The Wifi Mobile Network

Published Date: 02 Nov 2017

Introduction

Wi-Fi Mobile ad-hoc network (MANET) is definitely an emergent technology which has come to stay with it being developed and applied in many ways. Over these past few years Mobile ad hoc network (MANET) is receiving a lot of consideration due to their self-configuration and self-maintenance proficiencies. Advanced mobile wireless computing use has increased over the years this technology has been of immerse help in combat (military) also it has been helpful in the implementation of surveillance for commercial purposes. MANET is a self-configuring infrastructure-less system connected with mobile devices linked by means of wireless/Wi-Fi thus it has no centralised administration. In MANET the nodes themselves discover other nodes dynamically, connect and communicate with them. (IEEE 2012) Since the MANET has no centralised administration it makes it vulnerable to malicious attacks. Distributed Denial of Service (DDoS) is a large-scale, synchronised attack on the accessibility of services on a targeted network resource, which is commenced through a tortuous path of compromised computers on the Internet to cause service inaccessibility to legitimate operators in a network. Over the past years researchers have come up with more explicit solutions to the DDoS menace. A distributed denial of service (DDoS) attack is also considered by an unambiguous effort by an attacker to avert genuine users of a service from accessing required resources. The intrusion detection system (IDS), a software designed to monitor, analyse and respond to events occurring in a computer system or network without DDoS attacks there would be business continuity to the industry and availability of network resources to society. Typically the victims of distributed denial of service attacks are high-profile web servers, the attack aiming to cause the hosted web pages to be unavailable on the Internet. Denial of service attack programs, root kits, and network sniffers have been around for a very long time however, with the growth of the Internet, accounts for large numbers of vulnerable systems which are available to the attackers. Rather than relying on a single server, attackers could now take advantage of some hundred, thousand, even tens of thousands or more victim machines to launch the distributed version of the DoS attack. A distributed denial of service attack (DDoS attack) is a large-scale, coordinated attack on the availability of services of a victim system or network resource, launched indirectly through many compromised computers on the Internet. Nevertheless, new attack methods and tools are being developed thus creating serious concerns on DDoS attacks. It is desirable to construct comprehensive DDoS solutions now and for future DDoS attacks. In order to assist in this, we conduct a thorough survey on DDoS. Taxonomies will be proposed of known and probable DDoS attack methods and tools, whilst arguing the problems. Based on the new understanding of the problem, solutions would be proposed to detect and react to the DDoS attacks. This particular research study will as a result seek out to investigate the creation of security solution against DDoS attacks on the MANET.

This paper is organized in chapters. In section one the background of MANET would discussed, security issues in MANET, various attack types related to MANET specifically DoS and DDoS attacks and Problem Identification, in section two articles, publication, journals etc. related to this project would be read whilst taking into consideration the missing pieces in the literature survey. In Section three, the proposed Architecture and mechanism for Detection and control of DDoS attacks & description of the proposed reputation based incentive scheme (based on the calculation of Node Score value & Node Reputation Value) in MANET. Section four concludes the research giving account about the findings and section five defines the future scope of the research.

Mirkovicet al. (2002) proposed taxonomy of DDoS attacks outlined the various aspects of denial of service attacks in a network son a highly abstract level. Spech and Lee (2003) also proposed taxonomy of DDoS attacks elaborating on little detail to the issues concerning distributed denial of services attacks on computer networks and on the other hand failed to discuss into detail the taxonomies of DDoS attacks. There are many methods of execution DDoS attacks on the Internet. Though these methods are various, one major distinctive aspect detected in the above mentioned articles are the attacks of distributed denial of service attacks being used as a basis for classification. After carefully analysing these articles it is evident that their classifications in the end did not label or define what the various distributed denial of service mechanisms are and also expatiate on their mode of operation and how they inter-connect. Therefore within this research the classification of denial of service attacks will be clearly outlined and explained into detail.

Conditions that make it difficult to secure ad hoc networks are the susceptibility on the links, constrained physical protection of each node, the absence of a certification authority along with lacking monitoring or management points. (Hubaux et al. 2001) The truth about ad hoc networks is that they usually do not automatically make use of a fixed infrastructure and as such raises many challenges for their security architecture (Vesa 2000). Critically examining these two articles, the variances stuck between ad hoc and wired networks are not different thus they are both the same. In this research I would critically explain the importance security in the ad hoc networks taking into consideration the basic requirements of a secure network. The factors for a secure system are:

Availability

Confidentiality

Authentication

Integrity

Non-repudiation

" At the early stage of a DDoS attack, some traffic fluctuations are detectable at Internet routers or at gateways of edge networks" (Yu Chen, 2007) the literature review did not categorise distributed denial of service attack detection and prevention techniques i.e. the victim, source and detection at the network level. Due to unconditional amount of literature involved in each of the above mentioned DDOS detection methods, the important methods concerning this research will be discussed in this paper as well as understanding significance of each category. On this particular topic concerning service attack detection and prevention techniques, it would be very vital to discuss gains and detriments.

Distributed denial of service attack can be classified into three i.e. manual, semi-automatic, and automatic distributed denial of service attacks dependent on the aftermath of the attack on the compromised system or network. In a manual attacks, the attacker’s goal is to scan remote machines for liabilities, break into them and installing the attack code. Semi-automatic, in this distributed denial of service attack belongs in the agent-handler attack model. The attacker scans and compromises the handlers and agent by using automated scripts. Semi-automatic can be broken down further to into two attacks with direct communication and attack with indirect communication. In the automatic attack the communication between the attacker and victim machines is completely avoided.

Vesa Kärpijoki describes that in ad hoc networks the communicating nodes do not essentially rely on a fixed infrastructure, which sets new challenges for the necessary security architecture they apply.( Vesa, K. 2000). , as ad hoc networks are intended for specific environs and sometimes operate in extreme conditions even with full capacity or availability they still face vulnerabilities. Reading through a couple of literature points out the fact that most of the proposed solutions on ad hoc networks are still not able to mitigate the security problems in ad hoc (MANET).

Peng T (2007) article states that distributed denial of service attack can be launched in two stages. Firstly the attack purpose is to halt the target by sending one or more carefully constructed control packets that seek to exploit operating system vulnerabilities. The second stage is to flood the target with a large amount of hogwash data; this is also aimed at collapsing the network bandwidth or computer resources to an abrupt end. The research seeks to address the second stage of the distributed denial of attack. Examples of DDoS attacks in MANETs include routing table overflow attacks, packet-forwarding attacks, SYN flooding, and application based attacks.

From Janczewski and Colarik in ‘Managerial Guide for Handling Cyber-Terrorism’, a DOS attack is an attempt ‘to force a target system to become overloaded with activities that reduces its capability to process legitimate tasks’(Janczewski & Colarik 2005, p.86). Most common meaning for a DDoS attack follows the idea of having multiple machines each deploying a DoS attack towards one or more targets (Mirkovic et al. 2002, 1; Stein and Stewart 2002). The above definitions from both articles are correct but did not include the aspect of coordination between the attacking hosts thus the reason to come up with a new definition. Distributed Denial-of-Service (DDoS) attack is a denial of service attack, within which a collective number of hosts executes denial of service (DoS) attacks in a synchronised style to a victim or a host of computers. This definition puts distributed denial of service in a whole new perspective as it reveals DDoS is a collection of DoS thus it is a subgroup or subset DDoS.

The most common reasons of DDoS attacks are political, hacktivism or blackmail (Prince, 2012).In the 2012 report of Prolexic (company that specialises against DDoS attacks), "In the past three months, seven companies have suffered distributed denial-of-service attacks with bit rates in excess of 20Gbps". Based on the recent quarterly report from this security firm, DDoS attacks have nearly doubled in frequency and tripled in size during the past year (Lemos, 2012). In the report Prolexic claims that distributed denial of service attackers have upgraded their botnets from low-bandwidth home computers to high-bandwidth corporate servers. The third quarter report for 2012 the percentage of attacks in last three months increased 88% as compared to the same quarter of 2011 and the average attack duration has had a significant decrease from 33 to 19 hours. Network traffic in recent attacks increases by about 230% on average