Security challenges in mobile ad hoc networks:a survey

MANET is a kind of Ad hoc network with mobile, wireless nodes. Because of its special characteristics like dynamic topology, hop-by-hop communications and easy and quick setup, MANET faced lots of challenges allegorically routing, security and clustering. The security challenges arise due to MANETs self-configuration and self-maintenance capabilities. In this paper, we present an elaborate view of issues in MANET security. Based on MANETs special characteristics, we define three security parameters for MANET. In addition we divided MANET security into two different aspects and discussed each one in details. A comprehensive analysis in security aspects of MANET and defeating approaches is presented. In addition, defeating approaches against attacks have been evaluated in some important metrics. After analyses and evaluations, future scopes of work have been presented.

💡 Research Summary

The paper provides a comprehensive survey of security challenges in Mobile Ad Hoc Networks (MANETs), focusing on how the intrinsic properties of these networks give rise to a wide spectrum of vulnerabilities and how existing countermeasures address—or fail to address—these threats. MANETs are characterized by dynamic topology, hop‑by‑hop wireless communication, and the absence of fixed infrastructure, which together demand self‑configuration and self‑maintenance capabilities. These very capabilities, while enabling rapid deployment, also eliminate the possibility of centralized control and make the network highly susceptible to attacks at every layer of the protocol stack.

The authors begin by identifying three fundamental security parameters that any MANET protection scheme must consider: authentication, integrity, and privacy. Authentication ensures that a node can prove its identity and that only legitimate nodes participate in routing and data exchange. Integrity guarantees that packets are not altered in transit, while privacy protects both the payload and the associated metadata from eavesdropping or traffic analysis. The paper argues that these parameters are interdependent; a weakness in one inevitably compromises the others.

To structure the discussion, the survey divides MANET security into two orthogonal dimensions: attack perspective and defense perspective. From the attack side, the authors enumerate representative threats across the routing, transport, and physical/link layers. Routing‑layer attacks include black‑hole, gray‑hole, wormhole, route‑disruption, and routing information falsification—particularly potent against on‑demand protocols such as AODV and DSR, where route request/reply messages are broadcast frequently. Transport‑layer threats encompass denial‑of‑service (DoS), session hijacking, and packet injection. Physical/link‑layer attacks involve jamming, spoofing, and MAC‑layer manipulation. The survey highlights that the lack of a trusted authority makes it trivial for a malicious node to masquerade as a legitimate participant and to manipulate routing tables or control messages.

On the defense side, four major families of countermeasures are examined:

1. Cryptographic authentication and key management – Public‑Key Infrastructures (PKI) and symmetric key schemes provide strong authentication and data integrity but suffer from high computational overhead, key distribution complexity, and energy consumption, which are critical constraints for battery‑powered mobile nodes.

2. Trust‑based routing – Nodes maintain a reputation or trust score for their neighbors based on observed behavior (e.g., packet forwarding ratios). Routing decisions favor high‑trust paths, thereby mitigating insider attacks. However, trust scores can be stale in highly dynamic topologies, and adversaries may launch collusion or false‑report attacks to manipulate reputation.

3. Intrusion Detection Systems (IDS) – Both signature‑based and anomaly‑based IDS monitor packet flows, routing patterns, and node behavior to detect deviations. Recent works incorporate machine‑learning classifiers to improve detection rates, yet they introduce significant processing latency and false‑positive rates, which may drain node resources and disrupt legitimate traffic.

4. Multipath routing – By establishing several disjoint routes to the same destination, the network gains resilience against single‑path attacks such as black‑hole or wormhole. The trade‑off lies in increased routing overhead, higher bandwidth consumption, and the need for sophisticated path selection algorithms to avoid correlated failures.

The authors evaluate each defense mechanism against four quantitative metrics: performance (delay, throughput), resource consumption (energy, memory), scalability (behavior as node count grows), and security effectiveness (attack mitigation rate). For instance, PKI‑based schemes achieve the highest security effectiveness but incur the greatest delay and energy cost; trust‑based routing offers moderate delay and low energy usage but is vulnerable to trust‑score manipulation; IDS provides high detection accuracy but at the expense of considerable computational load; multipath routing improves resilience but reduces overall throughput due to redundant traffic. The comparative analysis underscores that no single technique can simultaneously satisfy all criteria, and practical MANET security solutions must therefore adopt a hybrid, layered approach.

In the final section, the paper outlines promising research directions. Lightweight cryptographic primitives (e.g., elliptic‑curve cryptography optimized for low‑power devices) are needed to reduce computational burden. Dynamic trust models that can update reputations in real time, possibly leveraging Bayesian inference or reinforcement learning, could better cope with rapid topology changes. Energy‑aware IDS that employ lightweight feature extraction and on‑device learning aim to balance detection capability with battery life. The authors also propose exploring blockchain‑based key management and decentralized trust recording, arguing that immutable ledgers can provide tamper‑proof identity verification without a central authority—an attractive prospect for MANETs. Additionally, concepts such as network slicing to isolate critical traffic, and cross‑layer security frameworks that jointly consider routing, MAC, and physical‑layer metrics, are highlighted as fertile ground for future work.

Overall, the survey delivers a thorough taxonomy of MANET security threats, a balanced critique of existing mitigation strategies, and a forward‑looking roadmap that emphasizes lightweight, adaptive, and decentralized solutions tailored to the unique constraints of mobile ad hoc environments.