Security Issues in Wireless Networks: November 13, 2010
Security Issues in Wireless Networks: November 13, 2010
Security Issues in Wireless Networks: November 13, 2010
NETWORKS
0.2.2 CPU
Large computations on the end nodes are slow, as computing power of the
processor is small.
0.2.3 Battery
Total energy resource is very limited and it is not desirable to use the device for
large computations and transmissions.
0.2.4 Mobility
Nodes can be mobile, which can produce latency in the convergence of the
network.
0.2.5 Bandwidth
Bandwidth in amongst the mobile nodes is also limited.
1
Because of these constraints WMNs poses challenges in achieving security
goals like wireless links in WMNs make it prone to active attacks, passive at-
tacks and message distortion. In WMNs, passive attacks would compromise
confidentiality and active attacks would result in violating availability, integrity,
authentication, and non-repudiation.
0.4.1 Availability.
Availability ensures the survivability of network services despite attacks. The
availability in a WMN can be compromised by the following ways.
2
0.4.3 Denial of Service (DoS)
. A DoS attack can be launched at any layer of wireless mesh network. There
are many ways of instigating a DoS. A common technique is to flood the target
system with requests. The target system becomes so overwhelmed by the request
that it could not process normal traffic. In a mesh network, DoS attack can be
launched either externally or by a compromised node (internally).
0.5 Authenticity
Authenticity enables a node to ensure the identity of the peer node it is
communicating with. Without authenticity, an adversary could masquerade a
node, thus gaining unauthorized access to resources and sensitive information
and interfering with the operation of other nodes.
0.6 Integrity
The concept of integrity ensures that the contents of data or correspondences
are preserved intact through the transfer from sender to receiver. Integrity
embodies the guarantee that a message sent is the message received, that is,
it was not altered either intentionally or unintentionally during transmission.
Attack on Integrity is usually done in two ways: by the intentional alteration
of the data for vandalism or revenge or by the unintentional alteration of the
data caused by operator input, computer system, or faulty application errors.
The usual mechanism, to ensure integrity of data, is using hash functions and
message digestion.
0.7 Confidentiality
The concept of confidentiality is the assurance that sensitive data is being
accessed and viewed only by those who are authorized to see it. Whether the
data contains trade secrets for commercial business, secret classified government
information, or private medical or financial records, confidentiality implies that
data is protected from breaches from unauthorized persons and the damage
that would be done to the organization, person, and governmental body by
such breaches. For confidentiality, authenticity needs to be implemented first.
3
It is pointless to attempt to protect the secrecy of a communication without
first ensuring that one is talking to the right principal. Once, authenticity is
achieved, confidentiality is achieve by simply encrypting the message.
0.9.1 Eavesdropping
Network Eavesdropping or network sniffing is a MAC layer attack consisting
of capturing packets from the network transmitted by others computers and
reading the data content in search of sensitive information like passwords, session
tokens, or any kind of confidential information. The attack could be done using
tools called network sniffers. These tools collect packets on the network and,
depending on the quality of the tool, analyze the collected data like protocol
decoders or stream reassembling. Network Eavesdropping is a passive attack
which is very difficult to discover. It could be identified by the effect of the
preliminary condition or, in some cases, by inducing the evil system to respond
a fake request directed to the evil system IP but with the MAC address of a
different system.
4
can eavesdrop on the broadcast communication between two nodes (A and B)
in the network,
It can then transmit these legitimate messages at a later stage of time to
gain access to the network resources. Generally, the authentication information
is replayed where the attacker deceives a node (node B in Figure) to believe
that the attacker is a legitimate node (node A in Figure). On a similar note,
an internal malicious node, which is an intermediate hop between two commu-
nicating nodes, can keep a copy of all relayed data. It can then retransmit this
data at a later point in time to gain the unauthorized access to the network
resources.
5
0.11.1 Rushing Attacks:
Rushing attacks the route discovery mechanism of on-demand routing pro-
tocols. In this protocol, the concerned node floods the other nodes with the
route request message. This route request message is identified by a sequence
number. To contain the flooding each node forwards only the first message and
drops the rest having the same sequence number. In order to avoid collision,
on-demand routing protocols specify a time delay between receiving of a route
request message by a particular node and forwarding it. In rushing attack, it
happens that the malicious or bad node forwards the route request message to
the target node before any intermediate node from source to destination. As a
consequence, the malicious node gets included in the route from source to des-
tination. Once included, these corrupt nodes drop the packets at will. Hence a
DOS is caused.
6
Figure 1: Worm hole Attack
7
0.11.7 DATA PLANE ATTACK
The Data Plane attacks comprise of attacks that are primarily launched by
selfish/compromised nodes. This leads to the denial of service and degradation
of overall performance of the network. Passive Eavesdropping which is also
predominant in the MAC layer is a Data Plane attack. This has been discussed
before in connection to MAC layer attacks. Selfish behavior of nodes in the
network is a major security issue because wireless mesh network nodes rely
heavily on each other for packet forwarding. A selfish node may drop all packets,
or it might drop the packets selectively. Selfish behavior may be easily mistaken
for link failure or network congestion. Malicious intermediate-hop nodes might
inject junk packets into the network. Network resources like bandwidth and
packet processing time may be wasted in forwarding junk packets leading to
DOS. Routing functionality may also be disrupted by injection of maliciously
crafted control packets by the compromised nodes.
0.12 Conclusion
In this seminar, we considered the security issues in wireless mesh networks
that render these networks vulnerable to security attacks. Different security
attacks on the MAC layer and network layer of wireless mesh networks have been
considered in detail. So far we have discussed the architecture, characteristics,
applications, security challenges and attacks in the MAC layer and network
layer of Wireless Mesh Networks. In our next seminar we’ll seek to cover the
solutions to the vulnerabilities that Wireless Mesh Networks are prone to.
0.13 Reference
Book- Security in wireless Mesh Networks-Yang Zhang,Jun Zheng,Honglin Hu
Websites-www.wikipedia.com,www.ieee.org,www.google.com