Affordable essay writing: January 2020

Sunday, January 26, 2020

Security for Insider Attacks in Mobile Ad Hoc Networks

Security for Insider Attacks in Mobile Ad Hoc Networks Abstract Mobile ad hoc networks are collection of wireless mobile nodes forming a temporary network without the aid of any established infrastructure. Security issues are more paramount in such networks even more so than in wired networks. Despite the existence of well-known security mechanisms, additional vulnerabilities and features pertinent to this new networking paradigm might render the traditional solutions inapplicable. In particular these networks are extremely under threat to insider attacks especially packet dropping attacks. It is very difficult to detect such attacks because they comes in the category of attacks in mobile ad hoc networks in which the attacker nodes becomes the part of the network. In this research work we have proposed a two folded approach, to detect and then to isolate such nodes which become the part of the network to cause packet dropping attacks. First approach will detect the misbehavior of nodes and will identify the malicious activity in network, and then upon identification of nodes misbehavior in network other approach will isolate the malicious node from network. OMNET++ simulator is used to simulate and verify the proposed solution. Experimental results shows that E-SAODV (Enhanced Secure Ad hoc On Demand Distance Vector protocol) performs much better than conventional SAODV (Secure Ad hoc On Demand Distance Vector Protocol) Chapter 1 Introduction Overview Mobile Ad-hoc networks are a new paradigm of wireless communication for mobile hosts. As there is no fixed infrastructure such as base stations for mobile switching. Nodes within each others range communicate directly via wireless links while those which are far apart rely on other nodes to transmit messages. Node mobility causes frequent changes in topology. The wireless nature of communication and lack of any security infrastructure raises several security problems. The following flowchart depicts the working of any general ad-hoc network. Features of Mobile Ad hoc Networks Based on the characteristics, Mobile Ad hoc Networks has following main features. Because of the limited energy supply for the wireless nodes and the mobility of the nodes, the wireless links between mobile nodes in the Ad hoc Network are not consistent for the communication participants. Due to the continuous motion of nodes, the topology of the mobile ad hoc network changes constantly, the nodes can continuously move into and out of the radio range of the other nodes in the ad hoc network, and the routing information will be changing all the time because of the movement of the nodes. Lack of incorporation of security features in statically configured wireless routing protocol not meant for Ad hoc environments. Because the topology of the Ad hoc Networks is changing constantly, it is necessary for each pair of adjacent nodes to incorporate in the routing issue so as to prevent some kind of potential attacks that try to make use of vulnerabilities in the statically configured routing protocol. Mobile Ad hoc Network Routing Protocols Routing in Mobile Ad hoc Networks faces additional challenges when compared to routing in traditional wired networks with fixed infrastructure. There are several well-known protocols that have been specifically developed to cope with the limitations imposed by Ad hoc networking environments. The problem of routing in such environments is aggravated by limiting factors such as rapidly changing topologies, high power consumption, low bandwidth and high error rates [1]. Most of the existing routing protocols follow two different design approaches to confront the inherent characteristics of Ad hoc networks namely Proactive Routing Protocols, Reactive Routing Protocols. Proactive Routing Protocols Proactive ad hoc routing protocols maintain at all times routing information regarding the connectivity of every node to all other nodes that participate in the network. These protocols are also known as Table-driven Ad hoc Routing Protocols. These protocols allow every node to have a clear and consistent view of the network topology by propagating periodic updates [1]. Therefore, all nodes are able to make immediate decisions regarding the forwarding of a specific packet. Two main protocols that fall into the category of proactive routing protocols are Destination-Sequenced Distance-Vector (DSDV) protocol [2] and the Optimized Link State Routing (OLSR) protocol [3]. Reactive Routing Protocols An alternative approach to the one followed by Proactive Routing Protocols also known as source-initiated on-demand routing, is Reactive Routing Protocols. According to this approach a route is created only when the source node requires one to a specific destination. A route is acquired by the initiation of a route discovery function by the source node. The data packets transmitted while a route discovery is in process are buffered and are sent when the path is established. An established route is maintained as long as it is required through a route maintenance procedure. The Ad hoc On-demand Distance Vector (AODV) routing protocol [4], Temporally Ordered Routing Algorithm (TORA) [5] and the Dynamic Source Routing protocol [6] are examples of this category of protocols. Security issues in Mobile Ad hoc Routing Protocols Any routing protocol must encapsulate an essential set of security mechanisms. These are mechanisms that help prevent, detect, and respond to security attacks. We can classify these major security goals into five main categories, which need to be addressed in order to maintain a reliable and secure ad-hoc network environment. Confidentiality Confidentiality is the protection of any information from being exposed to unintended entities. In ad-hoc networks this is more difficult to achieve because intermediates nodes receive the packets for other recipients, so they can easily eavesdrop the information being routed. Availability Availability means that a node should maintain its ability to provide all the designed services regardless of the security state of it . This security criterion is challenged mainly during the denial-of-service attacks, in which all the nodes in the network can be the attack target and thus some selfish nodes make some of the network services unavailable, such as the routing protocol or the key management service. Authentication Authentication assures that an entity of concern or the origin of a communication is what it claims to be or from. Without which an attacker would impersonate a node, thus gaining unauthorized access to resource and sensitive information and interfering with operation of other nodes. Integrity Integrity guarantees the identity of the messages when they are transmitted. Integrity can be compromised through malicious and accidental altering. A message can be dropped, replayed or revised by an adversary with malicious goal, which is regarded as malicious altering while if the message is lost or its content is changed due to some failures, which may be transmission errors or hardware errors such as hard disk failure, then it is categorized as accidental altering. Non-Repudiation Non-repudiation ensures that sending and receiving parties can never deny their sending or receiving the message. In order to achieve the overall goal of Mobile Ad hoc Network security, above five mechanisms must be implemented in any ad-hoc networks so as to ensure the security of the transmissions along that network. Secure Ad hoc Routing As discussed earlier over the past decade, many Ad hoc routing protocols have been proposed in literature. Among them the most widely used are AODV (Ad hoc On Demand Distance Vector) [4] and DSR (Dynamic Source Routing) [2] which comes in the category of re-active routing protocols of Ad hoc Networks. All of these protocols have been studied extensively. But as there were no security considerations in the original design of these protocols, these protocols remain under threat from the attackers. The main assumption of these protocols was that all participating nodes do so in good faith and without maliciously disrupting the operation of the protocol. However the existence of malicious entities can not be disregarded in the systems especially the environment used for Ad hoc Networks. To overcome the security vulnerabilities in existing routing protocols, many security enhancements in these protocols have been proposed but unfortunately these secure Ad hoc Routing Protocols were either designed for a particular protocol or to address a specific problem operation of the protocol. For example SAODV (Secure Ad hoc On Demand Distance Vector Protocol) [7] was proposed to secure AODV (Ad hoc On Demand Distance Vector) protocol, Ariadne [10] was proposed to protect DSR (Dynamic Source Routing) protocol, ARAN [7] was proposed to protect the Ad hoc Routing in general while SEAD [8] was proposed to protect the DSDV (Destination Sequence Distance Vector Routing) protocol. The purpose of SAR [9] (Security Aware Routing) was also to protect the Routing in Ad hoc Networks. Problem definition Thus ongoing studies on MANETs pose many challenging research areas including MANETs security. Since MANETs are made up entirely of wireless mobile nodes, they are inherently more susceptible to security threats compared to fixed networks [11]. Access to wireless links is virtually impossible to control thus adverse security events such as eavesdropping, spoofing and denial of service attacks are more easily accomplished. These security risks must be reduced to an acceptable level while maintaining an acceptable Quality of Service and network performance. However, in order to work properly, the routing protocols in MANETs need trusted working environments, which are not always available. There may be situations in which the environment may be adversarial. For example some nodes may be selfish, malicious, or compromised by attackers. Most of the work done regarding network security in MANETs focuses on preventing attackers from entering the network through secure key distribution and secure neighbor discovery [10],[12]. But these schemes become ineffective when the malicious nodes have entered the network, or some nodes in the network have been compromised. Therefore, threats from compromised nodes inside the network are far more dangerous than the attacks from outside the network. Since these attacks are initiated from inside the network by the participating malicious nodes which behave well before they are compromised, it is very hard to detect these attacks. Keeping in view the security threats faced by MANETs we focus on Packet Dropping Attack which is a serious threat to Mobile Ad hoc Networks. Although many research efforts have been put on secure routing protocols but the attacks like packet dropping is not adequately addressed. We study the packet dropping attack in which a malicious node intentionally drops the packets they received. Unlike all previous researches which attempt to tolerate Packet Dropping Attacks, our work makes the first effort to detect the malicious activity and then identify the malicious or compromised nodes in the network. Research Objective The fundamental objective of this research is to discuss the security attacks faced by Mobile Ad hoc Networks specially insider attacks and to review the security in existing routing protocols especially secure routing protocols in MANETs. We particularly focus on packet dropping attack which is a serious threat to Mobile Ad hoc Networks. A novel security enhancement scheme to address packet dropping attack has been proposed. Thesis Organization Chapter 2 provides a brief introduction of security threats faced by Mobile Ad hoc Networks and secure routing to address these attacks. Chapter 3 discusses about the related work and flaws identified in the related work. Chapter 4 presents the possible solutions to address the packet dropping attack in Mobile Ad hoc Networks. Chapter 5 includes the implementation of proposed mechanisms and Results of the proposed mechanism and the thesis is concluded in Chapter 6. Chapter 2 Security Threats and Secure Ad hoc Routing Protocols Introduction This chapter includes the threats and types of attacks faced by Mobile Ad hoc Networks. Secure Ad hoc routing protocols like SAODV [7] (Secure Ad hoc On Demand Distance Vector), SAR [16] (Security Aware Routing), and ARAN [9] (Authenticated Routing for Ad hoc Networks) etc and how these protocols are still vulnerable to attacks, are discussed in this chapter. Types of attacks in MANETs There are numerous kinds of attacks in the mobile ad hoc networks, almost all of which can be classified into two types, External Attacks and Insider Attacks. External Attacks External Attacks are those attacks, in which the attacker aims to cause congestion, propagate fake routing information or disturb nodes from providing services. External attacks are similar to the normal attacks in the traditional wired networks such that the adversary is in the proximity but not a trusted node in the network, therefore, this type of attack can be prevented and detected by the security methods such as authentication or firewall, which are relatively conventional security solutions. Internal or Insider Attacks Due to the invasive nature and open network media in the mobile ad hoc network, internal also known as insider attacks are more dangerous than the external attacks because the compromised or malicious nodes are originally the legitimate users of the Ad hoc network, they can easily pass the authentication and get protection from the security mechanisms. As a result, the adversaries can make use of them to gain normal access to the services that should only be available to the authorized users in the network, and they can use the legal identity provided by the compromised nodes to conceal their malicious behaviors. Therefore, more attention should be paid to the internal attacks initiated by the malicious insider nodes when we consider the security issues in the mobile ad hoc networks. Internal or insider nodes when become part of the network can misuse the network in the following ways Packet Dropping A malicious node can attack at its level or at lower levels. Particularly in the context of Packet Dropping Attack, within a trust level, a malicious node or any other node which aims at saving its resources or intentionally launching a attack can successfully drop packets without being noticed and can get services from other nodes for forwarding its own packets. Node Isolation An internal malicious node can prevent nodes from communicating with any other node. Route Disruption A malicious node can break down an existing route or prevent a new route from being established. Route Invasion An inside attacker adds itself between two endpoints of a communication channel. Attacks based on modification A very simplest way for a malicious node to disturb the operations of an ad-hoc network is to perform an attack based on modification. The only task the malicious or compromised node needs to perform is to announce better routes than the ones presently existing. This kind of attack is based on the modification of the metric value for a route or by altering control message fields. There are various ways to perform this type of attacks; some of them are discussed below Altering the Hop Count This attack is more specific to the AODV [4] protocol wherein the optimum path is chosen by the hop count metric. A malicious node can disturb the network by announcing the smallest hop count value to reach the compromised node. In general, an attacker would use a value zero to ensure to the smallest hop count. Changing the Route Sequence Number When a node decides the optimum path to take through a network, the node always relies on a metric of values, such as hop count delays etc. The smaller that value, the more optimum the path. Hence, a simple way to attack a network is to change this value with a smaller number than the last better value. Altering Routing Information This type of attack leads network toward Denial of Service (DoS) attack. For example in a situation where a node M wants to communicate with node S. At node M the routing path in the header would be M-N-O-P-Q-R-S. If N is a compromised node, it can alter this routing detail to M-N-O-P. But since there exists no direct route from O to P, P will drop the packet. Thus, A will never be able to access any service from P. This situation leads the network towards a DoS attack. Impersonation Attacks Impersonation is also known as spoofing. In this type of attack the malicious node hides its IP address or MAC address and uses the addresses of other nodes present in the network. Since current ad-hoc routing protocols like AODV [4] and DSR [6] do not authenticate source IP address. By exploiting this situation a malicious node can launch variety of attacks using spoofing. For example in a situation where an attacker creates loops in the network to isolate a node from the remainder of the network, the attacker needs to spoof the IP address of the node he wants to isolate from the network and then announce new route to the others nodes. By doing this, he can easily modify the network topology as he wants. Fabrication Attacks Fabrication attacks can be classified into three main categories. Detection is very difficult in all of these three cases. Routing table poisoning Routing protocols maintain tables which hold information regarding routes of the network. In routing table poisoning attacks the malicious nodes generate and send fabricated signaling traffic, or modify legitimate messages from other nodes, in order to create false entries in the tables of the participating nodes. For example, an attacker can send routing updates that do not correspond to actual changes in the topology of the ad hoc network. Routing table poisoning attacks can result in selection of non-optimal routes, creation of routing loops and bottlenecks. Route Cache Poisoning This type of attack falls in the category of passive attacks that can occur especially in DSR [6] due to the promiscuous mode of updating routing tables. This type of situation arises when information stored in routing tables is deleted, altered or injected with false information. A node overhearing any packet may add the routing information contained in that packets header to its own route cache, even if that node is not on the path from source to destination. The vulnerability of this system is that an attacker could easily exploit this method of learning routes and poison route caches by broadcast a message with a spoofed IP address to other nodes. When they receive this message, the nodes would add this new route to their cache and would now communicate using the route to reach the malicious node. Rote Error Messages fabrication This attack is very common in AODV [4] and DSR [6], because when nodes move these two protocols use path maintenance to recover the optimum path. The weakness of this architecture is that whenever a node moves, the closest node sends an error message to the other nodes so as to inform them that a route is no longer accessible. If an attacker can cause a DoS attack by spoofing any node and sending error messages to the all other nodes. As a result malicious node can separate any node quite easily. Eavesdropping Eavesdropping is another kind of attack that usually happens in the mobile ad hoc networks. The goal of eavesdropping is to obtain some confidential information that should be kept secret during the communication. This information may include the location, public key, private key or even passwords of the nodes. Because such data are very important to the security state of the nodes, they should be kept away from the unauthorized access. Secure Ad hoc Routing Protocols Many solutions have been proposed for secure routing in ad hoc networks, in order to offer protection against the attacks discussed earlier. These proposed solutions are either completely new stand-alone protocols, or in some cases incorporations of security mechanisms into existing ones (like DSR [6] and AODV [4]). In order to analyze the proposed solutions and how they are still vulnerable to attacks we classified them into two main categories based on asymmetric cryptography and symmetric cryptography. Asymmetric Cryptographic Solution Protocols that use asymmetric cryptography to secure routing in mobile ad hoc networks require the existence of a universally trusted third party. This trusted third party can be either online or offline. The trusted third party issues certificates that bind a nodes public key with a nodes persistent identifier. Authenticated Routing for Ad hoc Networks ARAN [9] falls in this category of secure Ad hoc routing protocols; many of the other protocols presented in other categories that use asymmetric cryptography operate in a similar manner and have similar requirements. Authenticated Routing for Ad hoc Networks ARAN The Authenticated Routing for Ad hoc Networks (ARAN) proposed in [9] is a standalone solution for secure routing in ad hoc networking environments. ARAN use digital certificates and can successfully operate in the managed open scenario where no infrastructure is pre-deployed. The basic mechanism used in ARAN is certification that is achieved through the existence of a trusted certification authority (CA). All nodes are supposed to know their public key from the certification authority and also the public key of server. Prior to entering into the network, each node has to apply for a certificate that is signed by the certificate server. ARAN accomplishes the discovery of routes by a broadcast message from source node which is replied in a unicast manner. This route discovery of the ARAN protocol begins with a node broadcasting to its neighbors a route discovery packet (RDP). The RDP includes the certificate of the initiating node, a nonce, a timestamp and the address of the destinatio n node. Furthermore, the initiating node signs the RDP. Each node validates the signature with the certificate, updates its routing table with the neighbor from which it received the RDP, signs it, and forwards it to its neighbors after removing the certificate and the signature of the previous node (but not the initiators signature and certificate). The signature prevents malicious nodes from injecting arbitrary route discovery packets that alter routes or form loops [13]. The destination node eventually receives the RDP and replies with a reply packet (REP). The REP contains the address of the source node, the destinations certificate, a nonce, and the associated timestamp. The destination node signs the REP before transmitting it. The REP is forwarded back to the initiating node by a process similar to the one described for the route discovery, except that the REP is unicasted along the reverse path. The source node is able to verify that the destination node sent the REP by chec king the nonce and the signature. Figure 2 illustrates the process of route discovery in ARAN. All messages are authenticated at each hop from source to destination as well as on the reverse path. Due to heavy computation involved with the certificates, ARAN is vulnerable to many attacks e.g. DOS attacks. In situation when there are no malicious nodes in the network the load involved in the routing process force the legitimate nodes to drop the packets in order to save their resources. Symmetric Cryptography Solutions Symmetric cryptographic solutions rely solely on symmetric cryptography to secure the function of routing in wireless ad hoc networks. The mechanisms utilized is hash functions and hash chains. A one-way hash function is a function that takes an input of arbitrary length and returns an output of fixed length [14]. As hash functions are especially lightweight when compared to other symmetric and asymmetric cryptographic operations, they have been extensively used in the context of securing ad hoc routing. Secure Ad hoc On-demand Distance Vector Protocol (SAODV) The Secure Ad hoc On Demand Distance Vector (SAODV) [7] addresses the problem of securing a MANET network. SAODV is an extension of AODV[4] routing protocol that can be used to protect the route discovery mechanism by providing security features like authentication, integrity and non-repudiation. It uses digital signatures to authenticate the non-mutable fields of the message, and hash chains to secure the hop count information (the only mutable field in message) in both RREQ and RREP messages. The SAODV scheme is based on the assumption that each node possesses certified public keys of all network nodes . In order to facilitate the transmission of the information required for the security mechanisms, SAODV defines extensions to the standard AODV message format. These SAODV extensions consist of the following fields. The hash function field identifies the one-way hash function that is used. The field max hop count is a counter that specifies the maximum number of nodes a packet is al lowed to go through. The top hash field is the result of the application of the hash function max hop count times to a randomly generated number, and finally the field hash is this random number. When a node transmits a route request or a route reply AODV packet it sets the max hop count field equal to the time to live (TTL) field from the IP header, generates a random number and sets the hash field equal to it, and applies the hash function specified by the corresponding field max hop count times to the random number, storing the calculated result to the top hash field. Moreover, the node digitally signs all fields of the message, except the hop count field from the AODV header and the hash field from the SAODV extension header. An intermediate node that receives a route request or a route reply must verify the integrity of the message and the hop count AODV [4] field. The integrity requirement is accomplished by verifying the digital signature. The hop count field is verified by comparing the result of the application of the hash function max hop count minus hop count times to the hash field with the value of the top hash field. Before the packet is re-broadcasted by the in termediate node the value of the hash field is replaced by the result of the calculation of the one-way hash of the field itself in order to account for the new hop. In SAODV route error messages (RERR) that are generated by nodes that inform their neighbors that they are not going to be able to route messages to specific destinations are secured using digital signatures. A node that generates or forwards a route error message cryptographically signs the whole message, except the destination sequence numbers. Although SAODV provides reasonable security to MANETs routing, but it is still vulnerable to distance fraud attack [15] in which the forwarding node fails to increment the route metric because in SAODV there is no enforcement to do so. Further there is no method to detect the malicious nodes and DOS attacks because in SAODV it is assumed that DOS attacks are restricted to physical layer, but this assumption failed when colluding malicious nodes drop packets during the route discovery process. Security Aware Routing (SAR) SAR [16] (Security Aware Routing) is an extension to existing on demand routing protocols and used where nodes are grouped on the basis of trust level. In SAR each node has different security level which assigns them different trust levels. Two nodes can only communicate with each other if they have equal or greater trust values. If a node has lower security level it simply discards the packet. In case there is no node in the network with the desired level then communication cannot take place or we can say that, that particular packet cant be forwarded unless its security level is lowered. By exploiting this condition a malicious node can attack at its level or at lower levels. Particularly in the context of Packet Dropping Attack, within a trust level, a malicious node or any other node which aims at saving its resources or intentionally launching a attack can successfully drop packets without being noticed and can get services from other nodes for forwarding its own packets. SAR al so fails in the situations of secure routing in general because it only focuses on the situations in which certain groups are assumed to be trustworthy. Conclusion From the above discussion, we observe that all Secure Ad hoc routing protocols are still vulnerable to many attacks. Although proposed techniques provide security against external attacks, insider attacks are still an open issue in MANETs. Chapter 3 Literature Review Introduction Many solutions have been proposed to prevent selfishness in MANETs. The main goal of all the schemes proposed in the literature is to make decisions regarding trustworthy entities and to encourage behavior that leads to increasing trust. In this section we discuss some of the solutions presented in the literature in order to detect the malicious nodes in the network in context of packet dropping attack. Watchdog and Pathrater In [17] Marti el al, proposed a mechanism called as watchdog and pathrater on DSR[6] to detect the misbehavior of nodes in MANETs. Nodes in this scheme operate in a promiscuous mode. The watchdog monitors one hop neighbor by overhearing the medium to check whether the next neighbor forwards the packet or not. It also maintains a buffer of recently sent packets. If a data packet remains in the buffer too long, the watchdog declares the next hop neighbor to be misbehaving. Every node that participates in the ad hoc network employs the watchdog functionality in order to verify that its neighbors correctly forward packets. When a node transmits a packet to the next node in the path, it tries to promiscuously listen if the next node will also transmit it. Furthermore, if there is no link encryption utilized in the network, the listening node can also verify that the next node did not modify the packet before transmitting it . The watchdog of a node maintains copies of recently forwarded p ackets and compares them with the packet transmissions overheard by the neighboring nodes. Positive comparisons result in the deletion of the buffered packet and the freeing of the related memory. If a node that was supposed to forward a packet fails to do so within a certain timeout period, the watchdog of an overhearing node increments a failure rating for the specific node. This effectively means that every node in the ad hoc network maintains a rating assessing the reliability of every other node that it can overhear packet transmissions from. A node is identified as misbehaving when the failure rating exceeds a certain threshold bandwidth. The source node of the route that contains the offending node is notified by a message send by the identifying watchdog. As the authors of the scheme note, the main problem with this approach is its vulnerability to blackmail attacks. The pathrater selects the path with the highest metric when there are multiple paths for the same destination node. The algorithm followed by the pathrater mechanism initially assigns a rating of 1.0 to itself and 0.5 to each node that it knows through the route discovery function. The nodes that participate on the active paths have their ratings increased by 0.01 at periodic intervals of 200 milliseconds to a maximum rating of 0.8. A rating is decremented by 0.05 when a link breakage is Security for Insider Attacks in Mobile Ad Hoc Networks Security for Insider Attacks in Mobile Ad Hoc Networks Abstract Mobile ad hoc networks are collection of wireless mobile nodes forming a temporary network without the aid of any established infrastructure. Security issues are more paramount in such networks even more so than in wired networks. Despite the existence of well-known security mechanisms, additional vulnerabilities and features pertinent to this new networking paradigm might render the traditional solutions inapplicable. In particular these networks are extremely under threat to insider attacks especially packet dropping attacks. It is very difficult to detect such attacks because they comes in the category of attacks in mobile ad hoc networks in which the attacker nodes becomes the part of the network. In this research work we have proposed a two folded approach, to detect and then to isolate such nodes which become the part of the network to cause packet dropping attacks. First approach will detect the misbehavior of nodes and will identify the malicious activity in network, and then upon identification of nodes misbehavior in network other approach will isolate the malicious node from network. OMNET++ simulator is used to simulate and verify the proposed solution. Experimental results shows that E-SAODV (Enhanced Secure Ad hoc On Demand Distance Vector protocol) performs much better than conventional SAODV (Secure Ad hoc On Demand Distance Vector Protocol) Chapter 1 Introduction Overview Mobile Ad-hoc networks are a new paradigm of wireless communication for mobile hosts. As there is no fixed infrastructure such as base stations for mobile switching. Nodes within each others range communicate directly via wireless links while those which are far apart rely on other nodes to transmit messages. Node mobility causes frequent changes in topology. The wireless nature of communication and lack of any security infrastructure raises several security problems. The following flowchart depicts the working of any general ad-hoc network. Features of Mobile Ad hoc Networks Based on the characteristics, Mobile Ad hoc Networks has following main features. Because of the limited energy supply for the wireless nodes and the mobility of the nodes, the wireless links between mobile nodes in the Ad hoc Network are not consistent for the communication participants. Due to the continuous motion of nodes, the topology of the mobile ad hoc network changes constantly, the nodes can continuously move into and out of the radio range of the other nodes in the ad hoc network, and the routing information will be changing all the time because of the movement of the nodes. Lack of incorporation of security features in statically configured wireless routing protocol not meant for Ad hoc environments. Because the topology of the Ad hoc Networks is changing constantly, it is necessary for each pair of adjacent nodes to incorporate in the routing issue so as to prevent some kind of potential attacks that try to make use of vulnerabilities in the statically configured routing protocol. Mobile Ad hoc Network Routing Protocols Routing in Mobile Ad hoc Networks faces additional challenges when compared to routing in traditional wired networks with fixed infrastructure. There are several well-known protocols that have been specifically developed to cope with the limitations imposed by Ad hoc networking environments. The problem of routing in such environments is aggravated by limiting factors such as rapidly changing topologies, high power consumption, low bandwidth and high error rates [1]. Most of the existing routing protocols follow two different design approaches to confront the inherent characteristics of Ad hoc networks namely Proactive Routing Protocols, Reactive Routing Protocols. Proactive Routing Protocols Proactive ad hoc routing protocols maintain at all times routing information regarding the connectivity of every node to all other nodes that participate in the network. These protocols are also known as Table-driven Ad hoc Routing Protocols. These protocols allow every node to have a clear and consistent view of the network topology by propagating periodic updates [1]. Therefore, all nodes are able to make immediate decisions regarding the forwarding of a specific packet. Two main protocols that fall into the category of proactive routing protocols are Destination-Sequenced Distance-Vector (DSDV) protocol [2] and the Optimized Link State Routing (OLSR) protocol [3]. Reactive Routing Protocols An alternative approach to the one followed by Proactive Routing Protocols also known as source-initiated on-demand routing, is Reactive Routing Protocols. According to this approach a route is created only when the source node requires one to a specific destination. A route is acquired by the initiation of a route discovery function by the source node. The data packets transmitted while a route discovery is in process are buffered and are sent when the path is established. An established route is maintained as long as it is required through a route maintenance procedure. The Ad hoc On-demand Distance Vector (AODV) routing protocol [4], Temporally Ordered Routing Algorithm (TORA) [5] and the Dynamic Source Routing protocol [6] are examples of this category of protocols. Security issues in Mobile Ad hoc Routing Protocols Any routing protocol must encapsulate an essential set of security mechanisms. These are mechanisms that help prevent, detect, and respond to security attacks. We can classify these major security goals into five main categories, which need to be addressed in order to maintain a reliable and secure ad-hoc network environment. Confidentiality Confidentiality is the protection of any information from being exposed to unintended entities. In ad-hoc networks this is more difficult to achieve because intermediates nodes receive the packets for other recipients, so they can easily eavesdrop the information being routed. Availability Availability means that a node should maintain its ability to provide all the designed services regardless of the security state of it . This security criterion is challenged mainly during the denial-of-service attacks, in which all the nodes in the network can be the attack target and thus some selfish nodes make some of the network services unavailable, such as the routing protocol or the key management service. Authentication Authentication assures that an entity of concern or the origin of a communication is what it claims to be or from. Without which an attacker would impersonate a node, thus gaining unauthorized access to resource and sensitive information and interfering with operation of other nodes. Integrity Integrity guarantees the identity of the messages when they are transmitted. Integrity can be compromised through malicious and accidental altering. A message can be dropped, replayed or revised by an adversary with malicious goal, which is regarded as malicious altering while if the message is lost or its content is changed due to some failures, which may be transmission errors or hardware errors such as hard disk failure, then it is categorized as accidental altering. Non-Repudiation Non-repudiation ensures that sending and receiving parties can never deny their sending or receiving the message. In order to achieve the overall goal of Mobile Ad hoc Network security, above five mechanisms must be implemented in any ad-hoc networks so as to ensure the security of the transmissions along that network. Secure Ad hoc Routing As discussed earlier over the past decade, many Ad hoc routing protocols have been proposed in literature. Among them the most widely used are AODV (Ad hoc On Demand Distance Vector) [4] and DSR (Dynamic Source Routing) [2] which comes in the category of re-active routing protocols of Ad hoc Networks. All of these protocols have been studied extensively. But as there were no security considerations in the original design of these protocols, these protocols remain under threat from the attackers. The main assumption of these protocols was that all participating nodes do so in good faith and without maliciously disrupting the operation of the protocol. However the existence of malicious entities can not be disregarded in the systems especially the environment used for Ad hoc Networks. To overcome the security vulnerabilities in existing routing protocols, many security enhancements in these protocols have been proposed but unfortunately these secure Ad hoc Routing Protocols were either designed for a particular protocol or to address a specific problem operation of the protocol. For example SAODV (Secure Ad hoc On Demand Distance Vector Protocol) [7] was proposed to secure AODV (Ad hoc On Demand Distance Vector) protocol, Ariadne [10] was proposed to protect DSR (Dynamic Source Routing) protocol, ARAN [7] was proposed to protect the Ad hoc Routing in general while SEAD [8] was proposed to protect the DSDV (Destination Sequence Distance Vector Routing) protocol. The purpose of SAR [9] (Security Aware Routing) was also to protect the Routing in Ad hoc Networks. Problem definition Thus ongoing studies on MANETs pose many challenging research areas including MANETs security. Since MANETs are made up entirely of wireless mobile nodes, they are inherently more susceptible to security threats compared to fixed networks [11]. Access to wireless links is virtually impossible to control thus adverse security events such as eavesdropping, spoofing and denial of service attacks are more easily accomplished. These security risks must be reduced to an acceptable level while maintaining an acceptable Quality of Service and network performance. However, in order to work properly, the routing protocols in MANETs need trusted working environments, which are not always available. There may be situations in which the environment may be adversarial. For example some nodes may be selfish, malicious, or compromised by attackers. Most of the work done regarding network security in MANETs focuses on preventing attackers from entering the network through secure key distribution and secure neighbor discovery [10],[12]. But these schemes become ineffective when the malicious nodes have entered the network, or some nodes in the network have been compromised. Therefore, threats from compromised nodes inside the network are far more dangerous than the attacks from outside the network. Since these attacks are initiated from inside the network by the participating malicious nodes which behave well before they are compromised, it is very hard to detect these attacks. Keeping in view the security threats faced by MANETs we focus on Packet Dropping Attack which is a serious threat to Mobile Ad hoc Networks. Although many research efforts have been put on secure routing protocols but the attacks like packet dropping is not adequately addressed. We study the packet dropping attack in which a malicious node intentionally drops the packets they received. Unlike all previous researches which attempt to tolerate Packet Dropping Attacks, our work makes the first effort to detect the malicious activity and then identify the malicious or compromised nodes in the network. Research Objective The fundamental objective of this research is to discuss the security attacks faced by Mobile Ad hoc Networks specially insider attacks and to review the security in existing routing protocols especially secure routing protocols in MANETs. We particularly focus on packet dropping attack which is a serious threat to Mobile Ad hoc Networks. A novel security enhancement scheme to address packet dropping attack has been proposed. Thesis Organization Chapter 2 provides a brief introduction of security threats faced by Mobile Ad hoc Networks and secure routing to address these attacks. Chapter 3 discusses about the related work and flaws identified in the related work. Chapter 4 presents the possible solutions to address the packet dropping attack in Mobile Ad hoc Networks. Chapter 5 includes the implementation of proposed mechanisms and Results of the proposed mechanism and the thesis is concluded in Chapter 6. Chapter 2 Security Threats and Secure Ad hoc Routing Protocols Introduction This chapter includes the threats and types of attacks faced by Mobile Ad hoc Networks. Secure Ad hoc routing protocols like SAODV [7] (Secure Ad hoc On Demand Distance Vector), SAR [16] (Security Aware Routing), and ARAN [9] (Authenticated Routing for Ad hoc Networks) etc and how these protocols are still vulnerable to attacks, are discussed in this chapter. Types of attacks in MANETs There are numerous kinds of attacks in the mobile ad hoc networks, almost all of which can be classified into two types, External Attacks and Insider Attacks. External Attacks External Attacks are those attacks, in which the attacker aims to cause congestion, propagate fake routing information or disturb nodes from providing services. External attacks are similar to the normal attacks in the traditional wired networks such that the adversary is in the proximity but not a trusted node in the network, therefore, this type of attack can be prevented and detected by the security methods such as authentication or firewall, which are relatively conventional security solutions. Internal or Insider Attacks Due to the invasive nature and open network media in the mobile ad hoc network, internal also known as insider attacks are more dangerous than the external attacks because the compromised or malicious nodes are originally the legitimate users of the Ad hoc network, they can easily pass the authentication and get protection from the security mechanisms. As a result, the adversaries can make use of them to gain normal access to the services that should only be available to the authorized users in the network, and they can use the legal identity provided by the compromised nodes to conceal their malicious behaviors. Therefore, more attention should be paid to the internal attacks initiated by the malicious insider nodes when we consider the security issues in the mobile ad hoc networks. Internal or insider nodes when become part of the network can misuse the network in the following ways Packet Dropping A malicious node can attack at its level or at lower levels. Particularly in the context of Packet Dropping Attack, within a trust level, a malicious node or any other node which aims at saving its resources or intentionally launching a attack can successfully drop packets without being noticed and can get services from other nodes for forwarding its own packets. Node Isolation An internal malicious node can prevent nodes from communicating with any other node. Route Disruption A malicious node can break down an existing route or prevent a new route from being established. Route Invasion An inside attacker adds itself between two endpoints of a communication channel. Attacks based on modification A very simplest way for a malicious node to disturb the operations of an ad-hoc network is to perform an attack based on modification. The only task the malicious or compromised node needs to perform is to announce better routes than the ones presently existing. This kind of attack is based on the modification of the metric value for a route or by altering control message fields. There are various ways to perform this type of attacks; some of them are discussed below Altering the Hop Count This attack is more specific to the AODV [4] protocol wherein the optimum path is chosen by the hop count metric. A malicious node can disturb the network by announcing the smallest hop count value to reach the compromised node. In general, an attacker would use a value zero to ensure to the smallest hop count. Changing the Route Sequence Number When a node decides the optimum path to take through a network, the node always relies on a metric of values, such as hop count delays etc. The smaller that value, the more optimum the path. Hence, a simple way to attack a network is to change this value with a smaller number than the last better value. Altering Routing Information This type of attack leads network toward Denial of Service (DoS) attack. For example in a situation where a node M wants to communicate with node S. At node M the routing path in the header would be M-N-O-P-Q-R-S. If N is a compromised node, it can alter this routing detail to M-N-O-P. But since there exists no direct route from O to P, P will drop the packet. Thus, A will never be able to access any service from P. This situation leads the network towards a DoS attack. Impersonation Attacks Impersonation is also known as spoofing. In this type of attack the malicious node hides its IP address or MAC address and uses the addresses of other nodes present in the network. Since current ad-hoc routing protocols like AODV [4] and DSR [6] do not authenticate source IP address. By exploiting this situation a malicious node can launch variety of attacks using spoofing. For example in a situation where an attacker creates loops in the network to isolate a node from the remainder of the network, the attacker needs to spoof the IP address of the node he wants to isolate from the network and then announce new route to the others nodes. By doing this, he can easily modify the network topology as he wants. Fabrication Attacks Fabrication attacks can be classified into three main categories. Detection is very difficult in all of these three cases. Routing table poisoning Routing protocols maintain tables which hold information regarding routes of the network. In routing table poisoning attacks the malicious nodes generate and send fabricated signaling traffic, or modify legitimate messages from other nodes, in order to create false entries in the tables of the participating nodes. For example, an attacker can send routing updates that do not correspond to actual changes in the topology of the ad hoc network. Routing table poisoning attacks can result in selection of non-optimal routes, creation of routing loops and bottlenecks. Route Cache Poisoning This type of attack falls in the category of passive attacks that can occur especially in DSR [6] due to the promiscuous mode of updating routing tables. This type of situation arises when information stored in routing tables is deleted, altered or injected with false information. A node overhearing any packet may add the routing information contained in that packets header to its own route cache, even if that node is not on the path from source to destination. The vulnerability of this system is that an attacker could easily exploit this method of learning routes and poison route caches by broadcast a message with a spoofed IP address to other nodes. When they receive this message, the nodes would add this new route to their cache and would now communicate using the route to reach the malicious node. Rote Error Messages fabrication This attack is very common in AODV [4] and DSR [6], because when nodes move these two protocols use path maintenance to recover the optimum path. The weakness of this architecture is that whenever a node moves, the closest node sends an error message to the other nodes so as to inform them that a route is no longer accessible. If an attacker can cause a DoS attack by spoofing any node and sending error messages to the all other nodes. As a result malicious node can separate any node quite easily. Eavesdropping Eavesdropping is another kind of attack that usually happens in the mobile ad hoc networks. The goal of eavesdropping is to obtain some confidential information that should be kept secret during the communication. This information may include the location, public key, private key or even passwords of the nodes. Because such data are very important to the security state of the nodes, they should be kept away from the unauthorized access. Secure Ad hoc Routing Protocols Many solutions have been proposed for secure routing in ad hoc networks, in order to offer protection against the attacks discussed earlier. These proposed solutions are either completely new stand-alone protocols, or in some cases incorporations of security mechanisms into existing ones (like DSR [6] and AODV [4]). In order to analyze the proposed solutions and how they are still vulnerable to attacks we classified them into two main categories based on asymmetric cryptography and symmetric cryptography. Asymmetric Cryptographic Solution Protocols that use asymmetric cryptography to secure routing in mobile ad hoc networks require the existence of a universally trusted third party. This trusted third party can be either online or offline. The trusted third party issues certificates that bind a nodes public key with a nodes persistent identifier. Authenticated Routing for Ad hoc Networks ARAN [9] falls in this category of secure Ad hoc routing protocols; many of the other protocols presented in other categories that use asymmetric cryptography operate in a similar manner and have similar requirements. Authenticated Routing for Ad hoc Networks ARAN The Authenticated Routing for Ad hoc Networks (ARAN) proposed in [9] is a standalone solution for secure routing in ad hoc networking environments. ARAN use digital certificates and can successfully operate in the managed open scenario where no infrastructure is pre-deployed. The basic mechanism used in ARAN is certification that is achieved through the existence of a trusted certification authority (CA). All nodes are supposed to know their public key from the certification authority and also the public key of server. Prior to entering into the network, each node has to apply for a certificate that is signed by the certificate server. ARAN accomplishes the discovery of routes by a broadcast message from source node which is replied in a unicast manner. This route discovery of the ARAN protocol begins with a node broadcasting to its neighbors a route discovery packet (RDP). The RDP includes the certificate of the initiating node, a nonce, a timestamp and the address of the destinatio n node. Furthermore, the initiating node signs the RDP. Each node validates the signature with the certificate, updates its routing table with the neighbor from which it received the RDP, signs it, and forwards it to its neighbors after removing the certificate and the signature of the previous node (but not the initiators signature and certificate). The signature prevents malicious nodes from injecting arbitrary route discovery packets that alter routes or form loops [13]. The destination node eventually receives the RDP and replies with a reply packet (REP). The REP contains the address of the source node, the destinations certificate, a nonce, and the associated timestamp. The destination node signs the REP before transmitting it. The REP is forwarded back to the initiating node by a process similar to the one described for the route discovery, except that the REP is unicasted along the reverse path. The source node is able to verify that the destination node sent the REP by chec king the nonce and the signature. Figure 2 illustrates the process of route discovery in ARAN. All messages are authenticated at each hop from source to destination as well as on the reverse path. Due to heavy computation involved with the certificates, ARAN is vulnerable to many attacks e.g. DOS attacks. In situation when there are no malicious nodes in the network the load involved in the routing process force the legitimate nodes to drop the packets in order to save their resources. Symmetric Cryptography Solutions Symmetric cryptographic solutions rely solely on symmetric cryptography to secure the function of routing in wireless ad hoc networks. The mechanisms utilized is hash functions and hash chains. A one-way hash function is a function that takes an input of arbitrary length and returns an output of fixed length [14]. As hash functions are especially lightweight when compared to other symmetric and asymmetric cryptographic operations, they have been extensively used in the context of securing ad hoc routing. Secure Ad hoc On-demand Distance Vector Protocol (SAODV) The Secure Ad hoc On Demand Distance Vector (SAODV) [7] addresses the problem of securing a MANET network. SAODV is an extension of AODV[4] routing protocol that can be used to protect the route discovery mechanism by providing security features like authentication, integrity and non-repudiation. It uses digital signatures to authenticate the non-mutable fields of the message, and hash chains to secure the hop count information (the only mutable field in message) in both RREQ and RREP messages. The SAODV scheme is based on the assumption that each node possesses certified public keys of all network nodes . In order to facilitate the transmission of the information required for the security mechanisms, SAODV defines extensions to the standard AODV message format. These SAODV extensions consist of the following fields. The hash function field identifies the one-way hash function that is used. The field max hop count is a counter that specifies the maximum number of nodes a packet is al lowed to go through. The top hash field is the result of the application of the hash function max hop count times to a randomly generated number, and finally the field hash is this random number. When a node transmits a route request or a route reply AODV packet it sets the max hop count field equal to the time to live (TTL) field from the IP header, generates a random number and sets the hash field equal to it, and applies the hash function specified by the corresponding field max hop count times to the random number, storing the calculated result to the top hash field. Moreover, the node digitally signs all fields of the message, except the hop count field from the AODV header and the hash field from the SAODV extension header. An intermediate node that receives a route request or a route reply must verify the integrity of the message and the hop count AODV [4] field. The integrity requirement is accomplished by verifying the digital signature. The hop count field is verified by comparing the result of the application of the hash function max hop count minus hop count times to the hash field with the value of the top hash field. Before the packet is re-broadcasted by the in termediate node the value of the hash field is replaced by the result of the calculation of the one-way hash of the field itself in order to account for the new hop. In SAODV route error messages (RERR) that are generated by nodes that inform their neighbors that they are not going to be able to route messages to specific destinations are secured using digital signatures. A node that generates or forwards a route error message cryptographically signs the whole message, except the destination sequence numbers. Although SAODV provides reasonable security to MANETs routing, but it is still vulnerable to distance fraud attack [15] in which the forwarding node fails to increment the route metric because in SAODV there is no enforcement to do so. Further there is no method to detect the malicious nodes and DOS attacks because in SAODV it is assumed that DOS attacks are restricted to physical layer, but this assumption failed when colluding malicious nodes drop packets during the route discovery process. Security Aware Routing (SAR) SAR [16] (Security Aware Routing) is an extension to existing on demand routing protocols and used where nodes are grouped on the basis of trust level. In SAR each node has different security level which assigns them different trust levels. Two nodes can only communicate with each other if they have equal or greater trust values. If a node has lower security level it simply discards the packet. In case there is no node in the network with the desired level then communication cannot take place or we can say that, that particular packet cant be forwarded unless its security level is lowered. By exploiting this condition a malicious node can attack at its level or at lower levels. Particularly in the context of Packet Dropping Attack, within a trust level, a malicious node or any other node which aims at saving its resources or intentionally launching a attack can successfully drop packets without being noticed and can get services from other nodes for forwarding its own packets. SAR al so fails in the situations of secure routing in general because it only focuses on the situations in which certain groups are assumed to be trustworthy. Conclusion From the above discussion, we observe that all Secure Ad hoc routing protocols are still vulnerable to many attacks. Although proposed techniques provide security against external attacks, insider attacks are still an open issue in MANETs. Chapter 3 Literature Review Introduction Many solutions have been proposed to prevent selfishness in MANETs. The main goal of all the schemes proposed in the literature is to make decisions regarding trustworthy entities and to encourage behavior that leads to increasing trust. In this section we discuss some of the solutions presented in the literature in order to detect the malicious nodes in the network in context of packet dropping attack. Watchdog and Pathrater In [17] Marti el al, proposed a mechanism called as watchdog and pathrater on DSR[6] to detect the misbehavior of nodes in MANETs. Nodes in this scheme operate in a promiscuous mode. The watchdog monitors one hop neighbor by overhearing the medium to check whether the next neighbor forwards the packet or not. It also maintains a buffer of recently sent packets. If a data packet remains in the buffer too long, the watchdog declares the next hop neighbor to be misbehaving. Every node that participates in the ad hoc network employs the watchdog functionality in order to verify that its neighbors correctly forward packets. When a node transmits a packet to the next node in the path, it tries to promiscuously listen if the next node will also transmit it. Furthermore, if there is no link encryption utilized in the network, the listening node can also verify that the next node did not modify the packet before transmitting it . The watchdog of a node maintains copies of recently forwarded p ackets and compares them with the packet transmissions overheard by the neighboring nodes. Positive comparisons result in the deletion of the buffered packet and the freeing of the related memory. If a node that was supposed to forward a packet fails to do so within a certain timeout period, the watchdog of an overhearing node increments a failure rating for the specific node. This effectively means that every node in the ad hoc network maintains a rating assessing the reliability of every other node that it can overhear packet transmissions from. A node is identified as misbehaving when the failure rating exceeds a certain threshold bandwidth. The source node of the route that contains the offending node is notified by a message send by the identifying watchdog. As the authors of the scheme note, the main problem with this approach is its vulnerability to blackmail attacks. The pathrater selects the path with the highest metric when there are multiple paths for the same destination node. The algorithm followed by the pathrater mechanism initially assigns a rating of 1.0 to itself and 0.5 to each node that it knows through the route discovery function. The nodes that participate on the active paths have their ratings increased by 0.01 at periodic intervals of 200 milliseconds to a maximum rating of 0.8. A rating is decremented by 0.05 when a link breakage is

Saturday, January 18, 2020

Agricultural Land Conservation

Agricultural Land Conservation The issues of land distribution and land conservation in agriculture attract more and more attention, especially when the expansion of cropland is hitting a limit since much more land is conserved for environmental purposes. Soil erosion is devastating the topsoil of land as chemical fertilizers are used to increase output within a limited amount of land. At the same time, livestock production expands at an ever-growing speed, worsening the land use situation.Livestock production, nowadays, consumes a large portion of crop that could be distributed to serve for poor population. A taxation system in favor of production capacity and against environmental damages will encourage farmers to improve their production techniques. Proper regulations could not be emphasized more to make sure that a genuinely sustainable agriculture system will be built with animals to cycle nutrients. Cropland is the land that is suited to or used for crop production. Grazing lan d refers to a field covered with grass or herbage, and suitable for grazing by livestock.FAO is the abbreviation for The Food and Agriculture Organization of the United Nations, a specialized organization that leads international efforts to defeat hunger. NCGA is the abbreviation for National Corn Growers Association, which represents AmericaÃ¢â‚¬â„¢s corn growers. The expansion of cropland has limited potential due to environmental conservation. At present, more than one point five billion hectares is used for crop production, accounting for twelve percent of the globeÃ¢â‚¬â„¢s land surface. According to FAO, there is little scope for further expansion of cropland.Despite the presence of considerable amounts of land potentially suitable for agriculture, much of it is covered by forests, protected for environmental reasons, or employed for unban settlements. Compared with livestock production, crop production requires soil that contains more fertile materials, which makes it harder to find suitable cropland. Livestock production is expected to slow down the rate of soil erosion and improve the quality of soil in the long term. In Ã¢â‚¬Å"Eroding Future,Ã¢â‚¬ published July-August 2011 in the Futurist, author Lester R.Brown reviews that people are liquidating the EarthÃ¢â‚¬â„¢s natural assets to fuel their consumption and states that, Ã¢â‚¬Å"soil erosion exceeds soil formation on one-third of the worldÃ¢â‚¬â„¢s cropland, draining the land of its fertilityÃ¢â‚¬ (24). With the presence of animals, the situation could be changed. Soil absorbs nutrients from animal manure, allowing grass and other crops to grow without the addition of synthetic fertilizer, which is the primary cause of soil erosion. Animals play a crucial role in keeping balance of the ecosystem. Livestock production expands at a super speed and occupies more land, leading to deforestation.The livestock sector is by far the single largest anthropogenic user of land. According to Julia Whitty, au thor of Ã¢â‚¬Å"Livestock Revolution Examined,Ã¢â‚¬ published March 16, 2010 in the Mother Jones, more than one point seven billion animals are used in livestock production worldwide, and they, Ã¢â‚¬Å"occupy more than one-fourth of the EarthÃ¢â‚¬â„¢s landÃ¢â‚¬ (http://www. motherjones. com/blue-marble/2010/03/livestock-revolution-examined). Expansion of grazing land for livestock production is a key factor in deforestation. About seventy percent of grazing land in dry areas is considered degraded due to overgrazing.The presence of animals in a sustainable agriculture system results in further land use in order to feed them. Most livestock that are employed to enrich land with nutrients are fed with imported crops. If a farmer is not growing his own feed, the nutrients going into the soil are generated by eroding other cropland, thereby undermining the benefits of livestock production. James E. McWilliams, the author of Ã¢â‚¬Å"The Myth of Sustainable Meat,Ã¢â‚¬ published April 1 3, 2012 in the New York Times, argues that, Ã¢â‚¬Å"This kind of rotational grazing works better in theory than in practiceÃ¢â‚¬ (A31).According to NCGAÃ¢â‚¬â„¢s figures from 2010, more than forty percent of crops go into the mouths of animals that people then consume, in the process squandering huge amounts of resources. The limited increase in cropland and deforestation due to rapid expansion of livestock production require more efficient production plans, one of which is an agriculture income taxation system based on unit output of land. Instead of relying on income sources, such as livestock, grains, or other products, farmersÃ¢â‚¬â„¢ income tax should be placed on production capacity of per unit of land.This not only encourages crop producers to increase their unit output of land against the declining potential of expanding cropland, but also discourages unorganized blindly exploitation of forested land. This system levies high tax rates on production income generated on new l and. To protect cropland from eroding, proper policies should be enacted to regulate animals feed to prevent further damages on land resources. Instead of feeding animals on farms with imported crops, they should be fed with crops grown on the same farms.Farmers who employ this practice should receive subsidies so that they will not be put into a dilemma where they have to choose between economic benefits and environmental benefits. Environment protection puts a halt on expanding cropland. To increase gross output of food, fertile lands are overused and losing their general production capacity. Nowadays, livestock production is to blame being the largest land user and land destroyer since it accelerates the process of deforestation. Lots of crops that are supposed to feed people are used to feed livestock, which is a huge waste of land resources.Hence, some tax regulations are proposed to help distribute the worldÃ¢â‚¬â„¢s usable lands to enhance unit production and avoid blind expl oitation. Crop-livestock production is favorable as long as policy makers devote to regulating the process. Works Cited Brown, Lester R. Ã¢â‚¬Å"Eroding Futures. Ã¢â‚¬ Futurist. July-August, 2011: 23-30. McWilliams, James E. Ã¢â‚¬Å"The Myth of Sustainable Meat. Ã¢â‚¬ New York Times. 13 April, 2012: 31. Whitty, Julia. Ã¢â‚¬Å"Livestock Revolution Examined. Ã¢â‚¬ Mother Jones. 16 March, 2010: http://www. motherjones. com/blue-marble/2010/03/livestock-revolution-examined.

Thursday, January 9, 2020

The Basics of Introduction Samples Essay

The Basics of Introduction Samples Essay There's numerous essays completed by them. Since they are a very important part of the academic life, it is essential to present very high-quality papers. You can also see student essay. It is among the most frequent essays given as an assignment to students of distinct levels. The thesis statement may also be perceived as a brief response to the essay question. To check when you have created a debatable thesis statement for the research paper, you must determine whether it's debatable. The Nuiances of Introduction Samples Essay Scientists working specifically in acoustics have seen a certain phenomena. There's no point to argue with that truth. There are a lot of ways to conduct research. The reality is that there aren't any absolutely good or totally poor phenomenon. The Good, the Bad and Introduction Samples Essay It is possible to also find a variety of discounts on our site which will help you to save some more money for future orders or anything you want to spend them on. Be part of our happy clients who have found the very best essay service online and are enjoying the advantages of it. Our customer support will gladly tell you whether there are any special offers at the present time, in addition to make sure you are getting the very best service our business can deliver. Each customer will receive a non-plagiarized paper with timely shipping. Whatever They Told You About Introduction Samples Essay Is Dead Wrong...And Here's Why Essays, generally, covers different topics. You can also see thesis proposal. If you're still unsure about your introduction, our essay editors would like to provide you with some feedback. Research paper introduction is easily the most important and difficult part to write because it ought to be straightforward and self explanatory for the audience to comprehend the topic. Speak to us in case you have any questions or suggestions. Share what you consider the topic. You might discover a lot of tips online about how to compose a self-introduction essay, but here are a few tips that you might discover useful. Understanding Introduction Samples Essay Writing an essay introduction can be tricky but having the suitable knowledge about ways to compose it can make the process simpler for the students. You can also see thesis statement. The essay will test the student wisdom and capability in answering the questions as well as analyzing the issue. A badly written essay implies that the company gives poor services. There's, clearly, a limit on the range of pages even our very best writers can produce with a pressing deadline, but generally, we figure out how to satisfy all the clients seeking urgent assistance. You might, and can write it upon your own but on account of the hectic college pursuits or shortage of time you might want to purchase the paper. There are lots of kinds of essays, it isn't hard to drop a watch out for all your writing assignments. PaperCoach will be able to help you with all your papers, so take a look at the moment! Main education is the initial stage of education for everybody. In the event the student is interested in the research of the issue, he's got the opportunity to learn more about the question deeper and study the problem on free main education from many sides. The issue is that your students do not have a lot of experience working in task groups, and you think that they have to have more opportunities to achieve that. The samples will supply you wit h ideas on the manner in which you answer the questions offered to you. Imagine your research paper is a product which you wish to sell and be paid for it. It is crucial to know this because the way an individual will acquire interested in a paper differs from that for another individual. Ensure you have included everything that you would like to be incorporated into your paper. As you probably already know, the hardest part is only to start the paper. Make your opening sentence solid and interesting, as it will produce an impression about the entire paper. There are lots of people who will admit that the chief reason they attend services at a specific place of worship is because the music is so great. There's an assumption this is the hardest aspect of research paper completion.

Wednesday, January 1, 2020

The Federal Government Should Work On Promoting Either...

Summary of Contentious Issues The federal government should work on promoting either nuclear or solar energy. Energy is important for survival on a daily basis. In fact, the development of any nation depends on the long-term availability and increase of clean and safe energy that also supports the environment. Currently, no energy source can be said to be sufficiently capable of meeting future needs that a nation requires. It is important therefore to promote any particular type of renewable energy. Promoting and enhancing solar energy would be a better move to take. It is better for the environment if the federal government work on improving solar energy usage. Installation of solar panels by Americans continues to increase with each passing day. Despite this positive progress, this avenue of power is not fully exploited because of lack of infrastructure to store solar energy. Solar energy was ranked as the third electricity-producing source after natural gas and wind energy thus accounting for fourteen percent of the total electricity produced. This significant contribution of the solar energy shows that when properly exploited, solar energy can be a major source of electricity for the country. However, there is need for the issues surrounding its maximum exploitation to be addressed. The government should subsidize infrastructure. The most important infrastructure that the federal government should look into includes connection to the power grid, conversion of the solarShow MoreRelatedUS Intelligence Sees Cyber Threats Eclipsing Terrorism: An Analysis6653 Words Ã‚ |Ã‚ 27 PagesÃ¯ » ¿U.S. Intelligence Sees Cyber Threats Eclipsing Terrorism The issue of security is no longer an aspect that easily definable or that can be controlled through traditional means. During the Cold War era, security was defined in terms of the nuclear threat and that of global war in the bipolar system. Today, and especially after the 2001 terrorist attacks over the United States, the issue of terrorism has become rather debated and is seen as the main threat to security. Even so, recent events haveRead MoreAmerican Politics : Ir The Reason Why Iran Essay3068 Words Ã‚ |Ã‚ 13 Pagesintentions are. For the past 20 or so years, politicians and international organizations have been saying that Iran was close to developing a nuclear weapon, while they say that their only intentions are developing nuclear power to help power their country. Countries that see themselves as not really being allies with Iran feel threatened that they will develop a nuclear weapon and use it on them. Both the United States and Israel feel this way. The unease between the US and Iran seems to stem from theRead MoreNanotech 1AC Essay13565 Words Ã‚ |Ã‚ 55 Pagesnanotechnology development and the necessity to encourage the formation of networks for scientific exchange in the area (CONACYT, 2002). Moreover, the National Development Plan 2001-2006 identifies nanotechnology research as an important subfield inside the energy sector, above all others within the framework of the Instituto Mexicano del PetrÃƒ ³leo (Ã¢â‚¬Å"IMPÃ¢â‚¬ ) (Mexican Institute of Petroleum). The conditions and provisions to create and implement a National Initiative for Nanotechnology Development were presentRead MoreOne Significant Change That Has Occurred in the World Between 1900 and 2005. Explain the Impact This Change Has Made on Our Lives and Why It Is an Important Change.163893 Words Ã‚ |Ã‚ 656 PagesBenson, Stephen Brier, and Roy Rosenzweig Also in this series: Paula Hamilton and Linda Shopes, eds., Oral History and Public Memories Tiffany Ruby Patterson, Zora Neale Hurston and a History of Southern Life Lisa M. Fine, The Story of Reo Joe: Work, Kin, and Community in Autotown, U.S.A. Van Gosse and Richard Moser, eds., The World the Sixties Made: Politics and Culture in Recent America Joanne Meyerowitz, ed., History and September 11th John McMillian and Paul Buhle, eds., The New LeftRead MoreReport on Oil and Gas Industry in Pakistan81517 Words Ã‚ |Ã‚ 327 Pages GoP GPA GSA GST HOBC HSD HSFO IMF IOC IPP IPP KAPCO KESC KMK KPC KPT LDO LNG LPG LSFO MCA MFM MGCL MJPP MMBUTU MMCFD MMCFT MPNR MS MTJPP NEQS NGRA NLC NRL NTC NWFP OM OCAC OECD OGDCL OGRA OMC PARCO PCA PDM PEPA PEPP PEPP PIHS PMY PNSC POL Government of Pakistan Gas Purchase Agreement Gas Supply Agreement General Sales Tax High Octane Blending Component High Speed Diesel High Sulfur Fuel Oil International Monetary Fund International Oil Company Import Parity Price (see context) Independent PowerRead MoreInternational Management67196 Words Ã‚ |Ã‚ 269 Pageslagging support for some bilateral trade agreements pose additional challenges to global managers and multinational companies. In addition, the BP oil spill in the Gulf of Mexico has renewed calls for corporations to do more to protect the planet and governments to get tougher with companies in terms of oversight and accountability. The advent of social networking and other media has transformed the way citizens interact and how businesses market, promote, and distribute their products globally. The sameRead MoreBhopal Gas Disaster84210 Words Ã‚ |Ã‚ 337 PagesCarbide negotiated a settlement with the Indian Government in 1989 for $470 million - a total of only $370 t o $533 per victim - a sum too small to pay for most medical bills. In 1996, t elve years after the disaster, Union Carbide became part of the Dow Chemical w Corporation, which flatly refused to assume any liabilities in India - or clean up the toxic poisons left behind saying that it was the responsibility of the Madhya Pradesh state government which had taken over the site. Today twenty fiveRead MoreLogical Reasoning189930 Words Ã‚ |Ã‚ 760 Pagespart of the work under the following conditions: (1) Attribution You must attribute the work in the manner specified by the author, namely by citing his name, the book title, and the relevant page numbers (but not in any way that suggests that the book Logical Reasoning or its author endorse you or your use of the work). (2) Noncommercial You may not use this work for commercial purposes (for example, by inserting passages into a book that is sold to students). (3) No Derivative Works You may notRead MoreGsk Annual Report 2010135604 Words Ã‚ |Ã‚ 543 Pagesrestructuring is described in Note 1 to the Ã¯ ¬ nancial statements, Ã¢â‚¬ËœPresentation of the Ã¯ ¬ nancial statementsÃ¢â‚¬â„¢. GSK Annual Report 2010 01 We exist to improve the quality of human life by enabling people to do more, feel better and live longer. We work by respecting people, maintaining our focus on the patient and consumer whilst operating with both integrity and transparency. We are looking to deliver shareholder value through growth of a diversiÃ¯ ¬ ed and global business, by delivering more productsRead MoreResources Capabilities20336 Words Ã‚ |Ã‚ 82 Pagesand Capability Capabilities in Strategy Formulation Basing Strategy on Resources and Capabilities Resources and Capabilities as Sources of ProÃ¯ ¬ t l The Resources of the Firm Tangible Resources Intangible Resources Human Resources Analysis to Work: A Practical Guide Step 1 Identify the Key Resources and Capabilities 123 CSAC05 1/13/07 9:21 Page 124 124 PART II THE TOOLS OF STRATEGY ANALYSIS Step 2 Appraising Resources and Capabilities Step 3 Developing Strategy Implications

Affordable essay writing