International Journal of Scientific Research Engineering & Technology (IJSRET), ISSN 2278 0882

Volume 3 Issue 2, May 2014

TO SECURE ATTACKS IN MANET USING IDS

BASED EAACK SCHEME
1

1,2

Anand Kaushik, 2Bikram Pratap Singh

M.Tech, Galgotias University, Greater Noida, Uttar Pradesh, India

Abstract-- The migration to wireless network from

wired network has been a global trend in the past few
decades. MANET does not require a fixed network
infrastructure; every single node works as both a
transmitter and a receiver. Nodes communicate
directly with each other when they are both within the
same communication range. Otherwise, they rely on
their neighbors to relay messages. . However, the open
medium and wide distribution of nodes make MANET
vulnerable to malicious attackers. In this case, it is
crucial to develop efficient intrusion-detection
mechanisms to protect MANET from attacks. To
adjust to such trend, we strongly believe that it is vital
to address its potential security issues. In this paper,
we propose and implement a new intrusion-detection
system named Enhanced Adaptive Acknowledgment
(EAACK) specially designed for MANETs. Compared
to contemporary approaches, EAACK demonstrates
higher malicious- behavior-detection rates in certain
circumstances while does not greatly affect the
network performances.
KeywordsEnhanced Adaptive Acknowledgement
(EAACK), Watchdog,Two Acknowledgement(ACK),
Routing Overhead(RO).
I.
INTRODUCTION
Mobile Adhoc Network (MANET) is a collection of
mobile nodes which can communicate with each other
via bidirectional wireless links either directly or
indirectly. One of the major advantages of wireless
networks is its ability to allow data communication
between different parties and still maintain their
mobility. However, this communication is limited to
the range of transmitters. This means that two nodes
cannot communicate with each other when the distance
between the two nodes is beyond the communication
range of their own[1]. MANET is capable of creating a
self-configuring and self-maintaining network without
the help of a centralized the same infrastructure. So
each node in MANET can act as a host or as a router.
Due to wireless medium, dynamically changing
topology and lack of centralized control, attacker can
easily enter into the network, listen or modify the data
being sent and then leave the network. Also all the
routing protocols in MANETs assume that every node
is honest and cooperate in routing the data through
themselves. So if a node claims it can reach another

node by a certain path or distance, the claim is trusted;

similarly, if a node reports a link break, the link will no
longer be used. So due to these fundamental
characteristics of MANETs, they are vulnerable to
various types of attacks[2]. In mobile adhoc networks
(MANET)[3] specific Intrusion Detection Systems
(IDSs) are needed to safeguard them since traditional
intrusion prevention techniques are not sufficient in the
protection of MANET. Intrusions are the activities that
violate the security policy of system. Intrusion
Detection System (IDS) should be added to enhance
the security level of MANETs. If MANET can detect
the attackers as soon as they enter the network, we will
be able to completely eliminate the potential damages
caused by compromised nodes at first time.
II.
EXISTING SYSTEM
Due to the limitations of most MANET routing
protocols, nodes in MANETs assume that other nodes
always cooperate with each other to relay data. This
assumption leaves the attackers with the opportunities
to achieve significant impact on the network with just
one or two compromised nodes. To address this
problem, Intrusion Detection System (IDS) should be
added to enhance the security level of MANETs. If
MANET can detect the attackers as soon as they enter
the network, we will be able to completely eliminate
the potential damages caused by compromised nodes
at first time. IDSs usually act as the second layer in
MANETs[5], and it is a great complement to existing
proactive approaches and presented a very thorough
survey on contemporary IDSs in MANETs. In this
section, we mainly describe the existing approach,
namely, the Watchdog to detect the misbehaving
nodes. Watchdog aims to improve throughput of
network with the presence of malicious nodes. In fact,
the watchdog scheme is consisted of two parts, namely
Watchdog and Pathrater[9]. Watchdog serves as an
intrusion detection system for MANETs. It is
responsible
for
detecting
malicious
nodes
misbehaviours in the network. Watchdog detects
malicious misbehaviours by promiscuously listening to
its next hops transmission. If Watchdog node
overhears that its next node fails to forward the packet
within a certain period of time, it increases its failure
counter. Whenever a nodes failure counter exceeds a
predefined threshold, the Watchdog node reports it as
misbehaving. In this case, the Pathrater cooperates

www.ijsret.org

267

International Journal of Scientific Research Engineering & Technology (IJSRET), ISSN 2278 0882

268

Volume 3 Issue 2, May 2014

with the routing protocols to avoid the reported nodes

in future transmission. Many following researches and
implementations have proved that the Watchdog
scheme to be efficient. Furthermore, compared to some
other schemes, Watchdog is capable of detecting
malicious nodes rather than links. These advantages
have made Watchdog scheme a popular choice in the
field. Many MANET IDSs are either based on or
developed as an improvement to the Watchdog
scheme.

Figure 1.1
III. PROPOSED SYSTEM
My proposed approach is to study in detail of the
TWOACK and AACK designed to tackle one of the
six weaknesses of Watchdog scheme, namely receiver
collisions. In this section, we discuss the weakness in
detail.

An ideal intrusion detection model in MANET should

first have a reliable, distributed, low-overhead,
message collecting, and exchanging mechanism. The
mechanism should also adapt to changes in the
network topology and tolerate message loss. Secondly,
the model should be affordable for low computation
power devices. Third, the model should perform realtime protections since the routing topology may
change very quickly and the attack damage may also
propagate relatively quickly. Finally, the model should
not generate high false positives and negatives with
respect to new routing attacks. Intrusion detection is
defined as the method to identify any set of actions
that attempt to compromise the integrity,
confidentiality, or availability of a resource. Intrusion
detection system (IDS) is a practical approach to
enhance the security of existing networks. Briefly, an
intrusion detection system monitors activity in a
system or network in order to identify, to detect, and
then to isolate current attacks.
There are three main components of IDS:
Collection of data.
Analysis of collected data (Detection).
Response of an alert when a threat is detected
EAACK Proposed Architecture

Figure 2.1
In the receiver collision problem as illustrated in the
figure 1.1 node A can only identify whether node B
has sent the packet to node C, but node A cannot
assure that node C has received it. If a collision occurs
at node C when node B first forwards the packet, node
A can only assume that node B has forwarded the
packet and assumes that node C has successfully
received it. Thus, B could skip retransmitting the
packet and evade detection. In a typical example of
receiver collisions, demonstrated in Fig. 2.2, after node
A sends Packet 1 to node B, it tries to overhear if node
B forwarded this packet to node C; meanwhile, node X
is forwarding packet 2 to node C. In such case, node A
overhears that node B has successfully, forwarded
Packet 1 to node C, but failed to detect that node C did
not receive this packet due to a collision between
Packet 1 and Packet 2 at node C.

ENERGY
CONSTRAINT
BASED IDS

Data
routing in
MANET

Watchdog

EA-ACK
SCHEME

ACK
based

IDS

Routing
overhead

Figure: ACK based Eaack

Figure 2.2
www.ijsret.org

Throug
hput
Analysi
s

International Journal of Scientific Research Engineering & Technology (IJSRET), ISSN 2278 0882
Volume 3 Issue 2, May 2014

Data routing in the MANET

To assume that other nodes always cooperate with
each other to relay data. This assumption leaves the
attackers with the opportunities to achieve significant
impact on the network with just one or two
compromised nodes. To address this problem, IDS
should be added to enhance the security level of
MANETs.
Watchdog
The proposed a scheme named Watchdog that aims to
improve the throughput of network with the presence
of malicious nodes. In fact, the Watchdog scheme is
consisted of two parts, namely, Watchdog and Path
rater. Watchdog serves as IDS for MANETs. It is
responsible for detecting malicious node misbehaviors
in the network. Watchdog detects malicious
misbehaviors by promiscuously listening to its next
hops transmission. If a Watchdog node overhears that
its next node fails to forward the packet within a
certain period of time, it increases its failure counter.
Whenever a nodes failure counter exceeds a
predefined threshold, the Watchdog node reports it as
misbehaving. In this case, the Path rater cooperates
with the routing protocols to avoid the reported nodes
in future transmission.
EA-ACK SCHEME
EA-ACK has always been an integral part of
cryptography in history. Cryptography is the study of
mathematical techniques related to aspects of
information security such as confidentiality, data
integrity, entity authentication, and data origin
authentication.
ACK based
TWOACK proposed is one of the most important
approaches among them. On the contrary to many
other schemes, TWOACK is neither an enhancement
nor watchdog-based scheme. Aiming to resolve the
receiver collision and limited transmission power
problems
of
Watchdog,
TWOACK
detects
misbehaving links by acknowledging every data packet
transmitted.
ENERGY CONSTRAINT BASED IDS
The energy constraint IDS is used to detect the
malicious nodes from the network, for that purpose the
energy level for all nodes are calculated after every
data iteration process. Maximum nodes have an
average energy level in certain range, due to the nature
of vampire nodes have a abnormal energy level like
malicious node energy level is three times more than
the average energy level, by this technique the
malicious nodes can be identified easily.
ROUTING OVERHEAD
The RO defines the ratio of the amount of routingrelated transmissions during the simulation; the source
route broadcasts an RREQ message to all the
neighbors within its communication range. Upon
receiving this RREQ message, each neighbor appends

their addresses to the message and broadcasts this new

message to their neighbors. If any node receives the
same RREQ message more than once, it ignores it. If a
failed node is detected, which generally indicates a
broken link in flat routing protocols like DSR, a RERR
message is sent to the source node. When the RREQ
message arrives to its final destination node, the
destination node initiates an RREP message and sends
this message back to the source node by reversing the
route in the RREQ message.
Throughput Analysis
The throughput is usually measured in bits per second
or data packets per time slot. It can be calculated as
maximum
throughout,
maximum
theoretical
throughput, maximum sustained throughput, peak
throughput, normalized throughput and so on. If a
throughput of interval variable according to our
requirements. In the following code:a specific node has
to be calculated, then we can simply add the node_id
in
the
if
condition.
The code simply prints the observed throughput during
the time interval throughout the simulation time. We
can change the time_packet_size * recv * 8.0 gives the
total number of bits received. Packet size is the size of
packed used in Application layer.diving the value by
1000 gives us the throughput in kbps.
III.
CONCLUSION
Packet-dropping attack has always been a major threat
to the security in MANETs. In this paper, we focused a
novel IDS named EAACK protocol specially designed
for MANETs and compared it against other popular
mechanisms in different scenarios. The results
demonstrated
positive
performances
against
Watchdog, TWOACK, and AACK in the cases of
receiver collision, limited transmission power, and
false misbehavior report. Furthermore, it is an effort to
prevent the attackers from initiating forged
acknowledgment attacks. Although it generates more
ROs in some cases, as demonstrated in our experiment,
it can vastly improve the networks PDR when the
attackers are smart enough to forge acknowledgment
packets. We think that this tradeoff is worthwhile
when network security is the top priority.
REFERENCES
1. S. Sujatha, B. Lakshmi Radhika, A Study On
Enhanced Adaptive Acknowledge (EAACK) Scheme
In Receiver Collisions An IDS In Wireless Mobile
Ad-Hoc Networks The International Journal Of
Engineering And Science (IJES) Volume2, Issue 9,
Pages32-40,2013 ISSN(e): 2319 1813 ISSN(p): 2319
1805,
2. Rajveer Kaur , Dr. Shaveta Rani , Dr. Paramjeet
Singh Review of Acknowledgment Based Techniques
for Detection of Black Hole/Gray Hole Attacks in
MANETs

www.ijsret.org

269

International Journal of Scientific Research Engineering & Technology (IJSRET), ISSN 2278 0882
Volume 3 Issue 2, May 2014

3. Ms Shyama Sudarsan, Mrs Vinodhini, Dr S.Karthik

Enhancing Key Management In Intrusion Detection
System For Manets International Journal of Advanced
Research in Computer Engineering & Technology
(IJARCET) Volume 1, Issue 8, October 2012.
4. Rajesh kumar.G K.R.Valluvan, A Comparative
Study of Secure Intrusion-Detection Systems for
Discovering Malicious Nodes on MANET,
International Journal of Computer Applications (0975
8887) Volume 67 No.18, April 2013
5. K.Chinthanai Chelvan, I.Anbu Muthu, D.Saravanan,
Enhanced Security in Manet Using Eaack To Detect
Malicious Attack , International Journal of Innovative
Research in Computer and Communication
Engineering, Vol.2, Special Issue 1, March 2014
Proceedings of International Conference On Global
Innovations In Computing Technology (ICGICT14)
6. G. Micheal and A.R. Arunachalam, EAACK:
Enhanced Adaptive Acknowledgment for MANET ,
Middle-East Journal of Scientific Research 19 (9):

1205-1208, 2014 ISSN 1990-9233 IDOSI

Publications, 2014,
7. N. Kang, E. Shakshuki, and T. Sheltami,Detecting
misbehaving nodes in MANETs, in Proc. 12th Int.
Conf. iiWAS, Paris, France, Nov.8 10,2010, pp. 216
222
8. R. H Akbani, S. Patel, and D. C. Jinwala, DoS
attacks in mobile ad hoc networks: A survey, in Proc.
2nd Int. Meeting ACCT, Rohtak, Haryana India, 2012,
pp. 535541.
9.A. Tabesh and L. G. Frechette, A low-power standalone adaptive circuitfor harvesting energy from a
piezoelectric micro power generator, IEEE Trans.
Ind. Electron., vol. 57, no. 3, pp. 840849, Mar. 2010.
10. Sureka.N, S. Chandra Sekaran, Securable Routing
and Elimination Of Adversary Attack From Manet,
International Journal of Innovative Research in
Computer and Communication Engineering, Vol.2,
Special Issue 1, March 2014

www.ijsret.org

270