Presentations

A Robust Approach for Detection of Malicious Node and Performance Analysis of DSR Routing Protocol in MANETs Using NS-2

Description
Mobile Ad hoc network is a collection of nodes that is connected through a wireless medium forming rapidly changing topologies. Routing protocol for MANET’s are used for delivery of data packets from source to the desired destination. Routing protocols are also designed based on the assumption that all the participating nodes are fully cooperative. Routing misbehaviors is that some nodes may be malicious by participating in route discovery and maintenance process, but refuse to forward the packet. One of the root causes for the same is that there is a tremendous amount of unpredictability in the behavior of the mobile nodes in MANET, be it regular node or erroneous node or malicious node. In this proposal, nodes are recommended for data forwarding and allow nodes to avoid the use of misbehaving nodes in future route selection. DSR routing protocol is used to get the recommendation details of the node intended to forward the packet from the neighboring nodes. In addition to node mobility, a MANET is characterized by limited resources such as bandwidth, battery power, and storage space. MANETs are vulnerable to Denial of Service (DoS) due to their salient characteristics. DoS attacks committed by malicious nodes were investigated. This paper proposes a novel method to mitigate the route with misbehaving nodes and also suggests a way to find if any intruder is present in the cluster of participating nodes using security aware DSR protocol. This paper is an effort to study the impact of malicious nodes concentration on MANET performance on DSR routing protocol by using Network Simulator as simulation tool.
Categories
Published
of 9
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Related Documents
Share
Transcript
  International Journal of Advance Foundation and Research in Computer (IJAFRC) Volume 1, Issue 7, July !1 #   I$$% & '  '&   * +  !1 , IJAFRC All Ri-hts Reserved ...#i/afrc#or-   A Ro0ust Approach for etection of 2alicious %ode and 3erformance Analysis of $R Routin- 3rotocol in 2A%45s 6sin- %$ Ms. Dipali D. Punwatkar, Prof. Kapil N. Hande (Asst. Prof.) Department of Computer Science and n!ineerin!, Pri adars#ini $#a!wati Colle!e of n!ineerin!,Na!pur, %ndia. &dipalipunwatkar'!mail.com , *kapil#ande!mail.com   A  $ 5 R A C 5 2o0ile Ad hoc net.or8 is a collection of nodes that is connected throu-h a .ireless medium formin- rapidly chan-in- topolo-ies# Routin- protocol for 2A%459s are used for delivery of data   pac8ets from source to the desired destination# Routin- protocols are also desi-ned 0ased on the assumption that all the participatin- nodes are fully cooperative# Routin- mis0ehaviors is that some nodes may 0e malicious 0y participatin- in route discovery and maintenance process, 0ut refuse to for.ard the pac8et# :ne of the root causes for the same is that there is a tremendous amount of unpredicta0ility in the 0ehavior of the mo0ile nodes in 2A%45, 0e it re-ular node or erroneous node or malicious node# In this proposal, nodes are recommended for data for.ardin- and allo. nodes to avoid the use of mis0ehavin- nodes in future route selection# $R routin- protocol is used to -et the recommendation details of the node intended to for.ard the pac8et from the nei-h0orin- nodes# In addition to node mo0ility, a 2A%45 is characteri;ed 0y limited resources such as 0and.idth, 0attery po.er, and stora-e space# 2A%45s are vulnera0le to enial of $ervice (o$) due to their salient characteristics# o$ attac8s committed 0y malicious nodes .ere investi-ated# 5his paper proposes a novel method to miti-ate the route .ith mis0ehavin- nodes and also su--ests a .ay to find if any intruder is present in the cluster of participatin- nodes usin- security a.are $R protocol# 5his paper is an effort to study the impact of malicious nodes concentration on 2A%45 performance on $R routin- protocol 0y usin- %et.or8 $imulator as simulation tool# Inde< 5erms = 2o0ile Ad hoc %et.or8s, 2alicious %odes, Routin- 3rotocols, enial of $ervices, $ecurity# I#   I%5R:6C5I:% MAN+ #as emer!ed as one of t#e most focused and t#rust researc# areas in t#e field of wireless networks and moile computin!. A Moile Ad -Hoc Network (MAN+) is a !roup of moile nodes t#at cooperate and forward packets for eac# ot#er. Suc# networks etend t#e limited wireless transmission ran!e of eac# node  multi-#op packet forwardin!, and t#us t#e are ideall suited for scenarios in w#ic# pre-deplo ed infrastructure support is not a/ailale. MAN+s #a/e some special c#aracteristic features suc# as unreliale wireless links used for communication etween #osts, constantl c#an!in! network topolo!ies, limited andwidt#, atter power, low computation power etc. 0#ile t#ese c#aracteristics are essential for t#e fleiilit of MAN+s, t#e introduce specific securit concerns t#at are eit#er asent or less se/ere in wired networks. MAN+s are /ulnerale to /arious t pes of attacks includin! passi/e ea/esdroppin!, acti/e interferin!, impersonation, and denial-of-ser/ice. %ntrusion pre/ention measures suc# as stron! aut#entication and redundant transmission s#ould e  International Journal of Advance Foundation and Research in Computer (IJAFRC) Volume 1, Issue 7, July !1 #   I$$% & '  '&   ** +  !1 , IJAFRC All Ri-hts Reserved ...#i/afrc#or-  complemented  detection tec#ni1ues to monitor securit status of t#ese networks and identif malicious e#a/ior of an participatin! node(s). A set of nodes ma e compromised in suc# a wa t#at it ma not e possile to detect t#eir malicious e#a/ior easil . Suc# nodes can !enerate new routin! messa!es to ad/ertise non-eistent links, pro/ide incorrect link state information, and flood ot#er nodes wit# routin! traffic, t#us inflictin! failure in t#e network. %n t#is work, discussin! one suc# attack known as denial-of-ser/ice attack on t#e widel used DS2 (D namic Source 2outin!) routin! protocol in MAN+s. A mec#anism presented s#ows t#e Detection 3 Pre/ention of denial-of-ser/ice Attack in MAN+.   Fi-ure1# 2is0ehavin- %ode in 2A%45 %n MAN+, uncooperati/e node is malicious node. +#ese nodes are eit#er fault and t#erefore cannot follow a protocol, or are intentionall malicious and tr to attack t#e s stem. Malicious node causes packet droppin!, false routin! and etc. 4ffects of malicious nodes are -iven 0elo.= ã   Malicious node reduces t#e network connecti/it in MAN+. ã   +#e result is defra!mented networks, isolated nodes, and drasticall reduced network performance. ã   No intention for ener! -sa/in!. ã   4aunc# all kinds of denial-of-ser/ice (DoS) attacks  repla in!, reorderin! or5and droppin! packets from time to time, and e/en  sendin! fake routin! messa!es. +#e rest of t#is paper is or!ani6ed as follows. Section %% descries related work. Section %%% descries t#e proposed met#odolo! . Section %7 introduces t#e simulation results for proposed work. 8inall section 7 concludes t#e paper. II#   R4>A54 ?:R@ +#e prolem of securit and cooperation enforcement #as recei/ed considerale attention  researc#ers in t#e ad #oc network communit . 0atc#do! and pat# rater 9&:; approac# is proposed to detect and isolate t#e mise#a/in! nodes. %n t#is approac#, a node forwardin! a packet c#ecks if t#e net #op also forwards it. %f not, a failure count is  International Journal of Advance Foundation and Research in Computer (IJAFRC) Volume 1, Issue 7, July !1 #   I$$% & '  '&   *7 +  !1 , IJAFRC All Ri-hts Reserved ...#i/afrc#or-  incremented and t#e upstream node is rated to e malicious if t#e count eceeds a certain t#res#old. +#e pat# rater module t#en utili6es t#is knowled!e to a/oid it in pat# selection. %t impro/es t#e t#rou!#put of t#e network in t#e presence of malicious nodes. Howe/er, it #as t#e demerit of not penali6in! t#e malicious nodes. $uc#e!!er and $oudec9&<; su!!est t#at despite t#e fact t#at networks onl function properl if t#e participatin! nodes cooperate in routin! and forwardin!. Howe/er, it ma e ad/anta!eous for indi/idual nodes not to cooperate. +#e propose a protocol, called C=N8%DAN+, w#ic# aims at detectin! and isolatin! mise#a/in! nodes, t#us makin! mise#a/ior unattracti/e. Here mise#a/in! nodes are ecluded from forwardin! routes. %t includes a trust mana!er to e/aluate t#e le/el of trust of alert reports. $ut it is not clear #ow fast t#e trust le/el can e ad>usted for compromised node especiall if it #as a #i!# trust le/el initiall . +rust /aluation met#od 9&?; pro/ides an effecti/e securit mec#anism ased on data protection and   secure routin!. $ut it relies on !loal information and #ence t#e reaction time is more. %t would e preferale to reduce t#e reaction time. 4i @#ao 9&; #a/e proposed Multipat# 2outin! Sin!le pat# transmission (MA2S) sc#eme to miti!ate ad/erse effects of mise#a/ior. +#is sc#eme comines multipat# routin! and sin!le pat# data transmission wit# end-to-end feedack mec#anism to pro/ide more compre#ensi/e protection a!ainst mise#a/ior from indi/idual or cooperatin! mise#a/in! nodes. %n t#e 2eputation sc#eme 9&B;, t#e reputation of t#e nodes is assessed ased on t#eir past #istor of rela in! packets, and are used  t#eir nei!#ors to ensure t#at t#e packet will e rela ed  t#e node. %nstead of c#oosin! t#e s#ortest pat# to t#e destination, t#e source node c#ooses a pat# w#ose net #op node #as t#e #i!#est reputation. As a result, t#e !ood nodes (nodes wit# #i!#er reputations) ecome o/erloaded. =nce t#e load on t#e !ood nodes is more t#an w#at t#e resources can mana!e, t#e start droppin! packets and start losin! reputation. As a result, t#eir incomin! traffic is reduced to a le/el at w#ic# t#e can forward all t#e packets t#e recei/e for rela in!. Also t#e numer of route disco/eries is more wit# increase in t#e a/era!e #op len!t#. +ara! 8a#ad and 2oert 9*&; #a/e proposed t#e new mec#anism called Packet Conser/ation Monitorin! Al!orit#m (PCMA) to detect selfis# nodes in t#e presence of partial droppin! w#en t#e selfis# node does not drop all packets ut sends some of t#em and drops ot#er in MAN+. Muc# of researc# on securit policies focuses on polic representation and e/aluation or uildin! securit mec#anisms ased on specific policies wit#out addressin! polic enforcement. K. San6!iri et al9*'; proposed t#e Aut#enticated 2outin! for Ad-#oc Networks (A2AN) secure routin! protocol is an on-demand routin! protocol w#ic# relies on t#e use of di!ital certificates to identifies and defends a!ainst malicious actions in t#e ad-#oc network. III#   3R:3:$4 245::>:B +#e Malicious Node Detection (MND) mec#anism is primaril used for detectin! packet droppin! DoS attack deplo ed  malicious nodes in MAN+s. +#e proposed MND mec#anism is used to alle/iate t#e urden on all nodes to perform t#e packet droppin! DoS attack detection function as well as to reduce t#e numer of trust relations t#at #a/e to e estalis#ed in t#e network. %n t#is c#apter, we consider t#e  International Journal of Advance Foundation and Research in Computer (IJAFRC) Volume 1, Issue 7, July !1 #   I$$% & '  '&   *' +  !1 , IJAFRC All Ri-hts Reserved ...#i/afrc#or-  anal sis of MND mec#anism ased on two scenarios. +#e attack scenario, in w#ic# node t#at does malicious routin!  mise#a/in! w#ile forwardin! t#e data packets, attempts to drop t#e packets and secondl , findin! out if an intruder is present in t#e network #a/in! routes to reac# t#e destination and to c#an!e routin! pat# suc# t#at data is securel send from source to destination wit#out attack (Packet drop).   Fi-ure# 2alicious %ode Formation 2odel $tep1= 5he 2alicious %ode Attac8 $cenario +#is approac# uses re!ular node and malicious nodes. Scenario for re!ular and malicious node s#owin! different pat#s from source node to destination node . 2outin! protocol for MAN+s are used for deli/er of data packets from source to t#e desired destination, 2outin! protocols are also desi!ned ased on t#e assumption t#at all t#e participatin! nodes are full cooperati/e. Howe/er, due to t#e scarcel a/ailale atter ased ener! , malicious node e#a/ior ma eist. Malicious node t#at does malicious routin!  mise#a/in! w#ile forwardin! t#e data packets attempts to drop t#e packets. Malicious nodes are assumed to simpl drop packets after participatin! in routin! functions. Moreo/er, unless ot#erwise mentioned t#e drop all data packets ultimatel resultin! in Denial of Ser/ice attack. DoS attack committed  malicious nodes were in/esti!ated. A DoS attack is an e/ent t#at diminis#es or eliminates a networks capacit to perform its epected function. +#ese attacks are launc#ed a!ainst ser/er resources or network andwidt#  pre/entin! aut#ori6ed users from accessin! resources. DoS attacks can tar!et a client computer or a ser/er computer. Due to d namic network topolo! and lack of centrali6ed infrastructure, network securit #as rou!#t a new c#allen!e to networkin! communities. nlike traditional networks, MAN+s are more /ulnerale to DoS attacks due to limited resources t#at force nodes to e !reed in resource utili6ation. 0#en t#ere is no cooperation, acti/ities of e/en a small numer of nodes ma si!nificantl decrease t#e performance of t#e network. 8or eample, a malicious node t#at discards an packets passin! t#rou!# it can result in repeated retransmissions, w#ic# in turn cause network con!estions. $tep= o$ Attac8 etection and 3revention $cenario %n t#is approac# detection and pre/ention mec#anism is used to protect moile ad #oc networks from packet droppin! DoS attack  introducin! a special node, called ser/er node. +#e ser/er will c#eck communication wit#in eac# node to securel data transfer wit#out usin! computational assumption. +#e source node and t#e <? forwardin! node keep monitorin! t#eir net #op nodeEs acti/it (unless ot#erwise mentioned, all t#e time). 0#en a packet is forwarded to t#e net node, t#e ser/er node will mark t#e packet as FforwardedG in its uffer. %n addition, it keeps increasin! a non-forwarded packet counter if a packet is not forwarded. +#e source will drop all ot#er routin! packets related to t#e malicious node (Attacker nodes) and find a new route wit#out t#e malicious node in t#e pat#. %f t#e

1252

Jul 27, 2017
Search
Similar documents
View more...
Tags
Related Search
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks