Documente Academic
Documente Profesional
Documente Cultură
By
------------------
(IGNOU Roll# ----------)
Synopsis
Synopsis submitted in partial fulfillment of the requirement of
------------------
In recent years, the use of mobile ad hoc networks (MANETs) has been widespread in many
applications, including some mission critical appli-cations, and as such security has become one
of the major concerns in MANETs. Due to some unique characteristics of MANETs, prevention
methods alone are not suficient to make them secure; therefore, detection should be added as
another defense before an attacker can breach the sys-tem. In general, the intrusion detection
techniques for traditional wireless networks are not well suited for MANETs. In this paper, we
classify the architectures for intrusion detection systems (IDS) that have been intro-duced for
MANETs. Current IDS's corresponding to those architectures are also reviewed and compared.
ii
CONTENTS
CHAPTER TITLE PAGE NO
Abstract………………………………………………………………….i
Acknoledgement………………………………………………………...ii
Contents…………………………………………………………………iii
List of figures…………………………………………………………....iv
Chapter 1 Introduction…………………..……………………………………....1
1.1 Intrusion detection system……...………………………………2
iii
LIST OF FIGURES:
iv
CHAPTER 1
INTRODUCTION
MANET (Mobile Ad hoc network) is an IEEE 802.11 framework which is
a collection of mobile nodes equipped with both a wireless transmitter and receiver
communicating via each other using bidirectional wireless links. This type of peer to peer
system infers that each node or user in the network can act as a data endpoint or intermediate
repeater. Thus, all users work together to improve the reliability of network communications.
MANETs are self-forming, self-maintained and self-healing allowing for extreme network
flexibility, which is often used in critical mission applications like military conflict or
emergency recovery. Minimal configuration and quick deployment make MANET ready to
be used in emergency circumstances.
The open medium and wide distribution of nodes make MANET vulnerable to
malicious attackers. In this case, it is crucial to develop efficient intrusion-detection
mechanisms to protect MANET from attacks. A new intrusion detection system named
Enhanced Adaptive ACKnowledgment (EAACK) and Digital Signature is designed for
MANETs to detect malicious nodes and to prevent advanced attacks. Many IDS are existing
for MANET’s and the three existing approaches are WATCHDOG, TWOACK and Adaptive
ACKnowledgment (AACK). They suffer from the problem that they fail to detect malicious
nodes with the presence of false misbehavior report. Existing schemes are largely depend on
the acknowledgment packets. Hence, the acknowledgment packets should be valid and
authentic. Another drawback is the significant amount of unwanted network overhead. Due
to the limited battery power nature of MANETs, such overhead can easily degrade the life
span of the entire network.
A new and efficient intrusion detection system named EAACK is proposed and implemented
for MANETs. EAACK is designed to tackle three of the six weaknesses of Watchdog
scheme, namely, false misbehavior report, limited transmission power and receiver collision.
Compared to contemporary approaches, EAACK demonstrates higher malicious-behavior-
detection rates in certain circumstances while does not greatly affect the network
performances.
CHAPTER 2
LITERATURE SURVEY
1. Nat. Inst. Std. Technol., Digital Signature Standard (DSS) Federal Information
Processing Standards Publication, Gaithersburg, MD, 2010, Digital Signature
Standard (DSS)
This paper investigated the procedure to use the alerts from may audit sources to
improve the accuracy of the intrusion detection system (IDS). A theoretical model was
designed automatically for the reason about the alerts from the different sensors through
concentrating on the web server attacks. It also provides a better understanding of
possible attacks against their systems for the security operators.
This paper discussed the fraud that is growing remarkably with the growth of
modern technology and the universal superhighways of communication which results in the
loss of billions of dollars throughout the world each year. This technique tends to propose
a new taxonomy and complete review for the different types of fraud and data mining
techniques of fraud detection.
This paper presents a new IDS framework for mobile adhoc network (MANET)
environments based upon the concept of a friend in a small world phenomenon. The two-
tier IDS framework has been designed to overcome longer detection mechanisms and
detection suffering from the potential for blackmail attackers and false accusations with the
help of friend nodes. It is hypothesized that with the introduction of friend nodes, the
impacts of the IDS problems can be minimized. It is noted that the proposed
framework would not be able to work on a diverse MANET environments.
This paper described the design of misuse detection agent which is one of the
different agents in a multiagent-based intrusion detection system. Using a packet sniffer the
agent examines the packets in the network connections and creates a data model based on the
information obtained.
5. Yurong Xu, James Ford and Fillia Makedon―Ad hoc mobile wireless networks
routing protocol—A review,‖ J. Comput. Sci., vol. 3, no. 8, pp. 574–582, 2014
LIMITATIONS :
Most of the research has been carried out on signature based techniques. The more
efforts are required on anomaly detection techniques especially for WLAN.
The exact design consideration for efficient technique for monitoring, detecting and
responding to the various security breaches to the WLAN has not been accounted so
for according to author ‘s knowledge..
Low Rate of False Alarms: The main advantage of misuse detection systems is their
ability to detect known attacks and the relatively low false alarm rate when rules are
correctly defined. It is important to note that, as said above, the signatures which are
used in rules must be as specific as possible to prevent false alarms [47].
Only Known Attacks Detection: The foremost drawback of misuse detection systems
that, contrary to misuse detection systems, they can detect unknown or novel attacks.
They do not rely on any a priori knowledge concerning the intrusions. It is also
important to note that anomaly detection systems have not for main purpose to
replace misuse detection systems. The very good efficiency of misuse systems in
systems.
High Rate of False Alarms: Two factors may lead to a very high rate of false alarms
As discussed before, all nodes in a MANETs are relay the data to communicate with each
node. The range of communication is also depends upon the transmission ability of the
nodes and also the battery power. Due to such limitations the attackers have
significant opportunities to achieve their impact with one or two compromised nodes.
IDS provide a proactive approach to the existing system. It will eliminate the potential
damages caused by compromised nodes and enhance the security level of MANETs.
Fig2: How watchdog works: Although node B intends to transmit a packet to node C, node A could overhear
this transmission
Figure 2 shows how the watchdog works. Assume that node S wants to send a packet to
node D, which there exists a path from S to D through nodes A, B, and C. Consider now that
A has already received a packet from S destined to D. The packet contains a message and
routing information. When A forwards this packet to B, A also keeps a copy of the packet in
its buffer. Then, it promiscuously listens to the transmission of B to make sure that B
forwards to C. If the packet overheard from B (represented by a dashed line) matches that
stored in the bu®er, it means that B really forwards to the next hop (represented as a solid
line). It then removes the packet from the buffer. However, if there's no matched packet after
a certain time, the watchdog increments the failures counter for node B. If this counter
exceeds the threshold, A concludes that B is misbehaving and reports to the source node S.
The Watchdog scheme fails to detect malicious misbehaviors with the presence of the
following:
1) Ambiguous Collisions
2) Receiver Collisions
3) Limited Transmission Power
4) False Misbehavior Report
5) Collusion
6) Partial Dropping.
2. TWOACK
The TWOACK scheme successfully solves the receiver collision and limited
transmission power problems posed by Watchdog. However, the acknowledgment process
required in every packet transmission process added a significant amount of unwanted
network overhead. Due to the limited battery power nature of MANETs, such redundant
transmission process can easily degrade the life span of the entire network
The working process of TWOACK is shown in Fig.3.
S A B C X D
Packet 1
Packet 1
TWOACK
TWOACK
Fig.3: TWOACK Scheme: Each node is required to send back an acknowledgement packet to the
node that is two hops away from it.
CHAPTER 3
PROBLEM DEFINITION
Our proposed approach EAACK is designed to tackle three of the six
weaknesses of Watchdog scheme, namely, false misbehavior, limited transmission
power, and receiver collision. In this section, we discuss these three weaknesses in detail.
In a typical example of receiver collisions, shown in Fig. 5, after node A sends Packet 1 to
node B, it tries to overhear if node B forwarded this packet to node C; meanwhile, node X is
forwarding Packet 2 to node C. In such case, node A overhears that node B has successfully
forwarded Packet 1 to node C but failed to detect that node C did not receive this packet due
to a collision between Packet1 and Packet2 at node C.
In the case of limited transmission power, in order to pre-serve its own battery
resources, node B intentionally limits its transmission power so that it is strong enough to be
overheard by node A but not strong enough to be received by node C, as shown in Fig. 6.
S A B C X D
Packet 1
Overhearing
Packet 1 packet 2
Fig.5: Receiver Collision: both node B and node X re trying to send packet 1 and packet 2 respectively, to node
C at the same time
Fig.6: limited transmission power: node B limits the transmission power so that packet transmission can be
overhead by node A but too weak to reach node C
For false misbehavior report, although node A successfully overheard that node B
forwarded Packet 1 to node C, node A still reported node B as misbehaving, as shown in
Fig.6. Due to the open medium and remote distribution of typical MANETs, attackers can
easily capture and compromise one sor two nodes to achieve this false misbehavior report
attack.
S A B C X D
Packet 1
Overhearing
Fig.7: False Misbehavior Report. Node A sends back misbehavior report even through the node B forward the
packet to node C
As discussed in previous sections, TWOACK and AACK solve two of these three
weaknesses, namely,
Receiver Collision
Limited Transmission Power.
Furthermore, we extend our research to adopt a digital signature scheme during the packet
transmission process.
As in all acknowledgment-based IDSs, it is vital to ensure the integrity and
authenticity of all acknowledgment packets.
CHAPTER 4
Scheme Description
EAACK is consisted of three major parts, namely, ACK, secure ACK (S-ACK), and
misbehavior report authentication (MRA). Fig.8 presents a flowchart describing the
EAACK scheme. All the nodes in the network are bidirectional. Furthermore, for
each communication process, both the source node and the destination node are not
malicious. Unless specified, all acknowledgment packets described in this research are
required to be digitally signed by its sender and verified by its receiver.
Start
Node Activity
Send ACK-Pkt
Fig.8:System control flow: this figure shows the system flow of how the EAACK
scheme works
4.1 ACK
In Fig. 9, in ACK mode, node S first sends out an ACK data packet Pad1 to
the destination node D. If all the intermediate nodes along the route between nodes S and
D are cooperative and node D successfully receives Pad1, node D is required to send back an
ACK acknowledgment packet Pak1 along the same route but in a reverse order. Within a
predefined time period, if node S receives Pak1, then the packet transmission from node S to
node D is successful. Otherwise, node S will switch to S-ACK mode by sending out an S-
ACK data packet to detect the misbehaving nodes in the route.
Fig.9: ACK Scheme: The Destination node is required to send acknowledgment packets to source node when it
receives new packet.
S A B C X D
Pad 1
Pad 1
PSaK1
PSaK1
Fig.10: S-ACK Scheme: node C required sending back an acknowledgement packet to node A
USER REQUIREMENTS
These are the theoretical abnormal state prerequisites, which a framework is required
to perform. This gives the subtle elements of the administrations that the framework is relied
upon to give furthermore specify the imperatives pertinent. These are composed in regular
English proclamations and might incorporate abnormal state graphs.
The requirements that are indirectly dependent on the system are termed as non
functional requirements that are not essential in direct manner. These Non Functional
necessities are concerned about the requirements that are directly not required by the system.
The straight concern is about the storage capacity, dependability and finally the time required
for the execution. It characterizes on the system capacity of the input and in turn the output of
the system used to get the particular application. It consists of noted difference between the
individual requirements and the dependent non functional requirements. There are number of
non functional requirements comes under the system on behalf of the importance to
individual existence.
Security.
Dependability.
FUNCTIONAL REQUIREMENTS
A practical detail does not characterize the internal workings of the proposed framework;
it does exclude the particular how the framework capacity will be executed. Rather, it
concentrates on what different outside operators like individuals utilizing the project, PC
peripherals, or different PCs, may "watch" when interacting with the framework.
Hardware Requirements
Memory Hard Dis : 30 Gigabyte.
Output device : High Resolution Monitor and VGA.
Processor : Processor that supports above 500 Mega Hz.
Input device : Mouse and Standard Keyboard.
Compact Disk : 650 Megabyte.
Primary memory : 256MegaByte.
Software Requirements
Language used : Java.
Front End : Java Swings.
Data Bases : Oracle Sql.
Tools used : Netbeans IDE 7.1.
Operating System : Windows.
CONCLUSION
In this seminar the main focus has been laid on comparative study of EAACK approach
and its limitation with EAACK protocol using ECDSA. Here we have study the behaviour of
EAACK technique. The algorithm is designed to resolve the weakness of Watchdog when it fails
to detect misbehaving nodes with the presence of false misbehaviour report and to authenticate
whether the destination node has received the reported missing packet through a different route
and to achieve this we have to focus on the comparative study of ACK, SACK & MRA scheme.
To extend the deserves of our analysis work, we plan to Investigate the subsequent problems in
our future research:
1) Potentialities of adopting hybrid cryptography techniques to additional cut back the network
overhead caused by digital signature;
2) examine the chances of adopting a key exchange mechanism to eliminate the necessity of
redistributed keys;
3) Testing the performance of EAACK in real network environment rather than software code
simulation.
BIBLIOGRAPHY
[1] IG Gowthaman &2G Komarasamy , “A Study On Secured Intrusion Detection System For
MANETS” IEEE 2015
[2] T. Anantvalee and J. Wu, "A Survey on Intrusion Detection in Mobile Ad Hoc Networks,"
in Wireless/Mobile Security, 2008.
[3] S. Marti, T. J. Giuli, K. Lai, and M. Baker, "Mitigating routing misbehavior in mobile ad
hoc networks," in Proc. 6th Annu. Int. Conf. Mobile Comput. Netw., Boston, MA, pp. 255–
265, 2000.
[5] D. Johnson and D. Maltz, "Dynamic Source Routing in ad hoc wireless networks," in
Mobile Computing, ch. 5, pp. 153–181, 1996.
[6] Ashok M. Kanthe, Dina Simunic and Ramjee Prasad, "Comparison of AODV and DSR On-
Demand Routing Protocols in Mobile Ad hoc Networks," in Emerging Technology Trends in
Electronics, Communication and Networking, 2012.
[8]R. Rivest, A. Shamir, and L. Adleman, "A method for obtaining digital signatures and public-
key cryptosystems," Commun. ACM, vol. 21, no. 2, pp. 120–126, Feb. 1983.
[9] G. Jayakumar and G. Gopinath, ―Ad hoc mobile wireless networks routing protocol—A
review,‖ J. Comput. Sci., vol. 3, no. 8, pp. 574–582, 2007.
[11] A. Patwardhan, J. Parker, A. Joshi, M. Iorga, and T. Karygiannis, ―Secure routing and
intrusion detection in ad hoc networks,‖ in Proc. 3rd Int. Conf. Pervasive Comput. Commun.,
2005, pp. 191–199.
[12] M. Zapata and N. Asokan, ―Securing ad hoc routing protocols,‖ in Proc. ACM Workshop
Wireless Secur., 2002, pp. 1–10.
[13] Nat. Inst. Std. Technol., Digital Signature Standard (DSS) Federal Information Processing
Standards Publication, Gaithersburg, MD, 2009, Digital Signature Standard (DSS)