eaack-a secure ids for manet

  • 5,130 views
Uploaded on

 

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
  • plz upload these project modules
    Are you sure you want to
    Your message goes here
  • plz upload these project modules here
    Are you sure you want to
    Your message goes here
  • plz upload ur project documentation report
    Are you sure you want to
    Your message goes here
  • i need uml diagrams for these....plz post it
    Are you sure you want to
    Your message goes here
  • am balakumar from chennai, can u plz upload ur project documentation report... i need it for reference... plz post ASAP! thx in advance...
    Are you sure you want to
    Your message goes here
No Downloads

Views

Total Views
5,130
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
678
Comments
6
Likes
11

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. 11/06/13 Dept. of ECE 1
  • 2. EAACK—A Secure IntrusionDetection System for MANETs 11/06/13 Dept. of ECE 2
  • 3. Contents     Introduction What is MANET???? Need For IDS???? IDS 1. 2. 3. Watch dog TWOACK AACK  EAACK  Performance Evaluation  Simulation configuration  Advantages  Future enhancement  Conclusion  Reference 11/06/13 Dept. of ECE 3
  • 4. Introduction MANET -Mobile Ad hoc NETworks IDS -Intrusion Detection Systems EAACK-Enhanced Adaptive ACKnowledgement 11/06/13 Dept. of ECE 4
  • 5. Mobile Ad hoc NETworks Wireless network Ad hoc = “for this PURPOSE” Used to exchange information NODES = transmitter + receiver  Nodes may be mobile Each node is willing to forward data to other nodes Communcation can be direct or indirect Nodes communicates directly within their ranges Otherwise rely on neighbours (indirectly) 11/06/13 Dept. of ECE 5
  • 6. Continuation.....  Properties of MANETs No fixed infrastructure Self configuring ability Dynamic topology Decentralized network 11/06/13 Dept. of ECE 6
  • 7. Continuation….  Routes between nodes may contain multiple hops Nodes act as routers to forward packets for each other Node mobility may cause the routes change B A A B C C D D 11/06/13 Dept. of ECE 7
  • 8. Continuation…. Application of MANETS Military application ◦ Combat regiment in the field ◦ Perhaps 4000-8000 objects in constant unpredictable motion. ◦ Intercommunication of forces ◦ Proximity, plan of battle Sensor networks Automotive networks Industrial application 11/06/13 Dept. of ECE 8
  • 9. MANET vulnerable to malicious attackers o Open medium o Wide distribution of nodes Routing protocols assumes nodes are always cooperative Nodes are not physically protected 11/06/13 Dept. of ECE 9
  • 10. IDS  Intrusion Detection System  Detect and report the malicious activity in ad hoc networks  Researchers have proposed a number of collaborative IDS system 1. Watch dog 2. TWOACK 3. AACK 11/06/13 Dept. of ECE 10
  • 11. Watch dog 11/06/13 Dept. of ECE 11
  • 12. Ambiguous collision 11/06/13 Dept. of ECE 12
  • 13. Receiver collision 11/06/13 Dept. of ECE 13
  • 14. Limited transmission power 11/06/13 Dept. of ECE 14
  • 15. False misbehaviour report 11/06/13 Dept. of ECE 15
  • 16. TWOACK 11/06/13 Dept. of ECE 16
  • 17. Continuation....  Acknowledgment-based  Neither network layer scheme an enhancement or watch dog based scheme  Acknowledge every data packet transmitted over every three consecutive nodes  On receiving a packet , each node is required to send back an acknowledgment packet to the node that is two hops away from it.  Solves receiver collision and limited transmission power problem  Network 11/06/13 overhead is present Dept. of ECE 17
  • 18. AACK Adaptive ACKnowledgement Acknowledgment-based network layer scheme Reduce network overhead Combination of TACK (similar to TWOACK) and ACK ACK-End to end acknowledgment scheme 11/06/13 Dept. of ECE 18
  • 19. •ACK •S will switch to TACK scheme if it doesn’t get any ACK packet within predefined time 11/06/13 Dept. of ECE 19
  • 20. The need of new IDS??? Both TWOACK and AACK fails in 1. False misbehaviour report 2. Forged acknowledgement packet 11/06/13 Dept. of ECE 20
  • 21. EAACK Enhanced Adaptive ACKnowledgement Efficient and secure intrusion detection system for MANETs Higher malicious behaviour detection rates with minimal effect on network performance EAACK mechanism can be divided to three schemes 1. ACK(end to end acknowledgement scheme) 2. S-ACK(Secure ACK) 3. MRA(Misbehaviour Report Authentication) 11/06/13 Dept. of ECE 21
  • 22. 1. ACK End-to-end acknowledgment scheme Brings extremely low network overhead To preserve the life cycle of battery  Low network overhead  Lom memory consumption 11/06/13 Dept. of ECE 22
  • 23. ACK scheme 11/06/13 Dept. of ECE 23
  • 24. 2.S-ACK Secure ACK Extension of TWOACK with digital signature Switch from ACK if S does not receive any acknowledgement packet Detect misbehaving nodes by sending SACK packet Every three consecutive nodes work in a group to detect misbehaving nodes 11/06/13 Dept. of ECE 24
  • 25. S-ACK scheme Who is malicious?? F1,F2 OR F3??? 11/06/13 Dept. of ECE 25
  • 26. NONE IS MALICIOUS .............. Route is F1 F2 F3 F1 sends S-ACK data packet to F3 via the route F2 F3 Before sending F1 store # value of data packet and sending time F2 receives packet from F1 and forward to F3 F3 receives the data packet and send S-ACK acknowledgement ◦ Contain # value and digital signature of F3 11/06/13 Dept. of ECE 26
  • 27. This S-ACKnowledgement is send back to the reverse route F1 receives it and verify digital signature by computing with F3 public key. If there is no malicious nodes ,then the received hash value ==original hash value 11/06/13 Dept. of ECE 27
  • 28. F1 IS MALICIOUS •False misbehaviour attack •In EAACK,it initiates MRA scheme. 11/06/13 Dept. of ECE 28
  • 29. F2 IS MALICIOUS •Digital signature of F3 is needed •Prevent forged acknowledgement 11/06/13 Dept. of ECE 29
  • 30. F3 IS MALICIOUS •If F3 refuses to send back acknowledgement packets, it will be marked as malicious 11/06/13 Dept. of ECE 30
  • 31. 3.MRA  Misbehaviour Report Authentication  Designed to resolve the false misbehaviour report attack  Such attack can break the entire network  Basic idea - Authenticate whether the destination node has received the reported missing packet  Alternate route is needed  MRA packet is send via this alternate route  MRA packet contains the ID of the packet that has been reported dropped  Destination node search if there is a match 11/06/13 Dept. of ECE 31
  • 32. Continuation... If there is match,the report is fake and node ,whoever sends it, is marked as malicious If there is no match,the report is trusted. 11/06/13 Dept. of ECE 32
  • 33. EAACK SCHEME 11/06/13 Dept. of ECE 33
  • 34. Performance Evaluation Packet delivery ratio (PDR): Ratio of the number of packets received by the destination node to the number of packets sent by the source node. Routing overhead (RO): RO defines the ratio of the amount of routingrelated transmissions. 11/06/13 Dept. of ECE 34
  • 35. Simulation configuration Scenario 1: Malicious nodes drop all the packets that pass through it. Scenario 2: Set all malicious nodes to send out false misbehavior report to the source node whenever it is possible Scenario 3: Provide the malicious nodes the ability to forge acknowledgment packets. 11/06/13 Dept. of ECE 35
  • 36. 11/06/13 Dept. of ECE 36
  • 37. ADVANTAGES Solves limited transmission power and receiver collision problem. Capable of detecting misbehaviour attack Ensure authentication and packet integrity Digital signatures prevents the attack of forge acknowledgement packets 11/06/13 Dept. of ECE 37
  • 38. FUTURE ENHANCEMENT Possibilities of adopting hybrid cryptography techniques to further reduce the network overhead caused by digital signature. Examine the possibilities of adopting a key exchange mechanism to eliminate the requirement of predistributed keys. Testing the performance of EAACK in real network environment.  11/06/13 Dept. of ECE 38
  • 39. Conclusion EAACK makes MANETs more secure The major threats like false mis behaviour report and forge acknowledgement can be detected by using this scheme. 11/06/13 Dept. of ECE 39
  • 40. REFERENCE  EAACK—A Secure Intrusion-Detection System for MANETs by Elhadi M. Shakshuki, Senior Member, IEEE, Nan Kang, and Tarek R. Sheltami, Member, IEEE  Detecting Misbehaving Nodes in Mobile Ad hoc Networks by Nan Kang 11/06/13 Dept. of ECE 40
  • 41. 11/06/13 Dept. of ECE 41
  • 42. 11/06/13 Dept. of ECE 42