Vous êtes sur la page 1sur 15

PROJECT REPORT RESEARCH ON MANET SECURITY ARCHITECURE DESIGN

I-ADD ARCHITECTURE

I-ADD provides a proven method for designing complex wireless management risk management solution , which mainly includes the following steps:

I Identify the goals and targets A- Analyze the threats and vulnerabilities D- Define the strategy for security , functionality & management trade-offs. D- Define security

PARTICULARITY OF MANET SECURITY

Wiretapping is greatly improved due to the wireless communication medium Multi hop routing method may induce a series of security issues , such as black hole , wormhole etc. The independence of the node makes the physical security fragile.

SECURITY THREATS IN MANET

Passive Attack 1. Wiretapping Intercept packets to access confidential information 2. Traffic Analysis Analyze the characteristics of packet frequency , length to hypothesize the communication Active attack 1. Message replay Here the attacker intercepts and stores the messages and re-transmit the message to produce an unauthorized effect.

2. Fraud Counterfeiting : When one entity behaves as other entity to carry out network activities , the counterfeiting takes place. 3. Message Tampering : After the packet is intercepted , the content is modified , or deliberately delayed transmission , or a passive change in the order.

4.Denial of Service : When an authorized entity is not able to access the network resources or emergency operations be denied, DoS attack occurs.

EXISTING MANET SECURITY POLICIES

Passive Attack Frequency hopping , spread spectrum , transmit power control , electromagnetic anti-leakage are utilized to prevent wiretapping in general.

Active Attack Distributed key authentication mechanism and intrusion detection mechanism

SECURITY OBJECTIVE OF MANET

Availability indicates that even in the face of various attacks , normal services required by authorized entities are accessible Confidentiality indicates that for unauthorized entities , the information in confidential Integrity indicates that the information will not be destroyed or modified during transmission. Non-repudiation indicates that the receiver cannot deny that the message had been received , and sender cannot deny that the message had been sent.

SECURITY ARCHITECTURE OF MANET

Though many researches are carried out on security issues at present , none considered about the security mechanism of the whole network in view of system architecture.

Security should be an integral part of the network and not remedial measure.

CREDIBLE INFRASTRUCTURE LAYER

S0 Credible Infrastructure Layer This layer is not corresponding to any layer of OSI reference model , so its defined as S0. This layer is responsible for building credible infrastructure before secure network communication by building mutual trust relationship such as Public Key Infrastructure (PKI) It can provide security certification for the nodes in the network and to manage the keys.

COMMUNICATION SECURITY LAYER

Main task -> to protect the data frame from wiretapping , intercepting or tampering. The communication security layer -> physical layer of the OSI reference model. It includes the frequency hopping ,spread spectrum mechanisms that work in the physical layer and the WEP protocol that works in the data link layer.

S2 ROUTING SECURITY LAYER

This routing security layer consists of two aspects; 1.routing information security 2.secure data forwarding Routing information security requires mutual co operation and sharing correct routing information among nodes to maintain the network connection is correct and effective.

Secure data forwarding requires that the sent packets has not been tampered or modified by unauthorized access.

S3 NETWORK SECURITY LAYER

The network security layer -> network layer of OSI reference model and it handles network access control and data protection of the network layer. This layer makes use of the secure mechanism of the network protocols to achieve safe operation of subnets. IPSec security protocol of network layer can be adopted to complete the peer entity authentication ,so that the confidentiality and reliability for data transmission is improved.

S4 APPLICATION SECURITY LAYER

The application security layer -> four layers from the transport layer to the application layer of the OSI model. The application layer security refers to the security of end-system and it is independent of the underlying network security layer . The security protocol being used is determined by the application programs running in the system such as 1.SSL Protocol to enhance the secure web transmission 2.SSH- Protocol to enhance secure Telnet/FTP transmission

REFERENCE

Li Shi Chang ,Yang Hao Lan ,Zhu Qing Sheng ,Research on MANET Security Architecture Design,2010 International Conference on Signal Acquisition and Processing .