Mitigating Jamming Attacks and Improving Wireless Communication

For more Https://www.ThesisScientist.com
Mitigating Jamming Attacks and Improving
Communication Performance in Wireless Ad hoc
Environment
A Dissertation Report Submitted in the Partial Fulfillment of
The Award of the Degree of
MASTER OF TECHNOLOGY
IN
COMPUTER SCIENCE AND ENGINEERING
Under Guidance of: Submitted By:
Name of Internal Guide Name of Students
(Designation) Roll No
SRCEM LOGO
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

Abstract
MANETs have unique characteristics like dynamic topology, wireless radio medium, limited
resources and lack of centralized administration; as a result, they are vulnerable to different types
of attacks in different layers of protocol stack. Each node in a MANET is capable of acting as a
router. The necessity for a secure MANET networks is powerfully tied to the security and
privacy features. This Jamming attacks are one of them. These occur by transmitting continuous
radio ways to inhibit the transmission among sender and receiver. These attacks affect the
network by decreasing the network performance. Previously there had been considerable
research in the field of increasing the performance of network by using routing protocols. These
attacks affect the network by decreasing the network performance. Previously there had been
considerable research in the field of increasing the performance of network by using routing
protocols.
In our research work we are improving the performance of mobile ad hoc networks under
jamming attack by using an integrated approach. The proposed work includes a network with
high mobility, using IEEE Along g standard with improved AODV (Ad hoc On Demand
Distance Vector) routing protocol parameters. FTP and Video conferencing with high data rate
are being generated in the network. The performance of network is measured with respect to the
QoS parameters like throughput, retransmission attempts, network load and media access delay.
OPNET (Optimized Network Engineering Tool) MODELER 16.0 is used for simulation. The
results of simulation demonstrate that the overall performance of network with jamming attack
has been increased by using the integrated approach.
Keywords: MANETs, Jamming Attack, Throughput, OPNET.

CHAPTER 1
INTRODUCTION
1 Introduction:
The rapid development of devices such as laptops, notepads, PDAs, mobile phone handsets,
satellite navigation systems for vehicles, Bluetooth peripherals and other gadgets that take
advantage of wireless communication has encouraged & attracted research activities in wireless
networking technology in the last decade. As they become part of our everyday activity, the
importance of providing services such as connectivity, management and security for networks
consisting of these devices has increased dramatically. Mobile Ad Hoc networks (MANETs) [4]
have emerged as one of the next generation networking technologies. A temporary network can
dynamically form without the need of any existing infrastructure using mobile ad hoc
networking technology. A mobile ad hoc network is a network of autonomous devices, which
communicate through wireless medium. A MANET has a distributed, multi-hop network
architecture that does not depend on any pre-existing network infrastructure for its deployment.
The requirement to deploy a MANET is at least two mobile nodes in communication range of
each other. The MANET environment differs significantly from fixed networks. In particular, the
network topology of MANETs is dynamic because the nodes in MANETs are free to join and
leave the network at any time, as they are free to move arbitrarily [5]. Another major
characteristic of a MANET node is the ability to route information for other nodes in order to
provide a routing service in the network in the absence of other routing devices. Mobile ad hoc
networks have the desired features of fast deployment and the ability to communicate while on
the move, which meets the requirement of next generation networking technology. However,
certain features such as a lack of centralized control, cooperative routing, and limited
computational ability of their nodes poses extra security challenges. To obtain a desired level of
security service in fixed wired networks, a network firewall [6] is normally used to limit traffic
between the network and the outside world to prevent attacks. However, a firewall does not

prevent attacks inside the network; hence, intrusion detection systems and other security
mechanisms based on cryptographic techniques are extensively used in conjunction with
firewalls in fixed networks. Due to the fact that firewall implementation in MANETs are not
operationally feasible because of their lack of centralized control, Intrusion Detection and
Prevention (IDP) [7] systems become the front line of defense to protect mobile ad hoc networks.
Intrusion Detection is defined in [7] a~ a security system for computers and networks for
detecting inappropriate, incorrect, or anomalous activity or behavior. To find evidence of
security violation it employs various detection techniques and then it initiates an intrusion
response to alleviate the damage and prevent further attacks. Although deployment of any
security mechanism in mobile ad hoc networks is a demanding task, intrusion detection and
prevention has transpired as a promising approach to deal with most of the security challenges
with a reasonable overhead on MANETs as we shall show through our proposed LOP
mechanism.
1.1 Research Motivation
With the rapid proliferation of mobile devices and their extensive use in modem lifestyle, the
paradigm of networking has shifted from fixed networks to mobile wireless networking
technologies with limited or no infrastructure support. This paradigm shift was indicated in [8]
[9], where visionary researchers described the future integration of mobile networking
technologies with the Internet. Mobile ad hoc networks have high significance in current
pervasive networking due to their desirable features such as fast deployment and no need for
existing infrastructure. Because of these features mobile ad hoc networks are best suited to
provide networking facilities in case of emergencies and natural disasters for example, in case of
earthquake where there is no infrastructure available a MANET can be formed to carried out
rescue operations. However, routing and data services in these networks are vulnerable to
security threats because of the following reasons.
• In the absence of routers, nodes in the network have to participate and cooperatively achieve
the routing and data service requirement.

• Because of the open architecture of the network where the nodes are free to join in and leave
any time, a rogue node can join the network to cause damage.
• Most commonly used ad hoc routing protocols such as Ad hoc On-demand Distance Vector
routing (AODV) [to] and Dynamic Source Routing (DSR) [11] are designed under the
assumption that all nodes trust each other and there are no malicious intruder nodes in the
network. Therefore, the presence of any such nodes imposes security challenges. Malicious
nodes can cause severe disruption through a wide variety of attacks including both routing and
data forwarding attacks.
• Stringent resource constraints exist in MANETs; for example, most of the nodes in MANETs
rely on exhaustible battery resources and intruders can exploit this to compromise routing and
data forwarding service in the network.
• Highly dynamic topology of the network due to nodes' mobility makes it difficult to detect the
attacking node. Therefore, the fundamental motivation of the research described in this thesis
emerges from realizing the need to secure mobile ad hoc networks from a wide variety of
attacks. Attacks from intruder or malicious nodes cause various degree of damage to the network
depending on the type of attack used. We note that a substantial research effort has already been
made to secure MANETs. We can find several examples in literature where various routing
attacks are analyzed and then proposals are made to detect these individual attacks. However, our
view in this thesis is that most of the work described previously in the literature has focused on
detecting and preventing a single attack; but very few have suggested a generalize approach that
can protect against a wide variety of attacks. We consider that security is a major service for
MANETs, where there is no central administration or control to monitor and identify attacks or
activities that compromise network security. We also note the lack of research on mechanisms
with the capability to detect and prevent a range of possible attacks in MANETs. Therefore in
our opinion, further research is needed on mechanisms that can guard MANETs against a wide
variety of attacks effectively. This is especially true for reactive routing protocols since they are
more widely used.
1.2 Background and Related Work:

Technological advances in field of communications have occurred at an incredible pace in the
last few decades that has changed the way we live and communicate; in particular, breakthroughs
in the "wireless world" have revolutionized our lifestyle. Developments in technology have not
only brought change in personal lifestyle but also from a commercial perspective companies are
adopting to the advancement in wireless networking technology to improve customer services.
One of the major advances in the wireless networking technology is the concept of ad hoc
networking. Mobile ad hoc network has attracted the research community since mid 1990s, due
to the rapid growth of wireless devices and Wi-Fi (IEEE 802.11). As part of this, a significant
amount of research in MANETs has looked at providing desirable level of security services. This
chapter first explains the paradigm of mobile ad hoc networking including its characteristics,
application and routing. We then consider security aspects, describing vulnerabilities, classifying
possible attacks and reviewing existing proposals that secure MANETs from attacks. Finally, in
the last section we present concepts of intrusion detection and prevention (IDP) including,
categorization of IDS, ID techniques, IDS challenges in MANETs, and review existing IDS
architectures and proposals from the literature.
2.1 MANETs Paradigm:
2.1.1 Background& Standards
The evolution of Ad Hoc networks can be categorized into three generations. The first one is
considered to date from 1972 when it was called PRNET (Packet Radio Network) [12], where
CSMA (Carrier Sense Multiple Access) was used as the access mechanism. The second
generation of ad-hoc networks emerged in the 1980s, when enhanced ad-hoc network systems
were implemented as a part of the SURAN (Survivable Adaptive Radio Networks)[13] program.
This introduced a packet-switched network without a preexisting infrastructure for battlefield
environment. In the 1990s, with the emergence of wireless devices such as notebook the concept
of commercial ad-hoc networks arrived. At the same time, the concept of a collection of mobile
devices working together was proposed at several research conferences and the IEEE 802.11 sub
committee adopted the term of "ad hoc networks". Since then the research community has
recognized this as a wireless ad hoc networking paradigm.

In 1997 the IETF established the Mobile Ad hoc Networking Working Group [14] and since then
substantial effort has been put in by the research community for standardization on this emerging
paradigm. The purpose of this working group is to standardize the routing protocol by
considering their suitable functionality in MANETs environment. They developed two standard
track routing protocol specifications as reactive MANET protocols and proactive MANET
protocols. One of the main considerations for the standardization of routing protocols is their
performance issues such as loop freedom, demand based operations, distributed operation and
proactive operations [15]. Taking into consideration the configuration issues of MANETs, IETF
recently formed another working group called Ad Hoc Networks Auto configuration (auto conf)
[16]. The main aim of this working group is to describe the issues in addressing model for ad hoc
networks that is how the nodes in ad hoc network configure their address both locally and
globally when they connect to other networks. The auto conf working group has contributed in a
form of internet draft [17], where they propose and describe a model for configuring IP addresses
in ad hoc networks. The research community perspective on this multi hop ad hoc networking
technology has changed as the technology has developed in the last two decades. In [18] they
defined the term pure MANETs referring to an ad hoc network with no infrastructure support as
compared to one with limited infrastructure support.
The former is now considered as one of the desirable features for ad hoc networking. In [20]
IEEE 802.11 a, the IEEE defined the standard for wireless local area network (LAN) technology,
which was published in 1999 and has been revised and amended several times for improvement.
Enhancement to the existing medium access control and physical layer specification was the
main purpose of enhanced standard in which it describes IEEE 802.11 architecture components.
Basic Service Set (BSS) is a basic component for IEEE LAN technology. An access point (AP)
and all the stations associated with it called a BSS. The coverage of the AP known as basic
service area (BSA) and if a station is moved out of the BSA then it cannot directly communicate
with the other stations in the BSS. BSS can connect other BSS if they have a common service set
identifier (SSID) and this set of interconnected BSS are called extended service set (ESS). Key
feature of this ESS is that stations within the ESS can communicate and may move from one
BSS to another transparently to logical link control. Independent basic service set (IBSS) is the

component of IEEE 802.11 architecture as shown in fig 2-1; it defines the standard for ad hoc
mode of operations. In this mode, no access point is required, stations communicate in a
distributed manner, and the minimum requirement is two stations within the radio range of each
other. The station that initiate communication acts initially as an access point and broadcast the
properties of newly formed ad hoc network and the
2.1.2 Ad-Hoc Networks
Ad-Hoc networks have no infrastructure where the nodes are free to join and left the network.
The nodes are connected with each other through a wireless link. A node can serve as a router to
forward the data to the neighbors’ nodes. Therefore this kind of network is also known as
infrastructure less networks. These networks have no centralized administration. Ad-Hoc
networks have the capabilities to handle any malfunctioning in the nodes or any changes that its
experience due to topology changes. Whenever a node in the network is down or leaves the
network that causes the link between other nodes is broken. The affected nodes in the network
simply request for new routes and new links are established Ad-Hoc network can be categorized
in to static Ad-Hoc network (SANET) and Mobile Ad-Hoc network (MANET).
2.1.3 Static Ad-Hoc Networks:
In static Ad-Hoc networks the geographic location of the nodes or the stations are fixed. There is
no mobility in the nodes of the networks, that’s why they are known as static Ad-Hoc networks.
2.1.4 Mobile Ad-Hoc Networks
Mobile Ad-Hoc network is an autonomous system, where nodes/stations are connected with each
other through wireless links. There is no restriction on the nodes to join or leave the network,
therefore the nodes join or leave freely.

Fig.1.1 Mobile Ad-Hoc Network
Mobile Ad-Hoc network topology is dynamic that can change rapidly because the nodes move
freely and can organize themselves randomly. This property of the nodes makes the mobile Ad-
Hoc networks unpredictable from the point of view of scalability and topology.
2.1.5 Characteristics of MANETs
When a node wants to communicate with another node, the destination node must lies within the
radio range of the source node that wants to initiate the communication. The intermediate nodes
within the network aids in routing the packets for the source node to the destination node. These
networks are fully self organized, having the capability to work anywhere without any
infrastructure. Nodes are autonomous and play the role of router and host at the same time.
MANET is self governing, where there is no centralized control and the communication is
carried out with blind mutual trust amongst the nodes on each other. The network can be set up
anywhere without any geographical restrictions. One of the limitations of the MANET is the
limited energy resources of the nodes.
Types of Mobile Ad-Hoc Network:
1. Vehicular Ad-Hoc Networks (VANET’s)
2. Intelligent Vehicular Ad-Hoc Networks ( InVANET’s)

3. Internet Based Mobile Ad-Hoc Networks (iMANET’s
1 Vehicular Ad-Hoc Networks (VANET’s):
VANET is a type of Mobile Ad-Hoc network where vehicles are equipped with wireless and
form a network without help of any infrastructure. The equipment is placed inside vehicles as
well as on the road for providing access to other vehicles in order to form a network and
communicate.
2 Intelligent Vehicular Ad-Hoc Networks (In-VANET’s):
Vehicles that form Mobile Ad-Hoc Network for communication using WiMAX IEEE 802.16
and WiFi 802.11. The main aim of designing In-VANET’s is to avoid vehicle collision so as to
keep passengers as safe as possible. This also help drivers to keep secure distance between the
vehicles as well as assist them at how much speed other vehicles are approaching. In-VANET’s
applications are also employed for military purposes to communicate with each other.
3 Internet Based Mobile Ad-Hoc Networks (i-MANET’s):
These are used for linking up the mobile nodes and fixed internet gateways. In these networks
the normal routing algorithms does not apply [2].
2.2 Applications of MANETs:
The properties of MANET make it so much favorable that would bring so many benefits. There
are so many research areas in MANET which is under studies now. The most important area is
vehicle to vehicle communication. Where the vehicle would communicate with each other,
keeping a safe distance between them as well as collision warnings to the drivers. MANET can
be used for automated battlefield and war games. One of the most important areas where
MANETs are applied is emergency services such as disaster recovery and relief activities, where
traditional wired network is already destroyed. There are so many other application areas such as
entertainment, education and commercial where MANETs are playing their role for connecting
people.

2.3 Short comings of Mobile Ad-Hoc Networks:
Some of the disadvantages of MANETs are as follows.
 Limited Resources.
 Scalability problems.
 No central check on the network.
 Dynamic topology, where it is hard to find out malicious nodes.
2.4 MANETs Routing Protocols
Mobile Ad-Hoc Network is the rapid growing technology from the past 20 years. The gain in
their popularity is because of the ease of deployment, infrastructure less and their dynamic
nature. MANETs created a new set of demands to be implemented and to provide efficient better
end-to-end communication. MANETs works on TCP/IP structure to provide the means of
communication between communicating work stations. Work stations are mobile and they have
limited resources, therefore the traditional TCP/IP model needs to be refurbished ormodified, in
order to compensate the MANETs mobility to provide efficient functionality. Therefore the key
research area for the researchers is routing in any network. Routing protocols in MANETs are a
challenging and attractive tasks, researchers are giving tremendous amount of attention to this
key area.
2.5 Classification of MANETs Routing Protocols:
Routing protocols in MANETs are classified into three different categories according to their
functionality
1. Reactive protocols
2. Proactive protocols
3. Hybrid protocols
The hierarchy of these protocols is shown bellow in the figure .

Fig.1.2 MANETs Routing Protocols
2.5.1 Reactive Protocols:
Reactive protocols also known as on demand driven reactive protocols. The fact they are known
as reactive protocols is, they do not initiate route discovery by themselves, until they are
requested, when a source node request to find a route. These protocols setup routes when
demanded [3, 4]. When a node wants to communicate with another node in the network, and the
source node does not have a route to the node it wants to communicate with, reactive routing
protocols will establish a route for the source to destination node. Normally reactive protocols
 Don’t find route until demanded
 When tries to find the destination ―on demand‖, it uses flooding technique to propagate
the query.
 Do not consume bandwidth for sending information.
 They consume bandwidth only, when the node start transmitting the data to the
destination node.
1. Ad-Hoc On Demand Distance Vector Protocol (AODV):
AODV is described in RFC 3561 [5]. It’s reactive protocol, when a node wishes to start
transmission with another node in the network to which it has no route; AODV will provide
topology information for the node. AODV use control messages to find a route to the destination

node in the network. There are three types of control messages in AODV which are discussed
bellow.
Route Request Message (RREQ):
Source node that needs to communicate with another node in the network transmits RREQ
message. AODV floods RREQ message, using expanding ring technique. There is a time to live
(TTL) value in every RREQ message, the value of TTL states the number of hops the RREQ
should be transmitted.
Route Reply Message (RREP):
A node having a requested identity or any intermediate node that has a route to the requested
node generates a route reply RREP message back to the originator node.
Route Error Message (RERR):
Every node in the network keeps monitoring the link status to its neighbor’s nodes during active
routes. When the node detects a link crack in an active route, (RERR) message is generated by
the node in order to notify other nodes that the link is down.
Route Discovery Mechanism in AODV
When a node ―A‖ wants to initiate transmission with another node ―G‖ as shown in the Fig. 2.4 ,
it will generate a route request message (RREQ). This message is propagated through a limited
flooding to other nodes. This control message is forwarded to the neighbors, and those node
forward the control message to their neighbors’ nodes. This process of finding destination node
goes on until it finds a node that has a fresh enough route to the destination or destination node is
located itself. Once the destination node is located or an intermediate node with enough fresh
routes is located, they generate control message route reply message (RREP) to the source node.
When RREP reaches the source node, a route is established between the source node ―A‖ and
destination node ―G‖. Once the route is established between ―A‖ and ―G‖, node ―A‖ and ―G‖ can
communicate with each other. Fig.1.3 depicts the exchange of control messages between source
node and destination node.

Fig.1.3 AODV Route Discovery
When there is a link down or a link between destinations is broken that causes one or more than
one links unreachable from the source node or neighbors nodes, the RERR message is sent to the
source node. When RREQ message is broadcasted for locating the destination node i.e. from the
node ―A‖ to the neighbors nodes, at node ―E‖ the link is broken between ―E‖ and ―G‖, so a route
error RERR message is generated at node ―E‖ and transmitted to the source node informing the
source node a route error, where ―A‖ is source node and ―G‖ is the destination node. The scheme
is shown in the Fig. below.
Fig. 1.4 Route Error Message in AODV
2. Dynamic Source Routing Protocol:

Dynamic source routing protocol abbreviated as DSR is also a reactive protocol. DSR use to
update its route caches by finding new routes. It updates its cache with new route discovered or
when there exist a direct route between source and destination node. When a node wants to
transmit data, it defines a route for the transmission and then starts transmitting data through the
defined route. There are two processes for route discovery and maintenance which are described
below.
Route Discovery Process:
When a source node wants to start data transmission with another node in the network, it checks
its routing cache. When there is no route available to the destination in its cache or a route is
expired, it broadcast RREQ. When the destination is located or any intermediate node that has
fresh enough route to the destination node, RREP is generated [15]. When the source node
receives the RREP it updates its caches and the traffic is routed through the route.
Route Maintenance Process:
When the transmission of data started, it is the responsibility of the node that is transmitting data
to confirm the next hop received the data along with source route. The node generates a route
error message, if it does not receive any confirmation to the originator node. The originator node
again performs new route discovery process.
2.5.2 Proactive Protocols:
Proactive routing protocols work as the other way around as compared to reactive routing
protocols. These protocols constantly maintain the updated topology of the network. Every node
in the network knows about the other node in advance, in other words the whole network is
known to all the nodes making that network. All the routing information is usually kept in tables
[6]. Whenever there is a change in the network topology, these tables are updated according to
the change. The nodes exchange topology information with each other; they can have route
information any time when they needed [6].
1. Optimized Link State Routing Protocol (OLSR):

The Optimized Link State Routing (OLSR) protocol is described in RFC3626 [7]. OLSR is
proactive routing protocol that is also known as table driven protocol by the fact that it updates
its routing tables. OLSR has also three types of control messages which are describe bellow.
Hello: This control message is transmitted for sensing the neighbor and for Multi Point
Distribution Relays (MPR) calculation.
Topology Control (TC): These are link state signaling that is performed by OLSR. MPRs
are used to optimize theses messaging.
Multiple Interface Declaration (MID): MID messages contains the list of all IP
addresses used by any node in the network. All the nodes running OLSR transmit these messages
on more than one interface.
OLSR Working Multi Point Relaying (MPR)
OLSR diffuses the network topology information by flooding the packets throughout the
network. The flooding is done in such way that each node that received the packets retransmits
the received packets. These packets contain a sequence number so as to avoid loops. The
receiver nodes register this sequence number making sure that the packet is retransmitted once.
The basic concept of MPR is to reduce the duplication or loops of retransmissions of the packets.
Only MPR nodes broadcast route packets. The nodes within the network keep a list of MPR
nodes. MPR nodes are selected with in the vicinity of the source node. The selection of MPR is
based on HELLO message sent between the neighbor nodes. The selection of MPR is such that, a
path exist to each of its 2 hop neighbors through MPR node. Routes are established, once it is
done the source node that wants to initiate transmission can start sending data.

Fig.1.5 Flooding Packets using MPR
The whole process can be understood by looking into the Fig.1.6 below. The nodes shown in the
figure are neighbors. ―A‖ sends a HELLO message to the neighbor node ―B‖. When node B
receives this message, the link is asymmetric. The same is the case when B send HELLO
message to A. When there is two way communications between both of the nodes we call the
link as symmetric link. HELLO message has all the information about the neighbors. MPR node
broadcast topology control (TC) message, along with link status information at a predetermined
TC interval.
Fig:1.6 Hello Message Exchange

2.5.3 Hybrid Protocols:
Hybrid protocols exploit the strengths of both reactive and proactive protocols, and combine
them together to get better results. The network is divided into zones, and use different protocols
in two different zones i.e. one protocol is used within zone, and the other protocol is used
between them. Zone Routing Protocol (ZRP) is the example of Hybrid Routing Protocol. ZRP
uses proactive mechanism for route establishment within the nodes neighborhood, and for
communication amongst the neighborhood it takes the advantage of reactive protocols. These
local neighborhoods are known as zones, and the protocol is named for the same reason as zone
routing protocol. Each zone can have different size and each node may be within multiple
overlapping zones. The size of zone is given by radius of length P, where P is number of hops to
the perimeter of the zone [8].
2.6 Basic Security Concepts:
To understand security issues it is vital to know the attribute or basic concepts on which a
network security is judged. These attribute associated to security are the desired objectives of
Cryptographic mechanism. Cryptography can be defined in several ways, in [66] it is defined as
Cryptography terminologies, key concepts, types are summarized in [67]. Following are the
attributes [66] or security services on which the security of the networks is evaluated.
2.6.1 Non-Repudiation
Non-repudiation ensures that an entity in a dispute cannot falsely deny its action or reject the
validity of the contact. For example, during a transmission non repudiation service prevents the
sender from denying sending a message which he sent earlier, or a receiver cannot claim to have
received the message falsely.
2.6.2 Availability
Availability is another very important attribute, referring to ensuring that system resources and
services are available for use by authorized users of the system. It is imperative to make sure all
the network services remain available for its users given that an intruder can attempt to deny
services in the network through denial of service attacks, and that a network without desired
services is as bad as having no network. MANETs are especially vulnerable to different types of
denial of service attacks due to their inherent characteristics. To achieve these security attributes

or services in fixed networks several cryptographic mechanism are proposed using trusted third
party (TIP). TIP is an entity in the network trusted by all users in the system for example
Certificate Authority (CA) or Key Distribution Centers (KDC). They are mainly used to provide
key management services such as creating ,distributing, updating and revoking keying material
for both symmetric (involve the use of single key) and asymmetric key (involve the use of two
keys) systems. Security mechanisms developed using TIP are not directly implantable in
MANETs because they lack a trusted infrastructure and absence of centralized control. However,
some proposals based on modified approaches of key management for MANETs can be found in
the literature for example approaches in [15] suggest use of identity-based public key
management systems for MANETS. In [12] authors use identity based signcryption (combines
the functionality of digital signature and symmetric key encryption) and threshold secret sharing
(allows sharing of secret information among group of entities) to provide various security
services in MANETs. Recently the concept of threshold cryptography i.e. protecting secret
information by distributing it among a set of nodes or entities has proven to be an effective
scheme for key management in MANETs.
MANETs are vulnerable in their functionality: intruders can compromise the network operations
by either attacking at physical, MAC or network layer. MANETs are susceptible to
eavesdropping, active interfering and frequency jamming attacks because of wireless links.
Frequency jamming is a common physical layer attack on MANETs. Researchers have looked at
MAC layer misbehavior in MANETs in a presence of compromised or selfish nodes. However,
this thesis focuses on network layer vulnerabilities. Network layer especially routing protocols
for MANETs are more vulnerable in their routing operations because of the following:
 Use of cooperative routing algorithm: Because each node in MANETs has to act as a
router i.e. forward packets for other nodes, participate in route discovery and route
maintenance procedures. Nodes with harmful intention can cause severe disruption
exploiting this property of routing protocols.
 Rely on exhaustible batteries: most nodes in ad hoc network rely on exhaustible batteries;
hence, their processing capabilities are limited. Intruder can exploit this property by

forcing a node to process unnecessary packets in an attempt to exhaust their batteries
within the rules of routing protocols. Any service offered by the victim nodes can be
denied through this intrusive activity.
 Limited computational ability: nodes in such networks generally have limited
computational capabilities Le. low processing frequencies and smaller memory size
which also adds to the existing vulnerabilities.
 Easy theft of nodes: location of nodes in such networks is not permanent as they are
allowed to move arbitrarily which makes them vulnerable to being physically captured.
From a routing perspective, this means that a node can be compromised easily.
 Transient nature of services: because the topology of the network is dynamic as nodes
move frequently, therefore any specific service provided by nodes is transient, this adds
to the uncertainty in these networks. This makes it difficult to distinguish between
acceptable or malicious behavior. cryptography key management scheme for MAENTs
and their simulation results show the advantages and suitability of the idea in MANETS.
2.7 Vulnerability of MANET Routing Protocols:
Vulnerability, threat, and attacks are the terms used often in computer network security.
We begin this subsection with defining these terms [66]:
2.7.1 Confidentiality
Confidentiality is also known as secrecy or privacy. Confidentiality is the process of concealing
information on the network, i.e. it ensures that information content cannot be revealed by
unauthorized entities that are normally known as internal or external attacker or intruders. It can
also be described as a security service that ensures only intended receivers could interpret the
information transmitted on the network. Confidentiality is very important security service in
MANETs considering wireless links in such networks are easily susceptible to eavesdropping. In
[68] a security protocol for reliable data delivery is proposed to improve the confidentiality
service in MANETs. They propose to split the encrypted message into separate shares and these
shares should be transmitted through independent multiple paths so making it difficult for the
attacker because now he has to eavesdrop all pieces of message and has to decrypt all of them

successfully to understand the message. In [69] Seng et.al propose secure routing mechanism
which provide data confidentiality using shared secret key.
2.7.2 Integrity:
Integrity ensures that data packets are unaltered during transition from source to destination i.e.
unauthorized user could not manipulate data through insertion, substitution, deletion or forging
data. To maintain integrity, data is usually signed by the source and the receiver verifies the
digital signature to be assured of integrity of the data. Such mechanism will incur extra overhead
for nodes in MANETs with limited processing abilities and also because nodes relay data for
other nodes, so integrity cheeks needs to carried out at every hop. In [20] Gavidia et.al realize the
cost of guaranteeing data integrity mechanism for MANETs and proposed a solution based on
probabilistic integrity checks and traffic analysis. They prove that probablistic verification is an
effective method to restrict the amount of corrupted content and their spread i.e. ensures data
integrity in MANETs.
2.7.3 Authentication:
Authentication is a process that allows node to verify the identity of the other nodes with it is
communicating. Two types of authentication are entity and data authentication [36]. Entity
authentication ensures that other communicating parties are who they claim to be and data
authentication is focused on providing a guarantee as to the origin of the data.
2.8 Flaws in MANETS:
MANETs are very flexible for the nodes i.e. nodes can freely join and leave the network. There
is no main body that keeps watching on the nodes entering and leaving the network. All these
weaknesses of MANETs make it vulnerable to attacks and these are discussed bellow.
2.8.1 Non Secure Boundaries:
MANET is vulnerable to different kind of attacks due to no clear secure boundary. The nature of
MANET, nodes have the freedom to join and leave inside the network. Node canjoin a network
automatically if the network is in the radio range of the node, thus it can communicate with other
nodes in the network. Due to no secure boundaries, MANET is more susceptible to attacks. The

attacks may be passive or active, leakage of information, false message reply, denial of service or
changing the data integrity. The links are compromised and are open to various link attacks.
Attacks on the link interfere between the nodes and then invading the link, destroying the link
after performing malicious behavior. There is no protection against attacks like firewalls or
access control, which result the vulnerability of MANET to attacks. Spoofing of node’s identity,
data tempering, confidential information leakage and impersonating node are the results of such
attacks when security is compromised [10].
2.8.2 Compromised Node:
Some of the attacks are to get access inside the network in order to get control over the node in
the network using unfair means to carry out their malicious activities. Mobile nodes in MANET
are free to move, join or leave the network in other words the mobile nodes are autonomous [11].
Due to this autonomous factor for mobile nodes it is very difficult for the nodes to prevent
malicious activity it is communicating with. Ad-hoc network mobility makes it easier for a
compromised node to change its position so frequently making it more difficult and troublesome
to track the malicious activity. It can be seen that these threats from compromised nodes inside
the network is more dangerous than attacking threats from outside the network.
2.8.3 No Central Management:
MANET is a self-configurable network, which consists of Mobile nodes where the
communication among these mobile nodes is done without a central control. Each and every
node act as router and can forward and receive packets [12]. MANET works without any
preexisting infrastructure. This lack of centralized management leads MANET more vulnerable
to attacks. Detecting attacks and monitoring the traffic in highly dynamic and for large scale Ad-
Hoc network is very difficult due to no central management. When there is a central entity taking
care of the network by applying proper security, authentication which node can join and which
can’t. The node connect which each other on the basis of blind mutual trust on each other, a
central entity can manage this by applying a filter on the nodes to find out the suspicious one,
and let the other nodes know which node is suspicious.

2.8.4 Problem of Scalability:
In traditional networks, where the network is built and each machine is connected to the other
machine with help of wire. The network topology and the scale of the network, while designing
it is defined and it do not change much during its life. In other words we can say that the
scalability of the network is defined in the beginning phase of the designing of the network. The
case is quite opposite in MANETs because the nodes are mobile and due to their mobility in
MANETs, the scale of the MANETs is changing. It is too hard to know and predict the numbers
of nodes in the MANETs in the future. The nodes are free to move in and out of the Ad-Hoc
network which makes the Ad-Hoc network very much scalable and shrinkable. Keeping this
property of the MANET, the protocols and all the services that a MANET provides must be
adaptable to such changes.
2.9 Classification of Attacks
The attacks can be categorized on the basis of the source of the attacks i.e. Internal or External,
and on the behavior of the attack i.e. Passive or Active attack. This classification is important
because the attacker can exploit the network either as internal, external or/ as well as active or
passive attack against the network.
2.9.1 External and Internal Attack
External attackers are mainly outside the networks who want to get access to the network and
once they get access to the network they start sending bogus packets, denial of service in order to
disrupt the performance of the whole network. This attack is same, like the attacks that are made
against wired network. These attacks can be prevented by implementing security measures such
as firewall, where the access of unauthorized person to the network can be mitigated. While in
internal attack the attacker wants to have normal access to the network as well as participate in
the normal activities of the network. The attacker gain access in the network as new node either
by compromising a current node in the network or by malicious impersonation and start its
malicious behavior. Internal attack is more severe attacks then external attacks.

Fig.1.7 External and Internal Attacks in MANETs
2.10.2 Active and Passive Attack
In active attack the attacker disrupts the performance of the network, steal important information
and try to destroy the data during the exchange in the network [13]. Active attacks can be an
internal or an external attack. The active attacks are meant to destroy the performance of network
in such case the active attack act as internal node in the network. Being an active part of the
network it is easy for the node to exploit and hijack any internal node to use it to introduce bogus
packets injection or denial of service. This attack brings the attacker in strong position where
attacker can modify, fabricate and replays the massages. Attackers in passive attacks do not
disrupt the normal operations of the network [13]. In Passive attack, the attacker listen to
network in order to get information, what is going on in the network. It listens to the network in
order to know and understand how the nodes are communicating with each other, how they are
located in the network. Before the attacker launch an attack against the network, the attacker has
enough information about the network that it can easily hijack and inject attack in the network.

Fig. 1.8 Active and Passive Attack in MANETs
2.11 APPROACH:
Our approach to this work is taken through systematic steps towards actualizing a constructive
intrusion detection scheme based on a collection of theories and concepts. Through research and
evaluation we conducted comparative studies of different approaches in related works, we
attempt to describe the characteristics of network attacks and their associated vulnerabilities. We
also study the different categories of intrusion detection and device a rule-based detection
algorithm to counter the effect of the attacks. This approach focuses on the importance of
establishing a conceptual security performance analysis towards wireless ad hoc networks
Furthermore; we have taken a qualitative approach through simulations and the results help build
the foundation of our approach to IDS evaluation. In this work, we gained considerable
experience and knowledge in our experimental approach while using OPNET v14.5 simulation
tool to validate our analysis. In addition we were able to ascertain the capabilities of our
detection scheme on the network throughput based on the jammer attack traces.
2.12 METHODOLOGY:
This section describes the simulation tool used along with the proposed method.
A. Simulation tool used: OPNET modeler (16.0) is extensive and a very powerful
simulation software with wide variety of possibilities. The entire heterogeneous networks with

various routing protocols can be simulated using OPNET. High level of user interface is used in
OPNET which is constructed from C and C++ source code blocks.
B. Simulation Setup: The simulation focuses on improving the performance of MANETs
under jamming attack. Therefore an Integrated approach is used to improve the network
performance under jamming attack. This approach includes:
 Network with high mobility
 High data rate of 54mbps by using IEEE 802.11g standard
 Improved parameter of AODV routing protocol
 Generation of high resolution video conferencing and FTP traffic
2.13 Performance Evaluation Metrics:
To evaluate the suitability of our simulated intrusion detection algorithm and isolate the factors
that influence the jammer detection process.
A Throughput: It is the fraction of traffic correctly received by the radio channel receiver
normalized to the overall capacity of the network. Thus we reference the anomalies due packet
arrival rates and receiver power threshold variations as a function of the network throughput. The
throughput metric is calculated numerically by dividing the total number of packets sent by the
time the first packet is received minus the time the last packet is received. We use this metric to
evaluate the detection capability of our detection scheme under normal and jam attack network
scenarios.
B. Packet delivery Ratio (PDR): The packet delivery metric ratio presents the ratio
between the number of sent packets from an application layer and the number of received
packets at the destination nodes .The PDR can be measured in two ways [10]; either by the
sender or by the receiver whereas at the sender, PDR can be calculated by keeping track of how
many acknowledgments the sender receives from the receiver ,On the other hand, at the receiver
PDR can be calculated as the ratio of the number of packets that pass the cyclic redundancy
checks with respect to the number of packets received. Our simulation takes into account the
PDR to evaluate the detections and jammer responses in the network.
C. End to End Delay:

The packet end-to-end delay is the time of generation of a packet by the source up to the
destination reception. So this is the time that a packet takes to go across the network. This time is
expressed in sec. Hence all the delays in the network are called packet end-to-end delay, like
buffer queues and transmission time. Sometimes this delay can be called as latency; it has the
same meaning as delay. Some applications are sensitive to packet delay such as voice is a delay
sensitive application. So the voice requires a low average delay in the network. The FTP is
tolerant to a certain level of delays. There are different kinds of activities because of which
network delay is increased. Packet end-to-end delay is a measure of how sound a routing
protocol adapts to the various constraints in the network to give reliability in the routing
protocol. We have several kinds of delays which are processing delay (PD), queuing delay (QD),
transmission delay (TD) and propagation delay (PD). The queuing delay (QD) is not included, as
the network delay has no concern with it [16]. Mathematically it can be shown as equation (i).
D. Network Load
Network load represents the total load in bit/sec submitted to wireless LAN layers by all higher
layers in all WLAN nodes of the network. When there is more traffic coming on the network,
and it is difficult for the network to handle all this traffic so it is called the network load. The
efficient network can easily cope with large traffic coming in, and to make a best network, many
techniques have been introduced.
High network load affects the MANET routing packets and slow down the delivery of packets
for reaching to the channel, and it results in increasing the collisions of these control packets.
Thus, routing packets may be slow to stabilize.

Chapter 2
LITERATURE REVIEW
2.1 Introduction
Due to ease of installation and usage, unlicensed band, cheap hardware, mobility, portability and
expandability, wireless network has become the most popular technology among current
communities. New networks of business are quickly deploying by saving cost and time of having
wired offices and workstations, resulting in a real business success tool. Different types of
wireless systems ranging from WLAN to mesh and sensors network are available as per the
requirement. However, one critical issue of security exists in wireless networks; especially some
attacks are medium dependent and do not exist in the earlier counterpart [32].

Figure 2.1: Jammed Scenario in a wireless environment.
The wireless medium introduces many threats which cannot be easily addressed by the
traditional protection methods. One significant set of such attacks is denial-of-service (DoS)
which is concerned with satisfying user or system domain buffers. But in wireless realm,
attackers may attain ability to prevent legitimate nodes from communication by capturing the
medium. It is because wireless networks are constructed via common medium which creates a
trouble-free path for intruders to introduce such attacks [33]. In wireless network defenses like
cryptography, pass-phrase sharing etc., can be overrun by a simple DoS attack that can shutter
the whole network. Jamming is a special category of DoS attacks which is used in wireless
networks, where an attacker disrespects the medium access control (MAC) protocol and
transmits on the mutual channel; either continuously or periodically to target all or some
communication, respectively. Jamming is a special category of DoS attacks which is used in
wireless networks, where an attacker disrespects the medium access control (MAC) protocol and
transmits on the shared channel; either continuously or periodically to target all or some
communication, respectively. Figure 2.1 shows a jamming scenario in wireless network, where
the red area marks the jammed region. Since, jamming cannot be handled other than preventing
it, either using logical or physical retreat. Such schemes are generally employed at the MAC
layer and so is our emphasis in this study, but other approaches are not being ignored.
Additionally, the major focus is on possible solutions for the nodes having only single antenna.
Initially the variations that the jammers are capable of are listed in next section.
2.2 Literature Survey
The let’s look out various researches already done by various researchers. In this research [6]
author focus on identified the vulnerabilities of routing protocols that fail to provide reliable
routing and thus cause drastic degradation of data delivery performance under jamming. Pulse
jamming that allows intermittent success in data delivery to jammed nodes is more efficient than
constant jamming. Effective and efficient jamming attack can be executed through a careful
selection of jamming rate based on routing protocol operations. In this research [7] author focus
on improving the Secure Enhanced-On Demand Multicast Routing Protocol (EODMRP) to
safeguard it against flooding and black hole attacks. The performance analysis carried out shows

improvement in packet delivery ratio in presence of black hole attack, with marginal rise in
average end-to-end delay and normalized routing overhead. The proposed mechanism for
flooding attack works even when the identity of the malicious nodes is unknown and does not
use any additional network bandwidth. It is simple to implement and maintains or improves
network throughput when there are no malicious nodes but the network is congested with excess
traffic. In this paper [8] we proposed a hierarchical dynamic trust management protocol for
cluster-based wireless sensor networks, considering two aspects of trustworthiness, namely,
social trust and QoS trust. We developed a probability model utilizing stochastic Petri nets
techniques to analyze the protocol performance, and validated subjective trust against objective
trust obtained based on ground truth node status. We demonstrated the feasibility of dynamic
hierarchical trust management and application-level trust optimization design concepts with trust
based geographic routing and trust-based IDS applications, by identifying the best way to form
trust as well as use trust out of individual social and QoS trust properties at runtime to optimize
application performance. Here trust-based IDS algorithm outperforms traditional anomaly-based
IDS techniques in the detection probability while maintaining sufficiently low false positives.
The authors [9], discuss the different types of security attacks that can be launched easily in
MANETs and related solutions needed for ensuring network security. This paper implements the
secure ad hoc on-demand distance vector routing protocol (SAODV) and compares the
performance of protocol with existing AODV protocol in the presence of black hole attack. Since
public key cryptography is used in this scheme, it takes significant amount of time to compute
digital signature at each node. Also, this leads to high overhead and processing power
requirements.
In this paper author proposed FACES (Friend-Based Ad-hoc routing using Challenges to
Establish Security) [10], that provides a list of trusted nodes to the source node by sending
challenges and sharing friend lists. Based on the extent of successful data transmission and the
friendship with other nodes in a network, the nodes in the friend lists are rated. The trust level of
each node varies from -1 to 4. The nodes in the network are placed in one of the three lists, i.e.
question Mark list, friend list and unauthenticated list. The periodic flooding of challenge packet
and sharing of friend lists increases the control overhead. In this paper [11] author proposed per-
IP traffic behavioral analysis, in this they present a real time DDoS attack detection and

prevention system which can be deployed at the leaf router to monitor and detect DDoS attacks.
The advantages of this system lie in its statelessness and low computation overhead, which
makes the system itself immune to flooding attacks. Based on the synchronization of TCP and
UDP protocol behavior, this system periodically samples every single IP user's sending and
receiving traffic and judges whether its traffic behavior meets the synchronization or not. A new
nonparametric CUSUM algorithm is applied to detect SYN flooding attacks. Moreover, this
system can recognize attackers, victims and normal users, and filter or forward IP packets by
means of a quick identification technique. Moreover, this system can quickly filter the attack
traffics and forward the normal traffics simultaneously by means of the fast identification
technology. In this [12] research, rejection of Service attack is applied in the network, evidences
are collected to design intrusion detection engine for MANET Intrusion Detection System (IDS).
Feature extraction and rule inductions are applied to find out the accuracy of detection engine by
using support vector machine. Universal Detection Engine will generate the friend list according
to trust level, higher the trust level of the node may be used for other different processes similar
to routing, and deciding the cluster head for scalable ad-hoc networks. Aspect takes out for
Routing parameters and MANET Traffic generation parameters can be used for different routing
protocols.. In this approach [13] a message security approach in MANETs that uses a trust based
multipath AOMDV routing combined with soft encryption, yielding our so-called T-AOMDV
method. Replication results using ns2 exhibit that our scheme is much more secured than
traditional multipath routing algorithms and a recently proposed message security scheme for
MANETs. The performance criteria used are route selection time and trust compromise. This
requirement poses a security challenge when malevolent nodes are present in the network.
Indeed, the existence of such nodes may not simply disrupt the normal network operations, but
cause serious message security issue concerns, from data availability, privacy, and/or integrity
viewpoints.
In this paper [14], the current security issues in MANET are investigated. Universally, we have
examined different routing attacks, like flooding, black hole, link spoofing, wormhole, and
colluding miserly attacks, as well as existing solutions to protect MANET protocols. A MANET
is a promising network technology which is based on a self organized and rapidly deployed
network. Due to its excellent features, MANET attracts different real world application areas

where the networks topology changes very rapidly. The existing security solutions of wire
networks cannot be applied directly to MANET, which makes a MANET much more vulnerable
to security attacks issues.
Wenyuan Xu et al. (2005) gives a detailed description of the radio interference attacks and
diagnosing the critical issue of the presence of the jamming attack. Four different jamming attack
models were proposed that can be used by an adversary to disable the operation of a wireless
network, and evaluated their effectiveness in terms of how each method affects the ability of a
wireless node to send and receive packets to and from the destination. The author also discussed
different measurements that serve as the basis for detecting a jamming attack, and explored
different scenarios where each measurement is not enough to reliably classify the presence of a
jamming attack. The author observed that signal strength and carrier sensing time are unable to
conclusively detect the presence of a jammer. Further, the author observed that although by using
packet delivery ratio he may differentiate between congested and jammed scenarios, he was
unable to conclude whether poor link utility was due to jamming or the mobility of nodes. To
address the need of detecting the presence of jammer, the author proposed two enhanced
detection protocols that employ consistency checking. The first scheme employed signal strength
measurements as a reactive consistency check for poor packet delivery ratios, while the second
scheme employed location information to serve as the consistency check[1].
Mario Strasser et al. (2008) considers the problem of how can two devices that do not share any
secrets establish a shared secret key over a wireless radio channel in the presence of a
communication jammer. An inherent challenge in solving this problem was that known anti-
jamming techniques (e.g., frequency hopping or direct-sequence spread spectrum) which should
support device communication during the key establishment required that the devices shared a
secret spreading key (or code) prior to the start of their communication. This requirement created
a circular dependency between anti jamming spread-spectrum communication and key
establishment. The author proposed an Uncoordinated Frequency Hopping (UFH) scheme that
breaks the dependency and enables key establishment in the presence of a communication
jammer. The author performed a detailed analysis of UFH scheme and showed its feasibility,
both in terms of execution time and resource requirements [6].

Ali Hamieh et al. (2009) describes that the military tactical and other security sensitive
operations are still the main applications of ad hoc networks. One main challenge in design of
these networks is their vulnerability to Denial-of-Service (DoS) attacks. In this paper, the author
considers a particular class of DoS attacks called Jamming. A new method of detection of such
attack by the measurement of error distribution was proposed. To differentiate the jamming
scenario from legitimate scenarios, the author measured the dependence among the periods of
error and correct reception times. In order to measure this dependency, auhtor used the
Correlation Coefficient which is a statistic measure of relation between two random
variables[16].
Zhuo Lu Wenye Wang et al. (2011) aims at modeling and detecting jamming attacks against
time-critical traffic. The author introduced a new metric, message invalidation ratio, to quantify
the performance of time-critical applications. The author claims that the behavior of a jammer
who attempts to disrupt the delivery of a time-critical message can be exactly mapped to the
behavior of a gambler who tends to win a gambling game. The author showed via gambling-
based modeling and real-time experiments that there exists a phase transition phenomenon for a
time-critical application under jamming attacks. As the probability that a packet is jammed
increases from 0 to 1, the message invalidation ratio first increases slightly (even negligibly),
then increases dramatically to1. Based on analytical and experimental results, the author further
designed and implemented the JADE (Jamming Attack Detection based on Estimation) system to
achieve efficient and robust jamming detection for time-critical wireless networks[26].
Sisi Liu et al. (2012) addresses the problem of preventing control-channel DoS attacks
manifested in the form of jamming. The author considered a sophisticated adversary who has
knowledge of the protocol specifics and of the cryptographic quantities used to secure network
operations. This type of adversary cannot be prevented by anti jamming techniques that rely
spread spectrum. The author proposed a new security metrics to quantify the ability of the
adversary to deny access to the control channel, and introduced a randomized distributed scheme
that allows nodes to establish and maintain the control channel in the presence of the jammer.

The proposed method is applicable to networks with static or dynamically allocated spectrum.
Furthermore, two algorithms for unique identification of the set of compromised nodes were
proposed, one for independently acting nodes and one for colluding nodes [19].
Dorus.R et al. (2013) proposes a mechanism for preventing jamming attacks on wireless
networks, examine the detection efficiency of jamming attack and communication overhead of
the wireless network using proactive and reactive protocols. RSA algorithm is used
and analyzed for providing data packets integrity information during wireless transmission.
Through simulation and performance analysis, the implemented prevention mechanism and the
integrity preservation provides higher packet delivery ratio in proactive routing protocol (OLSR)
than reactive routing protocol (AODV).
Nadeem Sufyan et al. (2013) investigates a multi-modal scheme that models different jamming
attacks by discovering the correlation between three parameters: packet delivery ratio, signal
strength variation, and pulse width of the received signal. Based on that, profiles were generated
in normal scenarios during training sessions which were then compared with test sessions to
detect and classify jamming attacks. The proposed model helps in clearly differentiating the
jammed regions for various types of jamming attacks.
Liu in [16] paper addressed the problem of preventing control-channel DoS attacks manifested in
the form of jamming. A sophisticated adversary is considered who has knowledge of the protocol
specifics and of the cryptographic quantities used to secure network operations. This type of
adversary cannot be prevented by anti-jamming techniques that rely on shared secrets, such as
spread spectrum. New security metrics are proposed to quantify the ability of the adversary to
deny access to the control channel, and introduced a randomized distributed scheme that allows
nodes to establish and maintain the control channel in the presence of the jammer. Networks with
both static and dynamically allocated spectrum are studied. To mitigate the impact of jamming, a
cluster-based architecture is adopted, where the network is partitioned into a set of clusters. Each
cluster establishes and dynamically maintains its own control channel. The control-channel
establishment and maintenance process is facilitated by a cluster head (CH) node within each
cluster. CHs are regular nodes that are temporarily assigned with the responsibility of mitigating

jamming, and can be periodically rotated. Two algorithms are proposed for unique identification
of the set of compromised nodes, one for independently acting nodes and one for colluding
nodes. Detailed theoretical evaluation of the security metrics and extensive simulation results are
provided to demonstrate the efficiency of the methods in mitigating jamming and identifying
compromised nodes.
Gagandeep in [18] discussed various types of attacks on various layers under protocol stack.
Different types of attacker attempts different approaches to decrease the network performance,
throughput. Routing and security issues associated with mobile ad hoc networks which are
required in order to provide secure communication are also described. On the basis of the nature
of attack interaction, the attacks against MANET may be classified into active and passive
attacks. Attackers against a network can be classified into two groups: insider and outsider. An
outsider attacker is not a legitimate user of the network, whereas an insider attacker is an
authorized node and a part of the routing mechanism on MANETs.
Ali et al; in [19] considers jamming attacks in wireless ad hoc networks. It describes in detail
about various types of jammers that can be present in the network. The also proposed an
approach of Jamming Detection which is based on the measure of statistical correlation among
the periods of error and correct reception times. They assume that the jammer transmits only
when a valid radio activity is signalled from its radio hardware. The dependence measure in
jamming attack case is greater than in normal network activity. NS-2 is used to evaluate the
correctness of the detection system.
Le et al; in [20] described in detail about jamming attack types and a combined approach to
distinguish them. Based on the shared characteristics of the wireless medium, a wireless network
can be easily affected by jamming attacks, which is one of the most effective forms of denial-of-
service (DoS) attacks against this type of networking architecture. Attacks can be implemented
by either corrupting the operations of the medium access control (MAC) protocols or
transmitting large amounts of interfering wireless signals without obeying the MAC protocols.
Most jamming detection approaches cannot provide an effective way for differentiating between

the various categories of jamming attacks. To enable the network to perform defense strategies
more effectively, distinguishing the type of different jamming attacks is necessary. The paper
distinguishes different types of jamming attacks using a statistical model based on Packets Send
Ratio (PSR) and Packets Delivery Ratio (PDR) in different jamming situations. After knowing
the exact type of jamming attacks, the nodes can implement a more efficient method to defend
jammers. The evaluation of the proposed strategy was done in ns-2 simulation platform. In the
work by Kaur [8], jamming attack is introduced in the networks having nodes with isotropic and
directional antennas. It includes a study of different types of jammers and antenna patterns. The
proposed method using antennas are implemented using OPNET modeller. Bit Error Rate,
Packet Loss Ratio, SNR, Throughput and Utilization are taken as performance evaluation
parameters. The simulation results show that it is possible to minimize the effect of jamming
attack by using different antenna patterns.
2.3 Jamming Characteristics and Efficiency Criteria:
According to R. Molva [32] jammer is defined as an individual who is intentionally obstructing
the methods of legal wireless communication. Such an individual is treated as an active attacker
depending upon its intentions and actions. From the jammer’s perspective, it can accomplish its
aim by seizing the sender such that it is unable to transmit or, as a second option which is found
better, hinder the receiver so that it cannot understand the message completely or partially. For
the sake of concept, suppose that in communication of the two nodes where jammer is residing
nearby, can prevent the sender from initiating a data communication by constantly emitting low
powered signals on the channel; allowing the sender to presume that the medium is occupied.
Alternatively, if for some reason the data is transmitted successfully, jammer can target the
receiver’s end via inclusion of noise in the transmitted packet. Thus, jammer can target a whole
area in its range or a particular transmission.
2.4 Techniques for Detecting Jamming Attacks:
For the detection of jamming attacks, several practical implementations are possible. One
approach is to perform the detection on the active nodes during their own transmissions. Since

these nodes have a different view on the data flow depending on whether they act in the role of
the transmitter or receiver, they define two separate algorithms for both cases, i.e. transmitter
based and receiver-based detection, depending upon where among both the parties the detection
algorithm is initiated. The "dedicated jamming detection" is useful in scenarios where the power
consumption and device complexity of most of the participating nodes should be low. The
detection is then performed by only one or a few nodes having enough resources available.
Finally, the development of a "cooperative jamming detection" algorithm is motivated by the
expected increase of detection performance compared to the standalone detection mechanisms,
since a broader view of the network is available. In the following, each of the four detection
strategies is discussed [37]. Another detection strategy of jamming attack is proposed by [38] is
Radio Frequency Finger-print being useful for the wireless networks. If the fingerprint of the
wireless network is not identifying or considered as a threat than the security of the network can
be increased by testing the legitimate user to ensure its authentication.
2.3.1 Transmitter-Based Detection:
Different detection approaches of jamming exist; consider an ad hoc network with node A
sending to node B. To apply the decision algorithm [37] which is described in the previous
section, the transmitter has to determine the four metrics, as follows
• PDR (Packet Devilry Ratio)
• RSSI (Received Signal Strength Indication)
• PHY rate (Physical Rate)
• Noise
2.3.2 Receiver-Based Detection:
The main difference between receiver-based and transmitter-based detection lies in the
computation of the PDR. Although in transmitter based detection, the transmitter knows the
exact number of data frames sent including all retransmissions; this being a priori not known to
the receiver since several frames might get lost during transmission. Therefore, it is necessary
that the data frames contain additional information which enables the receiver to determine the

total number of sent frames. This can be achieved by adding a sequence number to every single
data frame, as in the WLAN standard.
2.3.3 Dedicated Detection:
In case of dedicated detection [37], the RSSI and PHY rate are read from the acknowledgement
frames arriving from the receiver, i.e. node B. As always, the noise level is taken from arbitrary
frames arriving at the monitor. Based on the gathered statistics over several ACK frames, the
monitor then applies the decision algorithm. Finally, the node dedicated to the jamming detection
announces his decision to the other participating nodes in a broadcast frame. This broadcasting is
then repeated whenever the decision changes in future.
2.3.4 Cooperative Detection:
This detection scheme is the combination of all the previous three strategies. In this case the
technique is to share all the information at all nodes among each other and to make a decision
based on this broader view. This means that every participating node in the ad hoc network
gathers its own information independently using any of the above techniques and shares with its
Neighbors.
2.3.5 Detection via RF Finger-Print
RF finger print is deployed as a means to enhance security in wireless network. As the
transmitter of the radio activates, the transmission of the RF signals demonstrates the temporary
behavior with reference to the instantaneous frequency and amplitude. The time duration of the
transient performance can be changed because of model type and nature of the transmitter. The
difference between the same types can be observable which can be caused due to the aging and
the manufacturing tolerance of the devices. The unique turn-on transient signal behavior is called
the RF finger print of a radio and can be used to identify the transmitter [38].
2.3.6 Jamming Attack on the Control Plane
Wireless medium is accessed through CSMA/CA mechanism in order to transmit data. Before
sending RTS nodes waits for DIFS time gap and before sending CTS, DATA, ACK it will waits

for SIFS time. Implementation of such mechanism is to avoid collisions and resolve hidden node
problem. For disrupting network communication different types of jamming methods and
jammers are available such as; continuous jamming, random jamming, intelligent jamming etc.
each jamming method has cost in term of energy, where energy in certain scenarios can be a vital
constraint to survive for a prolonged period on the network. Continuous and random emission of
signals have higher cost than intelligent jamming which targets control packets rather than whole
frequency band. Such jamming mechanism requires good knowledge of fundamental wireless
network protocols. Intelligent jamming varieties target control packets such as ACK, DATA, and
CTS etc. A CTS corruption jammer seeks the RTS packet on the medium. When senses the
required packet; it generates the noise (small radio signal) after waiting SIFS time to corrupt the
CTS packet. Similarly after sensing CTS packet it will send small interruption signals after SIFS
interval in order to distort the data packet. In wireless transmission ACK frame has highest
priority over other packets. Seizure of ACK is enough for the transmission failure.
Retransmission of data packet(s) consumes not only node energy; rather result in backing off of
neighboring nodes. Four major energy loss sources for nodes are collisions, control packet
overhead, overhearing, and idle listening.
Mitigation method for ACK attack is presented in [12]. They propose ENAV (Extended Network
Allocator Vector) which mitigates impact of ACK attack. It brings flexibility in NAV time for
receiver in order to send ACK packet, which follows after each DATA packet received at
receiver end. As in CSMA/CA ACK packet follows DATA packet after SIFS time interval, but
now due to ENAV receiver has flexibility, which reduce the chances of collision. With this
scheme victim node can reduce its energy consumption by 40%. Further more. Energy efficient
attacks such as Denial of sleep attack can be defended by using framework suggested in [38].
This framework has four key components and these are; strong link-layer authentication, antire
play protection, jammer identification and mitigation, and broadcast attack defense. Using this
node can preserve nearly 80% lifetime and achieve 77% throughput of the network.
2.4 Jammer Mitigating Techniques:
In this section we survey the methods of mitigating a jamming attack that include use of spread

spectrum at the physical level, followed by MAC layer approaches to evade and retreat a jammed
channel; either physically or logically moving away from the jammer. Finally, the techniques of
resumption of network nodes to reestablish a network are discussed.
2.4.1 Spread Spectrum:
Spread spectrum has two basic motivations:
• Provide resistance against jammer
• Hide communication
In a wireless environment, most commonly used anti-jamming technique at physical layer is
spread spectrum based communication. However it does not fully secure communication against
jamming attack. Major drawback being that invader does not have to be conscious of whole
spectrum alteration progression in order to interrupt communication. For instance, in the case of
voice communication, small part of conversation corruption between human users will have a
minor effect on the quality of communication.
2.4.2 Evasion Techniques:
• Spatial Retreat:
Spatial retreat is a mechanism to physically evade the jammed area. The rationale behind this
strategy is that when an area is jammed in the wireless network, based on the detection algorithm
all nodes try to estimate the jammed region and flee physically in the direction of safer place.
Based on their estimation about the jammed region, nodes independently opt for shortest path to
avoid being jammed and move accordingly. Figure 3-2 shows the spatial retreat approach for two
party communication scenario [4]. The area illustrated via slashed stripes is jamming range. As
Wireless networks are vulnerable to such intrusion which interrupts node communication,
therefore to survive against such interference above approaches were introduced. There are
basically two approaches used in this technique: Jam Area Mapping (JAM) and Node Escape.
Jammed Area Mapping (JAM)
This mechanism employs scattered approach to draw the jammed area so communications with
that part of the network node can be avoided during specification of routes [6]. Once, out of the

jammed region legitimate nodes try to relocate others and hence, may change their direction and
speed according to the predefined algorithm.
2.5 Variations in Jamming Attack:
2.5.1 Jamming Models
From the physical layer perspective, the jamming attack can be classified as follows [36]:
Noise Jamming: The channel bandwidth used by the targeted system is jammed with noise
energy. This raises the level of background noise at the receiver and makes it difficult to detect
frames correctly. In other words, the SNR (Signal-to-Noise Ratio) at the receiver end is
decreased.
Bit Jamming: Jamming at the same frequency and modulation scheme as the targeted system
seriously decreases the network performance as the devices try to detect a known pattern in the
bit stream allowing them to synchronize. Since this modulated signal may not be filtered out like
white noise, it decreases the SNR at the receiver and occupies the channel heavily.
Frame Jamming: Jamming using frames according to the targeted system is hard to detect,
since the jamming signal is masked as regular frames. Its impact goes beyond minimizing the
signal-to-noise ratio. Due to unfairness of jammer, the channel may be occupied over long
periods of time. Depending on the system, this might be achieved with very low energy
consumption by periodically announcing long duration frames which compels the participating
nodes to stay silent for said

amount of time.
Figure: 2.2 Effect of Proactive Jammers in Wireless network
Furthermore, from viewpoint of jammers the use of additional information at the MAC layer can
increase their effectiveness. For a channel aware jammer, a single jamming pace is usually
applied for every likely status of channel like busy, idle, etc. In a continuous-time model, signals
are produced based on Poisson distribution having diverse ratio for varying status. Additionally,
intelligent jammers may have varying states depending upon the targeted communication. e.g.
reactive jammer seeks a non-colliding transmission and immediately targets it with a particular
possibility of collision.
2.5.2 Types of Jammers
A jamming strategy describes the way an attacker disturbs the medium. Besides the time-based
strategies, where the jamming signal is active only in specific time intervals, there are more
advanced jamming schemes possible which make use of knowledge about the physical and link
layer specifications of the targeted system. Based on the selected strategy, the effective jamming
is then performed by emitting an appropriate radio frequency signal. This could be noise or
modulated signals. The device that generates a noise and creates intrusion for network is referred

as a jammer. [19] explains different types of jammer. Most common ones are known as proactive
jammers as shown in Figure and discussed below:
a) Constant jammer:
Constant jammer is not energy efficient rather it just emit radio signals continuously on the
medium with the intent to keep it unavailable for legal communication. The signal is composed
of random bits. It does not follow MAC protocol rules and does not consider for the ongoing
communication.
b) Periodic Jammer:
A periodic jammer is similar to a constant type, except that it jams the period for certain period
and then sleeps for some time after which it restarts injecting fake packets on to the network.
Thus periodic jammer alternatively sleeps and jams the channel, in repeated fashion. The sleep
and jam periods may and may not be the same.
c) Deceptive jammer:
Deceptive jammer is just like the constant jammers in a sense that it also emits signals
continuously. However, rather than random bit, regular packets are emitted, so that its detection
is delayed due to used of valid packets.
d) Random jammer:
Random jammer is more energy efficient than previous ones. It does not send signals
continuously, rather follows the sleep-and-jam rule, and i.e. sends packets for some random time
intervals and then it turns off its radio or sleep for a specific time interval. In jamming mode it
can act as constant or deceptive jammer.
e) Pulse jammer
The efficiency of jamming depends on various aspects. These are jamming-to-signal ratio (J/S),
channel coding, modulation scheme and interleaving of the target system. If the jammer is not
able to jam continuously it changes the intensity (jamming level) by pulsed jamming.
f) Reactive jammer:
The jamming techniques mentioned so far are active having one goal to make the medium busy
for nodes regardless which type of packets flowing and thus are easy to detect. Whereas the
reactive jammer has more sophisticated jamming technique, which is much harder to detect. It

passively monitors the medium continuously and emits packet large enough such that a collision
occurs at the receiver, whenever a valid packet is heard.
g) Intelligent jammer (energy efficient jammer):
All above jamming techniques have low energy efficiency and higher degree of detection. Not
only physical layer but other layers can be exploited for jamming purpose. Intelligent jamming
techniques operate on control packets, as all communication depends on them. Since no data gets
transferred if control packets are destroyed. This could reduce throughput to zero levels. There
are different types of jammers in [2]. Some important are:
CTS Corruption Jamming: In this jammer sense for RTS packets. If jammer senses the
RTS, then it waits for SIFS time and emits small radio signal to corrupt the CTS packet, which is
an expected response of the RTS. By demolishing the CTS packet, again and again, sender times
out and hence the data packet is never transmitted.
ACK Corruption Jamming: ACK packets always follow the data packets. In this case
jammer is looking for data packets, once it hears the data packet on the medium. It simply waits
for SIFS time interval and after that it send small jamming signal which destroyed ACK packet.
DATA Corruption Jamming: It just likes the ACK Corruption jamming technique. In this
technique jammer waits for CTS packets where DATA packets follow the CTS packets. When
jammer sense any CTS packet, it just wait for SIFS time and then send signal of noise to disrupt
the data packets
DIFS Waiting Jamming: In a network with much traffic rate, it is quite normal that
medium is found inoperative for DIFS time. Such a jammer senses and waits for DIFS interval
and sends one jamming signal to corrupt communication. This technique cannot work well in
low traffic network
2.6 MANET ATTACKS & SECURITY:
2.6.1 Security:
The aims of Ad hoc networks and particularly MANET have in recent years not only seen
widespread use in commercial and domestic application areas but have also become the focus of
intensive research. Applications of MANET’s range from simple wireless home and office
networking to sensor networks and similarly constrained tactical network environments. Security

aspects play an important role in almost all of these application scenarios given the
vulnerabilities inherent in wireless ad hoc networking from the very fact that radio
communication takes place (e.g. in tactical applications) to routing, man-in-the-middle and
elaborate data injection attacks.
2.6.2 Protecting Mobile ad-hoc network:
An ad hoc routing protocol is a convention, or standard, that controls how nodes decide which
way to route packets between computing devices in a mobile ad-hoc network. In ad hoc
networks, nodes do not start out familiar with the topology of their networks; instead, they have
to discover it. The basic idea is that a new node may announce its presence and should listen for
announcements broadcast by its neighbors. Each node learns about nodes nearby and how to
reach them, and may announce that it, too, can reach them. Note that in a wider sense, ad-hoc
protocol can also be used literally, that is, to mean an improvised and often impromptu protocol
established for a specific purpose.
2.6.3 Reactive Approach:
Seeks to detect security threats and react accordingly. This type of protocols maintains fresh lists
of destinations and their routes by periodically distributing routing tables throughout the
network. The main disadvantages of such algorithms are:
1. Respective amount of data for maintenance.
2. Slow reaction on restructuring and failures.
There are two main things in re-active routing protocols first is that it never take initiative in
order to take routes for network, second is that whenever it creates routes it will developed on
demand by flooding mechanism. In such kind of routing protocols there are some advantages and
disadvantages which are given below:
 Whenever they need to find out the routes they use bandwidth otherwise it will not use
bandwidth.
 There is lot of overhead because of the flooding process.
 At start there is delay in the network.
There are three steps which will explain the complete procedure of the re-active routing
protocols.
1. If there are two nodes at position A and position B which want to communicate.

2. In order to communicate with the B, A needs to flood the routes towards the B.
3. In order to create communication between A and B unicast feedback will come back.
2.6.4 Proactive Approach:
Attempts to prevent an attacker from launching attacks through various cryptographic
techniques: This type of protocols maintains fresh lists of destinations and their routes by
periodically distributing routing tables throughout the network. The main disadvantages of such
algorithms are:
1. Respective amount of data for maintenance.
2. Slow reaction on restructuring and failures.
In pro-active routing protocols the mechanism is different than the re-active routing protocols. In
this category of protocols basically routes are depends upon the traffic control which is
continuous. All routing information maintained at any time of the network because we know that
network is dynamic which changes its size by making its size increasing or decreasing. There are
also some advantages and disadvantages in this type of protocols which we will discuss here.
Basically there are two main things which are keep in mind first one is that due to the continuous
control traffic mechanism there is lot of overhead on the network which is one of the drawback
of the pro-active routing protocols. One good thing among the pro-active routing protocols is that
all the time routes are available, due to this way there is an ease of communication among the
nodes or devices. There are three steps in pro-active routing algorithm which are given below:
1. Link/ Neighbor Sensing.
2. Multipoint Relaying.
3. Link-State messaging and route calculation.
2.6.5 Link / Neighbor Sensing:
In Link and Neighbors sensing mechanism we know by its name that neighbors and links are
developed relationship among each other by sending hello packets to each other so that there will
be connectivity between the different devices. In mobile ad hoc network all nodes or devices

send hello packets among each other due to this way relationship between the neighbors and
links has been created. In fig.2.3 basic scenarios between the neighbors has been given.
Fig. 2.3 Link and neighbors sensing mechanism
2.6.6 Multipoint Relaying:
In multipoint Relaying process whenever the devices send hello packets to each other or we can
say that every node send broadcast hello packet to every other node except itself due to this way
a lot of duplicate packets will generate in order to overcome these duplicate retransmission
multipoint relaying mechanism is used which will reduce the duplicate packets in broadcast
packets. It will also restricts other nodes or devices that at some regular time of interval you have
to send the broadcast packets in order to know about the connectivity among the neighbors and
links.
2.6.7 Link-State messaging and route calculation:
A. Multipoint Relay selection: In multipoint relay selection mechanism every node in the
network has to developed or maintain its own Multipoint Relaying procedure in order to run the
protocol. One of the basic rule is that if there is a two nodes and they are neighbors to each other.
B. Forwarding of traffic: In forwarding of traffic step all nodes from the network has to
established or maintain each and every node their own Multipoint Relaying Selectors. There is
one basic rule for forwarding traffic that is when ever we are going to follow the pro-active
routing protocols then all the packets from the routing protocols has been received by the
Multipoint Relaying selector then packet is forward whenever its TTL value is greater then 0 due
to this way packets will reach its all required destination in the network.

C. Link State functionality:
The main functionality of Link State is that all devices in the network will flood out or broadcast
link State information among the devices or nodes in order to make nodes updated. There are
basically two main link state optimizations which are given below:
 Multipoint Relaying selectors are used for forwarding routes so that’s why its better to be
used for forwarding link state information that’s why Multipoint Relaying selectors are
selected to send link state messages due to this way size will decreases which is very
useful in link state messages.
 We know that before forwarding routes there is a selection for Multipoint Relaying
procedure so those nodes or devices which are choose as a Multipoint Relaying then only
those devices and nodes are responsible for ending link state messages.
Link State Example: In link state procedure, the selected nodes has to send the link state
message in the network but link state messages are called Topology Control messages(TC).
Fig. 2.4 Link State Mechanism
TC has very important role in order to develop a network which because it will send messages
towards the network devices and then relation among the nodes has been developed. There is an
example of link state messages and Multipoint Relaying is given below: Only the MPR nodes
generate or forward link-state messages, thus small number of nodes is generating routing

messages in the network as shown in the fig. . The nodes associated to MPR are declared in link-
state messages. The messages declaring link-state are called Topology Control Messages (TC),
and have small message length.
2.7 Attacks:
There are two mainly protocols are used in MANET networks, Link layer protocol are used to
provide connectivity between different mobile nodes in order to ensure one-hop connectivity by
using multihop wireless channels. On the other hand if we like to extend connectivity to different
multiple hops then MANET network uses network layer protocols. In the coordination process
distributed protocols typically assume that all mobile nodes are cooperating with respect to
communication but actually this assumption is not possible in hostile mobile networks
environment because cooperation is not enforced in MANET. The question arises why? The
reason is because of malicious attackers violating protocol specification in order to disrupt
network operations.
2.7.2 Network Layer operation
There are two main network-layer operations in MANET.
1. Ad hoc routing
2. Data packet forwarding
They interact with each other and delivering packets from source to destination. The main
function of the ad hoc routing protocols is to provide routing among nodes; they exchange
routing messages between different mobile nodes in order to maintain routing information at
each node. According to the routing states, the second network layer operation data packets are
used to forward data by intermediate next node which is an established route to the destination
node. These both operations are vulnerable to malicious attacks, and which will lead to various
types of malfunction in network layer.
2.7.1 Network Layer Attack
Due to this reason network-layer generally fall into two categories attacks:
1. Routing attacks
2. Packet forwarding attacks

There are different categories of routing attacks that does not follow routing protocol
specification. There are different routing protocols in MANET so therefore different attack
behaviors related to different routing protocols. Some of them are discuss below:
1. According to the context of DSR [1] MANET routing protocol there are following different
attacks which are given below [6]:
 An attacker modifies source routing list with respect to RREQ or RREP packets.
 Switching order of different nodes in the routing list.
 Deleting entries from the list.
 Appending new node entries into the list.
2. According to the context of AODV [2] MANET routing protocol there are also different
attacks which are given below [7]:
 An attacker advertise route with wrong distance metric with respect to actual distance to
the destination.
 Advertise wrong routing updates with a large sequence number with respect to actual
sequence number.
 An attacker invalidates all routing updates from other nodes.
3. According to the context of TORA routing protocol, there are also different attacking
methods:
 Attackers construct routing paths by interfering with the protocols' mechanisms, e.g.
routes can be forced to use attacking nodes to go through them.
 Attackers can also exhaust network resources by maliciously act of injecting, modifying
and dropping data packets.
In order to divert traffic attackers attack on the routing protocols and divert traffic towards
certain destinations under their control, and then they cause problematic situation in the network
along a route which is not optimal or even nonexistent. The attackers can also create routing
loops in the network, due to this way it creates network congestion in certain areas. There are
also some other attacks like multiple colluding attacks which may cause to prevent source in
order not to find route to the destination and also partition the network in the worst.
2.7.3 Active Attacks

There are also some different active attacks which are really difficult to locate or identify
because these attacks are more sophisticated and they are considered as subtle routing attacks
some of them are given below [8]:
 Attacker may further subvert existing nodes in the network.
 They can also fabricate their identity
 They can also impersonate other legitimate node
 Attackers in pair nodes may create a wormhole [9]
 They also creates shortcut in normal flows between each other
 The attackers target the route maintenance process and advertise operational link is
broken [6]
According to context of routing attacks there are also some other kind of attacks like attacker
launch attacks against packet forwarding operations as well due to this way it will not only
disrupt the routing protocol it also poison the routing states at every node. For example, the
attacker established route and drop packets, or also modify the content of the packets, or
duplicate the packets. Another type of packet forwarding attack is denial-of-service (DoS) attack
through network-layer packet blasting, in this type of attack attacker inserts large amount of junk
packets in network. Due to this action significant portion of the network resources are wasted,
and introduce severe wireless channel contention and network congestion in the network.
There are identified vulnerabilities of the link-layer protocols, especially in the IEEE standard
802.11 MAC protocols [3], for mobile ad hoc network. It’s true that 802.11 WEP is vulnerable to
different types of cryptography attacks by misusing the cryptographic primitives [10]. The IEEE
802.11 protocol is vulnerable to many DoS attacks due to this way it targeting reservation
schemes and channel contention. The attacker exploits binary exponential back off scheme in
order to deny access to the wireless channel from its local neighbors [11, 17].
2.7.4 Routing Attacks:
Generally there are four different types of MANET routing protocol attacks which is divided in
to two main types which are given below:
1. Routing disruption attacks
2. Resource consumption attacks

Mitigating Jamming Attacks and Improving Wireless Communication

Mitigating Jamming Attacks and Improving Wireless Communication

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

Similaire à Mitigating Jamming Attacks and Improving Wireless Communication

Similaire à Mitigating Jamming Attacks and Improving Wireless Communication (20)

Plus de Thesis Scientist Private Limited

Plus de Thesis Scientist Private Limited (20)

Dernier

Dernier (20)

Mitigating Jamming Attacks and Improving Wireless Communication