1.

Explain about issues in designing of a transport layer protocol used for Ad-hoc wireless
network
Induced traffic: Unlike wired networks, ad hoc wireless networks utilize multi-hop radio relaying.
A link-level transmission affects the neighbour nodes of both the sender and receiver of the link. In
a path having multiple links, transmission at a particular link affects one upstream link and one
downstream link. This traffic at any given link (or path) due to the traffic through neighbouring
links (or paths) is referred to as induced traffic.
Induced throughput unfairness: This refers to the throughput unfairness at the transport layer due
to the throughput/delay unfairness existing at the lower layers such as the network and MAC layers.
Separation of congestion control, reliability, and flow control: A transport layer protocol can
provide better performance if end-to-end reliability, flow control, and congestion control are
handled separately. Reliability and flow control are end-to-end activities, whereas congestion can at
times be a local activity.
Power and bandwidth constraints: Nodes in ad hoc wireless networks face resource constraints
including the two most important resources: (i) power source and (ii) bandwidth. The performance
of a transport layer protocol is significantly affected by these constraints.
Misinterpretation of congestion: Traditional mechanisms of detecting congestion in networks,
such as packet loss and retransmission timeout, are not suitable for detecting the network
congestion in ad hoc wireless networks. This is because the high error rates of wireless channel,
location-dependent contention, hidden terminal problem, packet collisions in the network, path
breaks due to the mobility of nodes, and node failure due to a drained battery can also lead to packet
loss in ad hoc wireless networks.
Completely decoupled transport layer: Another challenge faced by a transport layer protocol is
the interaction with the lower layers. Wired network transport layer protocols are almost completely
decoupled from the lower layers. In ad hoc wireless networks, the cross-layer interaction between
the transport layer and lower layers such as the network layer and the MAC layer is important for
the transport layer to adapt to the changing network environment.
Dynamic topology: Some of the deployment scenarios of ad hoc wireless networks experience
rapidly changing network topology due to the mobility of nodes. This can lead to frequent path
breaks, partitioning and emerging of networks, and high delay in re-establishment of paths. Hence,
the performance of a transport layer protocol is significantly affected by the rapid changes in the
network topology.

2. Explain about design goals of transport layer protocol for AD HOC wireless networks
The following are the important goals to be met while designing a transport layer protocol for ad
hoc wireless networks:
• The protocol should maximize the throughput per connection.
• It should provide throughput fairness across contending flows.
• The protocol should incur minimum connection setup and connection maintenance overheads. It
should minimize the resource requirements for setting up and maintaining the connection in order to
make the protocol scalable in large networks.
• The transport layer protocol should have mechanisms for congestion control and flow control in
the network.
• It should be able to provide both reliable and unreliable connections as per the requirements of the
application layer.
• The protocol should be able to adapt to the dynamics of the network such as the rapid change in
topology and changes in the nature of wireless links from uni-directional to bidirectional or vice
versa.
• One of the important resources, the available bandwidth, must be used efficiently.
• The protocol should be aware of resource constraints such as battery power and buffer sizes and
make efficient use of them.
• The transport layer protocol should make use of information from the lower layers in the protocol
stack for improving the network throughput.
• It should have a well-defined cross-layer interaction framework for effective, scalable, and
protocol-independent interaction with lower layers.
• The protocol should maintain end-to-end semantics.

3.Explain the classification of ad hoc network protocols defined for transport layer.

1. Extensions of TCP for Ad Hoc Wireless Networks

TCP was originally designed for wired networks, and its performance in ad hoc wireless
networks is hindered due to the unique characteristics of such networks. Extensions and
modifications to TCP for ad hoc networks are classified into two approaches:
• Split Approaches: These divide the end-to-end connection into smaller segments to
improve performance.
• End-to-End Approaches: These maintain the end-to-end semantics while adapting TCP for
wireless environments.
2. Non-TCP Based Protocols
These are entirely new transport protocols developed specifically for ad hoc wireless
networks. They address limitations of TCP by adopting different paradigms, often leveraging cross-
layer design and feedback mechanisms.
Common Transport Protocols and Their Characteristics
1. Feedback-Based TCP (TCP- F):
• Uses feedback from intermediate nodes to handle route failures.
• Puts the sender in a "snooze state" during route breaks to prevent unnecessary
retransmissions.
• Relies on routing protocols for path re-establishment.
2. TCP- Bus (TCP with Buffering and Sequence Information):
• Incorporates buffering at intermediate nodes and sequence numbering to enhance
reliability.
• Works closely with routing protocols to recover from path failures.
 3. Split TCP:
• Splits a long TCP connection into smaller segments with proxy nodes as terminators
for each segment.
• Improves throughput and reduces the impact of mobility.
• Employs local acknowledgments (Lacks) but still supports end-to-end
acknowledgments.

4. Why does TCP not perform well in AD HOC wireless networks?

1. Misinterpretation of Packet Loss

• Congestion Assumption: TCP was designed for wired networks, where packet loss is
mainly due to congestion. In ad hoc networks, packet loss can occur due to high bit error
rates, interference, and mobility-related issues such as link breaks.
2. Frequent Path Breaks
• Dynamic Topology: Nodes in ad hoc networks move frequently, causing routes to break and
requiring route re-establishment.
• Impact: TCP assumes path failures as network congestion, leading to unnecessary
retransmissions and reduced performance.

3. Misinterpretation of Congestion Window

• Congestion Window Dynamics: TCP uses the congestion window to regulate the rate of
data transmission. In ad hoc networks, path failures or network partitioning cause congestion
control mechanisms to activate unnecessarily.
• Outcome: Leads to underutilization of the network's capacity.

4. Asymmetric Link Behaviour

• Unidirectional Links: Ad hoc networks often have links with directional inconsistencies,
causing acknowledgment packets to fail even if data packets are delivered.
• Effect: TCP retransmits packets unnecessarily, reducing efficiency.

5. Uni-Directional Paths
• Overhead in Acknowledgments: TCP relies on end-to-end acknowledgments for reliability.
In ad hoc networks, this results in significant bandwidth consumption and additional
overhead for reverse-path communication.
• Result: Reduced efficiency and throughput.

6. Multipath Routing
• Packet Reordering: Ad hoc networks may use multipath routing, leading to out-of-order
packet delivery.
• Consequence: TCP misinterprets out-of-order packets as packet loss, invoking congestion
control unnecessarily.
7. Network Partitioning and Merging
• Node Mobility: Frequent network partitions and mergers disrupt established paths.
• Outcome: TCP interprets these disruptions as network issues, triggering unnecessary
retransmissions.

8. Effect of Path Length

• Longer Paths: In ad hoc networks, increasing the path length raises the probability of path
breaks.
• Impact: Longer paths result in higher chances of packet drops and lower throughput.

5. Discuss about feedback-based TCP

Feedback-Based TCP (TCP- F) is a modification of traditional TCP designed to improve its
performance in ad hoc wireless networks. It addresses the challenges posed by frequent path breaks,
a common issue in these networks due to node mobility and dynamic topology changes.
1. Feedback Mechanism:
• An intermediate node detects a path break and generates a Route Failure
Notification (RFN) packet.
• The RFN is sent to the source node, informing it about the break in the path to the
destination.
2. Snooze State:
• Upon receiving an RFN, the TCP sender enters a snooze state:
• Stops sending packets to the destination.
• Freezes all timers (e.g., retransmission timer) and congestion windows.
• Sets a route failure timer, estimating the time needed to re-establish the
path.
3. Path Re-establishment:
• The routing protocol repairs the broken path.
• When a new path is established, a Route Re-establishment Notification (RRN) is
sent to the source node.
• The TCP sender exits the snooze state and resumes normal operations.
Figure shows the operation of the TCP- F protocol. In
the figure, a TCP session is set up between node A and
node D over the path A-B-C-D [refer to Figure (a)].
When the intermediate link between node C and node D
fails, node C originates an RFN packet and forwards it
on the reverse path to the source node [see Figure b)].
The sender's TCP state is changed to the snooze state
upon receipt of an RFN packet. If the link CD rejoins, or
if any of the intermediate nodes obtains a path to destination node D, a route re-establishment
notification (RRN) packet is sent to node A and the TCP state is updated back to the connected state
[Figure (c)].
6. With a neat diagram explain about TCP- BUS
TCP- Bus is a transport layer protocol designed for ad hoc wireless networks to improve the
performance of traditional TCP. It leverages buffering, sequence information, and feedback
mechanisms to handle frequent path breaks efficiently. TCP- Bus is particularly dependent on
routing protocols, such as Associativity-Based Routing (ABR), to recover from disruptions.
• TCP with buffering capability and sequence information (TCP- BuS) is similar to the TCP-
F and TCP- ELFN in its use of feedback information from an intermediate node on detection
of a path break. But TCP- BuS is more dependent on the routing protocol compared to TCP-
F and TCP- ELFN.
• TCP- BuS was proposed, with associativity-based routing (ABR) protocol as the routing
scheme. Hence, it use of some of the special messages such as localized query (LQ) and
REPLY, defined as part of ABR for finding a partial path. These messages are modified to
carry TCP connection and segment information.
• Upon detection of a path break, an upstream intermediate node [called pivot node (PN)]
originates an explicit route reconnection notification (ERDN) message.
• This ERDN packet is propagated to the TCP- BuS sender and, upon reception of it, the TCP-
BuS sender stops transmission and freezes all timers and windows as in TCP- F.

Since there is a chance for ERSN packet loss due

to congestion in the network, it needs to be sent
reliably.
The TCP-BuS sender also periodically originates
probe packets to check the availability of a path to
the destination.
The figure shows an illustration of the propagation
of ERDN and RN messages when a link between
nodes 4 and 12 fails

7. Discus the advantages & disadvantages of TCP BUS

The advantages of TCP- BuS include performance improvement and avoidance of fast
retransmission due to the use of buffering, sequence numbering, and selective acknowledgment.
TCP- BuS also takes advantage of the underlying routing protocols, especially the on demand
routing protocols such as ABR.
The disadvantages of TCP- BuS include the increased dependency on the routing protocol
and the buffering at the intermediate nodes. The failure of intermediate nodes that buffer the packets
may lead to loss of packets and performance degradation.

8. With a neat network diagram discuss about split TCP

Split-TCP provides a unique solution to this problem by
splitting the transport layer objectives into congestion
control and end-to-end reliability. In addition to splitting
the congestion control and reliability objectives, split TCP
splits a long TCP connection into a set of short
concatenated TCP connections (called segments or zones)
with a number of selected intermediate nodes (known as
proxy nodes) as terminating points of these short
connections. Figure 9.9 illustrates the operation of split-
TCP where a three segment split-TCP connection exists
between source node 1 and destination node 15. A proxy node receives the TCP packets, reads its
contents, stores it in its local buffer, and sends an acknowledgment to the source (or the previous
proxy). This acknowledgment called local acknowledgment (LACK) does not guarantee end-to-end
delivery. The responsibility of further delivery of packets is assigned to the proxy node. A proxy
node clears a buffered packet once it receives LACK from the immediate successor proxy node for
that packet. Split-TCP maintains the end-to-end acknowledgment mechanism intact, irrespective of
the addition of zone-wise LACKs. The source node clears the buffered packets only after receiving
the end-to-end acknowledgment for those packets.

9. Explain about network security requirements

A security protocol for ad hoc wireless networks should satisfy the following requirements.
The requirements listed below should in fact be met by security protocols for other types of
networks also.
• Confidentiality: The data sent by the sender (source node) must be comprehensible only to the
intended receiver (destination node). Though an intruder might get hold of the data being sent,
he/she must not be able to derive any useful information out of the data. One of the popular
techniques used for ensuring confidentiality is data encryption.
• Integrity: The data sent by the source node should reach the destination node as it was sent:
unaltered. In other words, it should not be possible for any malicious node in the network to tamper
with the data during transmission.
• Availability: The network should remain operational all the time. It must be robust enough to
tolerate link failures and also be capable of surviving various attacks mounted on it. It should be
able to provide the guaranteed services whenever an authorized user requires them.
• Non-repudiation: Non-repudiation is a mechanism to guarantee that the sender of a message
cannot later deny having sent the message and that the recipient cannot deny having received the
message. Digital signatures, which function as unique identifiers for each user, much like a written
signature, are used commonly for this purpose.

10. Explain issues and challenges in security provisioning in AD HOC wireless networks
Shared broadcast radio channel: Unlike in wired networks where a separate dedicated
transmission line can be provided between a pair of end users, the radio channel used for
communication in ad hoc wireless networks is broadcast in nature and is shared by all nodes in the
network. Data transmitted by a node is received by all nodes within its direct transmission range. So
a malicious node could easily obtain data being transmitted in the network. This problem can be
minimized to a certain extent by using directional antennas.
• Insecure operational environment: The operating environments where ad hoc wireless networks
are used may not always be secure. One important application of such networks is in battlefields. In
such applications, nodes may move in and out of hostile and insecure enemy territory, where they
would be highly vulnerable to security attacks.
• Lack of central authority: In wired networks and infrastructure-based wireless networks, it
would be possible to monitor the traffic on the network through certain important central points
(such as routers, base stations, and access points) and implement security mechanisms at such
points. Since ad hoc wireless networks do not have any such central points, these mechanisms
cannot be applied in ad hoc wireless networks.
• Lack of association: Since these networks are dynamic in nature, a node can join or leave the
network at any point of the time. If no proper authentication mechanism is used for associating
nodes with a network, an intruder would be able to join into the network quite easily and carry out
his/her attacks.
• Limited resource availability: Resources such as bandwidth, battery power, and computational
power (to a certain extent) are scarce in ad hoc wireless networks. Hence, it is difficult to
implement complex cryptography-based security mechanisms in such networks.
• Physical vulnerability: Nodes in these networks are usually compact and hand-held in nature.
They could get damaged easily and are also vulnerable to theft.

11. Explain the classification of the different types of attacks possible in ad hoc wireless
networks
1. Passive Attacks

These attacks involve unauthorized monitoring or

eavesdropping on the communication between nodes
without altering the data. They compromise
confidentiality but do not disrupt the network's
operation, making them harder to detect.

2. Active Attacks

These attacks disrupt the normal functioning of the network by modifying, fabricating, or
destroying packets. These are of 2 types
• External Attacks: Originating from nodes outside the network.
• Internal Attacks: Carried out by compromised or malicious nodes within the
network, making them more difficult to detect and mitigate.
3. Network Layer Attacks: This section lists and gives brief descriptions of the attacks pertaining
to the network layer in the network protocol stack.
• Wormhole attack: In this attack, an attacker receives packets at one location in the network
and tunnels them (possibly selectively) to another location in the network, where the packets
are resent into the network. This tunnel between two colluding attackers is referred to as a
wormhole.
• Blackhole attack: In this attack, a malicious node falsely advertises good paths (e.g.,
shortest path or most stable path) to the destination node during the path-finding process (in
on-demand routing protocols) or in the route update messages (in table-driven routing
protocols). The intention of the malicious node could be to hinder the path-finding process
or to intercept all data packets being sent to the destination node concerned.
• Byzantine attack: Here, a compromised intermediate node or a set of compromised
intermediate nodes works in collusion and carries out attacks such as creating routing loops,
routing packets on non-optimal paths, and selectively dropping packets. Byzantine failures
are hard to detect.
• Information disclosure: A compromised node may leak confidential or important
information to unauthorized nodes in the network. Such information may include
information regarding the network topology, geographic location of nodes, or optimal routes
to authorized nodes in the network.
• Resource consumption attack: In this attack, a malicious node tries to consume/waste
away resources of other nodes present in the network. The resources that are targeted are
battery power, bandwidth, and computational power, which are only limitedly available in
 ad hoc wireless networks. The attacks could be in the form of unnecessary requests for
routes, very frequent generation of beacon packets, or forwarding of stale packets to nodes.
12. With example explain wormhole attack & black-hole attack, routing attack in Ad Hoc
networks

1. Wormhole Attack
• In a wormhole attack, two malicious nodes create a high-speed, low-latency link (a "tunnel")
between them in the network.
• They intercept packets at one location and replay them at another, often bypassing legitimate
routes.
• This disrupts routing as other nodes might mistakenly choose this shortcut, thinking it's the
optimal path.

Example:
1. Consider a network with nodes A, B, C, D, E and F.
2. Malicious nodes M1 and M2 establish a wormhole tunnel between each other.
3. M1 captures a route request (RREQ) from A to F and forwards it through the tunnel to M2
4. M2 replays the RREQ near F, making the route A→M1→M2→F appear shorter.
5. Nodes use this route, allowing M1 and M2 to intercept, drop, or manipulate data packets.

2. Blackhole Attack
• A blackhole attack involves a malicious node falsely advertising itself as having the shortest
or most optimal path to a destination.
• Once it becomes part of the route, it drops or alters packets instead of forwarding them.

Example:
1. Nodes A, B, C, D and E are part of a network.
2. Malicious node M broadcasts that it has the shortest path to destination D, even though it
doesn’t.
3. Node A sends data via the route A→M→D
4. M drops all packets instead of forwarding them to D.

3. Routing Attack
• Routing attacks target the routing protocol to disrupt the normal operation of the network.
Examples include Routing Table Overflow and Routing Table Poisoning.

Routing Table Overflow Example:

1. In a network with nodes A, B, C, D, a malicious node M floods A with fake route
advertisements.
2. A's routing table overflows, preventing it from storing genuine routes.
3. This disrupts the ability of A to route packets effectively.

Routing Table Poisoning Example:

1. M modifies route updates to advertise false routes to destination D.
 2. Nodes forward packets along M's fake route, causing delays or packet loss.

13. With example explain Byzantine attack & information disclosure, resource consumption
attack in Ad Hoc networks

1. Byzantine Attack

A Byzantine attack is carried out by one or more compromised nodes in the network. These nodes
collude to disrupt routing by creating loops, dropping packets, or forwarding them along non-
optimal paths.

Example:
1. Consider a network with nodes A, B, C, D and E.
2. Nodes C and D are compromised and work together to disrupt the network.
3. When A sends data to E, C and D collude to:
• Create routing loops (e.g., A→B→C→D→C).
• Selectively drop data packets while forwarding control messages to appear normal.
• Route data through unnecessarily long paths (e.g., A→B→C→D→E)

2. Information Disclosure
• In an information disclosure attack, a malicious or compromised node leaks sensitive
information about the network, such as:
• Network topology.
• Node locations.
• Routing paths.

Example:
1. In a battlefield communication network, node M is compromised.
2. M observes and transmits:
• The locations of command nodes.
• Optimal routes used for secure communication.
• Active node connections.
3. The leaked information helps adversaries to plan targeted attacks, such as selectively
jamming communication between critical nodes.

3. Resource Consumption Attack

• In a resource consumption attack, a malicious node tries to exhaust the resources (e.g.,
battery, bandwidth, memory) of other nodes by generating unnecessary traffic or processing
demands.

Example:
1. Nodes A, B, C, D and E form an ad hoc network.
2. Malicious node M:
• Floods the network with fake route requests (RREQs), causing legitimate nodes to
process them unnecessarily.
 • Sends frequent beacon messages, consuming bandwidth and battery of neighbouring
nodes.
• Resends stale packets to increase congestion.

14. Briefly discuss about network layer routing attacks

There are several types attacks mounted on the routing protocol which are aimed at
disrupting the operation of the network they are listed below.
• Routing table overflow: In this type of attack, an adversary node advertises routes to non-
existent nodes, to the authorized nodes present in the network. The main objective of such
an attack is to cause an overflow of the routing tables, which would in turn prevent the
creation of entries corresponding to new routes to authorized nodes. Proactive routing
protocols are more vulnerable to this attack compared to reactive routing protocols.
• Routing table poisoning: Here, the compromised nodes in the networks send fictitious
routing updates or modify genuine route update packets sent to other uncompromised nodes.
• Packet replication: In this attack, an adversary node replicates stale packets. This consumes
additional bandwidth and battery power resources available to the nodes and also causes
unnecessary confusion in the routing process.
• Route cache poisoning: In the case of on-demand routing protocols (such as the AODV
protocol , each node maintains a route cache which holds information regarding routes that
have become known to the node in the recent past.
• Rushing attack: On-demand routing protocols that use duplicate suppression during the
route discovery process are vulnerable to this attack [19]. An adversary node which receives
a Route Request packet from the source node floods the packet quickly throughout the
network before other nodes which also receive the same Route Request packet can react
15. Explain the session hijacking, repudiation. denial of service , jamming in ad hock
networks
Session Hijacking
In session hijacking, an attacker takes control of an ongoing communication session between two
nodes by stealing or guessing the session ID. This allows the attacker to impersonate one of the
parties and gain unauthorized access to the session, potentially leading to data theft or manipulation.
It exploits weak session management and encryption.

Repudiation
Repudiation occurs when a node denies performing an action such as sending or receiving data,
making it challenging to trace or verify malicious activity. This can disrupt accountability in the
network. Techniques like digital signatures and logging mechanisms can mitigate repudiation
issues.
Denial of Service (DoS)
A DoS attack involves overwhelming a node or the entire network with excessive traffic, making
resources unavailable to legitimate users. This could include flooding the network with route
requests or excessive data packets. It results in resource depletion and network downtime.

Jamming
Jamming is a physical layer attack where an adversary disrupts communication by emitting radio
signals on the same frequency as the network. This interference prevents nodes from sending or
receiving data, causing a complete communication breakdown. Anti-jamming techniques like
frequency hopping can help mitigate this threat.

16. Explain the active attack with the passive attacks in ad hoc networks

Active Attacks
An active attack involves a malicious node that tries to disrupt or alter the normal
functioning of the network. These attacks typically interfere with data transmission, corrupt packets,
or consume network resources, causing direct damage to the system. Active attacks can be easily
detected by monitoring the network for irregularities. Examples include:
1. Denial of Service (DoS): An attacker floods the network with excessive traffic, causing
nodes to become overloaded and making resources unavailable for legitimate users.
2. Blackhole Attack: A malicious node advertises itself as having the best route and then drops
the packets that it receives, preventing delivery to the destination.
3. Wormhole Attack: Two colluding malicious nodes create a tunnel between them, allowing
them to forward packets and disrupt routing protocols.
4. Routing Table Poisoning: A malicious node sends false routing information to nodes,
causing them to route data along incorrect paths.

Passive Attacks
In a passive attack, the attacker monitors and listens to the communication in the network
without altering the data or affecting the normal operation. These attacks focus on gaining
unauthorized access to confidential information, such as encryption keys or private communication.
Passive attacks are harder to detect because they don't disrupt the network's operations. Examples
include:
1. Eavesdropping: The attacker intercepts and listens to the communication between nodes to
gather sensitive information such as passwords, encryption keys, or data content.
2. Traffic Analysis: By observing traffic patterns, an attacker can infer information about
network structure, node activities, or even the types of data being exchanged.
3. Information Disclosure: Malicious nodes might leak sensitive network information, such as
routing paths or node locations, which can be used for further attacks.