Your SlideShare is downloading. ×
eaack-a secure ids for manet
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

eaack-a secure ids for manet


Published on

Published in: Technology

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. 11/06/13 Dept. of ECE 1
  • 2. EAACK—A Secure IntrusionDetection System for MANETs 11/06/13 Dept. of ECE 2
  • 3. Contents     Introduction What is MANET???? Need For IDS???? IDS 1. 2. 3. Watch dog TWOACK AACK  EAACK  Performance Evaluation  Simulation configuration  Advantages  Future enhancement  Conclusion  Reference 11/06/13 Dept. of ECE 3
  • 4. Introduction MANET -Mobile Ad hoc NETworks IDS -Intrusion Detection Systems EAACK-Enhanced Adaptive ACKnowledgement 11/06/13 Dept. of ECE 4
  • 5. Mobile Ad hoc NETworks Wireless network Ad hoc = “for this PURPOSE” Used to exchange information NODES = transmitter + receiver  Nodes may be mobile Each node is willing to forward data to other nodes Communcation can be direct or indirect Nodes communicates directly within their ranges Otherwise rely on neighbours (indirectly) 11/06/13 Dept. of ECE 5
  • 6. Continuation.....  Properties of MANETs No fixed infrastructure Self configuring ability Dynamic topology Decentralized network 11/06/13 Dept. of ECE 6
  • 7. Continuation….  Routes between nodes may contain multiple hops Nodes act as routers to forward packets for each other Node mobility may cause the routes change B A A B C C D D 11/06/13 Dept. of ECE 7
  • 8. Continuation…. Application of MANETS Military application ◦ Combat regiment in the field ◦ Perhaps 4000-8000 objects in constant unpredictable motion. ◦ Intercommunication of forces ◦ Proximity, plan of battle Sensor networks Automotive networks Industrial application 11/06/13 Dept. of ECE 8
  • 9. MANET vulnerable to malicious attackers o Open medium o Wide distribution of nodes Routing protocols assumes nodes are always cooperative Nodes are not physically protected 11/06/13 Dept. of ECE 9
  • 10. IDS  Intrusion Detection System  Detect and report the malicious activity in ad hoc networks  Researchers have proposed a number of collaborative IDS system 1. Watch dog 2. TWOACK 3. AACK 11/06/13 Dept. of ECE 10
  • 11. Watch dog 11/06/13 Dept. of ECE 11
  • 12. Ambiguous collision 11/06/13 Dept. of ECE 12
  • 13. Receiver collision 11/06/13 Dept. of ECE 13
  • 14. Limited transmission power 11/06/13 Dept. of ECE 14
  • 15. False misbehaviour report 11/06/13 Dept. of ECE 15
  • 16. TWOACK 11/06/13 Dept. of ECE 16
  • 17. Continuation....  Acknowledgment-based  Neither network layer scheme an enhancement or watch dog based scheme  Acknowledge every data packet transmitted over every three consecutive nodes  On receiving a packet , each node is required to send back an acknowledgment packet to the node that is two hops away from it.  Solves receiver collision and limited transmission power problem  Network 11/06/13 overhead is present Dept. of ECE 17
  • 18. AACK Adaptive ACKnowledgement Acknowledgment-based network layer scheme Reduce network overhead Combination of TACK (similar to TWOACK) and ACK ACK-End to end acknowledgment scheme 11/06/13 Dept. of ECE 18
  • 19. •ACK •S will switch to TACK scheme if it doesn’t get any ACK packet within predefined time 11/06/13 Dept. of ECE 19
  • 20. The need of new IDS??? Both TWOACK and AACK fails in 1. False misbehaviour report 2. Forged acknowledgement packet 11/06/13 Dept. of ECE 20
  • 21. EAACK Enhanced Adaptive ACKnowledgement Efficient and secure intrusion detection system for MANETs Higher malicious behaviour detection rates with minimal effect on network performance EAACK mechanism can be divided to three schemes 1. ACK(end to end acknowledgement scheme) 2. S-ACK(Secure ACK) 3. MRA(Misbehaviour Report Authentication) 11/06/13 Dept. of ECE 21
  • 22. 1. ACK End-to-end acknowledgment scheme Brings extremely low network overhead To preserve the life cycle of battery  Low network overhead  Lom memory consumption 11/06/13 Dept. of ECE 22
  • 23. ACK scheme 11/06/13 Dept. of ECE 23
  • 24. 2.S-ACK Secure ACK Extension of TWOACK with digital signature Switch from ACK if S does not receive any acknowledgement packet Detect misbehaving nodes by sending SACK packet Every three consecutive nodes work in a group to detect misbehaving nodes 11/06/13 Dept. of ECE 24
  • 25. S-ACK scheme Who is malicious?? F1,F2 OR F3??? 11/06/13 Dept. of ECE 25
  • 26. NONE IS MALICIOUS .............. Route is F1 F2 F3 F1 sends S-ACK data packet to F3 via the route F2 F3 Before sending F1 store # value of data packet and sending time F2 receives packet from F1 and forward to F3 F3 receives the data packet and send S-ACK acknowledgement ◦ Contain # value and digital signature of F3 11/06/13 Dept. of ECE 26
  • 27. This S-ACKnowledgement is send back to the reverse route F1 receives it and verify digital signature by computing with F3 public key. If there is no malicious nodes ,then the received hash value ==original hash value 11/06/13 Dept. of ECE 27
  • 28. F1 IS MALICIOUS •False misbehaviour attack •In EAACK,it initiates MRA scheme. 11/06/13 Dept. of ECE 28
  • 29. F2 IS MALICIOUS •Digital signature of F3 is needed •Prevent forged acknowledgement 11/06/13 Dept. of ECE 29
  • 30. F3 IS MALICIOUS •If F3 refuses to send back acknowledgement packets, it will be marked as malicious 11/06/13 Dept. of ECE 30
  • 31. 3.MRA  Misbehaviour Report Authentication  Designed to resolve the false misbehaviour report attack  Such attack can break the entire network  Basic idea - Authenticate whether the destination node has received the reported missing packet  Alternate route is needed  MRA packet is send via this alternate route  MRA packet contains the ID of the packet that has been reported dropped  Destination node search if there is a match 11/06/13 Dept. of ECE 31
  • 32. Continuation... If there is match,the report is fake and node ,whoever sends it, is marked as malicious If there is no match,the report is trusted. 11/06/13 Dept. of ECE 32
  • 33. EAACK SCHEME 11/06/13 Dept. of ECE 33
  • 34. Performance Evaluation Packet delivery ratio (PDR): Ratio of the number of packets received by the destination node to the number of packets sent by the source node. Routing overhead (RO): RO defines the ratio of the amount of routingrelated transmissions. 11/06/13 Dept. of ECE 34
  • 35. Simulation configuration Scenario 1: Malicious nodes drop all the packets that pass through it. Scenario 2: Set all malicious nodes to send out false misbehavior report to the source node whenever it is possible Scenario 3: Provide the malicious nodes the ability to forge acknowledgment packets. 11/06/13 Dept. of ECE 35
  • 36. 11/06/13 Dept. of ECE 36
  • 37. ADVANTAGES Solves limited transmission power and receiver collision problem. Capable of detecting misbehaviour attack Ensure authentication and packet integrity Digital signatures prevents the attack of forge acknowledgement packets 11/06/13 Dept. of ECE 37
  • 38. FUTURE ENHANCEMENT Possibilities of adopting hybrid cryptography techniques to further reduce the network overhead caused by digital signature. Examine the possibilities of adopting a key exchange mechanism to eliminate the requirement of predistributed keys. Testing the performance of EAACK in real network environment.  11/06/13 Dept. of ECE 38
  • 39. Conclusion EAACK makes MANETs more secure The major threats like false mis behaviour report and forge acknowledgement can be detected by using this scheme. 11/06/13 Dept. of ECE 39
  • 40. REFERENCE  EAACK—A Secure Intrusion-Detection System for MANETs by Elhadi M. Shakshuki, Senior Member, IEEE, Nan Kang, and Tarek R. Sheltami, Member, IEEE  Detecting Misbehaving Nodes in Mobile Ad hoc Networks by Nan Kang 11/06/13 Dept. of ECE 40
  • 41. 11/06/13 Dept. of ECE 41
  • 42. 11/06/13 Dept. of ECE 42