PROJECT REPORT RESEARCH ON MANET SECURITY ARCHITECURE DESIGN
I-ADD ARCHITECTURE
I-ADD provides a proven method for designing complex wireless management risk management solution , which mainly includes the following steps:
I – Identify the goals and targets
A- Analyze the threats and vulnerabilities
D- Define the strategy for security , functionality & management trade-offs.
D- Define security
PARTICULARITY OF MANET SECURITY
Wiretapping is greatly improved due to the wireless communication medium
Multi hop routing method may induce a series of security issues , such as black hole , wormhole etc.
The independence of the node makes the physical security fragile.
SECURITY THREATS IN MANET
Passive Attack 1. Wiretapping – Intercept packets to access confidential information 2. Traffic Analysis – Analyze the characteristics of packet frequency , length to hypothesize the communication
Active attack 1. Message replay – Here the attacker intercepts and stores the messages and re-transmit the message to produce an unauthorized effect.
2. Fraud Counterfeiting : When one entity behaves as other entity to carry out network activities , the counterfeiting takes place. 3. Message Tampering : After the packet is intercepted , the content is modified , or deliberately delayed transmission , or a passive change in the order. 4.Denial of Service : When an authorized entity is not able to access the network resources or emergency operations be denied, DoS attack occurs.
EXISTING MANET SECURITY POLICIES
Passive Attack – Frequency hopping , spread spectrum , transmit power control , electromagnetic anti-leakage wiretapping in general.are utilized to prevent
Active Attack – Distributed key authentication mechanism and intrusion detection mechanism
SECURITY OBJECTIVE OF MANET
Availability – indicates that even in the face of various attacks , normal services required by authorized entities are accessible Confidentiality – indicates that for unauthorized entities , the information in confidential Integrity – indicates that the information will not be destroyed or modified during transmission.
Non-repudiation – indicates that the receiver cannot deny that the message had been received , and sender cannot deny that the message had been sent.
SECURITY ARCHITECTURE OF MANET
Though many researches are carried out on security issues at present , none considered about the mechanism of the whole network in viewsecurity of system architecture.
Security should be an integral part of the network and not remedial measure.
CREDIBLE INFRASTRUCTURE LAYER
S0 Credible Infrastructure Layer – This layer is not corresponding to any layer of OSI reference model , so its defined as S0.
This layer is responsible for building credible infrastructure before secure network communication by building mutual trust relationship such as Public Key Infrastructure (PKI)
It can provide security certification for the nodes in the network and to manage the keys.
COMMUNICATION SECURITY LAYER
Main task -> to protect the data frame from wiretapping , intercepting or tampering.
The communication security layer -> physical layer of the OSI reference model.
It includes the frequency hopping ,spread spectrum mechanisms that work in the physical layer and the WEP protocol that works in the data link layer.
S2 ROUTING SECURITY LAYER
This routing security layer consists of two aspects; 1.routing information security 2.secure data forwarding
Routing information security requires mutual co operation and sharing correct routing information among nodes to maintain the network connection is correct and effective.
Secure forwarding requires or that the sent packetsdata has not been tampered modified by unauthorized access.
S3 NETWORK SECURITY LAYER
The network security layer -> network layer of OSI reference model and it handles network access control and data protection of the network layer.
This layer makes use of the secure mechanism of the network protocols to achieve safe operation of subnets.
IPSec security protocol of network layer can be adopted to complete the peer entity authentication ,so that the confidentiality and reliability for data transmission is improved.
S4 APPLICATION SECURITY LAYER
The application security layer -> four layers from the transport layer to the application layer of the OSI model.
The application layer security refers to the security of end-system and it is independent of the underlying network security layer .
The security protocol being used is determined by the application programs running in the system such as 1.SSL – Protocol to enhance the secure web transmission 2.SSH- Protocol to enhance secure Telnet/FTP transmission
REFERENCE
Li Shi Chang ,Yang Hao – Lan ,Zhu Qing Sheng ,”Research on MANET Security Architecture Design”,2010 International on Signal Acquisition and ProcessingConference .
