Documente Academic
Documente Profesional
Documente Cultură
Overview
Introduction to MANETs Fundamental working of AODV Types of possible attacks in AODV About Flood attack Motivation to prevent Flood attack Algorithm for Neighbor Defense Technique to Mitigate Flood (NDT) Flow chart for NDT Current working status Future work
Attack
3/31/12
2 2
Characteristics Operating without a central coordinator Multi-hop radio relaying Frequent link breakage due to mobile nodes Constraint resources (bandwidth, computing power) Instant deployment Challenges of Manets Routing Security and Reliability Quality of Service (QoS) Inter-networking Power Consumption Location-aided Routing
3/31/12
3 3
Finds a route on demand Flooding the network with Route Request packets Maintains fresh lists of destinations and their routes Periodically distribute routing tables Combines the advantages of proactive and of reactive routing Initially established with some proactively prospected routes Then serves the demand from additionally activated nodes through
reactive flooding
3/31/12
4 4
2.
3/31/12
5 5
Merits Does not need any central administrative system Reduce the control traffic messages overhead Reacts relatively fast to the topological changes Saves storage place as well as energy Demerits Can gather only a very limited amount of routing information A long path is more vulnerable to link breakages and requires high control overhead Has no security measures built in Vulnerable to various kinds of attacks Two main types of uncooperative nodes: malicious and selfish
3/31/12
6 6
Sending fake messages several times Fake routing information Advertising fake links to disrupt routing operations
Blackhole attack Flooding attack Link spoofing attack Wormhole attack Colluding misrelay
attack A Review of Current Routing Attacks in Mobile Ad Hoc Networks -Rashid Hafeez Khokhar, Md Asri Ngadi and Satria Mandala
3/31/12 7 7
The attacker selects many IP addresses which are not in No node can answer RREP packets for these RREQ The attacker successively originates mass RREQ
the networks
All the nodes in an ad hoc network are categorized as friends, A trust estimator -- a function of various parameters friends (most trusted), acquaintances (trusted) and strangers Xrs, Xra, Xrf be the RREQ flooding threshold for a stranger, Yrs, Yra, Yrf be the DATA flooding threshold for a stranger,
acquaintances or strangers
(not trusted)
acquaintance and friend node respectively, Xrf > Xra > Xrs
acquaintance and friend node respectively then Yrf > Yra > Yrs
3/31/12
9 9
The attacker node-1 and node-8 They flood the RREQ messages at particular time interval Their neighbor nodes dont know the route to that destination so Attacker constantly inject false Due to false generation, attacker
rebroadcast RREQ
can introduce a new DOS attack to exhaust the communication bandwidth and node resource so that the valid communication cannot be kept
3/31/12 10 10
AODV is very conservative about sending RREQ packet in network After sending request packet there is some waiting time for RREP to There is RREQ_RETRIES = 3 for network wide search - after Malicious node will misuse all these properties and flood its own If attacker is out of control it will flood the entire network and Only very reliable method is - not to rebroadcast this fake RREQ by
neighbor.
3/31/12
11 11
RREQ_count table will keep track of number of request come from each neighbor in particular interval.
RREQentry 5 1 TimeStamp 0.34566 0.55346
3/31/12
12 12
FloodTimer
In order to inject FAKE Request packet by malicious node in the MANETs, used flood timer which is continuously send the request as value 0.009 sec
CacheTimer
In order to check Request table entry for the expire time as well as count for the request to check whether to exceed peak or not as the value 0.002
3/31/12
13 13
The Algorithm: if(CacheTimer out) then Erase RREQ_Count table entries if(RREQester is in broodyList) then Drop the packet if ((RREQester is neighbor) && (there is no entry in RREQ_Count table)) then Add the RREQentry for this RREQ in RREQ_Count table if(RREQentry >PickValue) then Put the RREQester in broodyList!
3/31/12 14 14
Flow chart for NDT(While adding entry in table for receive packet)
Stop processing packet In Receive Request process
yes
RREQ_count table
No
Yes
Yes
No
No
3/31/12
Add the entry of requester in the RREQ_count list and increment the count value of request
15 15
Yes Request count table Check the Request count entrys expiry time Yes Flush the entry of the request count table
No
Yes
Proceed further
3/31/12
16 16
synchronize with each other according to MANETs nature Current working status and application . 1. Implemented flood attack
2.
Tested the proposed algorithm(NDT) for small network 4-nodes and 1-node as malicious node .tcl 25-nodes with 1 malicious node and 3 malicious nodes .tcl Reading taken with attack and without attack .awk and .sh
3/31/12 17 17
3.
4.
5.
Simulation Setup
No. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 Simulation Parameter Parameter Parameter Value Simulator NS-2.33 Simulation Area 1000m X 1000m MAC Protocol IEEE 802.11 Mobile Nodes 25 Antenna Type Omni antenna Propagation Model Two Ray Ground Number of Connections 5 Packet Size Routing Protocols Data Traffic Simulation Time Number of Malicious Node Pausetime Flood Interval Cache Interval Peak Value Entry Expiry time 512 byte AODV CBR (UDP) 100 Sec 1,3 0,5,10,15,20 ms 0.009 sec 0.002 sec 7(no of request) CURRENT_TIME + 0.05
3/31/12
18 18
Simulation Setup - 25 nodes with 1 malicious node and 5 connections 10 Different scenarios with pause time 0, 5, 10, 15 and 20 ms
12 10 8 6 4 2 0 12 10 8 6 4 2 0
12 12 10 8 6 4 2 0 10 8 6 4 2
3/31/12
Result_with1_5_25.xls
19 19
Simulation Setup - 25 nodes with 3 malicious nodes and 5 connections 10 Different scenarios with pause time 0, 5, 10, 15 and 20 ms
12 10 8 6 4 2 0 12 12 10 8 6 4 2 0 10 8 6 4 2 12 10 8 6 4 2 0
3/31/12
Result_with3_5_25.xls
20 20
Result_without_5_25.xls 3/31/12
21 21
Further Improvements
In order to give complete isolation Broody list should be broadcast by defense node as early as possible(Raising alarm technique). Packet should be queue for some time in order to prevent early flow by attacker.(Before detection with early flow detection method) QoS (quality of services)
Future work
Still require to simulate NDT for more number of nodes and different number of malicious nodes Will add RREP and RERR flooding attack Will prevent RREP and RERR flooding
3/31/12
22 22
Advantage of NDT
1.
The attack is defended by very neighbour of attacker The list and cache is only maintained by neighbour of attacker for only some periodic time, after the cache timer out record will be flush.
2.
Node will not be isolated completely from network Disadvantage of NDT after detection, perhaps it will still be part of the
3. 1.
4.
According to Peak_valuecooperation maintain by network and can do some of network each furthersloppy attack stillcan possible if attacker No node, impersonation be be made as the has chosenmaintains the list malicious node with neighbour flooding interval little bit large but effective. neighbour list. help of its
2.
ns-2.33/aodv/aodv.cc ns-2.33/aodv/aodv.h Changed .tcl file Generated different scenario files for different pause time
3/31/12
24 24
References
1.
2.
3.
4.
5.
C. Perkins, E. Belding-Royer, S. Das, RFC3561 of ad hoc on-demand distance vector (aodv) routing University of Cincinnati, July 2003 A Review of Current Routing Attacks in Mobile Ad Hoc Networks -- Rashid Hafeez Khokhar, Md Asri Ngadi and Satria Mandala from International Journal of Computer Science and Security, volume (2) issue (3) A New Routing Attack in Mobile Ad Hoc Networks -Ping Yi, Zhoulin Dai, Shiyong Zhang, Yiping Zhong, Department of Computing and Information Technology, Fudan University, Shanghai, China, International Journal of Information Technology Vol. 11 No. 2 Performance Analysis of Flooding Attack Prevention Algorithm in MANETs -- Revathi Venkataraman, M. Pushpalatha, and T. Rama Rao from World Academy of Science, Engineering and Technology, 56, 2009 3/31/12 http://elmurod.net/?p=196 Adding Malicious Node to
25 25
3/31/12
26 26