.
http://eprints.utm.my/8213/1/NgadiMA2008_AReviewCurrentRoutingAttacksInMobi
leAd-hocNetworks.pdf [Accessed Feb – April 2010]
37 Ricardo F. Garzia, Mario R. Garzia, 1990. Network Modeling, Simulation, and

Analysis, Chapter 1, page no 9, Dekker.
38 S.A. Razak, S. M. Furnell, P. J. Brooke, 2003. Attacks against Mobile Ad Hoc

Networks Routing Protocols, university of Plymouth.
https://www.scm.tees.ac.uk/p.j.brooke/b/Razak+04a.pdf [Accessed Feb – April 2010]
39 Siddhartha Gupte, Mukesh Singhal, 2003. Secure routing in mobile wireless

ad hoc network, Deparment of computer science, university of Kentucky, Lexington,
KY 40508. http://citeseerx.ist.psu.edu/viewdoc/download?
40 T.S. Rappaport, 1996. wireless communications Principles & Practice, Upper

Saddle River, New Jersey, 1996.
41 Ye, S. Lu, and L. Zhang, 2004. Security in Mobile Ad hoc Networks: Challenges and
Solutions.
42 Yih-Chun Hu, Adrian Perrig, David B. Johnson, 2002. Packet Leashes: A

Defence against Wormhole Attacks in Wireless Ad Hoc Network.
http://www.monarch.cs.rice.edu/monarch-papers/tikreport.pdf [Accessed Feb – April
2010]

Page
80
43 Yang Xu, Xiaoyao Xie, Member, IEEE, 2007. Security analysis of routing
protocol for MANET based on extended Rubin logic.
44 Yihong Zhou, Dapeng Wu, Scott M. Nettles, 2004. Analyzing and Preventing
MAC-Layer Denial of Service Attacks for Stock 802.11 Systems.
http://www.arias.ece.vt.edu/publications/conferences/UKC06.pdf [Accessed Feb –
April 2010]
45
46 Yannick Lacharite, Dang Quan Nguyen, Maoyn Wang, and Louise Lamont,
2008. A Trust-Based Security Architecture For Tactical MANETs.
http://202.194.20.8/proc/MILCOM08/Milcom08/pdfs/654.pdf [Accessed Feb – April
2010]

Page
81

Final Project

Încărcat de

Informații document

Descriere originală:

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Final Project

Încărcat de

Drepturi de autor:

Formate disponibile

Mobile Ad hoc Network Security Issues

School of Computing, Engineering and Physical Sciences

University of Central Lancashire

For MSc Computer Networking

Name: Sheraz Salim Master Project CO4804

I always thank to ALL-MIGHTY ALLAH, who gave me power and courage to

Name: Sheraz Salim Master Project CO4804

Name: Sheraz Salim Master Project CO4804

Name: Sheraz Salim Master Project CO4804

Name: Sheraz Salim Master Project CO4804

Name: Sheraz Salim Master Project CO4804

Figure 1.1 Mobile Ad hoc Network…………………………………………….........13

Name: Sheraz Salim Master Project CO4804

Figure 3.1 Virtual Jamming attack 802.11…………………………………………...24

Figure 4.1 MANET malicious node access attack on network………........................31

Figure 4.2 MANET malicious node attack on network……………………………...31

Figure 4.3 Black hole attack in MANET……………………………………………..34

Figure 4.4 Wormhole attack………………………………………………………….35

Figure 5.4 SYN flooding attack……………………………………………………...40

Figure 5.5 Session Hijacking…………………………………………………………40

Figure 9.2 OPNET MODELER Documentation……………………………………..53

Figure 9.4 Network Model with AODV routing protocol…………………………...59

Figure 9.5 MANET node model……………………………………………………..60

Figure 9.6 show the parameter set for traffic model…………………………………61

Figure 9.9 showing the detail parameters of Profile configuration……......................62

Figure 9.11.1 Normal Network Throughput……………………………………….. ..63

Figure 9.11.2 Normal Network Delay………………………………………………..63

Figure 9.11.3 Time average response time on AODV……………………………….63

Figure 10.1 Jammer node configurations……………………………….....................65

Figure 10.2 Throughput result of Jammer attack on network………………………..66

Figure 10.3 Misbehaving node configurations………………………………………68

Figure 10.4 Throughput result of Misbehaving node on network…………………...69

Figure 10.5 Byzantine nodes configuration………………………………………….71

Figure 10.6 Throughput result of Byzantine attack………………………………….72

Figure 10.7 Byzantine attack nodes dropping the routing table……………………..72

Name: Sheraz Salim Master Project CO4804

Table 1.Attack on Mobile Ad hoc Wireless Network……………………………….16

Table 2.Security issues in Mobile Ad hoc Network…………………………………17

Table 3 Defence line prevention against Mobile Ad hoc Network………………….18

Table 4.Comparison of Routing Protocols…………………………………………..30

Table 5.A Review of Security Parameters in Mobile Ad-hoc networks…………….50

Name: Sheraz Salim Master Project CO4804

Mobile Ad hoc Wireless Network

Name: Sheraz Salim Master Project CO4804

Name: Sheraz Salim Master Project CO4804

In recent advancement technologies such as Bluetooth and 802.11 launched a

Figure 1.1 Mobile Ad hoc Network.[Mishra et al. 2003]

 The wireless medium has no complete or no certainty visible limitations

Name: Sheraz Salim Master Project CO4804

 The wireless medium is considerably less undependable then wired media

 The phenomena of hidden terminal and exposed terminal may occur.

Name: Sheraz Salim Master Project CO4804

Name: Sheraz Salim Master Project CO4804

Repudiation, Trojan virus, Wormhole

Transport Layer Session hijacking, SYN flooding

Wormhole attack, Black hole attack,

Traffic analysis and monitoring,

Physical Layer Jamming, interceptions, eavesdropping

Table 1.Attack on Mobile Ad hoc Wireless Network

Layer Security issues

Application layer Identifying and stop viruses, Trojan,

Transport layer Securing the data reliability by using

Network layer Securing the ad hoc routing protocol as