challenges in mobile ad hoc networks
TRANSCRIPT
-
8/18/2019 Challenges in Mobile Ad Hoc Networks
1/11
CHALLENGES IN MOBILE AD HOC NETWORKS
ABSTRACT:
In the near future, a pervasive computing
environment can be expected based on the
recent progresses and advances in
computing and communication technologies.
Next generation of mobile communication
will include both popular infrastructured
wireless networks and novel
infrastructureless mobile ad-hoc networks
(MAN!s". A MAN! is a collection of
wireless nodes that can d#namicall# form a
network to exchange information without
using an# pre-existing fixed network
infrastructure. $ireless ad-hoc networks are
increasingl# being used in the battlefield,
emergenc# search, rescue missions. !he
special features of MAN! bring great
opportunities together with severe
challenges. !his report describes the
concept, features, status and fundamental
problems of ad hoc networking. %pecial
attention is paid on network la#er routing
strateg# and intrusion detection in MAN!s.
1. INTRODUCTION
&ur future living environments are likel# to
be based upon information resources
provided b# the connections of various
communication networks for users. New
small devices like 'ersonal igital
Assistants ('As", mobile phones, and
laptops enhance the information processing
and accessing capabilities with mobilit#. !o
cater the needs of such devices, modern
technologies should adopt new model of
pervasive computing including new
architectures, standards, devices, services,
tools and protocols.
Mobile computing is the one of the most
important technolog# supporting pervasive
computing. Advances in both hardware and
software techni)ues have enabled the spread
of mobile hosts and wireless networking to
masses. *enerall#, there are two modes in
which wireless mobile nodes can
communicate+
1. Infrastructured+ In this mode, all the
communication among the mobile nodes
goes through a base station. A ase
station is also known as access point.
!hese base stations are connected to the
fixed infrastructure or wired networks.
. Infrastructure!ess+ !his mode of communication is known as a mobile ad
hoc network(MAN!". A MAN! is
collection of wireless nodes that can
d#namicall# form a network to exchange
De"t. I.T# AITS
-
8/18/2019 Challenges in Mobile Ad Hoc Networks
2/11
information without using an# pre-
existing fixed network infrastructure.
!his is a ver# important part of
communication technolog# that supports
trul# pervasive computing, because in
man# contexts information exchange
between mobile units cannot rel# on an#
fixed network infrastructure, but on
rapid configuration of a wireless
connections on-the-fl#. A t#pical
example of this mode of communication
is people sitting in the conference room
and exchanging data among them
without an# fixed infrastructure.
. RELATED BACKGROUND
.1 MANET C$nce"t
A mobile ad hoc network is a collection of
wireless nodes that can d#namicall# be set
up an#where and an#time without using an# pre-existing network infrastructure. It is an
autonomous s#stem in which mobile hosts
connected b# wireless links are free to move
randoml#. In MAN!, nodes act both as
host and routers. !he traffic t#pes in ad hoc
networks are )uite different from those in an
infrastructured wireless network, including+
. %eer&t$&%eer+ ommunication
between two nodes, which are within
one hop.
/. Re'$te&t$&Re'$te: ommunication
between two nodes be#ond a single
hop but which maintain a stable route
between them. !his ma# be the result
of several nodes sta#ing within
communication range of each other in
a single area or possibl# moving as a
group. !he traffic is similar to
standard network traffic.
0. D(na')c Traff)c+ !his occurs when
nodes are d#namic and moving
around. 1outes must be reconstructed.
!his results in a poor connectivit# and
network activit# in short bursts.
. MANET *eatures
MAN! has the following features+
Aut$n$'$us ter')na!+ In MAN!,
each mobile host is autonomous node,
which ma# function as both a host and a
router. In other words, besides the basic
processing abilit# as a host, the mobile
nodes can also perform switching
functions as a router. %o usuall#
endpoints and switches are
indistinguishable in MAN!.
/ D)str)+uted $"erat)$n+ %ince there is
no background network for the central
control of the network operations, the
control and management of the network
is distributed among the terminals. !he
nodes involved in a MAN! should
collaborate amongst themselves and
De"t. I.T# AITS /
-
8/18/2019 Challenges in Mobile Ad Hoc Networks
3/11
each node acts as a rela# as needed, to
implement functions e.g. securit# and
routing.
0 Mu!t)&,$" r$ut)n-+ asic t#pes of ad
hoc routing algorithms can be single-hop
and multi-hop. %ingle-hop MAN! is
simpler than multihop in terms of
structure and implementation, with the
cost of lesser functionalit# and
applicabilit#. $hen delivering data
packets from a source to its destination
out of the direct wireless transmission
range, the packets should be forwarded
via one or more intermediate nodes.
2 D(na')c net$r/ t$"$!$-(+ %ince the
nodes are mobile, the network topolog#
ma# change rapidl# and unpredictabl#
and the connectivit# among the
terminals ma# var# with time. MAN!
should adapt to the traffic and
propagation conditions as well as the
mobilit# patterns of the mobile network
nodes. !he mobile nodes in the network
d#namicall# establish routing among
themselves as the# move about, forming
their own network on the fl#. Moreover,
a user in the MAN! ma# not onl#
operate within the ad hoc network, but
ma# re)uire access to a public fixed
network.
3 *!uctuat)n- !)n/ ca"ac)t(+ !he nature
of high bit-error rates of wireless
connection might be more profound in a
MAN!. &ne end-to-end path can be
shared b# several sessions. !he channel
over which the terminals communicate is
sub4ect to noise, fading, and interference,
and has less bandwidth than a wired
network. In some scenarios, the path
between an# pair of users can traverse
multiple wireless links and the link
themselves can be heterogeneous. &ne
effect of the relativel# low to moderate
capacities is that congestion is t#picall#
the norm rather than the exception i.e.
aggregate application demand will likel#
approach or exceed network capacit#
fre)uentl#.
5 Ener-(&c$nstra)ned $"erat)$n+ %ome
or all of the nodes in a MAN! ma#
rel# on batteries or other means for their
energ#. %uch devices need optimi6ed
algorithms and mechanisms that
implement the computing and
communicating functions.
7 L)')ted ",(s)ca! secur)t(+ MAN!s
are generall# more prone to ph#sical
securit# threats than are fixed cable
networks. !he increased possibilit# of
eavesdropping, spoofing and denial-of-
De"t. I.T# AITS 0
-
8/18/2019 Challenges in Mobile Ad Hoc Networks
4/11
service attacks should be carefull#
considered.
.0. MANET Status
Ad hoc network is not a new concept. It was
first deplo#ed in militar# in 879s.
ommercial interest in such networks has
grown recentl# due to the advancement in
the wireless communication. A new working
group for MAN! has been formed within
the Internet ngineering !ask :orce (I!:"
to investigate and develop standards for Internet routing support for mobile, wireless
I' autonomous segments and develop a
framework for running I' based protocols in
ad hoc networks.
!he recent I standard ;9/. has
increased the research interest in the field.
Man# international conferences andworkshops have been held b# e.g. I and
AM. :or instance, Mobi
-
8/18/2019 Challenges in Mobile Ad Hoc Networks
5/11
The following are the desirable properties
of MANET routing protocol:
1 D)str)+uted $"erat)$n+ %ince there is no
central point like wired network, each
and ever# node in the MAN! performs
routing.
L$$" freed$'+ !hough, if not
incorporated in the routing protocol, the
!!> value could be used to prevent
packet from roaming in the network for
arbitraril# long periods of time. ut, still
this propert# is desirable for efficient use
of resources and better overall
performance.
0 De'and&+ased $"erat)$n+ Instead of
assuming a uniform traffic distributionwithin the network and maintaining
routing information between all nodes at
all times, routing algorithm should adapt
to the traffic pattern on a demand or
need basis. It should be done in such a
wa# so that it could utili6e mobile nodes
energ# and network bandwidth more
efficientl# at the cost of increased route
discover# dela#.
3 %r$act)e $"erat)$n+ !his is the
opposite of demand-based operation. It
certain contexts, the additional latenc#
demand-based operation is unacceptable.
If bandwidth and energ# resources
permit, proactive operation is desirable
in these contexts.
4 Secur)t(+ $ithout some form of
network-level or link la#er securit#, a
MAN! routing protocol is vulnerable
to man# forms of attack. It ma# be
relativel# simple to snoop network
traffic, manipulate packet headers and
redirect routing messages, within a
wireless network without appropriate
securit# provisions.
5 6S!ee"7 "er)$d $"erat)$n+ As a result of
energ# conservation, or some other need
to be inactive, nodes of a MAN! ma#
stop transmitting andor receiving for
arbitrar# time periods. A routing
protocol should be able to accommodate
such sleep periods without overl#
adverse conse)uences.
8 Un)d)rect)$na! !)n/ su""$rt+ i-
directional links are t#picall# assumed in
the design of routing algorithms, and
man# algorithms are incapable of
functioning properl# over unidirectional
links. ut, unidirectional links can and
do occur in wireless networks.
De"t. I.T# AITS 3
-
8/18/2019 Challenges in Mobile Ad Hoc Networks
6/11
E9a'"!e: Ad ,$c On&de'and D)stance
;ect$r R$ut)n-
Ad ,$c On&de'and D)stance ;ect$r
-
8/18/2019 Challenges in Mobile Ad Hoc Networks
7/11
:igure /. 'ropagation of 1oute 1e)uest
'acket (11C"
:igure 0. 'ath taken b# the 1oute 1epl#
'acket (11'"
0. Intrus)$n detect)$n
Intrusion detection has become ver#
important within the realm of network
securit# especiall# in the case wireless ad
hoc networks. Intrusion detection is defined
as the method to identif# Dan# set of actions
that attempt to compromise the integrit#,
confidentialit# or availabilit# of a resourceE.
It is the techni)ues that attempt to detect
intrusion into a computer or network b#
observing the actions, securit# logs, or audit
data.
*$!!$)n- are s$'e "r)'ar( assu'"t)$ns
t,at ,as t$ +e 'ade ,en $r/)n- $n
)ntrus)$n detect)$n:
?ser and program activities are
observable, that is the information
regarding the usage of a s#stem b# a
user or program must be recordable
and anal#6able.
/ Normal and intrusive behavior must
have distinct characteristics.
In order to detect an intrusion attack, one
needs to make use of a model of intrusion.
!hat is, we need to know what an Intrusion
etection %#stem (I%" should look out for.
!here are two t#pes of models emplo#ed in
current I%+
An$'a!( Detect)$n+ !he first model
bases its detection upon the profile of a
De"t. I.T# AITS 7
-
8/18/2019 Challenges in Mobile Ad Hoc Networks
8/11
userFs normal behavior. It anal#6es the
userFs current session and compares
them to the profile representing the
userFs normal behavior. It raises alarm
if significant deviation is found during
the comparison of audit data and userFs
profile. !his t#pe of detection s#stem
is well suited to detect known or
previousl# not encountered attacks.
/ M)suse Detect)$n+ It bases its
detection upon comparison of userFs
session or commands with the rule
base of techni)ues used b# the
attackers previousl#. !his model looks
for known attacks in the userFs
behavior. A t#pical misuse detection
s#stem takes in audit data for anal#sis
and compares the data to large
database of known attack signatures.
M$st $f t,e IDS ta/e e)t,er a net$r/&
+ased $r ,$st>+ased a""r$ac, +ased $n
t,e s$urce $f aud)t data.
Net$r/&+ased IDS
-
8/18/2019 Challenges in Mobile Ad Hoc Networks
9/11
intrusion detection algorithms must be made
to work on this partial and locali6ed
information.
:urther, there ma# not be a clear separation between normalc# and anomal# in wireless
ad hoc network. A node that sends out false
routing information could be the one that
has been compromised, or merel# the one
that is temporaril# out of s#nc due to
ph#sical movement. I ma# find it
increasing difficult to distinguish false
alarms from real intrusion.
T,e f$!!$)n- are t,e des)ra+!e features $f
Intrus)$n Detect)$n S(ste' f$r MANET:
1. !he I% should not introduce a new
weakness in the MAN!. !hat is,
the I% itself should not make a
node an# weaker than it alread# is.. An I% should run continuousl# and
remain transparent to the s#stem and
users.
0. !he I% should use as little s#stem
resources as possible to detect and
prevent intrusions. I%s that re)uire
excessive communication among
nodes or run complex algorithms are
not desirable.
3. It must be fault-tolerant in the sense
that it must be able to recover from
s#stem crashes, hopefull# recover to
the previous state, and resume the
operations before the crash.
4. Apart from detecting and responding
to intrusions, an I% should also
monitor itself and detect if it has
been compromised b# an attacker.
5. An I% should have a proper
response. In other words, an I%
should not onl# detect but also
respond to detected intrusions,
preferabl# without human
intervention.
8. Accurac# of the I% is another ma4or
factor in MAN!s. :ewer false
positives and false negatives are
desired.
?. It should interoperate with other
intrusion detection s#stems to
collaborativel# detect intrusions.
E9a'"!e: A D)str)+uted IDS
D)str)+uted IDS:
In their pioneering work on intrusion
detection in MAN!s, Ghang and >ee
describe a distributed and cooperative
intrusion detection model where ever# node
in the network participates in intrusiondetection and response H0. In this model, an
I% agent runs at each mobile node, and
performs local data collection and local
detection, whereas cooperative detection and
De"t. I.T# AITS 8
-
8/18/2019 Challenges in Mobile Ad Hoc Networks
10/11
global intrusion response can be triggered
when a node reports an anomal#. It
considers abnormal updated to routing
tables.
!he internals of an I% agent are structured
into six pieces, as shown in :igure. ach
node does local intrusion detection
independentl#, and neighboring nodes
collaborativel# work on a larger scale.
Individual I% agents placed on each and
ever# node run independentl# and monitor
local activities (including user, s#stems, and
communication activities within the radio
range", detect intrusions from local traces,
and initiate responses. Neighboring I%
agents cooperativel# participate in global
intrusion detection actions when an anomal#
is detected in local data or if there is
inconclusive evidence. !he data collection
module gathers local audit traces and
activit# logs that are used b# the local
detection engine to detect local anomal#.
etection methods that need broader data
sets or re)uire collaborations among local
I% agents use the cooperative detection
engine. oth the local and global responsemodules provide intrusion response actions.
!he local response module triggers actions
local to this mobile node (e.g., an I% agent
alerting the local user", while the global one
coordinates actions among neighboring
nodes, such as the I% agents in the network
electing a remedial action. A secure
communication module provides a high-
confidence communication channel among
I% agents.
!his I% presents a distributed and
cooperative intrusion detection architecture
based on statistical anomal# detection
techni)ues. !his article was among the first
that had such a detailed distributed design.
Figure 4. An intrusion detection
system for MANETS
3. CONCLUSION
!his report describes the background
information of MAN!s, which includes
concepts, features and status. !hereafter, it
covers the two main challenges of MAN!s
i.e. 1outing and Intrusion detection in detail.Barious issues concerning different aspects
of ad hoc wireless networks are discussed.
MAN! is one of the most important and
essential technologies in current times.
De"t. I.T# AITS 9
-
8/18/2019 Challenges in Mobile Ad Hoc Networks
11/11
MAN!s can be exploited in a wide area of
applications, from militar#, emergenc#
rescue, law enforcement, commercial, to
local and personal contexts. It has alread#
gained critical mass among researchers in
academia as well as in industr#. Moreover,
there is also a flurr# of activit# in the
standards bodies in this area. Man# routing
protocols designed for ad hoc networks have
been proposed as Internet raft and 1: of
I!:.