WIRELESS ADHOC NETWORKS IV-I (R20) KHIT UNIT-IV

UNIT-IV
TRANSPORT LAYER PROTOCOL FOR ADHOC WIRELESS NETWORKS

INTRODUCTION
The objectives of transport layer protocol include the setting up of an end-to-end connection, end-to-end
delivery of data packets, flow control, congestion control.

ISSUES IN DESIGNING A TRANSPORT LAYER PROTOCOL FOR AD HOC WIRELESS

NETWORKS

1. Induced Traffic:
 In a path having multiple links, the traffic at any given link (or path) due to the traffic through
neighboring links (or paths) is referred to as induced traffic.
 This is due to the broadcast nature of the channel and the location-dependent contention on the
channel
 Induced Traffic affects the throughput achieved by the transport layer protocol.
2. Induced throughput unfairness:
 This refers to the throughput unfairness at the transport layer due to the throughput/delay
unfairness existing at the lower layer such as the n/w and MAC layers.
 A transport layer should consider these in order to provide a fair share of throughput across
contending flows
3. Separation of congestion control, reliability, and flow control:
 A transport layer protocol can provide better performance if end-to-end reliability, flow
control and congestion control are handled separately.
 Reliability and flow control are end-to-end activities, whereas congestion can at times be a
local activity
 Objective  minimization of the additional control overhead generated by them
4. Power and Band width constraints:
 Nodes in ad hoc wireless networks face resource constraints including the two most important
resources: (i) power source and (ii) bandwidth
 The performance of a Transport layer protocol is significantly affected by these resource
constraints
5. Interpretation of congestion:
 Interpretation of network congestion as used in traditional networks is not appropriate in ad
hoc networks.
 This is because the high error rates of wireless channel, location-dependent contention, hidden
terminal problem, packet collisions in the network, path breaks due to mobility of nodes, and
node failure due to drained battery can also lead to packet loss in ad hoc wireless networks
6. Completely decoupled transport layer:
 Another challenge faced by Transport layer protocol is the interaction with the lower layers.
 Cross-layer interaction between the transport layer and lower layers is important to adapt to
the changing network environment
7. Dynamic topology:
 Experience rapidly changing network topology due to mobility of nodes
 Leads to frequent path breaks, partitioning and remerging of networks & high delay in re-
establishment of paths
 Performance is affected by rapid changes in network topology.
WIRELESS ADHOC NETWORKS IV-I (R20) KHIT UNIT-IV

DESIGN GOALS OF A TRANSPORT LAYER PROTOCOL FOR AD HOC WIRELESS

NETWORKS
 The protocol should maximize the throughput per connection.
 It should provide throughput fairness across contending flows.
 It should incur minimum connection set up and connection maintenance overheads.
 It should have mechanisms for congestion control and flow control in the network.
 It should be able to provide both reliable and unreliable connections as per the requirements of the
application layer.
 It should be able to adapt to the dynamics of the network such as rapid changes in topology.
 Bandwidth must be used efficiently.
 It should be aware of resource constraints such as battery power and buffer sizes and make efficient
use of them.
 It should make use of information from the lower layers for improving network thruput.
 It should have a well-defined cross-layer interaction framework.
 It should maintain End-to-End Semantics.

CLASSIFICATION OF TRANSPORT LAYER SOLUTIONS

TCP OVER AD HOC WIRELESS NETWORKS:

 TCP is reliable, end-to-end, connection-oriented TL protocol that provides a byte stream based service.
 Major responsibilities of TCP include
 Congestion control.
 Flow control.
 In-order delivery of packets.
 Reliable transportation of packets.

Discuss briefly the reasons why TCP does not perform well in Adhoc wireless network
The major reasons behind throughput degradation that TCP faces when used in ad hoc wireless networks are
the following.
1. Misinterpretation of packet loss:
WIRELESS ADHOC NETWORKS IV-I (R20) KHIT UNIT-IV

 In traditional TCP design, the packet loss is mainly attributed to network congestion.
 Ad hoc wireless network experience a much higher packets loss due to
 High bit rate
 Increased Collections etc.

2. Frequent path breaks:

 If the route re-establishment time is greater than the RTO period of TCP sender, then the TCP sender
assumes congestion in the n/w ,retransmits lost packets and initiates congestion control algorithm.
This leads to wastage of bandwidth and battery power.

3. Effect of path length:

As path length increases, the throughput decreases.

4. Misinterpretation of congestion window:

 When there are frequent path breaks, the congestion window may not reflect the maximum
transmission rate acceptable to the network and the receiver.

5. Asymmetric link behavior:

 Radio channel used in ad hoc wireless network has different properties such as location dependent
contention, directional properties etc leading to asymmetric links.
 This can lead to TCP invoking the congestion control algorithm and several retransmissions.

6. Uni directional path:

 TCP relies on end-to-end ACK for ensuring reliability. Path break on an entirely different reverse path
can affect the performance of the network as much as a path breaks in the forward path.

7. Multipath Routing:
 For TCP, multipath routing leads to significant amount of out of order packets, when intern generates a
set of duplicate acknowledgement (DUPACKs),which cause additional power consumption and
invocation of congestion control.

8. Network partitioning and remerging:

 Fig below illustrates the effect of network partitions in ad hoc wireless networks.
 A network with two TCP sessions A & B is shown in (a) at time t1.
WIRELESS ADHOC NETWORKS IV-I (R20) KHIT UNIT-IV

 At time t2, the network gets partitioned into two as shown in (b) due to dynamic topological changes.
 Now TCP session A’s sender & receiver belong to two different partitions & TCP session B experiences
path break.
9. The use of sliding window based transmission:
 TCP uses a sliding window for flow control.
 This can contribute to degraded performance in bandwidth constrained ad hoc wireless network.
 It can also lead to burstiness in traffic due to the subsequent transmission of TCP segments.

FEEDBACK BASED TCP (TCP – F)

 Improves performance of TCP.
 Uses a feedback based approach.
 The routing protocol is expected to repair the broken path within a reasonable time period

Operation:
 In TCP-F, an intermediate node, upon detection of a path break, originates route failure notification
(RFN) packet. This intermediate node is called Failure point (FP).
 This RFN packet is routed toward the sender of the TCP session, Sender information that is obtained
from TCP packets.
 If any intermediate nodes that receive RFN has an alternate route to the same destination, then it
discards the RFN packet and uses the alternate path for forwarding further data packets, thus reducing
control overhead involved in the route reconfiguration process.
 When TCP sender receives an RFN packet, it goes into a state called snooze. In this state, a sender,
o Stops sending any more packets to the destination.
o Cancels all timers.
o Freezes its congestion window.
o Freezes the retransmission timer.
o Sets up a route failure timer.
 When route failure timer expires, the TCP sender changes from snooze state to connected state.
 When the route re-establishment has been done, then the failure point sends Route Re-establishment
Notification (RRN) packet to the sender and the TCP state is updated back to the connected state.
Advantages :
 Simple feedback solution for problem arising
from path breaks.
 Permits TCP congestion control mechanism
to respond to congestion in the network.

Disadvantages:
 If a route to sender is not available at the FP,
then additional control packets may need to
be generated for routing RFN packets.
 TCP-F has an additional state compared to
traditional TCP state mechanism.
 Congestion window used after a new route is
obtained may not reflect the acheivable
transmission rate acceptable to the network
and the TCP-F receiver.

TCP WITH EXPLICIT LINK FAILURE NOTIFICATION: ( TCP-ELFN)

 Improves TCP performance in adhoc wireless network.
 Similar to TCP-F.
WIRELESS ADHOC NETWORKS IV-I (R20) KHIT UNIT-IV

Operation:
 ELFN is originated by the node detecting a path break upon detection of a link failure to the TCP sender.
 This can be implemented in two ways :
1. By sending an ICMP Destination Unreachable (DUR) message to the sender.
(or)
2. By piggy-backing this information to the sender.
 Once the TCP sender receives the ELFN packet, it disables its retransmission timers and enters a
standby state.
 In this state, it periodically originates probe packets to see if a new route is established.
 Upon reception of an ACK by the TCP receiver for the probe packets, it leaves the standby state, and
continues to function as normal.

Advantages:
 Improves TCP performance by decoupling the path break information from the congestion information
by the use of ELFN.
 Less dependent on routing protocol & requires only link failure notification about the path break.

Disadvantages:
 When the network is temporarily partitioned, the path failure may last longer & this can lead to the
origination of periodic probe packets consuming bandwidth & power.
 Congestion window used after a new route is obtained may not reflect the achievable transmission rate
acceptable to the network and the TCP receiver.

TCP-BUS ( TCP WITH BUFFERING CAPABILITY AND SEQUENCE INFORMATION)

 It is similar to TCP-F and TCP-ELFN in its use of feedback information from an intermediate node on
detection of a path break. But it is more dependent on the routing protocol.
 TCP-BuS was proposed, with Associativity-Based Routing (ABR) protocol as the routing scheme. Hence
it makes use of some special messages such as LQ and REPLY for finding partial path.

Operation:
 Upon detection of a path break, an upstream intermediate node, called pivot node (PN),originates an
explicit route disconnection notification ( ERDN ) message to the TCP-BuS sender.
 ERDN propagated in a reliable way.
 Upon receiving ERDN packet, the TCP-BuS sender stops transmission and freezes all timers and
windows as in TCP-F.
 The packets in transmit at the intermediate nodes from the TCP-BuS sender to the PN are buffered
until a new partial path from the PN to the TCP-BuS receiver is obtained by the PN.
 Upon detection of a path break, the downstream node originates a Route Notification (RN) packet to
the TCP-BuS receiver, which is forwarded by all the downstream nodes in the path.
 PN attempts to find new partial path (route) to the TCP-BuS receiver , and the availability of such a
partial path to destination is intimated to the TCP-BuS sender through an explicit route successful
notification (ERSN) packet.TCP utilizes route reconfiguration mechanism of ABR to obtain partial path
to the destination.
 Upon a successful LQ-REPLY process to obtain a new route to the TCP-BuS receiver, PN informs the
TCP-BuS sender of the new partial path using ERSN Packet.(it is sent reliably)
 TCP-BuS sender also periodically originates probe packets to check the availability of a path to the
destination.
 Below figure illustrates the operation of TCP-BuS.
WIRELESS ADHOC NETWORKS IV-I (R20) KHIT UNIT-IV

Advantages:
 Performance improvement.
 Avoidance of fast retransmission due to
the use of buffering, sequence numbering,
and selective acknowledgement.
 Also takes advantage of the underlying
routing protocols.

Disadvantages:
 Increased dependency on the routing
protocol and the buffering at the
intermediate nodes.
 The failure of intermediate nodes that
buffer the packets may lead to loss of
packets and performance degradation.
 The dependency on the routing protocol
may degrade its performance with order
routing protocols that do not have similar
control messages as in ABR.
AD HOC TCP
 Based on feedback information received from the intermediate nodes, the TCP sender changes its state
to the
o Persist state.
o Congestion control state or
o Retransmission state.
 When an intermediate node finds that the network is partitioned, then the TCP sender state is changed
to the persist state where it avoids unnecessary retransmissions.
 Figure shows the thin layer implementation of ATCP between the traditional TCP layer and the IP layer.
 This does not require changes in the existing TCP protocol.
 This layer is active only at the TCP sender.

 Major function of the ATCP Layer is that it monitors the :

o Packet sent and received by TCP sender,
o The state of the TCP sender,
o State of the network.
 Fig (b) shows the state transmission diagram for the ATCP at the TCP sender.
WIRELESS ADHOC NETWORKS IV-I (R20) KHIT UNIT-IV

 The four states in the ATCP are:

1. NORMAL.
2. CONGESTED
3. LOSS
4. DISCONN
 When a TCP connection is established, the ATCP sender state is in NORMAL, here ATCP does not
interfere with the operation of TCP and it remains invisible.

Advantages:
o It maintains the end to end semantics of TCP.
o It is compatible with traditional TCP.
o Improves throughput of TCP in adhoc wireless network.

Disadvantages:
o Dependency on the network layer protocol to detect the route changes and partitions.
o Addition of thin ATCP layer to TCP/IP protocol stack requires changes in the interface functions
currently being used

Split TCP
 Major issues that affect the performance of TCP over adhoc wireless network is the degradation of
throughput with increasing path length.
 This can also lead to unfairness among TCP sessions where one session may obtain much higher
throughput than other sessions.
 This unfairness problem is further worsened by the use of MAC protocols, which are found to give a
higher throughput for certain link level sessions, leading to an effect known as channel capture.
 Split TCP provides a unique solution to this problem by splitting the transport layer objectives into:
 Congestion control.
 End to End reliability.
 In addition, split TCP splits a long TCP connection into a set of short concatenated TCP connections
(called segments or zones) with a number of selected intermediate nodes (known as proxy nodes) as
terminating points of these short connections.
 Figure illustrates the operation of split-TCP where a three segment split –TCP connection exists
between source node1 and destination node 15.
 A proxy node receives the TCP packets, reads its contents, stores it in its local buffer, and sends an
acknowledgement to the source (or the previous proxy)
 This acknowledgement is called Local acknowledgement (LACK) does not guarantee end to end
delivery.
 The responsibility of further delivery of packets is assigned to the proxy node.
 In figure, node 1 initiates a TCP session to node 15, node 4 and node 13 are chosen as proxy nodes.
WIRELESS ADHOC NETWORKS IV-I (R20) KHIT UNIT-IV

 The number of proxy nodes in a TCP session is determined by the length of the path between source &
destination node.
 Based on a distributed algorithm, the intermediate nodes that receive TCP packets determine whether
to act as a proxy node or just as a simple forwarding node.
 In figure, the path between nodes 1 & 4 is the first zone (segment), the path between nodes 4 to 13 is
the second zone (segment), and the last zone is between node 13 and 15.
 The proxy node 4, upon receipt of each TCP packet from source node1,acknowledges it with a LACK
packet, & buffers the received packets. This buffered packet is forwarded to the next proxy node at a
transmission rate proportional to the arrival of LACKs from the next proxy node or destination.

Advantages:
 Improved throughput.
 Improved throughput fairness.
 Lessened impact of mobility.

Disadvantages:
 Requires modifications to TCP
protocol.
 End to End connection handling of
traditional TCP is violated.
 The failure of proxy nodes can lead
to throughput degradation.

COMPARISION OF TCP SOLUTIONS FOR ADHOC WIRELESS NETWORKS

WIRELESS ADHOC NETWORKS IV-I (R20) KHIT UNIT-IV

OTHER TRANSPORT LAYER PROTOCOLS FOR AD HOC WIRELESS NETWORKS

APPLICATION CONTROLLED TRANSPORT PROTOCOL
 It is a light-weight transport layer protocol
 Assigns the responsibility of ensuring reliability to the application layer
 ACTP stands in between TCP and UDP where TCP experiences low performance with high reliability
and UDP provides better performance with high packet loss in Adhoc wireless networks
 The key design philosophy of ACTP is to leave the provisioning of reliability to the application layer and
provide a simple feedback information about the delivery status of packets to the application layer
 Supports the priority of packets to be delivered
 Each API function call to send a packet contains the additional information required for ACTP such as
the maximum delay, message number and priority of the packet
 Delivery status is maintained at the ACTP layer. This reflect
o Successful delivery of the packet
o A possible loss of the packet
o Remaining time for the packet
o No state information exists at the ACTP layer
Advantages:
 Provides freedom of choosing the required
reliability level to the application layer
 Scalable for large networks
 Throughput is not affected by path breaks

Disadvantage:
 Not compatible with TCP

AD HOC TRANSPORT PROTOCOL

 ATP is specifically designed for ad hoc wireless networks and is not a variant of TCP
 The major aspects by which ATP defers from TCP are
o Coordination among multiple layers
o Rate-based transmissions
o Decoupling congestion control and reliability
o Assisted congestion control
 ATP uses services from network and MAC layers for improving its performance
 ATP uses information from lower layers for
o Estimation of the initial transmission rate
o Detection, avoidance, and control of congestion
o Detection of path breaks
 ATP utilizes timer-based transmission
 The network congestion information is obtained from the intermediate nodes
 Field in which delay information is included is referred as rate feedback field
 ATP has three phases namely: increase, decrease and maintain

Advantages:
 Improved performance
 Decoupling congestion control and reliability mechanisms
 avoidance of congestion window fluctuations

Disadvantage:
 lack of interoperability with TCP
WIRELESS ADHOC NETWORKS IV-I (R20) KHIT UNIT-IV

SECURITY IN ADHOC WIRELESS NETWORKS

NETWORK SECURITY REQUIREMENTS

A security protocol for ad hoc wireless networks should satisfy the following requirements
1. Confidentiality:
a. The data sent by the sender must be comprehensible only to the intended receiver.
b. Though an intruder might get hold of the data being sent, he / she must not be able to derive
any useful information out of the data.
c. One of the popular techniques used for ensuring confidentiality is data encryption.

2. Integrity:
a. The data sent by the source node should reach the destination node without being altered.
b. It should not be possible for any malicious node in the network to tamper with the data during
transmission

3. Availability:
a. The network should remain operational all the time.
b. It must be robust enough to tolerate link failures and also be capable of surviving various
attacks mounted on it.
c. It should be able to provide guaranteed services whether an authorized user requires them

4. Non-Repudiation:
a. It is a mechanism to guarantee that the sender of a message cannot later deny having sent the
message and that the recipient cannot deny having received the message.
b. Digital signatures are used for this purpose.

ISSUES AND CHALLENGES IN SECURITY PROVISIONING

1. Shared broadcast radio channel :
a. The radio channel used for communication in adhoc wireless networks is broadcast in nature & is
shared by all nodes within its direct transmission range.
b. Data transmitted by a node is received by all nodes within its direct transmission range. So a
malicious node could easily obtain data being transmitted in the network.
c. This problem can be minimized to a certain extent by using directional antennas.

2. Limited resource availability :

a. Resources such as bandwidth, battery power, & computational power are scarce in adhoc wireless
networks.
b. Hence it is difficult to implement complex cryptography-based security mechanisms in networks.

3. Insecure operational environment :

a. The operating environments where adhoc wireless is used may not always be secure.
b. One important application of such networks is in battlefields.

4. Physical Vulnerability :
a. Nodes in these networks are usually compact & hand-held in nature.
b. They could get damaged easily & are also vulnerable to theft.

5. Lack of central authority :

WIRELESS ADHOC NETWORKS IV-I (R20) KHIT UNIT-IV

a. In wired networks & infrastructure-based wireless networks, it would be possible to monitor the
traffic on the network through certain important central points & implement security mechanisms
at such points.
b. Since adhoc –wireless networks do not have central points, these mechanisms cannot be applied in
ad hoc wireless networks.

6. Lack of associations:
a. Since these networks are dynamic in nature, a node can join or leave the network at any pont of
time.
b. If no proper authentication mechanism is used for associating nodes in a network, an intruder
would be able to join into the network quite easily & carry out his/her attacks.

NETWORK SECURITY ATTACKS

Attacks on adhoc wireless networks can be classified into 2 broad categories, namely:
1. Passive attack
a. It does not disrupt the operation of the network; the adversary snoops the data exchanged in
the network without altering it.
b. One way to overcome such problems is to use powerful encryption mechanisms to encrypt the
data being transmitted.

2. Active attack
a. An active attack attempts to alter or destroy the data being exchanged in the network, thereby
disrupting the normal functioning of the network.
b. They can be further classified into 2 categories :
i. External attacks, which are carried out by nodes that do not belong to the network. They
can be prevented using standard encryption techniques and firewalls.
ii. Internal attacks are from compromised nodes that are actually part of the network.

NETWORK LAYER ATTACKS

There are many types of attacks pertaining to the network layer in network protocol stack. Some of them are as
follows:
1. wormhole attack:
WIRELESS ADHOC NETWORKS IV-I (R20) KHIT UNIT-IV

a. In this attack, an attacker receives packets at one location in the network & tunnels them
(possibly selectively) to another location in the network, where the packets are resent into the
network. This tunnel between 2 colliding attackers is referred to as a wormhole.
b. If proper mechanisms are not employed to defend the network against wormhole attacks,
existing routing protocols for adhoc wireless networks may fail to find valid routes.

2. Blackhole attack:
a. In this attack, a malicious node falsely advertises good paths to destination node during path-
finding process or in route update messages.
b. The intention of malicious node could be to hinder the path-finding process or to intercept all
data packets being sent to the destination node.

3. Byzantine attack:
a. Here, a compromised intermediate note or a set of compromised intermediate nodes work in
collusion & carries out attack such as creating routing loops, routing packets on non-optimal
paths & selectively dropping packets.

4. Information disclosure:
a. A compromised node may leak confidential or important information to unauthorized nodes in
the network.

5. Resource consumption attack:

a. In this attack, a malicious node tries to consume/waste resources of other nodes present in the
network.
b. The resources targeted are battery power, bandwidth & computational power, which are
limitedly available in adhoc wireless networks.

6. Routing attacks:
a. There are several types of attacks mounted on routing protocol & they are as follows:
i. Routing table overflow:
o In this type of attack, an adversary node advertises routes to non-existent nodes,
to the authorized nodes present in the network.
o The main objective of this attack is to cause an overflow of routing tables, which
would in turn prevent the creation of entries corresponding to new routes to
authorized nodes.
ii. Routing table poisoning:
o Here, the compromised nodes in the networks send fictitious routing updates or
modify genuine route update packets sent to other uncompromised nodes.
o This may result in sub-optimal routing, congestion in network or even make
some parts of network inaccessible.
iii. Packet replication:
o In this attack, an adversary node would replicate state packets.
iv. Route cache poisoning:
o Similar to routing table poisoning, an adversary can also poison the route cache
to achieve similar activities.
v. Rushing attack:
o On-demand routing protocols that use duplicate suppression during the route
discovery process are vulnerable to this attack.

TRANSPORT LAYER ATTACKS:

1. Session Hijacking:
a. Here, an adversary takes control over a session between 2 nodes.
WIRELESS ADHOC NETWORKS IV-I (R20) KHIT UNIT-IV

b. Since most authentication processes are carried out only at the start of session, once the session
between 2 nodes get established, the adversary node masquerades as one of the end-nodes of
the session & hijacks the sessions.

APPLICATION LAYER ATTACKS:

1. Repudiation:
a. It refers to the denial or attempted denial by a node involved in a communication of having
participated in all or part of the communication

OTHER ATTACKS:
This section discusses security attacks that cannot strictly be associated with any specific layer in the network
protocol stack

MULTI-LAYER ATTACKS
Multi-layer attacks are those that could occur in any layer of the network protocol stack. Some of the multi-
layer attacks in adhoc wireless networks are:
1. Denial of Service
 In this type of attack, an adversary attempts to prevent legitimate & authorized users of services offered by
the network from accessing those services.
 This may lead to a failure in the delivery of guaranteed services to the end users.
 Some of the DoS attacks are as follows:
o Jamming – in this form of attack, the adversary initially keeps monitoring the wireless medium in
order to determine the frequency at which the receiver node is receiving signals from the sender.
Frequency hopping spread spectrum(FHSS) and direct sequence spread spectrum (DSSS) are two
commonly used techniques that overcome jamming attacks
o SYN flooding – here, an adversary sends a large number of SYN packets to a victim node, spoofing
the return addresses of the SYN packets. The victim node builds up a table/data structure for
holding information regarding all pending connections. Since the maximum possible size of the
table is limited, the increasing number of half-connections results in an overflow in the table.
o Distributed DoS attack – here, several adversaries that are distributed throughout the network
collide and prevent legitimate users from accessing the services offered by the network.

2. Impersonation
 In these attacks, an adversary assumes the identity & privileges of an authorized node, either to make use
of network resources that may not be available to it under normal circumstances, or to disrupt the normal
functioning of the network by injecting false routing information into the network.
 A man-in-the-middle attack is another type of impersonation attack.

DEVICE TAMPERING
 Unlike nodes in a wired network, nodes in adhoc wireless networks are usually compact, soft and hand-
held in nature.
 They could get damaged or stolen easily.

SECURE ROUTING IN AD HOC WIRELESS NETWORKS

Ensuring secure communication in adhoc wireless networks include the mobility of nodes, a promiscuous
mode of operation, limited processing power & limited availability of resources such as battery power,
bandwidth & memory.

REQUIREMENTS OF A SECURE ROUTING PROTOCOL FOR ADHOC WIRELESS NETWORKS

The fundamental requirements for a secure routing protocol for adhoc wireless networks are listed as below:
 Detection of malicious nodes:
o A secure routing protocol should be able to detect the presence of any malicious node in the
network & should avoid the participation of such nodes in the routing process.
 Guarantee of correct route discovery:
o If a route between the source & destination node exist, the routing protocol should be able to
find the route, & should also ensure the correctness of the selected route.
WIRELESS ADHOC NETWORKS IV-I (R20) KHIT UNIT-IV

 Confidentiality of network topology:

o Once the network topology is known, the attacker may try to study the traffic pattern in the
network. If some of the nodes are found to be more active compared to others, the attacker
may try to mount attacks.
o This may ultimately affect the ongoing routing process. Hence, confidentiality of network
topology is important.
 Stability against attacks:
o The routing protocols must be self-stable in the sense that it must be able to revert to its
normal operating state within a finite amount of time after passive or an active attack.
o Some of the security-aware routing protocols proposed for adhoc wireless networks are
discussed.

SECURITY AWARE ADHOC ROUTING PROTOCOL

 This routing protocol uses security as one of the key metrics in path finding.
 In adhoc wireless networks, communication between end nodes through possibly multiple intermediate
nodes is based on the fact that the two end nodes trust the intermediate nodes.
 SAR defines level of trust as a metric for routing & as one of the attributes for security to be taken into
consideration while routing.
 The routing protocol based on level of trust is explained in below figure.

 Two paths exist between the two officers O1 and O2 who want to communicate with each other
 One of these paths is a shorter path which runs through private nodes whose trust levels are very low
 Hence, the protocol chooses a longer but secure path which passes through other secure nodes
 Nodes of equal levels of trust distribute a common key among themselves and with those nodes having
higher levels of trust
 The SAR mechanism can be easily incorporated into the traditional routing protocols for ad hoc
wireless networks
 It could be incorporated into both on-demand and table-driven routing protocols
 The SAR protocol allows the application to choose the level of security it requires
 But the protocol requires different keys for different levels of security
 This tends to increase the number of keys required when the number of security levels used increase

SECURE EFFICIENT AD HOC DISTANCE VECTOR ROUTING PROTOCOL

 SEAD routing protocol is a secure ad hoc routing protocol based on the destination-sequenced distance
vector (DSDV) routing protocol
 This protocol is mainly designed to overcome security attacks such as DoS and resource consumption
attacks
 The protocol uses a one-way hash function and does not involve any asymmetric cryptographic
operation

DISTANCE VECTOR ROUTING

 Distance vector routing protocols belong to the category of table-driven routing protocols
WIRELESS ADHOC NETWORKS IV-I (R20) KHIT UNIT-IV

 Each node maintains a routing table containing the list of all known routes to various destination nodes
in the network
 The metric used for routing is the distance measured in terms of hop-count
 The routing table is updated periodically by exchanging routing information
 An alternative approach to this is triggered updates, in which each node broadcasts routing updates
only if its routing table gets altered.

ONE-WAY HASH FUNCTION

 SEAD uses authentication to differentiate between updates that are received from non-malicious nodes
and malicious nodes
 This minimizes resource consumption attacks caused by malicious nodes
 SEAD uses a one-way hash function for authenticating the updates
 A one-way hash function (H) generates a one-way hash chain (h1, h2,.....).
 The function H maps an input bit-string of any length to a fixed length bit-string
 To create a one-way hash chain, a node generated a random number with initial value x € (0,1)p, where
p is the length in bits of the output bit-string
 h0 is the first number in the has chain is initialised to x
 The remaining values are computed using a general formula hi = H(hi-1) for 0 ≤ i ≤ n, for some n.
 SEAD avoids routing loops unless the loop contains more than one attacker
 The protocol is robust against multiple coordinated attacks
 SEAD protocol would not be able to overcome attacks where the attacker uses the same metric and
sequence number which were used by the recent update message, and sends a new routing update

AUTHENTICATED ROUTING FOR AD HOC NETWORKS

 ARAN is a secure routing protocol which successfully defeats all identified attacks in the network layer
 It takes care of authentication, message integrity and non-repudiation
 During the route discovery process of ARAN, the source node broadcasts RouteRequest packets
 Destination packets responds by unicasting back a reply packet on the selected path
 The ARAN protocol uses a preliminary cryptographic certification process, followed by an end-to-end
route authentication process, which ensures secure route establishment

ISSUE OF CERTIFICATES
 There exists an authenticated trusted server whose public key is known to all legal nodes in the
network
 The ARAN protocol assumes that keys are generated a priori by the server and distributed to all nodes
in the network
 On joining the network, each node receives a certificate from the trusted server
 The certificate received by a node A from the trusted server T looks like the following:

END-TO-END ROUTE AUTHENTICATION

 The main goal of this end-to-end route authentication process is to ensure that the correct intended
destination is reached by the packets sent from the source node
 The source node S broadcasts a RouteRequest/RouteDiscovery packet destined to destination node D.

Where,
WIRELESS ADHOC NETWORKS IV-I (R20) KHIT UNIT-IV

SECURITY AWARE AODV PROTOCOL

 AODV is an on-demand routing protocol where the route discovery process is
initiated by sending RouteRequest packets only when data packets arrive at a node
for transmission
 A malicious intermediate node could advertise that it has the shortest path to the
destination, thereby redirecting all the packets through itself
 This is known as black hole attack

 Let node M be the malicious node that enters the network

 It advertises that it has the shortest path to the destination node D when it receives
the RouteRequest packet sent by node S
 The attacker may not be able to succeed if node A, which also receives the
RouteRequest packet from node S, replies earlier than node M
 Advantage  malicious node does not have to search its routing table for a route to the
destination
 Hence the malicious node would be able to reply faster than node A