obtains access to the physical transmission medium (cable, fiber, etc.), which would typi-
cally involve tapping into such mediums.
Another problem with defending wireless ad hoc networks is that existing security
technologies are more geared towards wireline networks, which are fairly static. Existing
technologies often rely on the availability of traffic chokepoints (which most traffic goes
through). Security devices placed at such chokepoints can inspect traffic for suspicious
behavior and implement security policies and respond as needed. This is not true in
ad hoc networks where the network entities often move around. This results in frequent
changes in the structure of the network. Traditional security solutions also depend on a
few centrally located devices for managing the security of the network. Such solutions
are not applicable for wireless ad hoc networks on account of the features of these
networks. The increased vulnerabilities of ad hoc networks and the limitations of existing
security solutions designed for wireline networks will become clearer throughout
Ad hoc networks that make extensive use of wireless links are vulnerable to several
types of attack due to the inherent nature of the network. We would like to remark
here that mechanisms such as encryption and authentication can greatly mask the vulner-
abilities on the air-link, but these are not the only vulnerabilities in ad hoc networks.
Since wireless ad hoc networks cannot depend upon infrastructure-based resources,
such as stable power source, high bandwidth, continuous connectivity, or fixed
routing, it is very easy to launch attacks on them. In the following subsections, we
will briefly describe some vulnerabilities and attacks that are very common in the ad
hoc network environment. Note that while the lists of vulnerabilities and attacks considered
in here are by no means exhaustive, an attempt has been made to make the lists representative.
Defenses against these vulnerabilities and attacks will be described in the remaining chapters
of this topic.
A pragmatic approach to building a secure system is to consider the threats that the system
might face after deployment. We consider three main categories of threats:
. amateur adversary;
. professional adversary;
. well-funded adversary.
Some examples of amateur adversaries are script kiddies or hobbyist hackers. Crime syn-
dicates or terrorist organizations can be considered as professional adversaries. Foreign
intelligence services can be considered as an example of a well-funded adversary. The
above categorization implicitly governs the types of attacks that can be launched by
each type of adversary. Amateur adversaries can launch unsophisticated attacks such as
wireless sniffing or denial of service. A professional adversary can launch more sophisti-
cated attacks such as layer 2 hijacking, man-in-the-middle attack, or Sybil attack
(explained in Chapter 4). A well-funded adversary does not have any constraints on
money. Such an adversary can launch very sophisticated attacks such as rushing
attacks, wormhole attacks (explained in Chapter 4), as well as capture devices that are
part of the network.