Table 1 Some Attacks on
the Protocol Stack
3.1. Adversary Model
There are two
types of attacker in a network which are called insider and outsider attackers.
1 Insider and Outsider Attacks in
An insider attacker is an
authorized and a part of the routing mechanism on MANETs.
An outsider attacker is not a legitimate
user of the network. Routing algorithms are typically distributed and cooperative
in nature and affect the whole system. On the other hand an insider MANET node
can disrupt the network communications intentionally; there might be other
reasons for its apparent misbehaviours. A node can be failed, unable to perform its function for some reason, such as
running out of battery, or collusions in the network. The threat of failed
nodes is particularly serious if they are needed as part of an emergency/secure
route. Their failure can even result in partitioning of the network, preventing
some nodes from communicating with other nodes in the network.
A selfish node can also misbehave to preserve its
resources. Selfish nodes avail themselves of the services of the other nodes,
but do not reciprocate. In this paper, we mainly concentrate on attacks carried
out by malicious nodes who intentionally aim to disrupt the network
We should also consider the
misuse goals of attackers.
Disruption of the network
Attackers do not follow the specifications of
routing protocols in routing attack but aim to disrupt the network
communication in the following ways:
Node Isolation: isolating a node
or some nodes(s) from communicating with other nodes in the network,
partitioning the network, etc.
Route Disruption: Creating routing
loops, modifying existing routes, and causing the packets to be forwarded along
a route that is not optimal, non-existent, or otherwise erroneous.
reduces network performance by consuming network bandwidth or node resources,
Bottleneck of Attacker
The main factors affecting the
performance of an attack are identified below.
distribution may range from a single node to a pervasive carpet of smart
counter-dust, with a consequent variation in attack capabilities. This sort of
distinction may affect the ability to eavesdrop, jamming the network effectively,
and to escape destruction (e.g. a single powerful jammer can easily be taken out;
distributed jamming is harder to extinguish).
The location of adversary nodes may have a clear impact on what the adversary
can do. An adversary may be restricted to placing attack nodes at the
geographical boundary of an enemy network (but may otherwise choose the precise
locations), may plant specific nodes or may have the ability post facto to
create a pervasive carpet of smart dust.
is obvious affects the ability of an attacker to compromise a network. Such
power need not be localised to the attached network – eavesdropped traffic can
be relayed back to high performance super-computing networks for analysis.
generally brings an increase in power. On the other hand, mobility may prevent
an attacker from continually targeting one specific victim. For example, a node
on the move might not receive all falsified routing packets initiated by the
attacker. The impact of mobility on detection is a complex matter.
of physical access (including node capture ability and
ability to carry out physical deconstruction) given the agile nature of MANETs
determining an applicable adversary model is difficult. However, systems can be
evaluated against a range of representative threat models.
4. TYPES OF
ATTACKS IN MANET
The nature of attacks
is of two types’ active attacks and passive attacks. Active attack is an attack
when misbehaving node has to bear some energy costs in order to perform the
threat. These attacks results unauthorised state changes in the network such as
denial of service, modification of packets, and the like. These attacks are
generally launched by users or nodes with authorisation to operate within the