Click here to load reader
Date post: | 26-Dec-2014 |
Category: |
Documents |
Upload: | cgrabertilton |
View: | 558 times |
Download: | 1 times |
Click here to load reader
Running head: SECURITY SOLUTIONS FOR MANETS INCLUDING IDS DEVELOPMENT 1
Security Solutions for MANETs Including IDS Development
Cassall S. Graber-Tilton
University of Maryland University College
This material is not to be copied, reproduced, or altered in any way without express permission of the author. Sources at the end should suffice to reproduce all information contained within this
document.
Running head: SECURITY SOLUTIONS FOR MANETS INCLUDING IDS DEVELOPMENT 2
Abstract
Mobile ad-hoc networks or MANETs are networks that communicate wirelessly through nodes.
The nodes change as needed and the MANET network is subject to increased vulnerability
because the network is wireless. Should one node become malicious it can disrupt the routing
protocol and effectiveness of the MANET network. This research paper will examine the
components of a MANET system, the current security issues and potential solutions, and the
potential benefits of Intrusion Detection Systems (IDS) for MANET.
Keywords: Mobile ad-hoc network, MANET, Intrusion detection system, IDS, security
Running head: SECURITY SOLUTIONS FOR MANETS INCLUDING IDS DEVELOPMENT 3
Security Solutions for MANETs Including IDS Development
A mobile ad-hoc network (MANET) is a wireless network comprised of various devices
capable of self organization to form autonomous networks. MANET devices serve both as an
end point in a communication chain as well as a router. The network functions by sending a
message from one node, through the various other devices that have formed the autonomous
network, to the destination node. In order to achieve a successful exchange of information the
path between the two end-points must remain intact. The disadvantage of MANET is that the
reliance on other wireless networked devices creates numerous security challenges. The
advantages of MANETs lie in the network’s flexibility and ability to function in places where a
fixed infrastructure is not available (Kumar, 2009, p. 13-15).
Potential Applications of MANET
MANET has potential applications in both the commercial and military sectors. In the
military MANETs can be used for “battlefield communication and battlefield sensor monitoring
network” (Gorlatova et al., 2005, p. 55).In commercial settings MANETs are applicable for
“convention meetings, electronic classrooms, search-and-rescue efforts, disaster relief, and law
enforcement” (Gorlatova et al., 2005, p. 55).Vehicular ad-hoc networks (VANETs) are a form of
MANETs that allow vehicles to communicate with equipment designed to monitor things such as
traffic density. MANETs can ideally be set up in situations when a fixed infrastructure is not
available, like aforementioned disaster relief or search and rescue operations. Whether or not a
military or commercial organization chooses to use MANET depends on the nature of the
information being sent. An area where security flaws of MANETs have the greatest impact is in
military applications. Soldiers might have to perform a cost benefit analysis before deciding to
use MANET since it brings the risks of detection and information interception.
Running head: SECURITY SOLUTIONS FOR MANETS INCLUDING IDS DEVELOPMENT 4
Security Problems in MANETs
The security problems of MANETs arise from the fact that a MANET has a peer to peer
(P2P) architecture that shares the wireless resources of a network with dynamic topology and
limited resources. MANETs need additional security in the form of secure routing, fault
tolerance, self-umpiring, and intrusion detection. Furthermore, MANETs require a diversity of
tactics that encompass both proactive and reactive solutions. The difficulty that arises is not the
development of these security measures, but in the trade-offs that occur in areas such as
bandwidth usage, processing time, and computing overhead. Overall, the security issues that
MANETs face can be summed up as a lack of centralized management/infrastructure, limited
resource availability, network size/scalability, exploitable cooperation of nodes, dynamic
topology, and limited power supply of individual nodes.
Different trade-offs may be more desirable depending on the scenario the MANET is
being used for. A military organization is more likely to desire a higher level of security than a
commercial one. This difference in needs leads to a use in different routing protocols and
security methods. Consequently the use of different routing protocols, equipment, and security
can hinder communication between nodes. A challenge of MANETs that is recognized, but not
discussed in this paper, is the differences in hardware, software, and energy configurations of the
various nodes. In addition to the differences in configurations, the networks capability of
supporting MANETs varies based on routing protocols and security measures used. Networks
that are designed to use fewer computing resources are generally less secure. Networks that
utilize cryptography have a large computational overhead. Most routing protocols are focused on
setting up MANETs that do not require cryptography but nonetheless have security measures to
insure the integrity of information. Routing protocols will be discussed in a later section to gain a
Running head: SECURITY SOLUTIONS FOR MANETS INCLUDING IDS DEVELOPMENT 5
general idea of the different types of protocols MANET can use and what the advantages and
disadvantages associated with some of them are.
Dynamic Topology of MANETs. The dynamic nature of a MANET network is
necessary since pathways between nodes must be continually re-established. While the dynamic
topology is an inherent part of MANET it is also a security problem. MANETs are multi-hop
networks. In order to communicate with node D, node A must pass its message through nodes B
and C. If node B moves out of range then an alternative route to pass the information to node D
must be found.
This means that new nodes are constantly entering and leaving the MANET. This makes
authentication difficult and attackers take advantage of this weakness to introduce malicious
nodes. The information passing through intermediate nodes is at additional risk if one of those
intermediate nodes has been corrupted.
Secure Multicasting. Secure multicasting is when a single node or user sends out a
message that is received by one or more users of the MANET. Secure multicasting has many
commercial applications such as video conferencing, collaborative applications, and distribution
of material etc. Security solutions for secure multicasting must take into consideration its broader
distribution scheme. The overhead in establishing correct routes and sending out the initial
message is much larger when there is more than one destination node. . The issue faced by
Before After
Running head: SECURITY SOLUTIONS FOR MANETS INCLUDING IDS DEVELOPMENT 6
secure multicasting as summed up by Meghanathan and Olgabegi (2010) is that, “one routing
protocol cannot be a solution for all energy efficient and security issues that are faced in
MANETs, but rather each protocol is designed to provide the maximum possible requirements,
according to certain required scenarios” (p. 12).Depending on the type of protocol used, the
source and destination nodes may each have to exchange secure group keys before a message
can be passed. Secure multicasting is the broadcasting of a message on a much greater scale and
with it brings a much greater likelihood that a malicious node will try to interrupt
communications. In such a large network one of the potentially harmful attacks a malicious node
can do is One protocol that can be used by secure multicasting is the Secure Routing Protocol
(SRP), which will be discussed in more detail later.
Secure Routing. Secure routing is a necessary part of MANET. There have been a
number of routing protocols suggested, each with their own pros and cons. A review of some of
these protocols show which ones work best, keeping in mind network efficiency and the need for
privacy. Most of the proposed protocols are vulnerable, and must be able to function even if
some nodes are compromised by an attack. Attacks from malicious nodes can try to sabotage a
transmission in many ways. It can fake the routing information, flood the network to create a
denial of service, or disclose the routing information (Jamalipour, Kato, Kurosawa, Nakayama,
& Nemoto, 2005, p.1). Built in fault tolerance combined with malicious node detection can allow
a network to function while simultaneously detecting and eliminating malicious nodes.
This paper will review a couple proactive and reactive routing protocols, and their
respective methods of functionality. MANETs have a wide range of configuration choices that
routing protocols must adapt to. Some routing protocols require a network meet a set of
assumptions in order to work properly. Overall, each routing protocol has strengths and
Running head: SECURITY SOLUTIONS FOR MANETS INCLUDING IDS DEVELOPMENT 7
weaknesses, and a brief overview of some of them should give us a good picture of how the
security of MANETs can be compromised (Jamalipour et al., 2005, p. 1-8).
Fault Tolerance. Fault tolerance refers to the ability of certain protocols to effectively
deliver their message despite the presence of malicious nodes. Fault tolerance in a routing
protocol is only concerned that the message will be delivered. On its own it does not do anything
about removing or identifying the malicious node.
Routing Protocol Security Solutions
Routing protocols deserve a significant amount of attention because they determine the
method of operation for the MANETs. The routing protocol a MANET uses determines how
messages will be exchanged, the level of security, and whether the MANET takes a proactive or
reactive approach. Proactive routing protocols continuously evaluate routes so that when a node
desires to send a message, a route is already awaiting them. Reactive routing protocols do not
continuously evaluate routes, so when a node desires to send a message a reactive protocol must
then establish a route and change the route based on external factors such as traffic volume and
malicious nodes.
Secure Routing Protocol (SRP). SRP is one of the more secure routing protocols that do
not use cryptography. Secure routing in MANET has to take into consideration route discovery.
In the SRP this is done through the establishment of correct network topology. According to
Haas and Papadimitratos (2002), “(SRP) guarantees that a node initiating a route discovery will
be able to identify and discard replies providing false topological information, or, avoid
receiving them” (p. 2). Through the SRP method the correct topology can be determined even if
there are malicious nodes in the network. The method uses a security association between two
nodes to track the path of a query from the source node A to the end node E. A sends out a route
Running head: SECURITY SOLUTIONS FOR MANETS INCLUDING IDS DEVELOPMENT 8
request containing a query sequence number, a random query identifier, the source, and the
destination. This information is used to calculate the Message Authentication Code (MAC).
When the message is sent it adds on the IP addresses of the intermediate nodes to the route
request packet. The destination node can tell, from the accrued IP addresses, the pathway the
packet took to get there. The destination node sends its reply to the source node over that same
pathway. The reply to the source node contains information regarding the packets received and
the routes that the destination node received this information from. This tells the source node
which routes are intact and the source node can send the packets over those intact routes (Haas &
Papadimitratos, 2002, p. 4-5).
The disadvantages of SRP are the assumptions it requires to work properly. SRP
assumes a security association between two end nodes already exists. It assumes bi-directional
communication between nodes, as well as their ability to validate one another. Another main
assumption is that the malicious nodes will consistently, not intermittently, exhibit malicious
behavior. “It is also expected that a one to one mapping between Medium Access Control and IP
addresses exists” (Haas & Papadimitratos, 2002, p. 5). Finally, all neighbors operate in
promiscuous mode and are able to overhear each transmission. While individually, these may not
affect the proper operation of SRP, the assumptions place limitations on the workability of SRP
outside the restricted circumstances (Meghanathan & Olgabegi, 2010, p. 1-6).
Self Organized Network Layer Security in MANETs (SCAN). SCAN is a non-
cryptographic solution used to protect the network layer of MANETs from malicious attacks.
SCAN is a reactive protocol. In the SCAN design, nodes form local networks based on their
geographical location and monitor each other. SCAN is designed to protect both the ad-hoc
routing and the packet forwarding aspects of MANETs. Each node checks the information it
Running head: SECURITY SOLUTIONS FOR MANETS INCLUDING IDS DEVELOPMENT 9
receives and the information sent to nearby nodes for anomalies. The nodes share the
information on malicious nodes they have gathered. Using the combined information they
determine which nodes have been corrupted and deprive them of network access. SCAN uses
mobile collaboration and “information cross validation” (Lu, Meng, Shu, & Yang, 2005, p. 2).to
check the information gathered and overheard. SCAN also uses a token renewal and revocation
scheme.
Destination Sequenced Distance Vector Routing (DSDV). DSDV was an important
step in the creation of MANET routing protocols. It is one of the earlier routing protocols and
serves as the basis for many other protocols. DSDV is a proactive protocol that operates by using
a table to track topology information. The table tracks the hops it takes for one node to reach all
potential destination nodes. “To keep the tables up to date they are exchanged between
neighboring nodes at regular intervals or when a significant topology changes are observed”
(Dash, Mishra, Rath, & Vijaya, 2011, p. 341).The constant updates of tables use more bandwidth
and energy resources than a purely reactive protocol. The nature of DSDV has an added
vulnerability. Nodes are tracked by sequence numbers and metric values. “A malicious node can
easily disrupt the routing protocol by arbitrarily tempering the sequence numbers or the metrics”
(Chen, Lin, & Wang, 2009, p. 2080). DSDV is vulnerable to malicious nodes that can alter the
Bellman-Ford algorithm it uses. In summary, DSDV faces security risks because it operates on a
pre-set table that malicious node can tamper with, and also because independently it doesn’t have
good authentication or detection measures in place.
Ad-Hoc On-Demand Distance Vector Routing (AODV). AODV is a reactive protocol.
In AODV, “nodes maintain traditional routing tables specifying the next hop to take to reach the
destination. If there is no information in the routing table of the source then a route request is
Running head: SECURITY SOLUTIONS FOR MANETS INCLUDING IDS DEVELOPMENT 10
broadcasted” (Dash et al., 2011, p. 341). A node with updated information about a path to the
destination node will send a reply to the source node. The source node and all the intermediate
nodes will amend their routing tables to reflect the current information. The path from the source
node to the destination node that utilizes available resources most efficiently is then chosen
(Dash et al., 2011, p. 341).
AODV was built off of DSDV, but varies in that it only calculates routes when it is
needed. This technique has the advantage of using less bandwidth. The disadvantage is that the
lapse in route calculation time results in a greater number of broken links (Kumar, 2009, p. 4-5).
AODV like DSR is designed as a demand based, loop free, protocol to prevent unnecessary
bandwidth and power use (Dash et al., 2011, p. 341-342). A vulnerability of AODV is that when
a route request is sent out to obtain current table information a malicious node can respond with
false information and pretend it has routes to the destination node (Chen et al., 2009, p. 2080).
Another disadvantage from a security standpoint is that AODV maintains node information in
tables and does not utilize cryptography, introducing an additional vulnerability.
Dynamic Source Routing (DSR). DSR is a reactive source routing protocol. In DSR the
source node already knows the complete multi-hop route to the destination. If the path is intact
no route discovery needs to be performed. The source node stores the paths to the destination
node in a route cache. When the source node sends a message it travels down one of the routes in
the cache to the destination node, which then sends back a reply confirming the link is intact.
The route information is contained in the data packet’s header. DSR is unique because links the
information travels through do not have to be bi-directional to work properly. In DSR if the links
are bi-directional the confirmation of a complete link is sent over the pathway it was received. If
an intermediate node is a uni-directional link then the information gets routed back to the source
Running head: SECURITY SOLUTIONS FOR MANETS INCLUDING IDS DEVELOPMENT 11
through other intermediate nodes. It successfully confirms that the link is intact and unlike SRP
does not require bi-directional links to work properly. SRP’s security mechanism requires a bi-
directional link to work. DSR does not have the same security scheme in place, but carries the
added benefit of being able to function in networks with both uni and bi-directional nodes. In
situations where DSR does not have a route to the destination node in it performs a route request
and receives a route reply. An advantage of DSR is that is uses low bandwidth and “performs
well in high mobility scenarios” (Dash et al, 2011, p. 343). A disadvantage is that it is only
“designed for ad-hoc networks up to 200 nodes” (Dash et al., 2011, p. 343-344).DSR is a good
option for networks that use multiple types of directional links. DSR maintains security by not
operating in promiscuous mode, not eavesdropping, and only carrying the route information in
the data packet headers (Dash et al., 2011, p. 340-344).
Optimized Link State Routing Protocol (OLSR). OLSR is a proactive routing
protocol that maintains routes to all destinations in a standard routing table. OLSR uses
multipoint relays (MPRs). MPRs are certain nodes that send out the messages mapping the
network topology. This reduces overhead and resource use compared to routing protocols where
each node receives and transmits the information it received to the next node. OLSR is effective
for larger networks since it does not send out as many control messages to establish routes and
excels at finding routes with the smallest number of hops. The main security disadvantage of
OLSR is summed up by Moradiya and Sampalli (2010):
An intruder can modify the functionality of OLSR by generating and/or relaying
incorrect control messages such that the traffic flows through the intruder node and make
legitimate nodes to store incorrect information about the network topology…OLSR does
Running head: SECURITY SOLUTIONS FOR MANETS INCLUDING IDS DEVELOPMENT 12
not specify any security mechanism or validation procedure to avoid inconsistencies in
control messages or to verify whether a node is well-behaving or not.” (p. 544)
In short, while OLSR may carry the benefits of low usage of computational resources in large
networks, it requires security add-ons that increase computational overhead, thus negating the
true impact of that benefit.
Security Solution Options
Token System. Different techniques for dealing with the expulsion of malicious nodes
have been proposed. The token method uses tokens in place of currency. When a node receives a
packet it spends a token, and when it sends the packet on successfully it receives a token back. A
disadvantage of this scenario is that a malicious node could flood a good node with requests that
cannot be completed, and thus bankrupt the good node. A good node may not be able to work
because it no longer has tokens to spend to receive information, but a malicious node will be
detected because it will have hoarded a larger amount of tokens (Kathirvel & Srinivasan, 2010,
p. 264-265).
Self Umpiring. Self Umpiring refers to the practices of nodes monitoring their
neighboring nodes while operating in promiscuous mode. In a self umpiring system, “each node
in the path from source to destination has dual roles to perform: packet forwarding and umpiring.
In the umpiring role, each node in the path closely monitors the behavior of its succeeding node
and if any misbehavior is noticed immediately flags off the guilty node” (Kathirvel & Srinivasan,
2010, p. 264).In self umpiring, the nodes combine their information and using the combined
results can tell which nodes are potentially malicious. The methods of self umpiring differ, but
the main principle of neighbor reporting remains. In neighbor reporting nearby nodes can check
the information they overhear from other nodes since MANETs are broadcast networks. The
Running head: SECURITY SOLUTIONS FOR MANETS INCLUDING IDS DEVELOPMENT 13
problem with self umpiring is that operating in promiscuous mode is more concerned with
identifying malicious nodes and less concerned with the privacy and protection of information.
The token system can be applied to self-umpiring. In the token system each node would
be given a node ID and a status ID. The token authorizes a node to join the network. When a
node misbehaves a signal is sent to the source node which changes the misbehaving node’s status
ID. The change in status ID prevents the node from participating in the network and nodes direct
traffic away from the node (Kathirvel & Srinivasan, 2010, p. 264-265).
Self umpiring carries the risk that a good node will be falsely identified as a malicious
node. A malicious node can spread false information about a good node to try to aide this
erroneous ban from happening. The “false positive probability increases with increasing
percentage of malicious node and increased mobility” (Kathirvel & Srinivasan, 2010, p. 266).
Node collaboration works well because it requires a consensus before denying a node access to
the network. This collaboration reduces the possibility of falsely accusing a good node and
increases the likelihood of identifying malicious nodes. (Kathirvel & Srinivasan, 2010, p. 264-
265)
Intrusion Detection Systems
Intrusion Detection Systems (IDS) are designed to detect when a node attempts to exceed
its authorized boundaries (Kumar, 2009, p. 8). When anomalous activity occurs in a MANET the
IDS should detect and issue an appropriate responsive. “An intrusion detection system (IDS) can
be defined as the tools, methods, and resources to help identify, assess, and report unauthorized
or unapproved network activity” (Abdullah, Mandala & Ngadi, 2008, p. 2). The security and
survivability of MANET is dependent on its ability to perform effectively, protect data, and
withstand attacks or flaws that could cause a breach or failure of the network.
Running head: SECURITY SOLUTIONS FOR MANETS INCLUDING IDS DEVELOPMENT 14
Types of IDS. IDS architecture and methods vary widely. The three types of IDS are
signature based, anomaly based, and specification based. In signature based IDS systems
malicious activity is detected using scenarios and signatures that are already on file. Anomaly
based IDS systems detect abnormal activity in a system using statistics, neural networks,
immunology, data mining, and Chi-square tests (Abdullah et al., 2008, p. 2).The third type,
specification based IDS, is a cross between signature and anomaly based solutions. This type
keeps specifications of “desired functionality for security-critical entities” and compares current
activity to the stored specifications. If an anomaly between the two arises then specification
based IDS will report an attack (Abdullah et al., 2008, p. 2)
IDS Architecture. The four types of IDS architecture are standalone, distributed and
collaborative, hierarchical, and mobile agent architecture. Standalone architecture determines
intrusions autonomously and runs IDS on each node. The nodes do not cooperate with one
another or exchange information when an intrusion is detected. Similar to standalone
architecture, distributed and collaborative architecture also runs IDS on every node. In
distributed and collaborative architecture the “IDS agent is responsible for detecting and
collecting local events and data” (Abdullah et al., 2008, p. 3).The data the IDS agent collects is
analyzed to determine potential intrusions and an appropriate response. The third type of IDS
architecture, hierarchical architecture, divides the network into groups and uses the head of each
group as if it were a control point in a wired network (Abdullah et al., 2008, p. 3). Finally,
mobile agent architecture has agents that successfully dispense the IDS tasks by assigning a
particular job to each mobile agent.
Artificial Immune System IDS. Artificial Immune System (AIS) based IDS models the
IDS system after the human immune system. The human body is capable of what is known as
Running head: SECURITY SOLUTIONS FOR MANETS INCLUDING IDS DEVELOPMENT 15
self and non-self discrimination. When a foreign body enters the human immune system the
body’s T cells detect the intruder and issue a response. The adaptation of this model from a
human to a computer intrusion detection model is possible. In the model there is a set of
detectors, equivalent to the T cells that are produced by humans. The detectors are tested against
normal data sets to make sure they do not set off any false alarms. This is the self discrimination
aspect of AIS IDS. Detectors that erroneously react to normal network data are eliminated. The
ones that remain are deemed as proper functioning and are sent out into the network to perform
self and non-self discrimination. The idea behind this biologically inspired technique is that by
releasing detectors that have been tested against normal network data, they will recognize other
normal network data and only flag problematic behavior in the network (Bakar, Hardoroudi,
Hosseinpour & Kazazi, 2010, 323-324).
AIS IDS is an example of mobile agent architecture and an anomaly based IDS. The
mobile agents are the detectors that roam the network searching for anomalies. They identify the
anomaly based on the comparison of known normal behavior to the anomalous behavior. Since
the mobile agent detectors migrate from one suspected node to another rather than operating
individually on every node it brings the advantage of reduced network bandwidth (Bakar,
Hardoroudi, Hosseinpour & Kazazi, 2010, 323-324).
Authentication. Authentication is not discussed as widely as other security techniques.
In a 2009 article by Shrestha, Sung, Lee, Sik-Yun, Choi, and Han, the authors present secure IDS
with authentication for MANETs using AODV protocol. Their model of IDS uses individual IDS
systems on every node to track the message broadcast through the nodes. This is similar to the
technique used in self umpiring of monitoring neighboring nodes. The IDS model proposed was
anomaly based and depends on every node storing reports of usual activity and monitoring the
Running head: SECURITY SOLUTIONS FOR MANETS INCLUDING IDS DEVELOPMENT 16
network. The nodes monitor, “the number of packets send, idle periods, number of corrupted
packets etc.” and also implement “one way key chain authentication” (p. 760).The authors of the
article freely admit that while strong against external intrusions, their authentication protocols
are not as effective against internal intrusions. The IDS model proposed in their article integrates
the need for authentication before a message is sent. Despite its flaws, the model introduces an
element of integrity not seen in most networks operating in promiscuous mode, and is able to
provide this element of security without creating the same computational overhead as
cryptography.
Conclusion
Using MANETS provides a network with the unique capability of functioning without a
fixed infrastructure. The benefits are great and can be used in battlefield and disaster situations.
The problem with MANETs is that they are a wireless broadcasting system subject to more
vulnerabilities than fixed-infrastructure networks. MANETs rely on other mobile devices in
their network to serve as routers, bringing in the element of constantly changing topography.
Since nodes are regularly leaving and entering the network, a MANET needs to be able
to let newcomer nodes join the network securely. The security issues discussed in this paper arise
from this inherently dynamic environment.
Malicious nodes that enter the network become used as routers as all nodes are. A
malicious node can attack in numerous ways ranging from altering packet information, dropping
packets, flooding a network, changing route tables by falsely presenting itself as a valid path to a
destination node, or using its position to intercept information. Passive attacks such as
eavesdropping on other packets and nodes and collecting the information are especially
concerning because the mechanism of eavesdropping is the very basis for the security technique
Running head: SECURITY SOLUTIONS FOR MANETS INCLUDING IDS DEVELOPMENT 17
of self umpiring. Malicious nodes can conduct attacks that drain other nodes of their battery
power or use high levels of computational resources to reduce the effectiveness of the network.
Solutions presented to combat these problems range from different routing protocols to
techniques like IDS, self umpiring, and token systems. The routing protocols proposed range in
methods of operation; some of them are more commonly used than others, and they offer
different security options. One key point to notice when evaluating routing protocols is that the
ones offering more security are also higher in their use of computational resources (battery,
bandwidth etc.). SRP is an interesting protocol because it requires a path to be established
securely in both directions before it transmits the data. This combats the presence of malicious
nodes providing false topology information. If in SRP the node misrepresents itself then the
protocol will be unable to establish the path and the source node will find another path to the
destination node.
Techniques such as the use of self umpiring and token schemes are unique in that they
require network cooperation in order to function properly. Self umpiring comes with the added
security risk of other nodes eavesdropping while in promiscuous node. Conversely, it introduces
the benefit of being able to identify and ban malicious nodes from a network. If secure routing is
desired then the use of protocols that do not involve self umpiring is desirable. A token scheme
could probably be used in place of self umpiring in those situations, since the nodes do not
monitor each other and merely trade tokens per message transaction. An IDS system should be
implemented, but type and architecture will vary based on the size, resources, and protocols of
MANETs. Current security solutions seem to make compromises in areas of either security or
functionality in order to achieve the aspects that have been given priority. Overall, an ideal
Running head: SECURITY SOLUTIONS FOR MANETS INCLUDING IDS DEVELOPMENT 18
security solution is one that addresses the issues of confidentiality, anonymity, authentication,
integrity, and accessibility.
Running head: SECURITY SOLUTIONS FOR MANETS INCLUDING IDS DEVELOPMENT 19
References
Abdullah, A.H., Mandala, S., & Ngadi, M.A. (2008). A survey on MANET intrusion detection.
International Journal of Computer Science and Security, 2(1), 1-11. Retrieved from
http://www.ijcsns.org/
Agha, K.A., & Fovrati, A. (2008). Detecting forged routing messages in ad hoc networks.
Telecommunication Systems, 39, 205-214. doi:10.1007/11235-008-9122-0
Babu, B. S. (2005). Security issues in MANETS. PowerPoint Presentation presented at Indo-UK
Workshop on Ubiquitous Computing, Indian Institute of Science, Bangalore, India.
Bakar, K.A., Hardoroudi, A.H., Hosseinpour, F. Kazazi, N. (2010). Survey on artificial immune
system as a bio-inspired technique for anomaly based intrusion detection systems. IEEE
Journal. 323-324. doi: 10.1109/INCOS.2010.40
Chen, H., Lin, Y., Wang, J. 2009. A secure DSDV routing protocol for ad hoc mobile networks.
2009 Fifth International Joint Conference on INC, IMS and IDC. 2079-2084. doi:
10.1109/NCM.2009.326
Dash, A.R., Mishra, P.B., Rath, A.K., Vijaya, I. (2011). Influence of routing protocols in
performance of wireless mobile ad hoc network. IEEE Journal. 340-344. doi:
10.1109/EAIT.2011.65
Gorlatova, M., Lamont, L., Mason, P., Wang, M. (2005). An effective intrusion detection
approach for OLSR MANET protocol. IEEE Journal. 55-60. Retrieved from
http://www.ieee.org/
Haas, Z.J., Papadimitratos, P. (2002). Secure routing for mobile ad hoc networks. SCS
Communication Networks and Distributed Systems Modeling and Simulation Conference.
1-12. Retrieved from http://citeseerx.ist.psu.edu/
Running head: SECURITY SOLUTIONS FOR MANETS INCLUDING IDS DEVELOPMENT 20
Jamalipour, A., Kato, N., Kurosawa, S., Nakayama, H., Nemoto, Y. (2005) A self-adaptive
intrusion detection method for AODV-based mobile as hoc networks. IEEE Journal. 1-8.
http://www.ieee.org/
Kathirvel, A. & Srinivasan, R. (2010). Self umpiring system for security in wireless mobile ad
hoc network. Wireless Sensor Network, 2, 264-266. doi: 10.4236/wsn.2010.23036
Kandikattu, R., & Jacob, L. (2007). Secure internet connectivity for dynamic source routing
(DSR) based mobile as hoc networks. International Journal of Electronics, Circuits and
Systems, 2(1), 40-45. Retrieved from http://www.waset.org/
Kumar, K. (2009). Intrusion detection in mobile ad hoc networks (Master's thesis). Retrieved
from ProQuest Dissertations and Theses database. (UMI No. 1481639)
Lu, S., Meng, X., Shu, J., Yang, H. (2005). SCAN: Self-organized network-layer security in
mobile ad hoc networks. IEEE Journal. 24(2). 261-273. Retrieved from
http://www.iee.org/
Meghanathan, N., Olgabegi, B.S. (2010). A review of the energy efficient and secure multicast
routing protocols for mobile ad hoc networks. International Journal on applications of
graph theory in wireless ad hoc networks and sensor networks. 2(2), 1-15. Retrieved
from http://airccse.org/
Qi, J., Wang, H., Xia, C., & Zhou, Y. (2009). Research on survivability of mobile ad-hoc
network. J. Software Engineering & Applications, 2, 50-54. doi:
http:/www.SciRP.org/journal.jsea