Saturday, December 28, 2019
My View Of Human Morality Essay - 1844 Words
My view of human morality is that it is influenced by individual culture and experience. Because I believe that as human beings, we all have our own values, beliefs and attitudes that we develop throughout the course of our lives and contribute to our own sense of reality of ourselves and the society. Regardless of what will influence and mold us throughout our lives, we have the rationality inclined to know between what is right and wrong so that we will do good as we want others to do so. We are exposed to cultural values from many sources: family, peers, education, authorities, and religion. Because we spend most of our formative years with family, the values of the family whether good or bad, are a powerful influence. These are a reflection of an individual character and culture. We are born into a world of values that have existed throughout humanity s history. We absorb these values as children while we navigate our social environment, processing and reevaluating them through out our adult lives. Every individual understands that life is important hence he or she needs moral values, which act as guiding principles. Our values form the foundation of our lives. They dictate the choices we make and determine the direction that our life takes. Our values will influence our decisions related to our relationships, career, and other activities we engage in. The world we lived is complicated that there exist no universal morality and absolute freedom and since our morals areShow MoreRelated Thrasymachus Perspective on Human Nature Essay1298 Words à |à 6 PagesThrasymachus Perspective on Human Nature Thrasymachus perspective of human nature is that we all seek to maximize power, profit and possessions. He gives the argument that morality is not an objective truth but rather a creation of the stronger (ruling) party to serve its own advantage. Therefore definitions of just and unjust, right and wrong, moral and immoral are all dependent upon the decree of the ruling party. Thrasymachus argues that acting morally, in accordance withRead MoreAnalysis Of Anthem By Ayn Rand713 Words à |à 3 PagesAll idea of ego is forbidden, and is punishable by death. Acts such as being smarter, or even in Equality 7-2521ââ¬â¢s instance, also being taller, is frowned upon. Going by these standards, the view of morality is different for this dystopian society. At the end of the book, Equality 7-2521 re-evaluates what morality is according to him. In the beginning of the book, Equality 7-2521 states that he knows heââ¬â¢s doing something ââ¬Å"wrongâ⬠, according to his society. Equality 7-2521 says how ââ¬Å"It is a sin to thinkRead MoreReligion and Morality1263 Words à |à 6 Pagesï » ¿RELIGION AND MORALITY (i)Examine the views of scholars concerning the idea that religion and morality are linked. In this essay I am going to be looking at all the different view points on why some people may think religion and morality are linked. I will talk about a few things that link them such as conscience, divine command ethics, Kant s view and Aquinas view. Many people believe that morality is based upon religion and the rules written in the Bible and other holy books, althoughRead MoreMorality : The Basis Of Morality1586 Words à |à 7 PagesTOPIC ONE: THE BASIS OF MORALITY The basis of morality has been major area of discussion for philosophers for many years. In The Leviathan, Hobbes argues that desire and aversion determine what is good, evil, right or wrong, believing in a subjective self-interest based view on morality. In The Grounding of Metaphysics of Morals, Kant takes a rational approach, arguing that it is reason that plays a role in determining the same, thus having an objective view on morality. In my opinion, Hobbesââ¬â¢ accountRead MoreEthics Is Subjective, Good, And Bad1746 Words à |à 7 Pagesprove that it is possible that man has the ability to have a different view on morality as a whole than someone else, I can use the second example. So letââ¬â¢s say that I did grow up in Syria as a member of the Islamic State, and I watched men slay innocent people, steal, and burn down villages my entire life. In my childhood I would be rewarded for doing such things; therefore, would I have any idea that what I have been doing my entire life is regarded as evil by some? Moreover, would I have the beliefRead MoreThe Philosophy Of Moral Relativism973 Words à |à 4 PagesIn the beginning of the semester, we were given an ethical inventory and I felt fairly confident with my results. I ve never taken an ethics class before, so I was very interested in learning about different philosophies. I came to class with an opened mind and eager with curiosity and was intrigued by the many different philosophical theories. This newfound information influenced my current stance when re-taking the inventory. There were a few questions which I had a change of heart in, most ofRead MoreSexual Morality and Social Context1707 Words à |à 7 PagesSexual Morality ââ¬Å"There must be integrity between body and life. You must not do with your body what youââ¬â¢re not willing to do with your whole lifeâ⬠(Keller). Keller is directly talking about our individual sexual morality and how or how not it should be perceived in a social context. Most people think sexual dilemmas of it in a broader spectrum, not directly related to oneââ¬â¢s morality, by saying ââ¬Å"this act isnââ¬â¢t rightâ⬠where others may simply say ââ¬Å"why notâ⬠. Yet, what justifies an act for one personRead MoreEssay on Nietzsche1296 Words à |à 6 Pagesinterconnected with each other and because of this reason, I will not answer them separately. I will be answering them without order. First of all, from my interpretation of Nietzsche, modern humanity did not invent the idea of God. Rather the God had a functional role from his point of view. There is no doubt that, modern humanity had the idea of God, but in my opinion, this idea was like a heritage to the modern humanity from their ancestors. We should look at the earlier times of the history in order toRead MoreNietzsche s Views On Morality1518 Words à |à 7 Pagesbe worried about my morality. Growing up in an atheist household where Nietzscheââ¬â¢s assertion that ââ¬Å"God is deadâ⬠was mostly true, the ââ¬Å"sklavenmoralâ⬠of Christianity did not provide me with my set of morals, but neither did culture, as Nietzsche suggests, because neither of my parents were interested or educated in philosophy and art; I was only introduced to these subjects in school, after my morals had already been formed. Although Nietzsche may have been worried that someone in my situation wouldRead MoreEssay about Mo rality: Comparing Hobbes and Machiavelli1203 Words à |à 5 Pagesand The Prince is morality. Where morality comes from, how it affects people under a political structure and how human nature contributes or doesnââ¬â¢t to morality. Hobbes and Machiavelli differ widely on each subject. Machiavelliââ¬â¢s views on morality, based upon a literal interpretation of the satire The Prince, is very much a practical and realistic approach to the nature of morality and human nature. Hobbesââ¬â¢ views, based in Leviathan, are of a more idealistic nature, and my views are a little in between
Friday, December 20, 2019
Bus 630 Entire Course Managerial Accounting - 12577 Words
BUS 630 Entire Course Managerial Accounting To Download This Tutorial Visit below Link http://www.studentsoffortunes.com/downloads/bus-630-entire-course-managerial-accounting/ (Product Type) : Instant Downloadable We invite you to browse through our store and shop with confidence. We invite you to create an account with us if you like, or shop as a guest. Either way, your shopping cart will be active until you leave the store. All Tutorials will be E-mailed immediately after the Payment, Please Check your inbox or Spam Folder and can also be downloaded by clicking on Tutorial Bucket. For Any Other Inquiry Feel Free to Contact us: studentsoffortunes@gmail.com For More Tutorials Visit: (â⬠¦show more contentâ⬠¦The calculations should be included as part of your analysis and written report required for submission. For Question 5, fully address managementââ¬â¢s concerns as part of your written analysis using the new or the previous calculations to support your recommendation/explanation. As part of your written analysis, include how management might use these calculations to make decisions. The written analysis should be supported by at least 2 scholarly sources, excluding the textbook. Week 1 Written Assignment should: Demonstrate graduate level work including appropriate research and critical thinking skills. Be presented as a written analysis (not a question/answer format) Incorporate case questions into the overall analysis. Follow APA formatting guidelines including title page, reference page and in-text citations Consists of three to five double-spaced pages of content Provide at least 2 scholarly sources, excluding the textbook. BUS 630 Week 2 BUS 620 Week 2 Assignment Case 3A Auerbach Enterprises BUS 630 Week 2 DQ 1 Product costs BUS 630 Week 2 DQ 2 Job Order Costing vs. Proess Costing Product Costs. In Chapter 3, you were introduced to three types of costs associated with a manufactured product ââ¬â direct materials, direct labor, and manufacturing overhead. Explain how these costs are associated with the manufactured product. Why are some of these costs allocated to the product through costingShow MoreRelatedManagerial Accounting Analysis of Concepts and Techniques4204 Words à |à 17 PagesManagerial Accounting Analysis of Concepts and Techniques Managerial Accounting BUS 630 Managerial Accounting Analysis of Concepts and Techniques Introduction/Thesis Statement Managerial accounting is a concept used in businesses to manage internal systems. Understanding the importance of effective decision making, planning and control creates a foundation for value within the company on a more in depth level. Planning and controlling is measured by performance based on budgeting accountsRead MoreAccounting for Non Accounting Students45396 Words à |à 182 PagesinggLecturerââ¬â¢s Guide Accounting for Non-accounting Students Sixth edition J R Dyson ISBN 0 273 68301 2 à © Pearson Education Limited 2004 Lecturers adopting the main text are permitted to download the manual as required. Pearson Education Limited Edinburgh Gate Harlow Essex CM20 2JE England and Associated Companies around the world Visit us on the World Wide Web at: www.pearsoned.co.uk First published in Great Britain under the Pitman Publishing imprint in 1997 Second edition publishedRead MoreCost Accounting134556 Words à |à 539 PagesSolutions Manual for COST ACCOUNTING Creating Value for Management Fifth Edition MICHAEL MAHER University of California, Davis Table of Contents Chapter 1 Cost Accounting: How Managers User Cost Accounting Information Chapter 15 Using Differential Analysis for Production Decisions Chapter 2 Cost Concepts and Behaviour Chapter 16 Managing Quality and Time Chapter 3 Cost System Design: An Overview Chapter 17 Planning and Budgeting Chapter 4 Job Costing ChapterRead MoreStrategic Marketing Management337596 Words à |à 1351 Pages11 17 Summary 713 721 723 725 725 726 728 734 747 757 762 765 767 767 767 798 809 811 813 853 Management control ââ¬â 1 17.1 Learning objectives 17.2 Introduction to control 17.3 Control defined 17.4 Basic control concepts 17.5 Responsibility accounting 17.6 Approaches to control 17.7 Some behavioural factors 17.8 Summary 18 Management control ââ¬â 2 18.1 Learning objectives 18.2 Introduction 18.3 Controls 18.4 Taking corrective action 18.5 Management reports 18.6 Summary Bibliography Index Read MoreCase Studies67624 Words à |à 271 PagesC-157 CASE 11 Philip Morris C-173 CASE 12 Pisces Group of Singapore C-188 CASE 13 Raffles, Singaporeââ¬â¢s historic hotel C-194 CASE 14 Southwest Airlines, 1996 C-205 Introduction Preparing an effective case analysis In most strategic management courses, cases are used extensively as a teaching tool.1 A key reason is that cases provide active learners with opportunities to use the strategic management process to identify and solve organisational problems. Thus, by analysing situations that are describedRead MoreRetailing Characteristics of Fast Food Stores and Their Impact on Customer Sales and Satisfaction29639 Words à |à 119 PagesCollectionâ⬠¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦ 3.4 Methodologyâ⬠¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦ 3.5 Factor Analysisâ⬠¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦ ï ¶ Chap-4 Result and Interpretation 4.1 Interpretation of Resultâ⬠¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦..â⬠¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦.. ï ¶ Chap-5 Suggestions and Managerial Implications ï ¶ Chap-6 Limitations of the study Referencesâ⬠¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦Ã¢â¬ ¦.. Chapter - 1 Introduction (Global Retailing Industry) 1.1 Global Retailing Industry 1.2 The Far East Experience 1.3 TheRead MoreDeveloping Management Skills404131 Words à |à 1617 Pagesmymanagementlab is an online assessment and preparation solution for courses in Principles of Management, Human Resources, Strategy, and Organizational Behavior that helps you actively study and prepare material for class. Chapter-by-chapter activities, including built-in pretests and posttests, focus on what you need to learn and to review in order to succeed. Visit www.mymanagementlab.com to learn more. DEVELOPING MANAGEMENT SKILLS EIGHTH EDITION David A. Whetten BRIGHAM YOUNG UNIVERSITY Read MoreProject Managment Case Studies214937 Words à |à 860 Pagesinvestigate what went right in the case, what went wrong, and what recommendations should be made to prevent these problems from reoccurring in the future. The use of cases studies is applicable both to undergraduate and graduate level project management courses, as well as to training programs in preparation to pass the exam to become a Certified Project Management Professional ( P M P ~ administered by ) the Project Management Institute. Situations are smaller case studies and usually focus on one or twoRead MoreMonsanto: Better Living Through Genetic Engineering96204 Words à |à 385 Pagesretailing C A S E T W E L V E 14_Hanson_3ed_SB_3869_TXT.indd 441 8/29/07 1:09:33 PM 442 INTRODUCTION A SUMMARY OF THE CASE ANALYSIS PROCESS Case analysis is an essential part of a strategic management course and is also perhaps the most entertaining part of such a course. The ââ¬Ëfull storyââ¬â¢ that follows this summary gives you considerable detail about how to go about a case analysis, but for now here is a brief account. Before we start, a word about attitude ââ¬â make it a real exerciseRead MoreUAE Consumer Lifestyle Analysis42818 Words à |à 172 Pagesunhealthy ingredients than junk foods. These number and variety of these dining outlets is expected to continue to grow over the forecast period as health-conscious consumers drive demand. Impact Over the forecast period, it is expected that the entire gamut of health and wellness products and services now available in most Western countries will be readily available throughout the UAE. As well as taking advantage of the services offered by the growing number of spas and retreats, consumers are
Thursday, December 12, 2019
My Time of Community Service Essay Example For Students
My Time of Community Service Essay Completing community service for 10 hours was pretty awesome. I completed it in two different places. My first choice was ââ¬Å"Best Buddiesâ⬠. The way I found out about best buddies was when Mrs. Riceberg had two special guests come to the classroom one Tuesday night. They explained it was going to be a potluck. They also mentioned it would be fun to be able to bond with special education students. They explained how having a buddy to those kids would mean anything to them. My classmate ââ¬Å"Shaâ⬠and I thought it would be the perfect place to complete our hours for community service. I baked a cake for the event. I used blue frosting and put ââ¬Å"Best Buddiesâ⬠right in the center of the cake. Once Sha and I got there we sat down in a chair inside a room. There were many others already sat, and patiently waiting for one of the main directors to speak. Once a good majority of people were there. The same women that came to speak to us in class was speaking to us at the potluck. She showed us the same video of ââ¬Å"best buddiesâ⬠we had seen in class. The video was used as an introduction to the event. She then continued to speak about how ââ¬Å"Best Buddiesâ⬠has made such a difference to these kidsââ¬â¢ lives. After her introduction speech was done, she then had all of us stand up and introduce our selves individually to three people in that room, which didnââ¬â¢t take long at all. I met a 50 year old lady that loves to knit and was actually her very first year in best buddies. Not to mention she was quite the jokester. After that we went around introducing ourselves to everyone. Slowly one by one would stand up and mention the reason why we were attending the potluck. When it was our turn, Sha and I said we were invited and figured it was the perfect event to show up on to complete our assignment. After everyone in the room spoke, we were directed outside to eat the delicious food that everyone brought. Not to mention socialize with each other. I had a plate full of different kinds of food. Food such as pasta, cookies, mashed potato, and much more. As we were all shoving food in our face, we all also took the time to socialize with everyone. I met a guy who told me that best buddies was the best thing that has ever happened to him. He mentioned how he use to get bullied at school because he was different. I mentioned that sometimes students would be mean to me too. He then high fived me and told me I was very short. I laughed and said ââ¬Å"You are just too tallâ⬠it was a good connection. The other five hours I completed with my old observation teacher. I was obligated to complete 10 hours last semester with a teacher named Mrs. Woolman in my ââ¬Å"Introduction to Elementary Educationâ⬠. I actually asked her if I could volunteer the rest of my hours in her class. She happily accepted and it was a great experience. I went in a Friday morning to complete my hours. I entered the room and instantly all the kids stared and questioned who I was. I introduced myself using my last name. I was like ââ¬Å"Good morning class, my name is Ms. Cuevas and I am going to help Mrs. Woolman out todayâ⬠. The class was very well behaved. Usually there is always one bad student in each class, but in this case all her students were excellent students. They knew exactly what to do and when to do it. I go to quiz them in their vocabulary. I noticed the difference between the intelligence of each student. Some students were really high with their vocabulary while others were very poorly with it. It doesnââ¬â¢t matter because all the kids had the attitude to learn and thatââ¬â¢s what matters.
Wednesday, December 4, 2019
Environment Analysis free essay sample
Organizations analyze the environment in order to understand the external forces so that it could help to develop effective responses to secure or improve their positions in the future. There existed a positive relation between environmental analysis and profits of an organization. Top management looked at information in two ways: viewing and searching information. This information needed to be evaluated and disseminated to strategists within the organization and to help top management to make decisions that could create strategic advantage for the organization to succeed in a changing environment 1. There were research evidences that showed that environmental analysis was linked with improved organizational performance. Hence, it remained insufficient to assure performance, without aligning information with strategy. The main debate in strategy and environment was concerned with the primary importance of the environmental analysis in strategy formulation and implementation. 84 Reserve Bank of India The Reserve Bank of India is fully owned by the Government of India. 5). That is, explore the market, customer, competitive, distribution, demographic, economic, ecological, technological, political/legal, and cultural situations for the industry with particular emphasis on those changing environmental factors that may provide opportunities and threats for companies in the industry (see Chapter 3 for more details; This is primarily sections II and Ill below). Demonstrate your understanding of core marketing concepts that you have not incorporated into Part 1. A partial list of the concepts that should be addressed is provided below (Section V). You are not limited to this list. Examples, both real (preferable) and conjectural (i. e. , things that you think are likely), should be provided to demonstrate your understanding. Most of these concepts should be addressed in your industry analysis (i. e. , Part 1). You do not need to repeat any of the core concepts that are covered in Part 1 . While all parts of this project are important, your demonstration of your nderstanding and ability to use core marketing concepts is particularly important. Regardless of the section (Part 1 or Part 2) in which you discuss the core concepts, please use bold type to highlight the concepts. Please note that this assignment will be completed individually. Your written report should conform (more or less) to the format listed below. The body of the analysis should not exceed six double-spaced typed (12-point type) pages. However, extensive use of appendices (such as charts, tables, industry-related ads etc. is acceptable. The page count begins with the Task (micro) Environment Description (point II. in the format given below) and not with the summary or table of contents. Each item in the appendix must be individually referenced in the body. References (i. e. , sources of information) must be cited in the main text (include authors name, year) and listed in a reference section (section VI). As with all written assignments, your analysis will be evaluated on its professional appearance, readability, and apparent ettort, as well as on its content.
Thursday, November 28, 2019
Write a comparison of the ways the writers present the theme of friendship Essay Example For Students
Write a comparison of the ways the writers present the theme of friendship Essay Poison Tree, by William Blake, a poem of an enemy being poisoned by an apple from a tree and Strange Meeting, By Wilfred Owen, a conversation between two enemies; are both a subject of friendship and enemies. However both writers, in completely diverse methods express the running theme of friendship. The theme of friendship in Poison Tree is expressed through anger. It is through this anger that the distinction between friends and enemies can be made. Blake argues that the anger between a friend will die down, I was angry with my friendmy wrath did end. In contrast, however, between enemies it never dies, but instead grows, I was angry at my foemy wrath did grow. Here there is a clear separation between enemy and friend, and a clear distinction through the way the writer feels towards both. Friendship seems to come across as a forever lasting bond, a bond of humanity in which there are the highs and lows of life and anger being one of many emotions, however the relationship between enemies is simply about anger and hatred with nothing more. We will write a custom essay on Write a comparison of the ways the writers present the theme of friendship specifically for you for only $16.38 $13.9/page Order now However, friendship and enemies in Strange Meeting is presented in an opposite way to that of in Poison Tree. The writer claims that it is the circumstances that drive ordinary people to become enemies, where in reality they may have become friends. Writer, Wilfred Owen, jabbed and killed an enemy the previous day, however today this man is addressing Owen as his friend, I am the enemy you killed, my friend. From here readers learn that these men are on the front line, for their country and their government and not for their personal gains. The men, are human, they are completing their duty. They are not killing for the thrill of killing, but are killing for the reason that they have to kill, have been given orders. These men, in reality and in normal circumstances would have been friends, however the circumstances on the front line are different, and the men are driven to become enemies and not friends. They are not fighting for personal motives. The soldier in Poison Tree, seems to be fighting for personal gains, this is expressed through the continuous use of, I. This one letter alone comes across to the readers as a sign of possessiveness. Which may indicate a personal motive for the fighting and the war. Which may indicate to the reader that, friendship has no meaning to this soldier, he will kill, if he had to kill, for his own possessions and his own gains. The war here comes across as a fight for ones motives and not for the country, which war should essentially be about. Whereas, in comparison to Strange Meeting, the soldier, still respects the enemy through addressing him as his friend. He still shows a certain amount of respect for the mans feelings, as he allows him to rest. The ending of the poem, Poison Tree portrays the enemy in an extremely unpleasant manner. There is an undertone of deliberate murder by ruthless poison, a premeditated murder, in which the harsh feelings of the enemy are revealed, My foe outstretched beneath the tree. However, Strange Meeting, ends on a more content and peaceful situation. There seems to be an air of mutual understanding between the two soldiers Let us sleep Overall, both poems discuss the relationship between friends and enemies. However, the definition of a friend comes across in a different way, the meaning of friendship means separate terms in each poem. Poison Tree, portrays friends to have eternal bonds, regardless of misunderstandings, anger/wraths disappear when it comes to friends. But enemies are those who are never forgotten, the wrath grows but does not end. Whereas, in Strange Meeting, an enemy can become a friend, they too are portrayed as human beings, who deserve the eternal bond of friendship, even if it is only for a moment, in one Strange Meeting.
Sunday, November 24, 2019
Australia and Tampa Refugees essays
Australia and Tampa Refugees essays The issue that I will be arguing about is whether or not Australia should accept the Tampa Refugees? In my essay I will give my reasons that why we should and shouldn't accept the Tampa refugees. We should accept the Tampa refugees because they are fleeing from their country from punishment from the Taliban for no reason. We should only accept refugees that have a VISA stating how long of a period they will be staying. We should accept refugees so they can share or bring us new skills. The reasons that we shouldn't accept the refugees are that they are overpopulating Australia. We shouldn't accept then because if we do more and more will come. We shouldn't accept the people who don't have any "papers" or a visa. We shouldn't accept them other Islamic countries should take them in. We shouldn't accept the refugees straight away they should be in the queue like all the others. We should accept the Tampa refuges for those seeking to escape the murderous clutches of the Taliban; they are receiving punishment for no reason. The other reasons are that we should only accept refugees that have a VISA stating how long of a period they will be staying for and if they have contributed in any way since they have arrived to Australia like trying to find or getting a job then they should be allowed to stay a bit longer. We should accept the refugees that will be helpful in some ways or another so they will be able to show and share us new skills and learn more about there cultures. Why should we accept the Tampa refuges at all when all it does is overpopulating over the country and brings us no good because the Christians and the Muslims don't mix. We shouldn't accept the Tampa refugees because once we accept one lot then there will be more and more arriving and it will be harder for the Australian government to stop it. We shouldn't accept any asylum seekers if they simply don't have "papers" or a visa, "no visa, no stay, no kidding"! There ...
Thursday, November 21, 2019
Energy and Environment in New Jersey Research Paper
Energy and Environment in New Jersey - Research Paper Example The population of this state is 8,864,590 as per the 2012 census and population density of 459 per square. The population rate has been increasing gradually. This necessitates for the advancement of more energy to cater for the vast demand for the numerous industries and also for the home user. The rapid increase in population also will lead to the construction of more housing facilities for its population. This will have to be done in accordance with care for the environment (The Telegraph). Climatic conditions in New Jersey greatly affect its environment. The Atlantic Ocean and Delaware River surround the region. This causes moderate climate experiencing cold winters from November to March and warm humid summers from April to July. The average mean temperature around Atlantic City is 24Ã °C that ranges from -1Ã °C in January to around 24Ã °C in July. Precipitation is very plentiful averaging 117cm annually; snowfall accumulates to about 41cm. The annual mean humidity is usually 81% at around 7 am in the morning, and it reaches a peak of 87% around September. Hurricanes and violent strong storms are common over the years. Floods are also a common phenomenon mostly along Passaic river basin. Serious droughts do occur on average mostly once in between 15 years (The Telegraph). Department of Environmental Protection of the State of New Jersey has organizations such as Sustainability and Green Energy. Sustainability and Green Energy (SAGE) help in promoting and supporting programs that aid in minimizing emissions and at the same time preserving and expanding natural carbon sinks which include soils, forests, and wetlands to ensure that it complies with the New Jersey "Global Warming Response Act". It also helps in promoting and supporting initiatives that are designed to help New Jersey adapt to the climate-related impacts which are unavoidable (Tangley). The high energy demand in New Jersey has forced more power and heat generation.
Wednesday, November 20, 2019
Critically Assess the Employee Relations Management Style Adopted By Essay
Critically Assess the Employee Relations Management Style Adopted By ACME Engineering - Essay Example 148-149). ACME is a sales and a manufacturing operation. This makes us different from other Japanese plants that have will have just a manufacturing operation. This is one significant organizational difference among ACME and further UK Japanese plants. ACME is an industrialized plant and a selling tool. It's also a declaration of commitment to the long term in Europe. ââ¬Å"Acme components represent computational elements and data stores of a system. ACMEââ¬â¢s managerial style included a mechanistic organizationâ⬠(Garlan et al. n.d., p. 52). Management Style Used by ACME: ACME follows a classical-scientific method to management with autocratic management style. ââ¬Å"Autocratic management style is used when leaders tell their employees what they want done and how they want it accomplished, without getting the advice of their followers. Some of the appropriate conditions to use it are when you have all the information to solve the problem, you are short on time, and your e mployees are well motivatedâ⬠(Leadership Styles 1997). The autocratic management style leaves no room to workers payment to the running of the industry, and they are treated quite and impersonally; frequently ignored when they suggest developments for the business. Because the classical-scientific technique relies on every member doing their individual task to contribute to the entire business, the high stages of absenteeism signify that work is not getting done; hence the production of the business will suffer. ACMEââ¬â¢s vertical separation, which includes of four stages of control, constitutes the distribution of authority among the organizational hierarchy levels and technologies to provide the organization more control than its activities and projects. ââ¬Å"In addition to profit sharing, the executive pay package at Acme should include a stock option planâ⬠(Lawler 2011, p. 248). ACME is extremely centralized. Directors from the top of the class structure have a ll the control to create the majority of the choices for the organization, and subordinates are probable to follow instructions. Even though, I consider that ACME has founded a high level of formalization and standardization, they experienced complicatedness abiding to their own policies. Employees at ACME use individual specialization, where workers concentrate on one particular work and area individually. ââ¬Å"Acmeââ¬â¢s top executives were actively looking for managers whose behavior and management philosophy aligned with this new orientation. These efforts reinforced the emphasis on sensitivity to bias and racial stereo types that Bowman had initiatedâ⬠(Thomas & Gabarro 1999, p. 162). Following are the Managerial Style Structure of ACME. Specialization Type: At ACME, the head retained the single structure of the plant, before it became a divide entity. The managerial structure was well-defined, with high quantity of separation of labor. Each section executed its task separately. Therefore, type of area is individual. Integrating Mechanism: Due to the well-defined, tall ladder of the organization, the basic incorporating mechanism in ACME is Authority. Distribution of Authority: The majority choices were issued from top of the organization down to its lesser levels. Distribution of power was mostly centralized. Standardization of Rules: Most of the works were being done in an already defined method, were orders to create actions which were issued among
Monday, November 18, 2019
EDirectory Protocols Essay Example | Topics and Well Written Essays - 250 words
EDirectory Protocols - Essay Example It is often easy to remember and a meaningful handle for an internet address. Since maintaining a central list of IP address/ domain name correspondence would be impractical, the list of IP addresses and Domain names are distributed in hierarchy of authority within the internet. There may be existence of a DNS server available in a closer geographical proximity to the access provider which maps the domain names in the userââ¬â¢s internet request or directs them to other servers. Because of the distributed and the open design of DNS, and its utilization of the user Datagram protocol, domain name system is vulnerable to different forms of attacks. Public domain name system is often at risk, since they are unable to restrict incoming packets to a set of IP addresses (Weber, 2007). Service location protocol is another edirectory protocol which allows location and organization of resources such as disk drives, printers, databases, schedulers and directories within a network. The protocol gives users a simpler interface to a networkââ¬â¢s resource information. The protocol oversees and defines operations and communications that take place among the user agents, directory agents and service agents (Zaki, Ngadi & Razak, 2013). Maintenance of service and rearrangement and installation of new devices is easier without the need for configuring the work stations of an individual. Despite the service location protocol being simple to implement, it fails to specify anything concerning service creation and does not direct the user on how to utilize it. A service advertising protocol (SAP) is an internetwork packet exchange (IPX) protocol component designed to remove and add services in an edirectory system. It allows network services such as gateway servers, prints or files to register information in the tables within the servers. The internet packet exchange services are then broadcasted across a network and sub networks.
Friday, November 15, 2019
Security for Insider Attacks in Mobile Ad Hoc Networks
Security for Insider Attacks in Mobile Ad Hoc Networks Abstract Mobile ad hoc networks are collection of wireless mobile nodes forming a temporary network without the aid of any established infrastructure. Security issues are more paramount in such networks even more so than in wired networks. Despite the existence of well-known security mechanisms, additional vulnerabilities and features pertinent to this new networking paradigm might render the traditional solutions inapplicable. In particular these networks are extremely under threat to insider attacks especially packet dropping attacks. It is very difficult to detect such attacks because they comes in the category of attacks in mobile ad hoc networks in which the attacker nodes becomes the part of the network. In this research work we have proposed a two folded approach, to detect and then to isolate such nodes which become the part of the network to cause packet dropping attacks. First approach will detect the misbehavior of nodes and will identify the malicious activity in network, and then upon identification of nodes misbehavior in network other approach will isolate the malicious node from network. OMNET++ simulator is used to simulate and verify the proposed solution. Experimental results shows that E-SAODV (Enhanced Secure Ad hoc On Demand Distance Vector protocol) performs much better than conventional SAODV (Secure Ad hoc On Demand Distance Vector Protocol) Chapter 1 Introduction Overview Mobile Ad-hoc networks are a new paradigm of wireless communication for mobile hosts. As there is no fixed infrastructure such as base stations for mobile switching. Nodes within each others range communicate directly via wireless links while those which are far apart rely on other nodes to transmit messages. Node mobility causes frequent changes in topology. The wireless nature of communication and lack of any security infrastructure raises several security problems. The following flowchart depicts the working of any general ad-hoc network. Features of Mobile Ad hoc Networks Based on the characteristics, Mobile Ad hoc Networks has following main features. Because of the limited energy supply for the wireless nodes and the mobility of the nodes, the wireless links between mobile nodes in the Ad hoc Network are not consistent for the communication participants. Due to the continuous motion of nodes, the topology of the mobile ad hoc network changes constantly, the nodes can continuously move into and out of the radio range of the other nodes in the ad hoc network, and the routing information will be changing all the time because of the movement of the nodes. Lack of incorporation of security features in statically configured wireless routing protocol not meant for Ad hoc environments. Because the topology of the Ad hoc Networks is changing constantly, it is necessary for each pair of adjacent nodes to incorporate in the routing issue so as to prevent some kind of potential attacks that try to make use of vulnerabilities in the statically configured routing protocol. Mobile Ad hoc Network Routing Protocols Routing in Mobile Ad hoc Networks faces additional challenges when compared to routing in traditional wired networks with fixed infrastructure. There are several well-known protocols that have been specifically developed to cope with the limitations imposed by Ad hoc networking environments. The problem of routing in such environments is aggravated by limiting factors such as rapidly changing topologies, high power consumption, low bandwidth and high error rates [1]. Most of the existing routing protocols follow two different design approaches to confront the inherent characteristics of Ad hoc networks namely Proactive Routing Protocols, Reactive Routing Protocols. Proactive Routing Protocols Proactive ad hoc routing protocols maintain at all times routing information regarding the connectivity of every node to all other nodes that participate in the network. These protocols are also known as Table-driven Ad hoc Routing Protocols. These protocols allow every node to have a clear and consistent view of the network topology by propagating periodic updates [1]. Therefore, all nodes are able to make immediate decisions regarding the forwarding of a specific packet. Two main protocols that fall into the category of proactive routing protocols are Destination-Sequenced Distance-Vector (DSDV) protocol [2] and the Optimized Link State Routing (OLSR) protocol [3]. Reactive Routing Protocols An alternative approach to the one followed by Proactive Routing Protocols also known as source-initiated on-demand routing, is Reactive Routing Protocols. According to this approach a route is created only when the source node requires one to a specific destination. A route is acquired by the initiation of a route discovery function by the source node. The data packets transmitted while a route discovery is in process are buffered and are sent when the path is established. An established route is maintained as long as it is required through a route maintenance procedure. The Ad hoc On-demand Distance Vector (AODV) routing protocol [4], Temporally Ordered Routing Algorithm (TORA) [5] and the Dynamic Source Routing protocol [6] are examples of this category of protocols. Security issues in Mobile Ad hoc Routing Protocols Any routing protocol must encapsulate an essential set of security mechanisms. These are mechanisms that help prevent, detect, and respond to security attacks. We can classify these major security goals into five main categories, which need to be addressed in order to maintain a reliable and secure ad-hoc network environment. Confidentiality Confidentiality is the protection of any information from being exposed to unintended entities. In ad-hoc networks this is more difficult to achieve because intermediates nodes receive the packets for other recipients, so they can easily eavesdrop the information being routed. Availability Availability means that a node should maintain its ability to provide all the designed services regardless of the security state of it . This security criterion is challenged mainly during the denial-of-service attacks, in which all the nodes in the network can be the attack target and thus some selfish nodes make some of the network services unavailable, such as the routing protocol or the key management service. Authentication Authentication assures that an entity of concern or the origin of a communication is what it claims to be or from. Without which an attacker would impersonate a node, thus gaining unauthorized access to resource and sensitive information and interfering with operation of other nodes. Integrity Integrity guarantees the identity of the messages when they are transmitted. Integrity can be compromised through malicious and accidental altering. A message can be dropped, replayed or revised by an adversary with malicious goal, which is regarded as malicious altering while if the message is lost or its content is changed due to some failures, which may be transmission errors or hardware errors such as hard disk failure, then it is categorized as accidental altering. Non-Repudiation Non-repudiation ensures that sending and receiving parties can never deny their sending or receiving the message. In order to achieve the overall goal of Mobile Ad hoc Network security, above five mechanisms must be implemented in any ad-hoc networks so as to ensure the security of the transmissions along that network. Secure Ad hoc Routing As discussed earlier over the past decade, many Ad hoc routing protocols have been proposed in literature. Among them the most widely used are AODV (Ad hoc On Demand Distance Vector) [4] and DSR (Dynamic Source Routing) [2] which comes in the category of re-active routing protocols of Ad hoc Networks. All of these protocols have been studied extensively. But as there were no security considerations in the original design of these protocols, these protocols remain under threat from the attackers. The main assumption of these protocols was that all participating nodes do so in good faith and without maliciously disrupting the operation of the protocol. However the existence of malicious entities can not be disregarded in the systems especially the environment used for Ad hoc Networks. To overcome the security vulnerabilities in existing routing protocols, many security enhancements in these protocols have been proposed but unfortunately these secure Ad hoc Routing Protocols were either designed for a particular protocol or to address a specific problem operation of the protocol. For example SAODV (Secure Ad hoc On Demand Distance Vector Protocol) [7] was proposed to secure AODV (Ad hoc On Demand Distance Vector) protocol, Ariadne [10] was proposed to protect DSR (Dynamic Source Routing) protocol, ARAN [7] was proposed to protect the Ad hoc Routing in general while SEAD [8] was proposed to protect the DSDV (Destination Sequence Distance Vector Routing) protocol. The purpose of SAR [9] (Security Aware Routing) was also to protect the Routing in Ad hoc Networks. Problem definition Thus ongoing studies on MANETs pose many challenging research areas including MANETs security. Since MANETs are made up entirely of wireless mobile nodes, they are inherently more susceptible to security threats compared to fixed networks [11]. Access to wireless links is virtually impossible to control thus adverse security events such as eavesdropping, spoofing and denial of service attacks are more easily accomplished. These security risks must be reduced to an acceptable level while maintaining an acceptable Quality of Service and network performance. However, in order to work properly, the routing protocols in MANETs need trusted working environments, which are not always available. There may be situations in which the environment may be adversarial. For example some nodes may be selfish, malicious, or compromised by attackers. Most of the work done regarding network security in MANETs focuses on preventing attackers from entering the network through secure key distribution and secure neighbor discovery [10],[12]. But these schemes become ineffective when the malicious nodes have entered the network, or some nodes in the network have been compromised. Therefore, threats from compromised nodes inside the network are far more dangerous than the attacks from outside the network. Since these attacks are initiated from inside the network by the participating malicious nodes which behave well before they are compromised, it is very hard to detect these attacks. Keeping in view the security threats faced by MANETs we focus on Packet Dropping Attack which is a serious threat to Mobile Ad hoc Networks. Although many research efforts have been put on secure routing protocols but the attacks like packet dropping is not adequately addressed. We study the packet dropping attack in which a malicious node intentionally drops the packets they received. Unlike all previous researches which attempt to tolerate Packet Dropping Attacks, our work makes the first effort to detect the malicious activity and then identify the malicious or compromised nodes in the network. Research Objective The fundamental objective of this research is to discuss the security attacks faced by Mobile Ad hoc Networks specially insider attacks and to review the security in existing routing protocols especially secure routing protocols in MANETs. We particularly focus on packet dropping attack which is a serious threat to Mobile Ad hoc Networks. A novel security enhancement scheme to address packet dropping attack has been proposed. Thesis Organization Chapter 2 provides a brief introduction of security threats faced by Mobile Ad hoc Networks and secure routing to address these attacks. Chapter 3 discusses about the related work and flaws identified in the related work. Chapter 4 presents the possible solutions to address the packet dropping attack in Mobile Ad hoc Networks. Chapter 5 includes the implementation of proposed mechanisms and Results of the proposed mechanism and the thesis is concluded in Chapter 6. Chapter 2 Security Threats and Secure Ad hoc Routing Protocols Introduction This chapter includes the threats and types of attacks faced by Mobile Ad hoc Networks. Secure Ad hoc routing protocols like SAODV [7] (Secure Ad hoc On Demand Distance Vector), SAR [16] (Security Aware Routing), and ARAN [9] (Authenticated Routing for Ad hoc Networks) etc and how these protocols are still vulnerable to attacks, are discussed in this chapter. Types of attacks in MANETs There are numerous kinds of attacks in the mobile ad hoc networks, almost all of which can be classified into two types, External Attacks and Insider Attacks. External Attacks External Attacks are those attacks, in which the attacker aims to cause congestion, propagate fake routing information or disturb nodes from providing services. External attacks are similar to the normal attacks in the traditional wired networks such that the adversary is in the proximity but not a trusted node in the network, therefore, this type of attack can be prevented and detected by the security methods such as authentication or firewall, which are relatively conventional security solutions. Internal or Insider Attacks Due to the invasive nature and open network media in the mobile ad hoc network, internal also known as insider attacks are more dangerous than the external attacks because the compromised or malicious nodes are originally the legitimate users of the Ad hoc network, they can easily pass the authentication and get protection from the security mechanisms. As a result, the adversaries can make use of them to gain normal access to the services that should only be available to the authorized users in the network, and they can use the legal identity provided by the compromised nodes to conceal their malicious behaviors. Therefore, more attention should be paid to the internal attacks initiated by the malicious insider nodes when we consider the security issues in the mobile ad hoc networks. Internal or insider nodes when become part of the network can misuse the network in the following ways Packet Dropping A malicious node can attack at its level or at lower levels. Particularly in the context of Packet Dropping Attack, within a trust level, a malicious node or any other node which aims at saving its resources or intentionally launching a attack can successfully drop packets without being noticed and can get services from other nodes for forwarding its own packets. Node Isolation An internal malicious node can prevent nodes from communicating with any other node. Route Disruption A malicious node can break down an existing route or prevent a new route from being established. Route Invasion An inside attacker adds itself between two endpoints of a communication channel. Attacks based on modification A very simplest way for a malicious node to disturb the operations of an ad-hoc network is to perform an attack based on modification. The only task the malicious or compromised node needs to perform is to announce better routes than the ones presently existing. This kind of attack is based on the modification of the metric value for a route or by altering control message fields. There are various ways to perform this type of attacks; some of them are discussed below Altering the Hop Count This attack is more specific to the AODV [4] protocol wherein the optimum path is chosen by the hop count metric. A malicious node can disturb the network by announcing the smallest hop count value to reach the compromised node. In general, an attacker would use a value zero to ensure to the smallest hop count. Changing the Route Sequence Number When a node decides the optimum path to take through a network, the node always relies on a metric of values, such as hop count delays etc. The smaller that value, the more optimum the path. Hence, a simple way to attack a network is to change this value with a smaller number than the last better value. Altering Routing Information This type of attack leads network toward Denial of Service (DoS) attack. For example in a situation where a node M wants to communicate with node S. At node M the routing path in the header would be M-N-O-P-Q-R-S. If N is a compromised node, it can alter this routing detail to M-N-O-P. But since there exists no direct route from O to P, P will drop the packet. Thus, A will never be able to access any service from P. This situation leads the network towards a DoS attack. Impersonation Attacks Impersonation is also known as spoofing. In this type of attack the malicious node hides its IP address or MAC address and uses the addresses of other nodes present in the network. Since current ad-hoc routing protocols like AODV [4] and DSR [6] do not authenticate source IP address. By exploiting this situation a malicious node can launch variety of attacks using spoofing. For example in a situation where an attacker creates loops in the network to isolate a node from the remainder of the network, the attacker needs to spoof the IP address of the node he wants to isolate from the network and then announce new route to the others nodes. By doing this, he can easily modify the network topology as he wants. Fabrication Attacks Fabrication attacks can be classified into three main categories. Detection is very difficult in all of these three cases. Routing table poisoning Routing protocols maintain tables which hold information regarding routes of the network. In routing table poisoning attacks the malicious nodes generate and send fabricated signaling traffic, or modify legitimate messages from other nodes, in order to create false entries in the tables of the participating nodes. For example, an attacker can send routing updates that do not correspond to actual changes in the topology of the ad hoc network. Routing table poisoning attacks can result in selection of non-optimal routes, creation of routing loops and bottlenecks. Route Cache Poisoning This type of attack falls in the category of passive attacks that can occur especially in DSR [6] due to the promiscuous mode of updating routing tables. This type of situation arises when information stored in routing tables is deleted, altered or injected with false information. A node overhearing any packet may add the routing information contained in that packets header to its own route cache, even if that node is not on the path from source to destination. The vulnerability of this system is that an attacker could easily exploit this method of learning routes and poison route caches by broadcast a message with a spoofed IP address to other nodes. When they receive this message, the nodes would add this new route to their cache and would now communicate using the route to reach the malicious node. Rote Error Messages fabrication This attack is very common in AODV [4] and DSR [6], because when nodes move these two protocols use path maintenance to recover the optimum path. The weakness of this architecture is that whenever a node moves, the closest node sends an error message to the other nodes so as to inform them that a route is no longer accessible. If an attacker can cause a DoS attack by spoofing any node and sending error messages to the all other nodes. As a result malicious node can separate any node quite easily. Eavesdropping Eavesdropping is another kind of attack that usually happens in the mobile ad hoc networks. The goal of eavesdropping is to obtain some confidential information that should be kept secret during the communication. This information may include the location, public key, private key or even passwords of the nodes. Because such data are very important to the security state of the nodes, they should be kept away from the unauthorized access. Secure Ad hoc Routing Protocols Many solutions have been proposed for secure routing in ad hoc networks, in order to offer protection against the attacks discussed earlier. These proposed solutions are either completely new stand-alone protocols, or in some cases incorporations of security mechanisms into existing ones (like DSR [6] and AODV [4]). In order to analyze the proposed solutions and how they are still vulnerable to attacks we classified them into two main categories based on asymmetric cryptography and symmetric cryptography. Asymmetric Cryptographic Solution Protocols that use asymmetric cryptography to secure routing in mobile ad hoc networks require the existence of a universally trusted third party. This trusted third party can be either online or offline. The trusted third party issues certificates that bind a nodes public key with a nodes persistent identifier. Authenticated Routing for Ad hoc Networks ARAN [9] falls in this category of secure Ad hoc routing protocols; many of the other protocols presented in other categories that use asymmetric cryptography operate in a similar manner and have similar requirements. Authenticated Routing for Ad hoc Networks ARAN The Authenticated Routing for Ad hoc Networks (ARAN) proposed in [9] is a standalone solution for secure routing in ad hoc networking environments. ARAN use digital certificates and can successfully operate in the managed open scenario where no infrastructure is pre-deployed. The basic mechanism used in ARAN is certification that is achieved through the existence of a trusted certification authority (CA). All nodes are supposed to know their public key from the certification authority and also the public key of server. Prior to entering into the network, each node has to apply for a certificate that is signed by the certificate server. ARAN accomplishes the discovery of routes by a broadcast message from source node which is replied in a unicast manner. This route discovery of the ARAN protocol begins with a node broadcasting to its neighbors a route discovery packet (RDP). The RDP includes the certificate of the initiating node, a nonce, a timestamp and the address of the destinatio n node. Furthermore, the initiating node signs the RDP. Each node validates the signature with the certificate, updates its routing table with the neighbor from which it received the RDP, signs it, and forwards it to its neighbors after removing the certificate and the signature of the previous node (but not the initiators signature and certificate). The signature prevents malicious nodes from injecting arbitrary route discovery packets that alter routes or form loops [13]. The destination node eventually receives the RDP and replies with a reply packet (REP). The REP contains the address of the source node, the destinations certificate, a nonce, and the associated timestamp. The destination node signs the REP before transmitting it. The REP is forwarded back to the initiating node by a process similar to the one described for the route discovery, except that the REP is unicasted along the reverse path. The source node is able to verify that the destination node sent the REP by chec king the nonce and the signature. Figure 2 illustrates the process of route discovery in ARAN. All messages are authenticated at each hop from source to destination as well as on the reverse path. Due to heavy computation involved with the certificates, ARAN is vulnerable to many attacks e.g. DOS attacks. In situation when there are no malicious nodes in the network the load involved in the routing process force the legitimate nodes to drop the packets in order to save their resources. Symmetric Cryptography Solutions Symmetric cryptographic solutions rely solely on symmetric cryptography to secure the function of routing in wireless ad hoc networks. The mechanisms utilized is hash functions and hash chains. A one-way hash function is a function that takes an input of arbitrary length and returns an output of fixed length [14]. As hash functions are especially lightweight when compared to other symmetric and asymmetric cryptographic operations, they have been extensively used in the context of securing ad hoc routing. Secure Ad hoc On-demand Distance Vector Protocol (SAODV) The Secure Ad hoc On Demand Distance Vector (SAODV) [7] addresses the problem of securing a MANET network. SAODV is an extension of AODV[4] routing protocol that can be used to protect the route discovery mechanism by providing security features like authentication, integrity and non-repudiation. It uses digital signatures to authenticate the non-mutable fields of the message, and hash chains to secure the hop count information (the only mutable field in message) in both RREQ and RREP messages. The SAODV scheme is based on the assumption that each node possesses certified public keys of all network nodes . In order to facilitate the transmission of the information required for the security mechanisms, SAODV defines extensions to the standard AODV message format. These SAODV extensions consist of the following fields. The hash function field identifies the one-way hash function that is used. The field max hop count is a counter that specifies the maximum number of nodes a packet is al lowed to go through. The top hash field is the result of the application of the hash function max hop count times to a randomly generated number, and finally the field hash is this random number. When a node transmits a route request or a route reply AODV packet it sets the max hop count field equal to the time to live (TTL) field from the IP header, generates a random number and sets the hash field equal to it, and applies the hash function specified by the corresponding field max hop count times to the random number, storing the calculated result to the top hash field. Moreover, the node digitally signs all fields of the message, except the hop count field from the AODV header and the hash field from the SAODV extension header. An intermediate node that receives a route request or a route reply must verify the integrity of the message and the hop count AODV [4] field. The integrity requirement is accomplished by verifying the digital signature. The hop count field is verified by comparing the result of the application of the hash function max hop count minus hop count times to the hash field with the value of the top hash field. Before the packet is re-broadcasted by the in termediate node the value of the hash field is replaced by the result of the calculation of the one-way hash of the field itself in order to account for the new hop. In SAODV route error messages (RERR) that are generated by nodes that inform their neighbors that they are not going to be able to route messages to specific destinations are secured using digital signatures. A node that generates or forwards a route error message cryptographically signs the whole message, except the destination sequence numbers. Although SAODV provides reasonable security to MANETs routing, but it is still vulnerable to distance fraud attack [15] in which the forwarding node fails to increment the route metric because in SAODV there is no enforcement to do so. Further there is no method to detect the malicious nodes and DOS attacks because in SAODV it is assumed that DOS attacks are restricted to physical layer, but this assumption failed when colluding malicious nodes drop packets during the route discovery process. Security Aware Routing (SAR) SAR [16] (Security Aware Routing) is an extension to existing on demand routing protocols and used where nodes are grouped on the basis of trust level. In SAR each node has different security level which assigns them different trust levels. Two nodes can only communicate with each other if they have equal or greater trust values. If a node has lower security level it simply discards the packet. In case there is no node in the network with the desired level then communication cannot take place or we can say that, that particular packet cant be forwarded unless its security level is lowered. By exploiting this condition a malicious node can attack at its level or at lower levels. Particularly in the context of Packet Dropping Attack, within a trust level, a malicious node or any other node which aims at saving its resources or intentionally launching a attack can successfully drop packets without being noticed and can get services from other nodes for forwarding its own packets. SAR al so fails in the situations of secure routing in general because it only focuses on the situations in which certain groups are assumed to be trustworthy. Conclusion From the above discussion, we observe that all Secure Ad hoc routing protocols are still vulnerable to many attacks. Although proposed techniques provide security against external attacks, insider attacks are still an open issue in MANETs. Chapter 3 Literature Review Introduction Many solutions have been proposed to prevent selfishness in MANETs. The main goal of all the schemes proposed in the literature is to make decisions regarding trustworthy entities and to encourage behavior that leads to increasing trust. In this section we discuss some of the solutions presented in the literature in order to detect the malicious nodes in the network in context of packet dropping attack. Watchdog and Pathrater In [17] Marti el al, proposed a mechanism called as watchdog and pathrater on DSR[6] to detect the misbehavior of nodes in MANETs. Nodes in this scheme operate in a promiscuous mode. The watchdog monitors one hop neighbor by overhearing the medium to check whether the next neighbor forwards the packet or not. It also maintains a buffer of recently sent packets. If a data packet remains in the buffer too long, the watchdog declares the next hop neighbor to be misbehaving. Every node that participates in the ad hoc network employs the watchdog functionality in order to verify that its neighbors correctly forward packets. When a node transmits a packet to the next node in the path, it tries to promiscuously listen if the next node will also transmit it. Furthermore, if there is no link encryption utilized in the network, the listening node can also verify that the next node did not modify the packet before transmitting it . The watchdog of a node maintains copies of recently forwarded p ackets and compares them with the packet transmissions overheard by the neighboring nodes. Positive comparisons result in the deletion of the buffered packet and the freeing of the related memory. If a node that was supposed to forward a packet fails to do so within a certain timeout period, the watchdog of an overhearing node increments a failure rating for the specific node. This effectively means that every node in the ad hoc network maintains a rating assessing the reliability of every other node that it can overhear packet transmissions from. A node is identified as misbehaving when the failure rating exceeds a certain threshold bandwidth. The source node of the route that contains the offending node is notified by a message send by the identifying watchdog. As the authors of the scheme note, the main problem with this approach is its vulnerability to blackmail attacks. The pathrater selects the path with the highest metric when there are multiple paths for the same destination node. The algorithm followed by the pathrater mechanism initially assigns a rating of 1.0 to itself and 0.5 to each node that it knows through the route discovery function. The nodes that participate on the active paths have their ratings increased by 0.01 at periodic intervals of 200 milliseconds to a maximum rating of 0.8. A rating is decremented by 0.05 when a link breakage is Security for Insider Attacks in Mobile Ad Hoc Networks Security for Insider Attacks in Mobile Ad Hoc Networks Abstract Mobile ad hoc networks are collection of wireless mobile nodes forming a temporary network without the aid of any established infrastructure. Security issues are more paramount in such networks even more so than in wired networks. Despite the existence of well-known security mechanisms, additional vulnerabilities and features pertinent to this new networking paradigm might render the traditional solutions inapplicable. In particular these networks are extremely under threat to insider attacks especially packet dropping attacks. It is very difficult to detect such attacks because they comes in the category of attacks in mobile ad hoc networks in which the attacker nodes becomes the part of the network. In this research work we have proposed a two folded approach, to detect and then to isolate such nodes which become the part of the network to cause packet dropping attacks. First approach will detect the misbehavior of nodes and will identify the malicious activity in network, and then upon identification of nodes misbehavior in network other approach will isolate the malicious node from network. OMNET++ simulator is used to simulate and verify the proposed solution. Experimental results shows that E-SAODV (Enhanced Secure Ad hoc On Demand Distance Vector protocol) performs much better than conventional SAODV (Secure Ad hoc On Demand Distance Vector Protocol) Chapter 1 Introduction Overview Mobile Ad-hoc networks are a new paradigm of wireless communication for mobile hosts. As there is no fixed infrastructure such as base stations for mobile switching. Nodes within each others range communicate directly via wireless links while those which are far apart rely on other nodes to transmit messages. Node mobility causes frequent changes in topology. The wireless nature of communication and lack of any security infrastructure raises several security problems. The following flowchart depicts the working of any general ad-hoc network. Features of Mobile Ad hoc Networks Based on the characteristics, Mobile Ad hoc Networks has following main features. Because of the limited energy supply for the wireless nodes and the mobility of the nodes, the wireless links between mobile nodes in the Ad hoc Network are not consistent for the communication participants. Due to the continuous motion of nodes, the topology of the mobile ad hoc network changes constantly, the nodes can continuously move into and out of the radio range of the other nodes in the ad hoc network, and the routing information will be changing all the time because of the movement of the nodes. Lack of incorporation of security features in statically configured wireless routing protocol not meant for Ad hoc environments. Because the topology of the Ad hoc Networks is changing constantly, it is necessary for each pair of adjacent nodes to incorporate in the routing issue so as to prevent some kind of potential attacks that try to make use of vulnerabilities in the statically configured routing protocol. Mobile Ad hoc Network Routing Protocols Routing in Mobile Ad hoc Networks faces additional challenges when compared to routing in traditional wired networks with fixed infrastructure. There are several well-known protocols that have been specifically developed to cope with the limitations imposed by Ad hoc networking environments. The problem of routing in such environments is aggravated by limiting factors such as rapidly changing topologies, high power consumption, low bandwidth and high error rates [1]. Most of the existing routing protocols follow two different design approaches to confront the inherent characteristics of Ad hoc networks namely Proactive Routing Protocols, Reactive Routing Protocols. Proactive Routing Protocols Proactive ad hoc routing protocols maintain at all times routing information regarding the connectivity of every node to all other nodes that participate in the network. These protocols are also known as Table-driven Ad hoc Routing Protocols. These protocols allow every node to have a clear and consistent view of the network topology by propagating periodic updates [1]. Therefore, all nodes are able to make immediate decisions regarding the forwarding of a specific packet. Two main protocols that fall into the category of proactive routing protocols are Destination-Sequenced Distance-Vector (DSDV) protocol [2] and the Optimized Link State Routing (OLSR) protocol [3]. Reactive Routing Protocols An alternative approach to the one followed by Proactive Routing Protocols also known as source-initiated on-demand routing, is Reactive Routing Protocols. According to this approach a route is created only when the source node requires one to a specific destination. A route is acquired by the initiation of a route discovery function by the source node. The data packets transmitted while a route discovery is in process are buffered and are sent when the path is established. An established route is maintained as long as it is required through a route maintenance procedure. The Ad hoc On-demand Distance Vector (AODV) routing protocol [4], Temporally Ordered Routing Algorithm (TORA) [5] and the Dynamic Source Routing protocol [6] are examples of this category of protocols. Security issues in Mobile Ad hoc Routing Protocols Any routing protocol must encapsulate an essential set of security mechanisms. These are mechanisms that help prevent, detect, and respond to security attacks. We can classify these major security goals into five main categories, which need to be addressed in order to maintain a reliable and secure ad-hoc network environment. Confidentiality Confidentiality is the protection of any information from being exposed to unintended entities. In ad-hoc networks this is more difficult to achieve because intermediates nodes receive the packets for other recipients, so they can easily eavesdrop the information being routed. Availability Availability means that a node should maintain its ability to provide all the designed services regardless of the security state of it . This security criterion is challenged mainly during the denial-of-service attacks, in which all the nodes in the network can be the attack target and thus some selfish nodes make some of the network services unavailable, such as the routing protocol or the key management service. Authentication Authentication assures that an entity of concern or the origin of a communication is what it claims to be or from. Without which an attacker would impersonate a node, thus gaining unauthorized access to resource and sensitive information and interfering with operation of other nodes. Integrity Integrity guarantees the identity of the messages when they are transmitted. Integrity can be compromised through malicious and accidental altering. A message can be dropped, replayed or revised by an adversary with malicious goal, which is regarded as malicious altering while if the message is lost or its content is changed due to some failures, which may be transmission errors or hardware errors such as hard disk failure, then it is categorized as accidental altering. Non-Repudiation Non-repudiation ensures that sending and receiving parties can never deny their sending or receiving the message. In order to achieve the overall goal of Mobile Ad hoc Network security, above five mechanisms must be implemented in any ad-hoc networks so as to ensure the security of the transmissions along that network. Secure Ad hoc Routing As discussed earlier over the past decade, many Ad hoc routing protocols have been proposed in literature. Among them the most widely used are AODV (Ad hoc On Demand Distance Vector) [4] and DSR (Dynamic Source Routing) [2] which comes in the category of re-active routing protocols of Ad hoc Networks. All of these protocols have been studied extensively. But as there were no security considerations in the original design of these protocols, these protocols remain under threat from the attackers. The main assumption of these protocols was that all participating nodes do so in good faith and without maliciously disrupting the operation of the protocol. However the existence of malicious entities can not be disregarded in the systems especially the environment used for Ad hoc Networks. To overcome the security vulnerabilities in existing routing protocols, many security enhancements in these protocols have been proposed but unfortunately these secure Ad hoc Routing Protocols were either designed for a particular protocol or to address a specific problem operation of the protocol. For example SAODV (Secure Ad hoc On Demand Distance Vector Protocol) [7] was proposed to secure AODV (Ad hoc On Demand Distance Vector) protocol, Ariadne [10] was proposed to protect DSR (Dynamic Source Routing) protocol, ARAN [7] was proposed to protect the Ad hoc Routing in general while SEAD [8] was proposed to protect the DSDV (Destination Sequence Distance Vector Routing) protocol. The purpose of SAR [9] (Security Aware Routing) was also to protect the Routing in Ad hoc Networks. Problem definition Thus ongoing studies on MANETs pose many challenging research areas including MANETs security. Since MANETs are made up entirely of wireless mobile nodes, they are inherently more susceptible to security threats compared to fixed networks [11]. Access to wireless links is virtually impossible to control thus adverse security events such as eavesdropping, spoofing and denial of service attacks are more easily accomplished. These security risks must be reduced to an acceptable level while maintaining an acceptable Quality of Service and network performance. However, in order to work properly, the routing protocols in MANETs need trusted working environments, which are not always available. There may be situations in which the environment may be adversarial. For example some nodes may be selfish, malicious, or compromised by attackers. Most of the work done regarding network security in MANETs focuses on preventing attackers from entering the network through secure key distribution and secure neighbor discovery [10],[12]. But these schemes become ineffective when the malicious nodes have entered the network, or some nodes in the network have been compromised. Therefore, threats from compromised nodes inside the network are far more dangerous than the attacks from outside the network. Since these attacks are initiated from inside the network by the participating malicious nodes which behave well before they are compromised, it is very hard to detect these attacks. Keeping in view the security threats faced by MANETs we focus on Packet Dropping Attack which is a serious threat to Mobile Ad hoc Networks. Although many research efforts have been put on secure routing protocols but the attacks like packet dropping is not adequately addressed. We study the packet dropping attack in which a malicious node intentionally drops the packets they received. Unlike all previous researches which attempt to tolerate Packet Dropping Attacks, our work makes the first effort to detect the malicious activity and then identify the malicious or compromised nodes in the network. Research Objective The fundamental objective of this research is to discuss the security attacks faced by Mobile Ad hoc Networks specially insider attacks and to review the security in existing routing protocols especially secure routing protocols in MANETs. We particularly focus on packet dropping attack which is a serious threat to Mobile Ad hoc Networks. A novel security enhancement scheme to address packet dropping attack has been proposed. Thesis Organization Chapter 2 provides a brief introduction of security threats faced by Mobile Ad hoc Networks and secure routing to address these attacks. Chapter 3 discusses about the related work and flaws identified in the related work. Chapter 4 presents the possible solutions to address the packet dropping attack in Mobile Ad hoc Networks. Chapter 5 includes the implementation of proposed mechanisms and Results of the proposed mechanism and the thesis is concluded in Chapter 6. Chapter 2 Security Threats and Secure Ad hoc Routing Protocols Introduction This chapter includes the threats and types of attacks faced by Mobile Ad hoc Networks. Secure Ad hoc routing protocols like SAODV [7] (Secure Ad hoc On Demand Distance Vector), SAR [16] (Security Aware Routing), and ARAN [9] (Authenticated Routing for Ad hoc Networks) etc and how these protocols are still vulnerable to attacks, are discussed in this chapter. Types of attacks in MANETs There are numerous kinds of attacks in the mobile ad hoc networks, almost all of which can be classified into two types, External Attacks and Insider Attacks. External Attacks External Attacks are those attacks, in which the attacker aims to cause congestion, propagate fake routing information or disturb nodes from providing services. External attacks are similar to the normal attacks in the traditional wired networks such that the adversary is in the proximity but not a trusted node in the network, therefore, this type of attack can be prevented and detected by the security methods such as authentication or firewall, which are relatively conventional security solutions. Internal or Insider Attacks Due to the invasive nature and open network media in the mobile ad hoc network, internal also known as insider attacks are more dangerous than the external attacks because the compromised or malicious nodes are originally the legitimate users of the Ad hoc network, they can easily pass the authentication and get protection from the security mechanisms. As a result, the adversaries can make use of them to gain normal access to the services that should only be available to the authorized users in the network, and they can use the legal identity provided by the compromised nodes to conceal their malicious behaviors. Therefore, more attention should be paid to the internal attacks initiated by the malicious insider nodes when we consider the security issues in the mobile ad hoc networks. Internal or insider nodes when become part of the network can misuse the network in the following ways Packet Dropping A malicious node can attack at its level or at lower levels. Particularly in the context of Packet Dropping Attack, within a trust level, a malicious node or any other node which aims at saving its resources or intentionally launching a attack can successfully drop packets without being noticed and can get services from other nodes for forwarding its own packets. Node Isolation An internal malicious node can prevent nodes from communicating with any other node. Route Disruption A malicious node can break down an existing route or prevent a new route from being established. Route Invasion An inside attacker adds itself between two endpoints of a communication channel. Attacks based on modification A very simplest way for a malicious node to disturb the operations of an ad-hoc network is to perform an attack based on modification. The only task the malicious or compromised node needs to perform is to announce better routes than the ones presently existing. This kind of attack is based on the modification of the metric value for a route or by altering control message fields. There are various ways to perform this type of attacks; some of them are discussed below Altering the Hop Count This attack is more specific to the AODV [4] protocol wherein the optimum path is chosen by the hop count metric. A malicious node can disturb the network by announcing the smallest hop count value to reach the compromised node. In general, an attacker would use a value zero to ensure to the smallest hop count. Changing the Route Sequence Number When a node decides the optimum path to take through a network, the node always relies on a metric of values, such as hop count delays etc. The smaller that value, the more optimum the path. Hence, a simple way to attack a network is to change this value with a smaller number than the last better value. Altering Routing Information This type of attack leads network toward Denial of Service (DoS) attack. For example in a situation where a node M wants to communicate with node S. At node M the routing path in the header would be M-N-O-P-Q-R-S. If N is a compromised node, it can alter this routing detail to M-N-O-P. But since there exists no direct route from O to P, P will drop the packet. Thus, A will never be able to access any service from P. This situation leads the network towards a DoS attack. Impersonation Attacks Impersonation is also known as spoofing. In this type of attack the malicious node hides its IP address or MAC address and uses the addresses of other nodes present in the network. Since current ad-hoc routing protocols like AODV [4] and DSR [6] do not authenticate source IP address. By exploiting this situation a malicious node can launch variety of attacks using spoofing. For example in a situation where an attacker creates loops in the network to isolate a node from the remainder of the network, the attacker needs to spoof the IP address of the node he wants to isolate from the network and then announce new route to the others nodes. By doing this, he can easily modify the network topology as he wants. Fabrication Attacks Fabrication attacks can be classified into three main categories. Detection is very difficult in all of these three cases. Routing table poisoning Routing protocols maintain tables which hold information regarding routes of the network. In routing table poisoning attacks the malicious nodes generate and send fabricated signaling traffic, or modify legitimate messages from other nodes, in order to create false entries in the tables of the participating nodes. For example, an attacker can send routing updates that do not correspond to actual changes in the topology of the ad hoc network. Routing table poisoning attacks can result in selection of non-optimal routes, creation of routing loops and bottlenecks. Route Cache Poisoning This type of attack falls in the category of passive attacks that can occur especially in DSR [6] due to the promiscuous mode of updating routing tables. This type of situation arises when information stored in routing tables is deleted, altered or injected with false information. A node overhearing any packet may add the routing information contained in that packets header to its own route cache, even if that node is not on the path from source to destination. The vulnerability of this system is that an attacker could easily exploit this method of learning routes and poison route caches by broadcast a message with a spoofed IP address to other nodes. When they receive this message, the nodes would add this new route to their cache and would now communicate using the route to reach the malicious node. Rote Error Messages fabrication This attack is very common in AODV [4] and DSR [6], because when nodes move these two protocols use path maintenance to recover the optimum path. The weakness of this architecture is that whenever a node moves, the closest node sends an error message to the other nodes so as to inform them that a route is no longer accessible. If an attacker can cause a DoS attack by spoofing any node and sending error messages to the all other nodes. As a result malicious node can separate any node quite easily. Eavesdropping Eavesdropping is another kind of attack that usually happens in the mobile ad hoc networks. The goal of eavesdropping is to obtain some confidential information that should be kept secret during the communication. This information may include the location, public key, private key or even passwords of the nodes. Because such data are very important to the security state of the nodes, they should be kept away from the unauthorized access. Secure Ad hoc Routing Protocols Many solutions have been proposed for secure routing in ad hoc networks, in order to offer protection against the attacks discussed earlier. These proposed solutions are either completely new stand-alone protocols, or in some cases incorporations of security mechanisms into existing ones (like DSR [6] and AODV [4]). In order to analyze the proposed solutions and how they are still vulnerable to attacks we classified them into two main categories based on asymmetric cryptography and symmetric cryptography. Asymmetric Cryptographic Solution Protocols that use asymmetric cryptography to secure routing in mobile ad hoc networks require the existence of a universally trusted third party. This trusted third party can be either online or offline. The trusted third party issues certificates that bind a nodes public key with a nodes persistent identifier. Authenticated Routing for Ad hoc Networks ARAN [9] falls in this category of secure Ad hoc routing protocols; many of the other protocols presented in other categories that use asymmetric cryptography operate in a similar manner and have similar requirements. Authenticated Routing for Ad hoc Networks ARAN The Authenticated Routing for Ad hoc Networks (ARAN) proposed in [9] is a standalone solution for secure routing in ad hoc networking environments. ARAN use digital certificates and can successfully operate in the managed open scenario where no infrastructure is pre-deployed. The basic mechanism used in ARAN is certification that is achieved through the existence of a trusted certification authority (CA). All nodes are supposed to know their public key from the certification authority and also the public key of server. Prior to entering into the network, each node has to apply for a certificate that is signed by the certificate server. ARAN accomplishes the discovery of routes by a broadcast message from source node which is replied in a unicast manner. This route discovery of the ARAN protocol begins with a node broadcasting to its neighbors a route discovery packet (RDP). The RDP includes the certificate of the initiating node, a nonce, a timestamp and the address of the destinatio n node. Furthermore, the initiating node signs the RDP. Each node validates the signature with the certificate, updates its routing table with the neighbor from which it received the RDP, signs it, and forwards it to its neighbors after removing the certificate and the signature of the previous node (but not the initiators signature and certificate). The signature prevents malicious nodes from injecting arbitrary route discovery packets that alter routes or form loops [13]. The destination node eventually receives the RDP and replies with a reply packet (REP). The REP contains the address of the source node, the destinations certificate, a nonce, and the associated timestamp. The destination node signs the REP before transmitting it. The REP is forwarded back to the initiating node by a process similar to the one described for the route discovery, except that the REP is unicasted along the reverse path. The source node is able to verify that the destination node sent the REP by chec king the nonce and the signature. Figure 2 illustrates the process of route discovery in ARAN. All messages are authenticated at each hop from source to destination as well as on the reverse path. Due to heavy computation involved with the certificates, ARAN is vulnerable to many attacks e.g. DOS attacks. In situation when there are no malicious nodes in the network the load involved in the routing process force the legitimate nodes to drop the packets in order to save their resources. Symmetric Cryptography Solutions Symmetric cryptographic solutions rely solely on symmetric cryptography to secure the function of routing in wireless ad hoc networks. The mechanisms utilized is hash functions and hash chains. A one-way hash function is a function that takes an input of arbitrary length and returns an output of fixed length [14]. As hash functions are especially lightweight when compared to other symmetric and asymmetric cryptographic operations, they have been extensively used in the context of securing ad hoc routing. Secure Ad hoc On-demand Distance Vector Protocol (SAODV) The Secure Ad hoc On Demand Distance Vector (SAODV) [7] addresses the problem of securing a MANET network. SAODV is an extension of AODV[4] routing protocol that can be used to protect the route discovery mechanism by providing security features like authentication, integrity and non-repudiation. It uses digital signatures to authenticate the non-mutable fields of the message, and hash chains to secure the hop count information (the only mutable field in message) in both RREQ and RREP messages. The SAODV scheme is based on the assumption that each node possesses certified public keys of all network nodes . In order to facilitate the transmission of the information required for the security mechanisms, SAODV defines extensions to the standard AODV message format. These SAODV extensions consist of the following fields. The hash function field identifies the one-way hash function that is used. The field max hop count is a counter that specifies the maximum number of nodes a packet is al lowed to go through. The top hash field is the result of the application of the hash function max hop count times to a randomly generated number, and finally the field hash is this random number. When a node transmits a route request or a route reply AODV packet it sets the max hop count field equal to the time to live (TTL) field from the IP header, generates a random number and sets the hash field equal to it, and applies the hash function specified by the corresponding field max hop count times to the random number, storing the calculated result to the top hash field. Moreover, the node digitally signs all fields of the message, except the hop count field from the AODV header and the hash field from the SAODV extension header. An intermediate node that receives a route request or a route reply must verify the integrity of the message and the hop count AODV [4] field. The integrity requirement is accomplished by verifying the digital signature. The hop count field is verified by comparing the result of the application of the hash function max hop count minus hop count times to the hash field with the value of the top hash field. Before the packet is re-broadcasted by the in termediate node the value of the hash field is replaced by the result of the calculation of the one-way hash of the field itself in order to account for the new hop. In SAODV route error messages (RERR) that are generated by nodes that inform their neighbors that they are not going to be able to route messages to specific destinations are secured using digital signatures. A node that generates or forwards a route error message cryptographically signs the whole message, except the destination sequence numbers. Although SAODV provides reasonable security to MANETs routing, but it is still vulnerable to distance fraud attack [15] in which the forwarding node fails to increment the route metric because in SAODV there is no enforcement to do so. Further there is no method to detect the malicious nodes and DOS attacks because in SAODV it is assumed that DOS attacks are restricted to physical layer, but this assumption failed when colluding malicious nodes drop packets during the route discovery process. Security Aware Routing (SAR) SAR [16] (Security Aware Routing) is an extension to existing on demand routing protocols and used where nodes are grouped on the basis of trust level. In SAR each node has different security level which assigns them different trust levels. Two nodes can only communicate with each other if they have equal or greater trust values. If a node has lower security level it simply discards the packet. In case there is no node in the network with the desired level then communication cannot take place or we can say that, that particular packet cant be forwarded unless its security level is lowered. By exploiting this condition a malicious node can attack at its level or at lower levels. Particularly in the context of Packet Dropping Attack, within a trust level, a malicious node or any other node which aims at saving its resources or intentionally launching a attack can successfully drop packets without being noticed and can get services from other nodes for forwarding its own packets. SAR al so fails in the situations of secure routing in general because it only focuses on the situations in which certain groups are assumed to be trustworthy. Conclusion From the above discussion, we observe that all Secure Ad hoc routing protocols are still vulnerable to many attacks. Although proposed techniques provide security against external attacks, insider attacks are still an open issue in MANETs. Chapter 3 Literature Review Introduction Many solutions have been proposed to prevent selfishness in MANETs. The main goal of all the schemes proposed in the literature is to make decisions regarding trustworthy entities and to encourage behavior that leads to increasing trust. In this section we discuss some of the solutions presented in the literature in order to detect the malicious nodes in the network in context of packet dropping attack. Watchdog and Pathrater In [17] Marti el al, proposed a mechanism called as watchdog and pathrater on DSR[6] to detect the misbehavior of nodes in MANETs. Nodes in this scheme operate in a promiscuous mode. The watchdog monitors one hop neighbor by overhearing the medium to check whether the next neighbor forwards the packet or not. It also maintains a buffer of recently sent packets. If a data packet remains in the buffer too long, the watchdog declares the next hop neighbor to be misbehaving. Every node that participates in the ad hoc network employs the watchdog functionality in order to verify that its neighbors correctly forward packets. When a node transmits a packet to the next node in the path, it tries to promiscuously listen if the next node will also transmit it. Furthermore, if there is no link encryption utilized in the network, the listening node can also verify that the next node did not modify the packet before transmitting it . The watchdog of a node maintains copies of recently forwarded p ackets and compares them with the packet transmissions overheard by the neighboring nodes. Positive comparisons result in the deletion of the buffered packet and the freeing of the related memory. If a node that was supposed to forward a packet fails to do so within a certain timeout period, the watchdog of an overhearing node increments a failure rating for the specific node. This effectively means that every node in the ad hoc network maintains a rating assessing the reliability of every other node that it can overhear packet transmissions from. A node is identified as misbehaving when the failure rating exceeds a certain threshold bandwidth. The source node of the route that contains the offending node is notified by a message send by the identifying watchdog. As the authors of the scheme note, the main problem with this approach is its vulnerability to blackmail attacks. The pathrater selects the path with the highest metric when there are multiple paths for the same destination node. The algorithm followed by the pathrater mechanism initially assigns a rating of 1.0 to itself and 0.5 to each node that it knows through the route discovery function. The nodes that participate on the active paths have their ratings increased by 0.01 at periodic intervals of 200 milliseconds to a maximum rating of 0.8. A rating is decremented by 0.05 when a link breakage is
Subscribe to:
Posts (Atom)