.

Wednesday, July 31, 2019

We Googled You

We Googled You The case in the â€Å"We Googled You† article is rather tricky. On one hand, the disconcerting online revelation with Mimi protesting against China serves as solid evidence not to hire her. If members of the management team based in China discover the pictures and information about Mimi’s protests, they may decline to continue to conduct business with Hathaway Jones. It will also ruin the company’s reputation in the eyes of potential future customers. In addition to the searched Google results, Mimi’s recommendations also contained a few negative traits including brash and strongly opinionated.These aspects may not allow her to get along with other workers and colleagues. Her liberal behavior including her wink at Fred is not quite suitable for China’s more conservative culture. On the other hand, it is possible that Virginia misunderstood the information she found online. Fred should consult Mimi directly to fully understand the situ ation about what really happened. It is extremely easy for someone to falsify information and manipulate digital media. With digital cameras being so prominent today, it is inevitable that personal pictures and information would end up online for everyone to Google and find out.Additionally, Mimi’s background includes a strong education and solid experience. Her Berkeley and Stanford degrees and past job positions will allow her to perform the job at a higher level of expertise than many other potential job applicants. As discussed in class, employers should hire based on ability to perform and not on hard data and statistics. From these standpoints, the benefits to hiring outweigh the costs. For these reasons, I support the decision to hire Mimi. I feel that she would make an excellent addition and make a great deal of contributions to Hathaway Jones.

Tuesday, July 30, 2019

Visualize This

Visualize This (VT) is a small start-up company specializing in virtual reality and computer visualizations. Located in the research park of a major university, the company was founded by Isaac Trice, a university professor, and staffed with the brightest of his former students. By all accounts the technology is cutting edge. Facilities include a lab of 14 high-end computer workstations adjacent to a CAVE (computer-aided virtual environment) and a small office. A conference room and central lobby are shared with other tenants in the building. Originally the company had partnered with the Swedish firm Salvania to create virtual environments for medical and industrial design. Trice and his staff would develop the software for each application; create a visual database supported with engineering or medical data, and run design sessions for their clients in the CAVE. Salvania provided the capital, generated the clients, and handled the business end of the operations. In its first two years of business, VT completed four projects. With each project, VT advanced its skills in visualization and developed customized tools to help its clients design intricate products. The clients were pleased but did not anticipate repeating the intensive design process for several years. Unfortunately, Salvania was unable to remain solvent and dissolved its partnership with Visualize This. VT was able to keep its workstations (whose salvage value was low), but gave up its rights to the CAVE and furloughed all but three employees. To stay afloat, VT needed new clients and a steady stream of income. Trice hit the streets and came back with the following possibilities: †¢ Designing computer-based training sessions for bank tellers of an international finance institution †¢ Conducting software certification for the sales staff of a large software vendor †¢ Designing virtual reality tours through history for a major museum †¢ Developing Web-based virtual models for a women's clothing retailer †¢ Creating virtual catalogues in which a customer can enlarge, rotate, and dissect a product online. This isn't what I had in mind for my company,† Trice lamented as he shared the list with his employees. â€Å"I wanted to be developing the next generation of visualization tools in concert with the brightest minds in industry, not digitizing pictures of products and making them turn around, or teaching people to use software that's not even our own! †

Monday, July 29, 2019

Questions on Western Heritage Essay Example | Topics and Well Written Essays - 1000 words

Questions on Western Heritage - Essay Example The Greco-Roman culture was restored and the period saw transformations in many areas such as the growth of city-states, mastery of arts, secularism and emphasis on the individual. There was also use of slaves, strengthening of papacy, and intellectual growth based on study of classical literary works of Greece and Rome (Spielvogel, 347- 352). Q2: How events or developments in Renaissance mark a break or departure from the key characteristics of middle Ages. The middle Ages were characterized by lack of classical culture and were the period 1000yrs between the end of Roman Empire and the new era of renaissance. The developments in renaissance marked a breakaway from the characteristics of the middle ages in that it emphasized on individuality, secularism and revival of antiquity. The middle Ages were characterized by many problems such as political disorder, economic recession and Black Death. During renaissance, the economy was recovering hence the growth of trade and increased weal th for merchants. As a result, there was need for cheap labor in form of slaves hence the emergence of slave trade. During middle ages, slaves were used in agricultural activities and slavery had declined but during Renaissance, slaves were skilled workers for making handcraft goods or as nursemaids and playboys (Spielvogel, 345). Due to economic recovery and increased wealth, the Italians reverted to secularism instead of Christian moral principles which were emphasized during middle ages (Spielvogel, 341). Morality was abandoned as basis for analysis of political activity; therefore, a ruler could break the rules and do wrong if necessary. According to Machiavelli, a leader was supposed to secure allies and win wars by force or fraud. The Catholic Church was also broken down to protestant churches due to the spirit of secularism which brought about corruption in the church. Another event that marked departure from Middle Ages was the intellectual renaissance. The antiques of the G reeks and Romans were revived and used in study of humanity. Individuals were seen as possessing abilities which they could utilize for perfecting their art. The individual was viewed as â€Å"a universal person capable of achieving in many areas of life’ (Spielvogel, 341). Individuals were thus taught using literary works of the Greece and Rome and were engaged in various occupations instead of relying on the clergy. Q3: What was humanism? How does it reflect this new spirit of Renaissance? Spielvogel defines humanism as â€Å"an intellectual movement based on the study of classical literary works of Greece and Rome† (p. 352). The materials studied and taught in schools as humanities include: grammar, poetry, ethics, and history. Besides teaching, other humanists were involved in other occupations such as secretaries in city-states. The humanist movement is credited with the development of renaissance in the 14th century. Humanism reflects the new spirit of Renaissan ce through the ideas of humanists such as Leonardo Bruni (1370-1444) who uses Cicero as an inspiration for an ideal Renaissance. The spirit of Renaissance is reflected in the way individuals are encouraged to participate in the life of the state. He emphasized that intellectuals should live active lives for the sake of

Sunday, July 28, 2019

Final project Essay Example | Topics and Well Written Essays - 1250 words

Final project - Essay Example The main conditions found in comorbidity to MDD includes Obsessive Compulsive disorder,Post Traumatic Stress Disorder and the Panic Disorders. (Kessler,1996) Currently the treatment of MDD is centred around the selective serotonin reuptake receptor inhibitors (SSRI). This is based on the fact the main mood elevator neurotransmitter of our body and found at synaptic junctions are actively reuptake so the availibilty of serotonin at the synapse decreases, reducing the mood and causing depression. SSRIs inhibits this uptake by inhibiting the reuptake receptors of serotonin in the presynaptic regions found in the nucleus accumbens and ventral tegmentum area and hence causing mood elevations. Although antidepressant medications are often prescribed to people with MDD, it is estimated that 20-40% of depressed people do not benefit from taking medication ( Kirsch 2008,Hays,1995)).Apart from the efficacy these medications can also cause side effects like drying of mouth, insomnia and others amongst the few. Thus, researchers are developing other possible ways to reduce depressive symptoms. One such depression treatment alternative to medication is the transcranial magnetic stimulation or TMS. Briefly, TMS treatment involves placing a coil on the scalp surface and passing a current through it (the exact details of the strength and rate of the current are beyond our purposes). When the current passes into neural tissue it affects the way the neurons operate, in a therapeutic way. Objective and Aim of the Study We wanted to analyze whether the TMS approach is effective in reduction of the episodes of depression from the baseline levels at the end of week 4 in the major depressive disorder patients. Methodology The study was conducted across multiple sites but the procedures were the same across locations. The sites involved were Florida, Oregon, and Washington. Across locations, participants with a history of antidepressant-resistant MDD were randomly assigned to either a n active or a sham TMS condition. In the active condition, participants were actually given the TMS treatment. In the sham condition, participants were not given the TMS treatment but went through a similar procedure in each session (e.g., they came in for sessions in which a coil was placed on their heads but no current was run through it). So the sham condition was considered to be a type of placebo treatment. This was done to minimize the treatment limited bias of the study. The study was run double-blind so that neither the participant nor the assistant running the session was aware of which condition the participant was in. Thus the experimental design of the study was a randomized, multicentric, placebo controlled double blind study. This design definitely was important to give the way for a powerful analysis. The MADRS scores which is the set of scores that signifies the extent of depression of various parameters were analyzed to give a final depression score. The convention is, more the MADRS scores more is the depression and vice versa. Thus the results were analyzed by comparing the MADRS scores at baseline and at 4 weeks after the TMS treatments were implemented to see the effect of that approach on MDD patients. Statistical analysis was carried out through SPSS software and paired sample t test was carried to find out the levels of significance. P values less than 0.05 were considered statistically significant. Results We analyzed findings on 4 questions to reach a conclusion. Q1.Ignoring the TMS condition and

Saturday, July 27, 2019

Argument essay Example | Topics and Well Written Essays - 1000 words - 5

Argument - Essay Example nting of nuclear bombs, religious discrimination, and gender discrimination is unscrupulous, its consequences and what is to be done to correct the same? The discrimination against African Americans in America is a burning issue. One cannot neglect the seriousness of discrimination based on racism against blacks in a multiracial, multilingual and multicultural society. The Civil War was an innovative movement which aimed to eradicate racism or discrimination in America. But still discrimination against blacks based on racial feeling prevails. The Colfax massacre in 1873 and Coushatta massacre in 1874, in which thousands of African Americans were brutally murdered prove that the American society still show discrimination against blacks. Assimilating a race into the society and showing discrimination is not fair for a developed society like America. When America is discriminating the blacks, their contribution/service provided at the time of World War I and World War II is ignored. The discrimination against backs is unethical and immoral. Discrimination based on caste, color or creed is a serious violation of human rights because it is against human dignity. But it can be corrected by reconsidering the age old prejudice against blacks. Besides, it will badly affect the reputation of the American society as a multiracial society which is capable to assimilate different types of races into the mainstream. The nuclear weapon policy of the United States attracts much criticism from other nations because it seems to hinder global peace and security. From one side, the United States is trying to sustain its nuclear bombs/weapons. On the other side, it is trying to blame other nations for keeping nuclear weapons. A nation, protecting a number of nuclear weapons and blaming other nations on keeping the same makes the whole world to reconsider their nuclear policies. Schwartz (1998), in the work -‘Atomic audit: the costs and consequences of U.S. nuclear weapons since

Friday, July 26, 2019

Trends Assignment Example | Topics and Well Written Essays - 250 words

Trends - Assignment Example to the technological advancements and democratization of the society, there has been a decline of violent crimes but an increase of non-violent crimes like cyber crimes where unsuspecting individuals and even organizations are conned lots of money. According to Rosenfeld (2010), violent crimes like murder rape and robbery have been on a downward trend while non-violent crimes like cyber crime and bank fraud are increasing. This is because of technological advancements and exposure, since criminals are able to reach many within a short time through the internet. Authorities all over the world are working hard towards detection, prevention and reduction of crime through criminal justice system. There are ethical considerations that are embraced in the 21st century that have really helped in ensuring proper dispensation of justice. Just to illustrate, it is a requirement by the law of most authorities that accused persons are treated with dignity and accorded the right to defend th emselves in a court of law. Another ethical requirement that has ameliorated the criminal justice system is the entrenchment of integrity rules in the practice. Those who are charged with the responsibility of dispensing justice are required to uphold high moral standards and to shun compromising, for example soliciting personal gains for favor. Such ethical perspectives have improved the quality of justice and will still help in future and therefore should be embraced and made better. Rosenfeld Richard. (2010). Comprehensive and current data and information on crime trends in the United States and other nations.

Improving Organisational Performance using HPW Assignment

Improving Organisational Performance using HPW - Assignment Example Through information sharing the employees will be loyal to the organization. This will increase productivity, which will boost the performance of the organization. Creation of a strong communication network is another benefit of high performance work systems. This is because in the instance of the market competition, the company will depend on the employees in forecasting on the probable problems, eradication of obstacles and manufacturing of new products while focusing on product quality (Yeatts & Hyten, 1998). HPW enable the employees to interact freely with the management, which enables the management to hold constant meetings with the employees whereby through the meeting the management will be able to form a strong communication network. This will lead to efficient decision-making and execution of the necessary progress. Organizations will be able to engage the employees in formal trainings that will assist in minimizing the mistakes and ensuring quality products. The employees will have a better understanding of the production process and information technology system used, thus facilitating effective problem solving within the organization and improvement in performance (Murray, 2002). After IBM executed the formal training of the employees in information technology, the firm realised a 19 % increase in performance. This improvement was because of the formal training, which led to notable improvement of work output in terms of quality and quantity. Research has revealed that an increase in the formal training has led to reduction of wastage of organizational resources. HPW is vital to an organization since it entails the execution of the compensation plan. The payment that employees receive... This paper mainly focuses on how the organizations are working to improve their performance by using the High-performance work (HPW) practices. High-performance work practices refer to the situation in which organizations ensure that employees are highly involved in all organizational matters. The aim of the study is to understand the impact of employee management and treatment to the overall performance of an organization. In the paper two computer manufacturing companies are used as examples, these companies are Cray and IBM. Business Case High-Performance Work (HPW) is very vital to all organizations. Basing on research, the results have indicated that most companies achieve excellent performance through the implementation of the HPW practices. High-performance work entails the human resources management procedures that enhance perfect employee performance. Numerous studies have revealed that whenever the employees are excellent in their performance, there is always an automatic i mprovement in the performance of the entire organization because there will be augmented productivity. HPW is very important since it enables the employees to do excellent work, which results in improved productivity and organizational growth. In the conclusion, we see that the management of any organization has to ensure that it upholds the rights of all employees and adheres to all rules and regulations. This creates trust between employees and their managers and in the end increases performance.

Thursday, July 25, 2019

Concepts and Case Analysis in the Commercial Law of Contracts Research Paper

Concepts and Case Analysis in the Commercial Law of Contracts - Research Paper Example Dotty has a right for the goods bought together with the premise and may sue to specific performance. It allows the buyer to sue for specific performance when the goods are specific. The remedy is discretionary and will only be granted if the goods are of special value or unique in their nature like the antique furniture. Dotty can also sue the vendors against trespass on the goods. An action for trespass to goods lies where there is wrongful interference with another person's goods, which are in his possession. The interference includes actual taking off or a direct and immediate injury to the goods. This tort aims at protecting personal property. For an action to be enforceable as a trespass on goods, the plaintiff must establish that at the time of trespass, he had the possession of the goods either actual or constructive and that his possession had been wrongly interfered with or disturbed. For this case, it was a trespass on chattels or goods. This is based on possession. The tort consists of interference with the goods, which are in the actual or constructive possession of the plaintiff. We need to determine whether the seating and hair dryers are fitting to the land and also consider whether it has been fixed with the intention that it will remain in position permanently or for an indefinite or substantial period, or whether temporary purpose. If they prove to have been fixed merely for a temporary purpose, it is obviously not a fixture Land includes things affixed to the land such as buildings and fences, and so on. A fixture is an object that was affixed to land with the intention of becoming a permanent feature of that land.  

Wednesday, July 24, 2019

How will opportunities at Purdue support your interests both in and Essay

How will opportunities at Purdue support your interests both in and out of the classroom - Essay Example I could separate the toy parts and resemble them perfectly. Moreover, fixing things has always been a part of me. I once bought a second-hand Apple laptop that was not efficiently operational. Interestingly, I replaced all the parts with new ones and ensured proper maintenance for my machine. Indeed, I have always been up to such challenges. My mum’s vacuum cleaner functions at its best courtesy of my fixative interests. I fixed it. I took a gap year in high school to enhance my practical skills. During that year, I worked in a BMW dealership enterprise. I was an apprentice. Performing general maintenance, fluids and parts replacement and general repair were my primary tasks. During the ten months of my service in the enterprise, my practice was above par. Besides working for ten hours a day and six days a week, I enhanced my handwork skills. I adopted a high-speed operation technique that enables me to perform any practical task in time. Such an experience was an explicit preparation for a course and future career in mechanical

Tuesday, July 23, 2019

Preparation and Assessment in a Large Urban Primary School Essay

Preparation and Assessment in a Large Urban Primary School - Essay Example The evidence would suggest that the difficulties that have arisen are significant, but not serious - and that they can be addressed. (cf Rollinson, 2002, pp254-5). However, given that the difficulties pertaining to the ‘softer’ human relations aspect of people management, which authors such as McGarvey (1997) and Lamp (1998) argue can fester if left unresolved, it is considered important that action to address the difficulties is taken. Recommendations for action are put forward below. In particular, schools are an essential feature of the public service infrastructure and as such have had to respond continuously to diverse consumer needs and a highly politicised agenda of government reform. This report describes one school’s response to a recent DfES initiative and the difficulties encountered as a result of that response. It analyses those difficulties from the perspectives of the structural organization, culture and leadership style. As part of its Raising Stan dards/Reducing Workload Agenda (DfES,2002) the government has placed schools under a legal obligation to provide all teachers with 10% non-contact time for planning, preparation and assessment (PPA) duties. However, no accompanying directive has been issued as to how this may be achieved. The government has however provided advisory guidelines suggesting that teacher release might be secured through the use of additional teaching staff, Higher Level Teaching Assistants (a newly created tier of teaching assistants who have attained recognized accreditation), Cover Assistants or specialist tutors and sports coaches.

Monday, July 22, 2019

How to make pottery Essay Example for Free

How to make pottery Essay Not all clays are suitable for molding and firing. The clay must not have the kind of impurities that would cause the body to wrap or crack under heat. It must be moldable, and must retain the shape when it is dry. An area where suitable clay is found often becomes the site of a pottery. By the traditional method, after the clay is dug up it is left exposed to the weather for at least a year, to permit it to disintegrate. Then it is turned over and left another year. In modern commercial practice clay is disintegrate by machine, without aging. It is then sifted and dried. This essay scrutinizes on how to make pottery. Forming the Object. There are six method of forming dishes and containers from clay of the right consistency to be modeled. They are known commercially as soft-mud processes. These are the pinching, slab construction, coiling, throwing, pressing, and jiggering. Figurines or sculptures made in the round must be hollow, because a very thick piece of clay is apt to blow up in the kiln. Pinching, slab construction, and coiling methods may be used for forming all or part of a sculpture. If the piece is modeled by building it up out of solid clay, it must be hollowed out. If the cavity is then closed with a clay wall, one or more tiny air holes are needed to accommodate air expansion on the inside of the piece when it is fired. When a clay piece has dried until the body is stiff but still most (a state called â€Å"leather hard† or â€Å"cheese hard†), some final shaping may be done by turning, another mechanical process such as of turning. Firing. During firing the clay body changes in its physical properties. Each body mixture reacts differently to heat, so temperatures may vary widely from those given here. During the early part of firing, water, carbon, and organic matter burn out of the body, leaves pores in the structure of the clay. At about 1, 7500 F vitrification begins; that is, the flux in the clay starts melting and gradually mixing with the silicates, filling the pores with glass. Glazing. The degree of heat required to melt the glaze and fuse it to the body depends on the relationship of the components. The biscuit firing of fine wares is generally at low heat, and the glost (glaze) firing is at a temperature required for final vitrification of the ware as well as fusion of the glaze. It is possible, however, to fire the biscuit ware to its highest required temperature and to apply a glaze that will fuse at a much lower heat. Decorating. A clay piece may be decorated by adding molded clay to the surface in a relief treatment; by pressing or cutting incised designs into it; or by painting the design with enamel (opaque glaze0, slip, or special pigments. Moreover, decoration is sometimes applied before the piece is glazed. Such underglaze color, however, is confined to pigments that can withstand the relatively high heat of the glost firing. As a conclusion, pottery is an object made of clay and hardened by heat. The object may range from building brick and drainage tile to fine dinnerware, vases, and figurines. In the broadest sense, pottery may mean all these clay products.

Sunday, July 21, 2019

Health Impact Assessment for Policy-Making

Health Impact Assessment for Policy-Making 1. Introduction Indeed, a lot of changes happened particularly on how the people deal on health issues. In the past, medical concerns are not the main concern of the society. However, in the 21st century, due to some factors that affect the health of individuals, diseases, such as diabetes and hypertension are the major problems of the population. Because of these, responsibility for health plays a major role in national and international healthcare policy. The government implemented some strategies to address the health concerns of the society. For instance, the governing bodies increased the healthcare budget because of the mushrooming health problems. However, some people argue that prevention is better than cure and they contest that the government must spend more of their financial budget on activities that promote health and prevent illness. Effective preventive healthcare plays an important part in preventing disease and gives the people the best chance for a healthier life (Australian National Preventive Health Agency,2013). It also helps to improve the performance of our public health service. Thus, greater attention should be paid to strategies of promoting health. Health promotion goes beyond health care. It puts health on the agenda of policy makers in all sectors and at all levels, directing them to be aware of the health consequences of their decisions and to accept their responsibilities for health. The responsibility for ensuring the right to health for all lies not only with states and their obligations to their own people, but also with the international community. The case study depicts the responsibility for health in different aspects and it appraises the contemporary issues in healthcare and their impact on national and international healthcare policy. In addition, it also emphasizes the justifications for policy intervention solutions on contemporary issues in the international context. This report may help the individuals and the society on how to face healthcare issues. It will be a great success for the nation if healthcare issues will be addressed. 2. Evaluate the impact the contemporary issue discussed in your case study would have on national and international healthcare policy. As discussed in the case study, the major source of health problem comes from unhealthy lifestyle of individuals such as smoking, sedentary lifestyle and poor eating habits. How can the society decrease or eliminate these problems? The governing bodies implemented some strategies in order to combat the health concerns of the society. They plan to improve some policies, both in national and international context. For instance, they give emphasis on strategies of health promotion because the costs for preventive programs are much cheaper than activities that help treating the actual health problems. States hold the primary responsibility to fund and ensure all the essential goods and services under the right to health (World Health Organization, 2014). This may include investing enough resources on health promotion. Health promotion strategies include mass campaigns and people awareness programmes. These activities more often than not can be seen in the school or community where the educators impart the significance of maintaining good health. Through health promotion, the people may realize the importance of having a healthy lifestyle and achieve the optimum health and well-being. As a result, the public can be more active by exercising regularly and playing some sports. Furthermore, they can practice good eating habits and stop smoking to prevent illness. Truly, responsibility for health should be a collaborative effort among individuals and the societies in which they live. As an effect, both can benefit from one another. One good example is the government assistance for the public on how to avoid diseases. Both of them can benefit if the people abide the rules by the law makers. If practiced by the populace, the government can save the resources that were not used for medical treatment for instance. The extra funds then can be directed to other projects which can give additional benefits to the people in general. The effects of medical concerns should be carefully considered by the people, especially the policy makers, so they can amend some policies to effectively improve the health status of the public. In the case study, the health problems would have a great impact on international and national healthcare policy. Existing poor health condition may serve as an eye-opener to the community. Because of the untoward effects of unhealthy way of living such as , they take precautions and some steps to practice a healthy lifestyle in order to alleviate them. National and international healthcare policy can be upgraded using the ideas that can be harnessed to this case study. They may execute effective strategies to promote health and prevent from getting sick. For example, unhealthy habits such as cigarette smoking, excessive use of alcohol and other harmful substances should be restricted or banned in the community by implementing strict laws. Although there are existing policy to address these problems, the policy maker may improvise the law. Punishments and fines may be given to individuals who violate the law. For instance, individuals who are caught smoking in non-smoking area will be jailed for a day and they are required to attend a community service for 1 week. On the whole, national and global health governance is essential because states will not accept national and international norms without genuine partnerships, equitable burden sharing and efficient programmes that improve health outcomes. Yet, political, legal and economic challenges impede effective governance. Countries face serious problems of fragmentation, duplication, and even confusion, among the deluge of global health actors and initiatives. Health ministries often lack basic knowledge of, and control over, foreign-supported programmes. The public needs a system of governance that fosters effective collaborative effort and coordinates initiatives to create synergies and avoid destructive competition. 3. Discuss and critically analyse the rationale or justifications for putting into place each of the below listed types of policy intervention solutions globally to address the contemporary health issue highlighted in your chosen case study: 3.1. Education and training As defined by many resources, education is an essential human virtue. Man becomes man through education. He is what education makes him. It has been rightly said that without education, a person is a splendid slave, reasoning savage. Education is necessary for society. Education fashions and models man for society. Man cannot be conceived merely in terms of his biological existence. Education brings into focus the social aspect of man. Education signifies mans supreme position in society. Education is an essential basis of good life. A man becomes a human being in the real sense when he is transformed from primarily an animal being into a human being. In short, education is an essential concomitant of all human societies. Through education, the people can acquire knowledge and wisdom about everything in life. The people can solve problems successfully because they can apply the knowledge they have gained in order to solve their concerns. Meanwhile, training, is the process by which s omeone is taught the skills that are needed for an art, profession, or job. Training is beneficial for the new staff particularly because it makes them proficient and more competent in their area of work. Developing competence has become a crucial issue for establishing a smart workforce that can achieve a competitive success. A major factor or function of Human Resource Management that differentiates it from personnel management is training and development. Training can be defined as a planned process by which people acquire the capabilities and competencies to aid in the overall achievement of the organisations goals and objectives. Training can be seen from the very entrance into the organisation, for example, orientation where the employee is taught the organisations culture. It continues into the probation period, where employees gain sufficient skills for the position held and can also be seen throughout the duration of employment. Thus, training act as a remedy to change with in an organisation. There is a strong link between training and learning, both foster a permanent change in behaviour according to the behaviourist approach and thereby lead the movement toward a learning organisation.. Both education and training are essential in order to address the contemporary issue stressed in the case study. By educating the public, the people can become aware of what is happening around them. Furthermore, they can improve their way of living because of the wisdom and knowledge they have as part of the learning process. Through education, they can help promote health and prevent diseases. Stressing out the importance of preventing illness, for instance, can help the individuals achieve a quality of life. By making them aware of the cons of unhealthy habits, they can avoid being sick. For example, the person who is aware that eating foods high in cholesterol can make the person at risk for stroke or any cardiovascular diseases may stop taking such unhealthy foods. Training, on the other hand, is helpful to an individual in carrying out successfully a task. One example is by providing training to healthcare workers. Resources should be provided to maintain a high quality of trai ning. Training can be hard if it is poorly funded because they usually require aids in order to demonstrate procedures. Another good example is in a healthcare community center, where a program can be conducted once a month. Before the healthcare workers perform their task, they are trained on how to deal the people with different personalities and how to deal the community as a whole. They give health teachings such as obesity. As mentioned in the case study, obesity is one the leading cause of forming other debilitating diseases, such as diabetes, cardiac diseases, and hypertension and thus, obesity should be avoided. By imparting information, like proper diet and exercise, this health problem can be prevented. 3.2.Tax benefits and payments to caregivers Tax benefit rule is a judicially created doctrine seeking to repair some of the inflexibility inherent in the annual accounting system. According to this rule, if any loss or expense deducted in the previous year is recovered by the tax payer, the recovery must be included in the current years gross income to the extent that it was previously deducted. The tax benefit rule ensures that if a taxpayer takes a deduction attributable to a specific event, and the amount is recovered in a subsequent year, income tax consequences of the later event depend in some degree on the prior related tax treatment. Tax benefits are indeed a great help to individuals who needs healthcare assistance. Nowadays, with the rising cost of medical supplies and procedures, tax benefits that will reduce the cost of health care expenses for example, is a great help especially to those people who are in dire need of financial assistance. From the tax, the government can successfully implement and carry out projects that can contribute to individual’s welfare. They may effectively plan and perform heath preventive programs because of the individual’s tax contribution and collaboration of the people. Meanwhile, payments to caregivers are important. Since the healthcare workers are the front liners in providing care for the people who need assistance, they should be given sufficient incomes. Giving them a salary which help them survive from day to day living and help them save for their future use help them provide a quality care for people who needs their help. Instead of working double shifts to earn more money for their needs, they may only work a single shift. Their extra time can be allotted for their family and for themselves to rest. Because of this, they can be relieved from stress and enjoy their day offs. This can yield a good result because a well-rested individual can give and provide a quality care for their patients. 3.3. Respite care As defined by the Ministry of Health (2014), respite service should provide a safe, enjoyable environment with staff able to support the disabled person to participate in their community. Respite care is generally short-term and intermittent, available in community settings and in rest homes, and part of the support network available to a person and their carers. This is very important since individuals who provide care experience stress. This may be in the form of emotional, financial or physical burden. With stress, an individual who provides care can cause negligence or abuse to the patient. To avoid this, they should also have a break or a day off. During their break or day off, somebody would temporarily relieve them of their duty. This is a great help to the care givers, since they can reduce or eliminate the stress that builds inside them. And with this, as they return to duty fully recharged, they can provide and maintain a quality care for their patients. 3.4. Business regulations combining work and care giving Each year, there are increasing number of people who needs assistance and care to maintain their well-being. Because of this plight, the demand for care givers is also escalating. Thus, a lot of health care centers are being made, either public or private, to accommodate the increasing number of individuals who need assistance. Nowadays, rest homes are common in some countries and there should be regulations that must be maintained in order to provide a quality care and assistance for the patients. A good example is, providing the right number of staff to the number patients available in the care homes. There should be enough staff to attend the needs of the patients in order to render a good quality care, like assisting a disabled person to transfer to a chair. Big patients need two or more staff to accomplish the task such as showering them and doing cares in order to avoid injuries to patients and also to caregivers. For health and social care staff to work together, they must be able to share information about a person’s assessments, treatment and care. One of the most important legal right one have as a caregiver is about his employment. The unpredictable nature of caregiving, and the time that it takes to provide care, often make it difficult to continue working on a normal schedule. In fact, the Department of Labor’s latest investigation found that employee complaints with respect to balancing career and family often occur because an employer refuses to reinstate an employee after an extended leave. Generally, these complaints can be resolved fairly easily, although to date, 16 legal actions have been taken against employers for violations of the Family and Medical Leave Act (FMLA). All in all, in order to attend the needs of the patient, business regulations should be fair and just to the employees and consumers. 4. Conclusion This paper makes the claim that a key activity required to promote healthy policy-making at the local level is health impact assessment. Highly participatory local health impact assessment can be used to identify negative health impacts that call for policy responses, and to identify and encourage practices and policies that promote health. Socially responsible decision-making for improved equity-in-health is stimulated by community-level health impact assessment because it is a practical tool to help communities come to grips with local conditions that need changing if better health for all is to be realized. Even with the advancement of knowledge on medicines, society still faces the burden on health related issues. Health issues should be attended immediately due to the fact that not only the individual who suffers the sting of the disease but there love ones are also affected. Health prevention strategies should be promoted and initiated in every community. Aside from the fact th at it is more cost-effective than curing the actual diseases, it can also benefit the public by practicing healthy lifestyle. Health promotion is indeed significant in order to achieve the optimum of health and well-being. Health issues can affect everyone, it can cause physical, emotional and financial burden. It is a miserable situation in which everyone involved to the individual especially the family members is being pulled in. Health issues then affects the economy of a nation. And if not properly attended, it may cripple the nation’s wealth. In addition, through collaborative effort of the individual and society, the health issues can be minimized or avoided through effective implementation of health promotion strategies, community projects and programmes by the government, community and the individuals.

Security for Insider Attacks in Mobile Ad Hoc Networks

Security for Insider Attacks in Mobile Ad Hoc Networks Abstract Mobile ad hoc networks are collection of wireless mobile nodes forming a temporary network without the aid of any established infrastructure. Security issues are more paramount in such networks even more so than in wired networks. Despite the existence of well-known security mechanisms, additional vulnerabilities and features pertinent to this new networking paradigm might render the traditional solutions inapplicable. In particular these networks are extremely under threat to insider attacks especially packet dropping attacks. It is very difficult to detect such attacks because they comes in the category of attacks in mobile ad hoc networks in which the attacker nodes becomes the part of the network. In this research work we have proposed a two folded approach, to detect and then to isolate such nodes which become the part of the network to cause packet dropping attacks. First approach will detect the misbehavior of nodes and will identify the malicious activity in network, and then upon identification of nodes misbehavior in network other approach will isolate the malicious node from network. OMNET++ simulator is used to simulate and verify the proposed solution. Experimental results shows that E-SAODV (Enhanced Secure Ad hoc On Demand Distance Vector protocol) performs much better than conventional SAODV (Secure Ad hoc On Demand Distance Vector Protocol) Chapter 1 Introduction Overview Mobile Ad-hoc networks are a new paradigm of wireless communication for mobile hosts. As there is no fixed infrastructure such as base stations for mobile switching. Nodes within each others range communicate directly via wireless links while those which are far apart rely on other nodes to transmit messages. Node mobility causes frequent changes in topology. The wireless nature of communication and lack of any security infrastructure raises several security problems. The following flowchart depicts the working of any general ad-hoc network. Features of Mobile Ad hoc Networks Based on the characteristics, Mobile Ad hoc Networks has following main features. Because of the limited energy supply for the wireless nodes and the mobility of the nodes, the wireless links between mobile nodes in the Ad hoc Network are not consistent for the communication participants. Due to the continuous motion of nodes, the topology of the mobile ad hoc network changes constantly, the nodes can continuously move into and out of the radio range of the other nodes in the ad hoc network, and the routing information will be changing all the time because of the movement of the nodes. Lack of incorporation of security features in statically configured wireless routing protocol not meant for Ad hoc environments. Because the topology of the Ad hoc Networks is changing constantly, it is necessary for each pair of adjacent nodes to incorporate in the routing issue so as to prevent some kind of potential attacks that try to make use of vulnerabilities in the statically configured routing protocol. Mobile Ad hoc Network Routing Protocols Routing in Mobile Ad hoc Networks faces additional challenges when compared to routing in traditional wired networks with fixed infrastructure. There are several well-known protocols that have been specifically developed to cope with the limitations imposed by Ad hoc networking environments. The problem of routing in such environments is aggravated by limiting factors such as rapidly changing topologies, high power consumption, low bandwidth and high error rates [1]. Most of the existing routing protocols follow two different design approaches to confront the inherent characteristics of Ad hoc networks namely Proactive Routing Protocols, Reactive Routing Protocols. Proactive Routing Protocols Proactive ad hoc routing protocols maintain at all times routing information regarding the connectivity of every node to all other nodes that participate in the network. These protocols are also known as Table-driven Ad hoc Routing Protocols. These protocols allow every node to have a clear and consistent view of the network topology by propagating periodic updates [1]. Therefore, all nodes are able to make immediate decisions regarding the forwarding of a specific packet. Two main protocols that fall into the category of proactive routing protocols are Destination-Sequenced Distance-Vector (DSDV) protocol [2] and the Optimized Link State Routing (OLSR) protocol [3]. Reactive Routing Protocols An alternative approach to the one followed by Proactive Routing Protocols also known as source-initiated on-demand routing, is Reactive Routing Protocols. According to this approach a route is created only when the source node requires one to a specific destination. A route is acquired by the initiation of a route discovery function by the source node. The data packets transmitted while a route discovery is in process are buffered and are sent when the path is established. An established route is maintained as long as it is required through a route maintenance procedure. The Ad hoc On-demand Distance Vector (AODV) routing protocol [4], Temporally Ordered Routing Algorithm (TORA) [5] and the Dynamic Source Routing protocol [6] are examples of this category of protocols. Security issues in Mobile Ad hoc Routing Protocols Any routing protocol must encapsulate an essential set of security mechanisms. These are mechanisms that help prevent, detect, and respond to security attacks. We can classify these major security goals into five main categories, which need to be addressed in order to maintain a reliable and secure ad-hoc network environment. Confidentiality Confidentiality is the protection of any information from being exposed to unintended entities. In ad-hoc networks this is more difficult to achieve because intermediates nodes receive the packets for other recipients, so they can easily eavesdrop the information being routed. Availability Availability means that a node should maintain its ability to provide all the designed services regardless of the security state of it . This security criterion is challenged mainly during the denial-of-service attacks, in which all the nodes in the network can be the attack target and thus some selfish nodes make some of the network services unavailable, such as the routing protocol or the key management service. Authentication Authentication assures that an entity of concern or the origin of a communication is what it claims to be or from. Without which an attacker would impersonate a node, thus gaining unauthorized access to resource and sensitive information and interfering with operation of other nodes. Integrity Integrity guarantees the identity of the messages when they are transmitted. Integrity can be compromised through malicious and accidental altering. A message can be dropped, replayed or revised by an adversary with malicious goal, which is regarded as malicious altering while if the message is lost or its content is changed due to some failures, which may be transmission errors or hardware errors such as hard disk failure, then it is categorized as accidental altering. Non-Repudiation Non-repudiation ensures that sending and receiving parties can never deny their sending or receiving the message. In order to achieve the overall goal of Mobile Ad hoc Network security, above five mechanisms must be implemented in any ad-hoc networks so as to ensure the security of the transmissions along that network. Secure Ad hoc Routing As discussed earlier over the past decade, many Ad hoc routing protocols have been proposed in literature. Among them the most widely used are AODV (Ad hoc On Demand Distance Vector) [4] and DSR (Dynamic Source Routing) [2] which comes in the category of re-active routing protocols of Ad hoc Networks. All of these protocols have been studied extensively. But as there were no security considerations in the original design of these protocols, these protocols remain under threat from the attackers. The main assumption of these protocols was that all participating nodes do so in good faith and without maliciously disrupting the operation of the protocol. However the existence of malicious entities can not be disregarded in the systems especially the environment used for Ad hoc Networks. To overcome the security vulnerabilities in existing routing protocols, many security enhancements in these protocols have been proposed but unfortunately these secure Ad hoc Routing Protocols were either designed for a particular protocol or to address a specific problem operation of the protocol. For example SAODV (Secure Ad hoc On Demand Distance Vector Protocol) [7] was proposed to secure AODV (Ad hoc On Demand Distance Vector) protocol, Ariadne [10] was proposed to protect DSR (Dynamic Source Routing) protocol, ARAN [7] was proposed to protect the Ad hoc Routing in general while SEAD [8] was proposed to protect the DSDV (Destination Sequence Distance Vector Routing) protocol. The purpose of SAR [9] (Security Aware Routing) was also to protect the Routing in Ad hoc Networks. Problem definition Thus ongoing studies on MANETs pose many challenging research areas including MANETs security. Since MANETs are made up entirely of wireless mobile nodes, they are inherently more susceptible to security threats compared to fixed networks [11]. Access to wireless links is virtually impossible to control thus adverse security events such as eavesdropping, spoofing and denial of service attacks are more easily accomplished. These security risks must be reduced to an acceptable level while maintaining an acceptable Quality of Service and network performance. However, in order to work properly, the routing protocols in MANETs need trusted working environments, which are not always available. There may be situations in which the environment may be adversarial. For example some nodes may be selfish, malicious, or compromised by attackers. Most of the work done regarding network security in MANETs focuses on preventing attackers from entering the network through secure key distribution and secure neighbor discovery [10],[12]. But these schemes become ineffective when the malicious nodes have entered the network, or some nodes in the network have been compromised. Therefore, threats from compromised nodes inside the network are far more dangerous than the attacks from outside the network. Since these attacks are initiated from inside the network by the participating malicious nodes which behave well before they are compromised, it is very hard to detect these attacks. Keeping in view the security threats faced by MANETs we focus on Packet Dropping Attack which is a serious threat to Mobile Ad hoc Networks. Although many research efforts have been put on secure routing protocols but the attacks like packet dropping is not adequately addressed. We study the packet dropping attack in which a malicious node intentionally drops the packets they received. Unlike all previous researches which attempt to tolerate Packet Dropping Attacks, our work makes the first effort to detect the malicious activity and then identify the malicious or compromised nodes in the network. Research Objective The fundamental objective of this research is to discuss the security attacks faced by Mobile Ad hoc Networks specially insider attacks and to review the security in existing routing protocols especially secure routing protocols in MANETs. We particularly focus on packet dropping attack which is a serious threat to Mobile Ad hoc Networks. A novel security enhancement scheme to address packet dropping attack has been proposed. Thesis Organization Chapter 2 provides a brief introduction of security threats faced by Mobile Ad hoc Networks and secure routing to address these attacks. Chapter 3 discusses about the related work and flaws identified in the related work. Chapter 4 presents the possible solutions to address the packet dropping attack in Mobile Ad hoc Networks. Chapter 5 includes the implementation of proposed mechanisms and Results of the proposed mechanism and the thesis is concluded in Chapter 6. Chapter 2 Security Threats and Secure Ad hoc Routing Protocols Introduction This chapter includes the threats and types of attacks faced by Mobile Ad hoc Networks. Secure Ad hoc routing protocols like SAODV [7] (Secure Ad hoc On Demand Distance Vector), SAR [16] (Security Aware Routing), and ARAN [9] (Authenticated Routing for Ad hoc Networks) etc and how these protocols are still vulnerable to attacks, are discussed in this chapter. Types of attacks in MANETs There are numerous kinds of attacks in the mobile ad hoc networks, almost all of which can be classified into two types, External Attacks and Insider Attacks. External Attacks External Attacks are those attacks, in which the attacker aims to cause congestion, propagate fake routing information or disturb nodes from providing services. External attacks are similar to the normal attacks in the traditional wired networks such that the adversary is in the proximity but not a trusted node in the network, therefore, this type of attack can be prevented and detected by the security methods such as authentication or firewall, which are relatively conventional security solutions. Internal or Insider Attacks Due to the invasive nature and open network media in the mobile ad hoc network, internal also known as insider attacks are more dangerous than the external attacks because the compromised or malicious nodes are originally the legitimate users of the Ad hoc network, they can easily pass the authentication and get protection from the security mechanisms. As a result, the adversaries can make use of them to gain normal access to the services that should only be available to the authorized users in the network, and they can use the legal identity provided by the compromised nodes to conceal their malicious behaviors. Therefore, more attention should be paid to the internal attacks initiated by the malicious insider nodes when we consider the security issues in the mobile ad hoc networks. Internal or insider nodes when become part of the network can misuse the network in the following ways Packet Dropping A malicious node can attack at its level or at lower levels. Particularly in the context of Packet Dropping Attack, within a trust level, a malicious node or any other node which aims at saving its resources or intentionally launching a attack can successfully drop packets without being noticed and can get services from other nodes for forwarding its own packets. Node Isolation An internal malicious node can prevent nodes from communicating with any other node. Route Disruption A malicious node can break down an existing route or prevent a new route from being established. Route Invasion An inside attacker adds itself between two endpoints of a communication channel. Attacks based on modification A very simplest way for a malicious node to disturb the operations of an ad-hoc network is to perform an attack based on modification. The only task the malicious or compromised node needs to perform is to announce better routes than the ones presently existing. This kind of attack is based on the modification of the metric value for a route or by altering control message fields. There are various ways to perform this type of attacks; some of them are discussed below Altering the Hop Count This attack is more specific to the AODV [4] protocol wherein the optimum path is chosen by the hop count metric. A malicious node can disturb the network by announcing the smallest hop count value to reach the compromised node. In general, an attacker would use a value zero to ensure to the smallest hop count. Changing the Route Sequence Number When a node decides the optimum path to take through a network, the node always relies on a metric of values, such as hop count delays etc. The smaller that value, the more optimum the path. Hence, a simple way to attack a network is to change this value with a smaller number than the last better value. Altering Routing Information This type of attack leads network toward Denial of Service (DoS) attack. For example in a situation where a node M wants to communicate with node S. At node M the routing path in the header would be M-N-O-P-Q-R-S. If N is a compromised node, it can alter this routing detail to M-N-O-P. But since there exists no direct route from O to P, P will drop the packet. Thus, A will never be able to access any service from P. This situation leads the network towards a DoS attack. Impersonation Attacks Impersonation is also known as spoofing. In this type of attack the malicious node hides its IP address or MAC address and uses the addresses of other nodes present in the network. Since current ad-hoc routing protocols like AODV [4] and DSR [6] do not authenticate source IP address. By exploiting this situation a malicious node can launch variety of attacks using spoofing. For example in a situation where an attacker creates loops in the network to isolate a node from the remainder of the network, the attacker needs to spoof the IP address of the node he wants to isolate from the network and then announce new route to the others nodes. By doing this, he can easily modify the network topology as he wants. Fabrication Attacks Fabrication attacks can be classified into three main categories. Detection is very difficult in all of these three cases. Routing table poisoning Routing protocols maintain tables which hold information regarding routes of the network. In routing table poisoning attacks the malicious nodes generate and send fabricated signaling traffic, or modify legitimate messages from other nodes, in order to create false entries in the tables of the participating nodes. For example, an attacker can send routing updates that do not correspond to actual changes in the topology of the ad hoc network. Routing table poisoning attacks can result in selection of non-optimal routes, creation of routing loops and bottlenecks. Route Cache Poisoning This type of attack falls in the category of passive attacks that can occur especially in DSR [6] due to the promiscuous mode of updating routing tables. This type of situation arises when information stored in routing tables is deleted, altered or injected with false information. A node overhearing any packet may add the routing information contained in that packets header to its own route cache, even if that node is not on the path from source to destination. The vulnerability of this system is that an attacker could easily exploit this method of learning routes and poison route caches by broadcast a message with a spoofed IP address to other nodes. When they receive this message, the nodes would add this new route to their cache and would now communicate using the route to reach the malicious node. Rote Error Messages fabrication This attack is very common in AODV [4] and DSR [6], because when nodes move these two protocols use path maintenance to recover the optimum path. The weakness of this architecture is that whenever a node moves, the closest node sends an error message to the other nodes so as to inform them that a route is no longer accessible. If an attacker can cause a DoS attack by spoofing any node and sending error messages to the all other nodes. As a result malicious node can separate any node quite easily. Eavesdropping Eavesdropping is another kind of attack that usually happens in the mobile ad hoc networks. The goal of eavesdropping is to obtain some confidential information that should be kept secret during the communication. This information may include the location, public key, private key or even passwords of the nodes. Because such data are very important to the security state of the nodes, they should be kept away from the unauthorized access. Secure Ad hoc Routing Protocols Many solutions have been proposed for secure routing in ad hoc networks, in order to offer protection against the attacks discussed earlier. These proposed solutions are either completely new stand-alone protocols, or in some cases incorporations of security mechanisms into existing ones (like DSR [6] and AODV [4]). In order to analyze the proposed solutions and how they are still vulnerable to attacks we classified them into two main categories based on asymmetric cryptography and symmetric cryptography. Asymmetric Cryptographic Solution Protocols that use asymmetric cryptography to secure routing in mobile ad hoc networks require the existence of a universally trusted third party. This trusted third party can be either online or offline. The trusted third party issues certificates that bind a nodes public key with a nodes persistent identifier. Authenticated Routing for Ad hoc Networks ARAN [9] falls in this category of secure Ad hoc routing protocols; many of the other protocols presented in other categories that use asymmetric cryptography operate in a similar manner and have similar requirements. Authenticated Routing for Ad hoc Networks ARAN The Authenticated Routing for Ad hoc Networks (ARAN) proposed in [9] is a standalone solution for secure routing in ad hoc networking environments. ARAN use digital certificates and can successfully operate in the managed open scenario where no infrastructure is pre-deployed. The basic mechanism used in ARAN is certification that is achieved through the existence of a trusted certification authority (CA). All nodes are supposed to know their public key from the certification authority and also the public key of server. Prior to entering into the network, each node has to apply for a certificate that is signed by the certificate server. ARAN accomplishes the discovery of routes by a broadcast message from source node which is replied in a unicast manner. This route discovery of the ARAN protocol begins with a node broadcasting to its neighbors a route discovery packet (RDP). The RDP includes the certificate of the initiating node, a nonce, a timestamp and the address of the destinatio n node. Furthermore, the initiating node signs the RDP. Each node validates the signature with the certificate, updates its routing table with the neighbor from which it received the RDP, signs it, and forwards it to its neighbors after removing the certificate and the signature of the previous node (but not the initiators signature and certificate). The signature prevents malicious nodes from injecting arbitrary route discovery packets that alter routes or form loops [13]. The destination node eventually receives the RDP and replies with a reply packet (REP). The REP contains the address of the source node, the destinations certificate, a nonce, and the associated timestamp. The destination node signs the REP before transmitting it. The REP is forwarded back to the initiating node by a process similar to the one described for the route discovery, except that the REP is unicasted along the reverse path. The source node is able to verify that the destination node sent the REP by chec king the nonce and the signature. Figure 2 illustrates the process of route discovery in ARAN. All messages are authenticated at each hop from source to destination as well as on the reverse path. Due to heavy computation involved with the certificates, ARAN is vulnerable to many attacks e.g. DOS attacks. In situation when there are no malicious nodes in the network the load involved in the routing process force the legitimate nodes to drop the packets in order to save their resources. Symmetric Cryptography Solutions Symmetric cryptographic solutions rely solely on symmetric cryptography to secure the function of routing in wireless ad hoc networks. The mechanisms utilized is hash functions and hash chains. A one-way hash function is a function that takes an input of arbitrary length and returns an output of fixed length [14]. As hash functions are especially lightweight when compared to other symmetric and asymmetric cryptographic operations, they have been extensively used in the context of securing ad hoc routing. Secure Ad hoc On-demand Distance Vector Protocol (SAODV) The Secure Ad hoc On Demand Distance Vector (SAODV) [7] addresses the problem of securing a MANET network. SAODV is an extension of AODV[4] routing protocol that can be used to protect the route discovery mechanism by providing security features like authentication, integrity and non-repudiation. It uses digital signatures to authenticate the non-mutable fields of the message, and hash chains to secure the hop count information (the only mutable field in message) in both RREQ and RREP messages. The SAODV scheme is based on the assumption that each node possesses certified public keys of all network nodes . In order to facilitate the transmission of the information required for the security mechanisms, SAODV defines extensions to the standard AODV message format. These SAODV extensions consist of the following fields. The hash function field identifies the one-way hash function that is used. The field max hop count is a counter that specifies the maximum number of nodes a packet is al lowed to go through. The top hash field is the result of the application of the hash function max hop count times to a randomly generated number, and finally the field hash is this random number. When a node transmits a route request or a route reply AODV packet it sets the max hop count field equal to the time to live (TTL) field from the IP header, generates a random number and sets the hash field equal to it, and applies the hash function specified by the corresponding field max hop count times to the random number, storing the calculated result to the top hash field. Moreover, the node digitally signs all fields of the message, except the hop count field from the AODV header and the hash field from the SAODV extension header. An intermediate node that receives a route request or a route reply must verify the integrity of the message and the hop count AODV [4] field. The integrity requirement is accomplished by verifying the digital signature. The hop count field is verified by comparing the result of the application of the hash function max hop count minus hop count times to the hash field with the value of the top hash field. Before the packet is re-broadcasted by the in termediate node the value of the hash field is replaced by the result of the calculation of the one-way hash of the field itself in order to account for the new hop. In SAODV route error messages (RERR) that are generated by nodes that inform their neighbors that they are not going to be able to route messages to specific destinations are secured using digital signatures. A node that generates or forwards a route error message cryptographically signs the whole message, except the destination sequence numbers. Although SAODV provides reasonable security to MANETs routing, but it is still vulnerable to distance fraud attack [15] in which the forwarding node fails to increment the route metric because in SAODV there is no enforcement to do so. Further there is no method to detect the malicious nodes and DOS attacks because in SAODV it is assumed that DOS attacks are restricted to physical layer, but this assumption failed when colluding malicious nodes drop packets during the route discovery process. Security Aware Routing (SAR) SAR [16] (Security Aware Routing) is an extension to existing on demand routing protocols and used where nodes are grouped on the basis of trust level. In SAR each node has different security level which assigns them different trust levels. Two nodes can only communicate with each other if they have equal or greater trust values. If a node has lower security level it simply discards the packet. In case there is no node in the network with the desired level then communication cannot take place or we can say that, that particular packet cant be forwarded unless its security level is lowered. By exploiting this condition a malicious node can attack at its level or at lower levels. Particularly in the context of Packet Dropping Attack, within a trust level, a malicious node or any other node which aims at saving its resources or intentionally launching a attack can successfully drop packets without being noticed and can get services from other nodes for forwarding its own packets. SAR al so fails in the situations of secure routing in general because it only focuses on the situations in which certain groups are assumed to be trustworthy. Conclusion From the above discussion, we observe that all Secure Ad hoc routing protocols are still vulnerable to many attacks. Although proposed techniques provide security against external attacks, insider attacks are still an open issue in MANETs. Chapter 3 Literature Review Introduction Many solutions have been proposed to prevent selfishness in MANETs. The main goal of all the schemes proposed in the literature is to make decisions regarding trustworthy entities and to encourage behavior that leads to increasing trust. In this section we discuss some of the solutions presented in the literature in order to detect the malicious nodes in the network in context of packet dropping attack. Watchdog and Pathrater In [17] Marti el al, proposed a mechanism called as watchdog and pathrater on DSR[6] to detect the misbehavior of nodes in MANETs. Nodes in this scheme operate in a promiscuous mode. The watchdog monitors one hop neighbor by overhearing the medium to check whether the next neighbor forwards the packet or not. It also maintains a buffer of recently sent packets. If a data packet remains in the buffer too long, the watchdog declares the next hop neighbor to be misbehaving. Every node that participates in the ad hoc network employs the watchdog functionality in order to verify that its neighbors correctly forward packets. When a node transmits a packet to the next node in the path, it tries to promiscuously listen if the next node will also transmit it. Furthermore, if there is no link encryption utilized in the network, the listening node can also verify that the next node did not modify the packet before transmitting it . The watchdog of a node maintains copies of recently forwarded p ackets and compares them with the packet transmissions overheard by the neighboring nodes. Positive comparisons result in the deletion of the buffered packet and the freeing of the related memory. If a node that was supposed to forward a packet fails to do so within a certain timeout period, the watchdog of an overhearing node increments a failure rating for the specific node. This effectively means that every node in the ad hoc network maintains a rating assessing the reliability of every other node that it can overhear packet transmissions from. A node is identified as misbehaving when the failure rating exceeds a certain threshold bandwidth. The source node of the route that contains the offending node is notified by a message send by the identifying watchdog. As the authors of the scheme note, the main problem with this approach is its vulnerability to blackmail attacks. The pathrater selects the path with the highest metric when there are multiple paths for the same destination node. The algorithm followed by the pathrater mechanism initially assigns a rating of 1.0 to itself and 0.5 to each node that it knows through the route discovery function. The nodes that participate on the active paths have their ratings increased by 0.01 at periodic intervals of 200 milliseconds to a maximum rating of 0.8. A rating is decremented by 0.05 when a link breakage is Security for Insider Attacks in Mobile Ad Hoc Networks Security for Insider Attacks in Mobile Ad Hoc Networks Abstract Mobile ad hoc networks are collection of wireless mobile nodes forming a temporary network without the aid of any established infrastructure. Security issues are more paramount in such networks even more so than in wired networks. Despite the existence of well-known security mechanisms, additional vulnerabilities and features pertinent to this new networking paradigm might render the traditional solutions inapplicable. In particular these networks are extremely under threat to insider attacks especially packet dropping attacks. It is very difficult to detect such attacks because they comes in the category of attacks in mobile ad hoc networks in which the attacker nodes becomes the part of the network. In this research work we have proposed a two folded approach, to detect and then to isolate such nodes which become the part of the network to cause packet dropping attacks. First approach will detect the misbehavior of nodes and will identify the malicious activity in network, and then upon identification of nodes misbehavior in network other approach will isolate the malicious node from network. OMNET++ simulator is used to simulate and verify the proposed solution. Experimental results shows that E-SAODV (Enhanced Secure Ad hoc On Demand Distance Vector protocol) performs much better than conventional SAODV (Secure Ad hoc On Demand Distance Vector Protocol) Chapter 1 Introduction Overview Mobile Ad-hoc networks are a new paradigm of wireless communication for mobile hosts. As there is no fixed infrastructure such as base stations for mobile switching. Nodes within each others range communicate directly via wireless links while those which are far apart rely on other nodes to transmit messages. Node mobility causes frequent changes in topology. The wireless nature of communication and lack of any security infrastructure raises several security problems. The following flowchart depicts the working of any general ad-hoc network. Features of Mobile Ad hoc Networks Based on the characteristics, Mobile Ad hoc Networks has following main features. Because of the limited energy supply for the wireless nodes and the mobility of the nodes, the wireless links between mobile nodes in the Ad hoc Network are not consistent for the communication participants. Due to the continuous motion of nodes, the topology of the mobile ad hoc network changes constantly, the nodes can continuously move into and out of the radio range of the other nodes in the ad hoc network, and the routing information will be changing all the time because of the movement of the nodes. Lack of incorporation of security features in statically configured wireless routing protocol not meant for Ad hoc environments. Because the topology of the Ad hoc Networks is changing constantly, it is necessary for each pair of adjacent nodes to incorporate in the routing issue so as to prevent some kind of potential attacks that try to make use of vulnerabilities in the statically configured routing protocol. Mobile Ad hoc Network Routing Protocols Routing in Mobile Ad hoc Networks faces additional challenges when compared to routing in traditional wired networks with fixed infrastructure. There are several well-known protocols that have been specifically developed to cope with the limitations imposed by Ad hoc networking environments. The problem of routing in such environments is aggravated by limiting factors such as rapidly changing topologies, high power consumption, low bandwidth and high error rates [1]. Most of the existing routing protocols follow two different design approaches to confront the inherent characteristics of Ad hoc networks namely Proactive Routing Protocols, Reactive Routing Protocols. Proactive Routing Protocols Proactive ad hoc routing protocols maintain at all times routing information regarding the connectivity of every node to all other nodes that participate in the network. These protocols are also known as Table-driven Ad hoc Routing Protocols. These protocols allow every node to have a clear and consistent view of the network topology by propagating periodic updates [1]. Therefore, all nodes are able to make immediate decisions regarding the forwarding of a specific packet. Two main protocols that fall into the category of proactive routing protocols are Destination-Sequenced Distance-Vector (DSDV) protocol [2] and the Optimized Link State Routing (OLSR) protocol [3]. Reactive Routing Protocols An alternative approach to the one followed by Proactive Routing Protocols also known as source-initiated on-demand routing, is Reactive Routing Protocols. According to this approach a route is created only when the source node requires one to a specific destination. A route is acquired by the initiation of a route discovery function by the source node. The data packets transmitted while a route discovery is in process are buffered and are sent when the path is established. An established route is maintained as long as it is required through a route maintenance procedure. The Ad hoc On-demand Distance Vector (AODV) routing protocol [4], Temporally Ordered Routing Algorithm (TORA) [5] and the Dynamic Source Routing protocol [6] are examples of this category of protocols. Security issues in Mobile Ad hoc Routing Protocols Any routing protocol must encapsulate an essential set of security mechanisms. These are mechanisms that help prevent, detect, and respond to security attacks. We can classify these major security goals into five main categories, which need to be addressed in order to maintain a reliable and secure ad-hoc network environment. Confidentiality Confidentiality is the protection of any information from being exposed to unintended entities. In ad-hoc networks this is more difficult to achieve because intermediates nodes receive the packets for other recipients, so they can easily eavesdrop the information being routed. Availability Availability means that a node should maintain its ability to provide all the designed services regardless of the security state of it . This security criterion is challenged mainly during the denial-of-service attacks, in which all the nodes in the network can be the attack target and thus some selfish nodes make some of the network services unavailable, such as the routing protocol or the key management service. Authentication Authentication assures that an entity of concern or the origin of a communication is what it claims to be or from. Without which an attacker would impersonate a node, thus gaining unauthorized access to resource and sensitive information and interfering with operation of other nodes. Integrity Integrity guarantees the identity of the messages when they are transmitted. Integrity can be compromised through malicious and accidental altering. A message can be dropped, replayed or revised by an adversary with malicious goal, which is regarded as malicious altering while if the message is lost or its content is changed due to some failures, which may be transmission errors or hardware errors such as hard disk failure, then it is categorized as accidental altering. Non-Repudiation Non-repudiation ensures that sending and receiving parties can never deny their sending or receiving the message. In order to achieve the overall goal of Mobile Ad hoc Network security, above five mechanisms must be implemented in any ad-hoc networks so as to ensure the security of the transmissions along that network. Secure Ad hoc Routing As discussed earlier over the past decade, many Ad hoc routing protocols have been proposed in literature. Among them the most widely used are AODV (Ad hoc On Demand Distance Vector) [4] and DSR (Dynamic Source Routing) [2] which comes in the category of re-active routing protocols of Ad hoc Networks. All of these protocols have been studied extensively. But as there were no security considerations in the original design of these protocols, these protocols remain under threat from the attackers. The main assumption of these protocols was that all participating nodes do so in good faith and without maliciously disrupting the operation of the protocol. However the existence of malicious entities can not be disregarded in the systems especially the environment used for Ad hoc Networks. To overcome the security vulnerabilities in existing routing protocols, many security enhancements in these protocols have been proposed but unfortunately these secure Ad hoc Routing Protocols were either designed for a particular protocol or to address a specific problem operation of the protocol. For example SAODV (Secure Ad hoc On Demand Distance Vector Protocol) [7] was proposed to secure AODV (Ad hoc On Demand Distance Vector) protocol, Ariadne [10] was proposed to protect DSR (Dynamic Source Routing) protocol, ARAN [7] was proposed to protect the Ad hoc Routing in general while SEAD [8] was proposed to protect the DSDV (Destination Sequence Distance Vector Routing) protocol. The purpose of SAR [9] (Security Aware Routing) was also to protect the Routing in Ad hoc Networks. Problem definition Thus ongoing studies on MANETs pose many challenging research areas including MANETs security. Since MANETs are made up entirely of wireless mobile nodes, they are inherently more susceptible to security threats compared to fixed networks [11]. Access to wireless links is virtually impossible to control thus adverse security events such as eavesdropping, spoofing and denial of service attacks are more easily accomplished. These security risks must be reduced to an acceptable level while maintaining an acceptable Quality of Service and network performance. However, in order to work properly, the routing protocols in MANETs need trusted working environments, which are not always available. There may be situations in which the environment may be adversarial. For example some nodes may be selfish, malicious, or compromised by attackers. Most of the work done regarding network security in MANETs focuses on preventing attackers from entering the network through secure key distribution and secure neighbor discovery [10],[12]. But these schemes become ineffective when the malicious nodes have entered the network, or some nodes in the network have been compromised. Therefore, threats from compromised nodes inside the network are far more dangerous than the attacks from outside the network. Since these attacks are initiated from inside the network by the participating malicious nodes which behave well before they are compromised, it is very hard to detect these attacks. Keeping in view the security threats faced by MANETs we focus on Packet Dropping Attack which is a serious threat to Mobile Ad hoc Networks. Although many research efforts have been put on secure routing protocols but the attacks like packet dropping is not adequately addressed. We study the packet dropping attack in which a malicious node intentionally drops the packets they received. Unlike all previous researches which attempt to tolerate Packet Dropping Attacks, our work makes the first effort to detect the malicious activity and then identify the malicious or compromised nodes in the network. Research Objective The fundamental objective of this research is to discuss the security attacks faced by Mobile Ad hoc Networks specially insider attacks and to review the security in existing routing protocols especially secure routing protocols in MANETs. We particularly focus on packet dropping attack which is a serious threat to Mobile Ad hoc Networks. A novel security enhancement scheme to address packet dropping attack has been proposed. Thesis Organization Chapter 2 provides a brief introduction of security threats faced by Mobile Ad hoc Networks and secure routing to address these attacks. Chapter 3 discusses about the related work and flaws identified in the related work. Chapter 4 presents the possible solutions to address the packet dropping attack in Mobile Ad hoc Networks. Chapter 5 includes the implementation of proposed mechanisms and Results of the proposed mechanism and the thesis is concluded in Chapter 6. Chapter 2 Security Threats and Secure Ad hoc Routing Protocols Introduction This chapter includes the threats and types of attacks faced by Mobile Ad hoc Networks. Secure Ad hoc routing protocols like SAODV [7] (Secure Ad hoc On Demand Distance Vector), SAR [16] (Security Aware Routing), and ARAN [9] (Authenticated Routing for Ad hoc Networks) etc and how these protocols are still vulnerable to attacks, are discussed in this chapter. Types of attacks in MANETs There are numerous kinds of attacks in the mobile ad hoc networks, almost all of which can be classified into two types, External Attacks and Insider Attacks. External Attacks External Attacks are those attacks, in which the attacker aims to cause congestion, propagate fake routing information or disturb nodes from providing services. External attacks are similar to the normal attacks in the traditional wired networks such that the adversary is in the proximity but not a trusted node in the network, therefore, this type of attack can be prevented and detected by the security methods such as authentication or firewall, which are relatively conventional security solutions. Internal or Insider Attacks Due to the invasive nature and open network media in the mobile ad hoc network, internal also known as insider attacks are more dangerous than the external attacks because the compromised or malicious nodes are originally the legitimate users of the Ad hoc network, they can easily pass the authentication and get protection from the security mechanisms. As a result, the adversaries can make use of them to gain normal access to the services that should only be available to the authorized users in the network, and they can use the legal identity provided by the compromised nodes to conceal their malicious behaviors. Therefore, more attention should be paid to the internal attacks initiated by the malicious insider nodes when we consider the security issues in the mobile ad hoc networks. Internal or insider nodes when become part of the network can misuse the network in the following ways Packet Dropping A malicious node can attack at its level or at lower levels. Particularly in the context of Packet Dropping Attack, within a trust level, a malicious node or any other node which aims at saving its resources or intentionally launching a attack can successfully drop packets without being noticed and can get services from other nodes for forwarding its own packets. Node Isolation An internal malicious node can prevent nodes from communicating with any other node. Route Disruption A malicious node can break down an existing route or prevent a new route from being established. Route Invasion An inside attacker adds itself between two endpoints of a communication channel. Attacks based on modification A very simplest way for a malicious node to disturb the operations of an ad-hoc network is to perform an attack based on modification. The only task the malicious or compromised node needs to perform is to announce better routes than the ones presently existing. This kind of attack is based on the modification of the metric value for a route or by altering control message fields. There are various ways to perform this type of attacks; some of them are discussed below Altering the Hop Count This attack is more specific to the AODV [4] protocol wherein the optimum path is chosen by the hop count metric. A malicious node can disturb the network by announcing the smallest hop count value to reach the compromised node. In general, an attacker would use a value zero to ensure to the smallest hop count. Changing the Route Sequence Number When a node decides the optimum path to take through a network, the node always relies on a metric of values, such as hop count delays etc. The smaller that value, the more optimum the path. Hence, a simple way to attack a network is to change this value with a smaller number than the last better value. Altering Routing Information This type of attack leads network toward Denial of Service (DoS) attack. For example in a situation where a node M wants to communicate with node S. At node M the routing path in the header would be M-N-O-P-Q-R-S. If N is a compromised node, it can alter this routing detail to M-N-O-P. But since there exists no direct route from O to P, P will drop the packet. Thus, A will never be able to access any service from P. This situation leads the network towards a DoS attack. Impersonation Attacks Impersonation is also known as spoofing. In this type of attack the malicious node hides its IP address or MAC address and uses the addresses of other nodes present in the network. Since current ad-hoc routing protocols like AODV [4] and DSR [6] do not authenticate source IP address. By exploiting this situation a malicious node can launch variety of attacks using spoofing. For example in a situation where an attacker creates loops in the network to isolate a node from the remainder of the network, the attacker needs to spoof the IP address of the node he wants to isolate from the network and then announce new route to the others nodes. By doing this, he can easily modify the network topology as he wants. Fabrication Attacks Fabrication attacks can be classified into three main categories. Detection is very difficult in all of these three cases. Routing table poisoning Routing protocols maintain tables which hold information regarding routes of the network. In routing table poisoning attacks the malicious nodes generate and send fabricated signaling traffic, or modify legitimate messages from other nodes, in order to create false entries in the tables of the participating nodes. For example, an attacker can send routing updates that do not correspond to actual changes in the topology of the ad hoc network. Routing table poisoning attacks can result in selection of non-optimal routes, creation of routing loops and bottlenecks. Route Cache Poisoning This type of attack falls in the category of passive attacks that can occur especially in DSR [6] due to the promiscuous mode of updating routing tables. This type of situation arises when information stored in routing tables is deleted, altered or injected with false information. A node overhearing any packet may add the routing information contained in that packets header to its own route cache, even if that node is not on the path from source to destination. The vulnerability of this system is that an attacker could easily exploit this method of learning routes and poison route caches by broadcast a message with a spoofed IP address to other nodes. When they receive this message, the nodes would add this new route to their cache and would now communicate using the route to reach the malicious node. Rote Error Messages fabrication This attack is very common in AODV [4] and DSR [6], because when nodes move these two protocols use path maintenance to recover the optimum path. The weakness of this architecture is that whenever a node moves, the closest node sends an error message to the other nodes so as to inform them that a route is no longer accessible. If an attacker can cause a DoS attack by spoofing any node and sending error messages to the all other nodes. As a result malicious node can separate any node quite easily. Eavesdropping Eavesdropping is another kind of attack that usually happens in the mobile ad hoc networks. The goal of eavesdropping is to obtain some confidential information that should be kept secret during the communication. This information may include the location, public key, private key or even passwords of the nodes. Because such data are very important to the security state of the nodes, they should be kept away from the unauthorized access. Secure Ad hoc Routing Protocols Many solutions have been proposed for secure routing in ad hoc networks, in order to offer protection against the attacks discussed earlier. These proposed solutions are either completely new stand-alone protocols, or in some cases incorporations of security mechanisms into existing ones (like DSR [6] and AODV [4]). In order to analyze the proposed solutions and how they are still vulnerable to attacks we classified them into two main categories based on asymmetric cryptography and symmetric cryptography. Asymmetric Cryptographic Solution Protocols that use asymmetric cryptography to secure routing in mobile ad hoc networks require the existence of a universally trusted third party. This trusted third party can be either online or offline. The trusted third party issues certificates that bind a nodes public key with a nodes persistent identifier. Authenticated Routing for Ad hoc Networks ARAN [9] falls in this category of secure Ad hoc routing protocols; many of the other protocols presented in other categories that use asymmetric cryptography operate in a similar manner and have similar requirements. Authenticated Routing for Ad hoc Networks ARAN The Authenticated Routing for Ad hoc Networks (ARAN) proposed in [9] is a standalone solution for secure routing in ad hoc networking environments. ARAN use digital certificates and can successfully operate in the managed open scenario where no infrastructure is pre-deployed. The basic mechanism used in ARAN is certification that is achieved through the existence of a trusted certification authority (CA). All nodes are supposed to know their public key from the certification authority and also the public key of server. Prior to entering into the network, each node has to apply for a certificate that is signed by the certificate server. ARAN accomplishes the discovery of routes by a broadcast message from source node which is replied in a unicast manner. This route discovery of the ARAN protocol begins with a node broadcasting to its neighbors a route discovery packet (RDP). The RDP includes the certificate of the initiating node, a nonce, a timestamp and the address of the destinatio n node. Furthermore, the initiating node signs the RDP. Each node validates the signature with the certificate, updates its routing table with the neighbor from which it received the RDP, signs it, and forwards it to its neighbors after removing the certificate and the signature of the previous node (but not the initiators signature and certificate). The signature prevents malicious nodes from injecting arbitrary route discovery packets that alter routes or form loops [13]. The destination node eventually receives the RDP and replies with a reply packet (REP). The REP contains the address of the source node, the destinations certificate, a nonce, and the associated timestamp. The destination node signs the REP before transmitting it. The REP is forwarded back to the initiating node by a process similar to the one described for the route discovery, except that the REP is unicasted along the reverse path. The source node is able to verify that the destination node sent the REP by chec king the nonce and the signature. Figure 2 illustrates the process of route discovery in ARAN. All messages are authenticated at each hop from source to destination as well as on the reverse path. Due to heavy computation involved with the certificates, ARAN is vulnerable to many attacks e.g. DOS attacks. In situation when there are no malicious nodes in the network the load involved in the routing process force the legitimate nodes to drop the packets in order to save their resources. Symmetric Cryptography Solutions Symmetric cryptographic solutions rely solely on symmetric cryptography to secure the function of routing in wireless ad hoc networks. The mechanisms utilized is hash functions and hash chains. A one-way hash function is a function that takes an input of arbitrary length and returns an output of fixed length [14]. As hash functions are especially lightweight when compared to other symmetric and asymmetric cryptographic operations, they have been extensively used in the context of securing ad hoc routing. Secure Ad hoc On-demand Distance Vector Protocol (SAODV) The Secure Ad hoc On Demand Distance Vector (SAODV) [7] addresses the problem of securing a MANET network. SAODV is an extension of AODV[4] routing protocol that can be used to protect the route discovery mechanism by providing security features like authentication, integrity and non-repudiation. It uses digital signatures to authenticate the non-mutable fields of the message, and hash chains to secure the hop count information (the only mutable field in message) in both RREQ and RREP messages. The SAODV scheme is based on the assumption that each node possesses certified public keys of all network nodes . In order to facilitate the transmission of the information required for the security mechanisms, SAODV defines extensions to the standard AODV message format. These SAODV extensions consist of the following fields. The hash function field identifies the one-way hash function that is used. The field max hop count is a counter that specifies the maximum number of nodes a packet is al lowed to go through. The top hash field is the result of the application of the hash function max hop count times to a randomly generated number, and finally the field hash is this random number. When a node transmits a route request or a route reply AODV packet it sets the max hop count field equal to the time to live (TTL) field from the IP header, generates a random number and sets the hash field equal to it, and applies the hash function specified by the corresponding field max hop count times to the random number, storing the calculated result to the top hash field. Moreover, the node digitally signs all fields of the message, except the hop count field from the AODV header and the hash field from the SAODV extension header. An intermediate node that receives a route request or a route reply must verify the integrity of the message and the hop count AODV [4] field. The integrity requirement is accomplished by verifying the digital signature. The hop count field is verified by comparing the result of the application of the hash function max hop count minus hop count times to the hash field with the value of the top hash field. Before the packet is re-broadcasted by the in termediate node the value of the hash field is replaced by the result of the calculation of the one-way hash of the field itself in order to account for the new hop. In SAODV route error messages (RERR) that are generated by nodes that inform their neighbors that they are not going to be able to route messages to specific destinations are secured using digital signatures. A node that generates or forwards a route error message cryptographically signs the whole message, except the destination sequence numbers. Although SAODV provides reasonable security to MANETs routing, but it is still vulnerable to distance fraud attack [15] in which the forwarding node fails to increment the route metric because in SAODV there is no enforcement to do so. Further there is no method to detect the malicious nodes and DOS attacks because in SAODV it is assumed that DOS attacks are restricted to physical layer, but this assumption failed when colluding malicious nodes drop packets during the route discovery process. Security Aware Routing (SAR) SAR [16] (Security Aware Routing) is an extension to existing on demand routing protocols and used where nodes are grouped on the basis of trust level. In SAR each node has different security level which assigns them different trust levels. Two nodes can only communicate with each other if they have equal or greater trust values. If a node has lower security level it simply discards the packet. In case there is no node in the network with the desired level then communication cannot take place or we can say that, that particular packet cant be forwarded unless its security level is lowered. By exploiting this condition a malicious node can attack at its level or at lower levels. Particularly in the context of Packet Dropping Attack, within a trust level, a malicious node or any other node which aims at saving its resources or intentionally launching a attack can successfully drop packets without being noticed and can get services from other nodes for forwarding its own packets. SAR al so fails in the situations of secure routing in general because it only focuses on the situations in which certain groups are assumed to be trustworthy. Conclusion From the above discussion, we observe that all Secure Ad hoc routing protocols are still vulnerable to many attacks. Although proposed techniques provide security against external attacks, insider attacks are still an open issue in MANETs. Chapter 3 Literature Review Introduction Many solutions have been proposed to prevent selfishness in MANETs. The main goal of all the schemes proposed in the literature is to make decisions regarding trustworthy entities and to encourage behavior that leads to increasing trust. In this section we discuss some of the solutions presented in the literature in order to detect the malicious nodes in the network in context of packet dropping attack. Watchdog and Pathrater In [17] Marti el al, proposed a mechanism called as watchdog and pathrater on DSR[6] to detect the misbehavior of nodes in MANETs. Nodes in this scheme operate in a promiscuous mode. The watchdog monitors one hop neighbor by overhearing the medium to check whether the next neighbor forwards the packet or not. It also maintains a buffer of recently sent packets. If a data packet remains in the buffer too long, the watchdog declares the next hop neighbor to be misbehaving. Every node that participates in the ad hoc network employs the watchdog functionality in order to verify that its neighbors correctly forward packets. When a node transmits a packet to the next node in the path, it tries to promiscuously listen if the next node will also transmit it. Furthermore, if there is no link encryption utilized in the network, the listening node can also verify that the next node did not modify the packet before transmitting it . The watchdog of a node maintains copies of recently forwarded p ackets and compares them with the packet transmissions overheard by the neighboring nodes. Positive comparisons result in the deletion of the buffered packet and the freeing of the related memory. If a node that was supposed to forward a packet fails to do so within a certain timeout period, the watchdog of an overhearing node increments a failure rating for the specific node. This effectively means that every node in the ad hoc network maintains a rating assessing the reliability of every other node that it can overhear packet transmissions from. A node is identified as misbehaving when the failure rating exceeds a certain threshold bandwidth. The source node of the route that contains the offending node is notified by a message send by the identifying watchdog. As the authors of the scheme note, the main problem with this approach is its vulnerability to blackmail attacks. The pathrater selects the path with the highest metric when there are multiple paths for the same destination node. The algorithm followed by the pathrater mechanism initially assigns a rating of 1.0 to itself and 0.5 to each node that it knows through the route discovery function. The nodes that participate on the active paths have their ratings increased by 0.01 at periodic intervals of 200 milliseconds to a maximum rating of 0.8. A rating is decremented by 0.05 when a link breakage is