Cryptography and Security 22 JAN, 2014

Security Threats in MANETS : A Review

Security Threats in MANETS : A Review

Ad hoc networks are the special networks formed for specific applications. Operating in ad-hoc mode allows all wireless devices within range of each other to discover and communicate in a peer-to-peer fashion without involving central access points. Many routing protocols like AODV, DSR etc have been proposed for these networks to find an end to end path between the nodes. These routing protocols are prone to attacks by the malicious nodes. There is a need to detect and prevent these attacks in a timely manner before destruction of network services.

💡 Research Summary

The paper provides a comprehensive review of security threats that affect Mobile Ad‑hoc Networks (MANETs) and evaluates the vulnerabilities of the most widely used routing protocols, namely AODV (Ad hoc On‑Demand Distance Vector) and DSR (Dynamic Source Routing). It begins by outlining the fundamental characteristics of MANETs—lack of fixed infrastructure, dynamic topology, and peer‑to‑peer communication—which make traditional wired‑network security solutions unsuitable. The authors then describe the operational mechanisms of AODV and DSR, highlighting how their on‑demand route discovery and source‑routing approaches, respectively, expose specific attack surfaces.

A taxonomy of attacks is presented, covering both internal (malicious insiders) and external (outside attackers) threats. The most common attacks include:

  1. Route Request Flood (RREQ Flood) or Route Discovery Storm – malicious nodes generate excessive RREQ packets, exhausting bandwidth and processing resources.
  2. Routing Information Manipulation – attackers inject forged route replies (RREP) or advertise false routes, causing traffic to be diverted to compromised nodes (blackhole) or dropped (grayhole).
  3. Blackhole/Grayhole Attacks – a node claims to have the shortest path and then either discards all packets (blackhole) or selectively forwards them (grayhole).
  4. Cache Poisoning (specific to DSR) – the route cache is polluted with invalid entries, leading to repeated use of compromised paths.
  5. Signal Replay and Timing Attacks – at the physical layer, adversaries capture and replay frames or alter round‑trip time measurements, misleading routing metrics.

For each attack, the paper cites simulation results that quantify the impact on packet delivery ratio, end‑to‑end delay, and control‑packet overhead, demonstrating that even a small number of compromised nodes can dramatically degrade network performance.

The defensive mechanisms surveyed fall into three broad categories:

  • Trust‑Based Routing – each node maintains a reputation score derived from past behavior; routes are selected preferentially through high‑trust nodes. While effective against some insider attacks, this approach suffers from the bootstrap problem (assigning initial trust) and vulnerability to reputation manipulation.
  • Cryptographic Authentication – digital signatures, HMACs, and public‑key certificates are used to protect the integrity and authenticity of routing messages. The main challenges are key distribution, revocation, and the computational overhead on resource‑constrained devices.
  • Behavior‑Based Intrusion Detection Systems (IDS) – real‑time monitoring of routing metrics (e.g., hop count, sequence numbers) and traffic patterns, often employing statistical thresholds or machine‑learning classifiers to flag anomalies. IDS can provide rapid detection but are prone to false positives/negatives if thresholds are not carefully tuned.

The authors argue that a single technique cannot address the full spectrum of threats. Instead, they propose a multi‑layered security architecture that integrates trust evaluation, cryptographic protection, and IDS into the routing protocol itself. The suggested framework operates as follows: (1) filter incoming RREQs using trust scores; (2) verify RREP messages with lightweight digital signatures; (3) continuously analyze traffic for deviations using an adaptive IDS; and (4) trigger immediate route recomputation and node isolation upon detection of malicious activity.

In the conclusion, the paper identifies several gaps in current research. Most existing solutions have been validated only in simulated environments; real‑world deployments on mobile devices, drones, or vehicular networks remain scarce. There is a pressing need for energy‑efficient cryptographic primitives and lightweight IDS algorithms that can run on low‑power hardware. Future work should focus on building testbeds that emulate realistic mobility patterns, evaluating the proposed integrated security stack under diverse attack scenarios, and exploring machine‑learning‑driven adaptive defenses that can evolve as attackers change tactics.

Overall, the review underscores that securing MANETs demands a holistic approach that blends protocol‑level safeguards with cross‑layer detection and response mechanisms, thereby enhancing the resilience of these inherently vulnerable, yet increasingly important, wireless networks.