50120140504011
Upcoming SlideShare
Loading in...5
×
 

50120140504011

on

  • 143 views

 

Statistics

Views

Total Views
143
Views on SlideShare
143
Embed Views
0

Actions

Likes
0
Downloads
1
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

50120140504011 50120140504011 Document Transcript

  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 5, Issue 4, April (2014), pp. 95-104 © IAEME 95 PREVENTION OF PACKET DROPPING ATTACK BY SELFISH NODES IN MANET Suganya P1 , Rekka G2 1, 2 (Department of Electronics and Communication, Dr. S.J.S. Paul Memorial College of Engineering & and Technology / Pondicherry University, Pondicherry, India) ABSTRACT A Mobile Ad-Hoc Network (MANET) is a set of mobile nodes which communicate with each other via wireless links either directly or relying on other nodes. The dependency on this decentralized and distributed network allows an adversary to destroy the cooperative algorithms used in ad hoc networks. Nodes may misbehave either because they are malicious and deliberately wish to disrupt the network, or because they are selfish and wish to conserve their own limited resources such as power, or for other reasons. In this paper, we proposed a new mechanism which detects and prevents the selfish nodes that exhibit packet dropping attack. Packet dropping means that the intermediate nodes may act as selfish nodes at some finite time and doesn’t forward the packets to its neighbouring nodes in order to conserve its resources. The proposed system works, based on Principle of Flow of Conservation (PFC) and Local Forward Percentage (LFP) metrics. Keywords: AODV, MANET, Node Misbehaviour, Packet Dropping, Selfish Nodes. 1. INTRODUCTION MANET is a self-organizing adhoc network which combines wireless communication with a high degree of mobility. In case of multi-hop transmission, each node acts as a router and this cause high dependency on the intermediate nodes for successful data transmission. A variety of protocols have been developed for maintaining the route information however, these routing protocols works on the cooperativeness of the intermediate nodes. An intruder can exploit the cooperation of the nodes which makes the network vulnerable. In this paper, we propose a new protocol by which the partial packet dropping attack is detected and prevented in further data transmission. We have modified the existing AODV routing protocol such that it calculates the LFP of all the intermediate nodes involved in data transmission and suppress the RREP if the measured LFP is below the threshold value. INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING & TECHNOLOGY (IJCET) ISSN 0976 – 6367(Print) ISSN 0976 – 6375(Online) Volume 5, Issue 4, April (2014), pp. 95-104 © IAEME: www.iaeme.com/ijcet.asp Journal Impact Factor (2014): 8.5328 (Calculated by GISI) www.jifactor.com IJCET © I A E M E
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 5, Issue 4, April (2014), pp. 95-104 © IAEME 96 2. ADHOC ON DEMAND DISTANCE VECTOR The AODV routing protocol is a reactive routing protocol that enables multi-hop routing between participating mobile nodes in an ad hoc network. AODV uses the traditional routing table to maintain routing information. The routing table is used to determine the next hop for each packet locally at each intermediate node. AODV has three types of messages: • Route Requests (RREQs): To find the route to the destination, the source node generates a RREQ and broadcasts it to its neighbours. • Route Replies (RREPs): When the destination receives the RREQ packet it prepares a route reply packet (RREP) to the source and unicast it to the source node. All the intermediate nodes which receives the RREQ packet caches a route back to source node. • Route Errors (RERRs): A RERR message is used to notify other nodes when a link break in an active route is detected. Fig.1: Route Discovery Process in AODV Fig.1 depicts the route discovery process of AODV. When a node wants to communicate with another node in the network and does not have a fresh route to that destination, it starts the route discovery process by broadcasting an RREQ message for the destination node into the network. Intermediate nodes that receive this request either send an RREP to the source node if they have a fresh route to the destination node or forward the RREQ message to other nodes. A fresh route is a valid route entry whose sequence number is equal to or greater than that contained in the RREQ message. If the request packet has been forwarded by this intermediate node before, it is silently dropped. When the destination node receives an RREQ for itself, it sends back an RREP message on the reverse route. The requesting node and the nodes receiving RREP messages on the route update their routing tables with the new route[1]. 3. RELATED WORK This section details about the various approaches, namely, Watchdog[2], TWOACK[3], Adaptive Acknowledgment (AACK)[4] and EAACK[5] (Enhanced Adaptive ACK) to detect the misbehaving actions of the nodes in mobile network. 3.1 Watchdog Marti et al.[2] proposed Watchdog scheme that aims to improve the throughput of the network in the presence of malicious nodes. This scheme works in two phases: Watchdog and
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 5, Issue 4, April (2014), pp. 95-104 © IAEME 97 Pathrater. Watchdog is responsible for detecting malicious node misbehaviours in the network. Watchdog node overhears the next node activity and reports it as malicious if it fails to forward the packet within a certain period of time. Pathrater cooperates with the routing protocols to avoid the reported nodes in future transmission. The Watchdog scheme fails to detect malicious misbehaviours with the presence of the following: 1) ambiguous collisions; 2) receiver collisions; 3) limited transmission power; 4) false misbehaviour report; 5) collusion; and 6) partial dropping. 3.2 Two ACK TWOACK proposed by Liu et al. [3] aims to resolve the receiver collision and limited transmission power problems of Watchdog. It detects the misbehaving links by acknowledging every data packet transmitted over every three consecutive nodes along the path from source to destination. Upon retrieval of a packet, each node along the route is required to send back an ACK packet to the node that is two hops away from it down the route. Fig.2: TWO ACK Scheme 3.3 Adaptive ACK (AACK) Based on TWOACK, Sheltami et al. [4] proposed a new scheme called AACK. This works in the combination TWOACK and ACKnowledgement (ACK). Fig.3: ACK Scheme In the ACK scheme shown in Fig.3, Source node S sends out Packet 1. When the destination node D receives Packet 1, it sends an ACK packet to the source node in the reverse order of the same route. Within a predefined time period, if the source node receives the ACK packet, then the packet transmission from node S to node D is successful. Otherwise, the source node S will switch to TWOACK scheme by sending out a TWOACK packet. 3.4 Enhanced Adaptive ACK (EAACK) EAACK is designed to tackle the false misbehaviour, limited transmission power and receiver collision problems of Watchdog scheme. It works in three modes: • ACK: ACK is basically an end-to-end acknowledgment scheme reduces the network overhead when no network misbehavior is detected. View slide
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 5, Issue 4, April (2014), pp. 95-104 © IAEME 98 • S-ACK: S-ACK mode is similar to TWOACK scheme. It detects the misbehaving links in the presence of receiver collision or limited transmission power. • MRA: The false misbehaviour report is generated by malicious attackers to falsely report the innocent nodes as malicious. The core of MRA scheme is to authenticate whether the destination node has received the reported missing packet. 4. PROBLEM STATEMENT The above mentioned acknowledgement based schemes resolves the Ambiguous collisions, Receiver collisions, Limited transmission power and false misbehaviour reportmisbehaviors of the mobile nodes. But they fail to resolve the Packet dropping attack which is always been a major threat to security in MANETs. In the proposed system, the misbehaving nodes that drop the packets instead of forwarding it to the next intermediate node are identified. The routing protocol employed in the existing system is Dynamic Source Routing (DSR). Since DSR stores its routing information is stored in its header it might causes network overhead. This makes the protocol works inefficient in case of high mobility network. To handle his scenario we have implemented AODV routing protocol in the proposed system. This will be more efficient in high mobility network where the routing information is stored in the routing table. 5. SCHEME DESCRIPTION The proposed scheme efficiently prevents the packet dropping attack. It works based on the PFC (Principle of Flow of Conservation) scheme which calculates the Local Forward Percentage (LFP) of each routing path in the Mobile Ad hoc Network. The path that has LPF below threshold is considered as malicious routing path. These malicious paths will be discarded in further data transmission. 5.1 Principle of Flow of Conservation The following equation states the principle of flow of conservation principle in an ideal static network [6]: ෍ ܴ௜௝ሺ‫ݐ‬ଵሻ ൌ ௩೔‫א‬௎ೕ ෍ ܶ௜௝ሺ‫ݐ‬ଵሻ ሺ1ሻ ௩೔‫א‬௎ೕ • Let vj be a node such that vj‫א‬ V, where V = {v1, v2, v3 … vN} is the set of all nodes in the network, N is the total number of nodes in the network, and j= 1, 2,3 … N. • Let Uj be the subset of nodes in the network which are neighbours of vj, i.e. Uj is the neighbourhood of vj. It follows that vj∉ Uj and also Uj⊂ V. • Let Tij be the number of packets that node vi has successfully sent to node vj for vj to forward to a further node; vi‫א‬ Uj, vj‫א‬ Ui, i ≠ j and Tij(t0) = 0. • Let Rij be the number of packets that node vi has successfully received from node vj that did not originate at vj; vi‫א‬ Uj, vj‫א‬ Ui, i ≠ j and Rij(t0) = 0. The equation holds well over an ideal static environment but in a MANET’s environment, the ideal condition does not exist. Nodes may exhibit malicious behaviour unintentionally, especially in a MANET because of several reasons like the unavailability of resources like CPU cycles, buffer space and bandwidth when the packet has to be forwarded. Hence a threshold has to be setup in order to View slide
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 5, Issue 4, April (2014), pp. 95-104 © IAEME 99 accommodate unintentional misbehaviour by a node which may result in packet dropping. Mathematically, it can be represented as follows: ሺ1 െ ߙ௧௛௥௘௦௛௢௟ௗሻ∑ ܴ௜௝ሺ‫ݐ‬ଵሻ ൌ௩೔‫א‬௎ೕ ∑ ܶ௜௝ሺ‫ݐ‬ଵሻ௩೔‫א‬௎ೕ (2) 5.2 Local Forward Percentage Partial dropping can be measured using the Local Forward Percentage [7].It is defined as below: ‫ܲܨܮ‬ ൌ ௣௔௖௞௘௧௦ ௙௥௢௠ ௡௢ௗ௘ሺ௜ሻ ௔௖௧௨௔௟௟௬ ௙௢௥௪௔௥ௗ௘ௗ ௣௔௖௞௘௧௦ ௙௥௢௠ ௡௢ௗ௘ሺ௜ሻ ௧௢ ௕௘ ௙௢௥௪௔௥ௗ௘ௗ (3) 6. PROPOSED WORK In this paper, we propose a robust secure efficient algorithm for the detection of the packet dropping attack by selfish nodes is described. Fig 4 is the architectural diagram of the proposed system. The proposed algorithm includes a new metric field; Cumulative LFP in the RREP packet. This field contains the cumulative LFP of all the intermediate nodes that are involved in the data transmission. Fig.4: Architecture of the Proposed System 6.1 Proposed Algorithm Source node starts the route discovery procedure by preparing a Route Request packet; RREQ and broadcast it to all its neighbouring nodes. All the intermediate nodes on receiving this packet, forwards it to its neighbouring nodes and this process continues until the packet reaches its destination node. When destination node receives the RREQ packet, it prepares a new reply packet; RREP and unicast it to the source node. Each node vi maintains two metrics, number of transmitted packets (Tij) and number of received packets (Rij). LFP of each nodes is calculated as Rij/Tij. Whenever a node receives the RREP packet, it calculates its LFP value and adds it to cumulative LFP of the RREP packet. At Source node, on receiving the RREP packet, it calculates the LFP of the routing path (Cumulative LFP/hop count). If the calculated LFP is below the threshold value, then the routing path is suppressed. By this approach the routing path that involves the selfish nodes are discarded in further data transmission. Fig 5 is the modified AODV-RREP packet structure. Fig.6 depicts the flow diagram of the proposed scheme followed by the proposed algorithm.
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 ISSN 0976 - 6375(Online), Volume 5, Issue 4, April (2014), pp. Fig.5: Proposed AODV Fig.6: Process Flow of the Proposed System • Root Discovery Process: The source node S starts preparing the RREQ packet and broadcast it to the neighbouring node. • Metrics Computation in RREP increments the hop count and appends its LFP v • Collecting Replies: Source node collects all the RREPs sent by the destination • Removal of Malicious Routing path: calculated. Routing path having LFP below the threshold value Table insertion. • Continue Default Routing Process: the normal procedure of AODV. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976 6375(Online), Volume 5, Issue 4, April (2014), pp. 95-104 © IAEME 100 Proposed AODV-RREP packet structure Process Flow of the Proposed System The source node S starts the route discovery phase for d preparing the RREQ packet and broadcast it to the neighbouring node. in RREP: When each intermediate node receives the RREP packet, it increments the hop count and appends its LFP value to the cumulative LFP field in RREP Source node collects all the RREPs sent by the destination node us Routing path: After receiving the RREP, LFP of the routing path is calculated. Routing path having LFP below the threshold value is suppressed from the Routing Continue Default Routing Process: After discarding the malicious routing path International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), the route discovery phase for destination by When each intermediate node receives the RREP packet, it alue to the cumulative LFP field in RREP packet. node. LFP of the routing path is suppressed from the Routing After discarding the malicious routing path, continue with
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 5, Issue 4, April (2014), pp. 95-104 © IAEME 101 7. SIMULATION RESULTS The simulation parameters and the comparison results of the simulated MANET before and after prevention are illustrated in this section. TABLE 1 SimulationParameters Parameter Value Simulator NS2 Operating System Linux-Mint-15 Number of nodes 25 MAC Type 802.11 Antenna Type Omni directional Routing Protocol AODV Simulation Time 9 sec Traffic Type TCP Source Node Node 0 Destination Node Node 18 Fig. 7 shows the implementation of MANET with 25 nodes and highlights the selfish nodes in red color. Fig.8 depicts the identification of selfish nodes by measuring the LFP for each node in the simulated MANET. The nodes having LFP as 100 are promiscuous nodes which has forwarded all the packets to its neighbouring node without dropping any packet. The nodes having zero LFP are not involved in the routing process except for source and destination nodes. The nodes having low LFP values are highlighted and these nodes (node11, 23 and 24) are identified as selfish nodes. The Fig. 9 shows the graphical output of the comparison of LFP values of each node before and after prevention in the simulated environment. Fig.10 shows the Packet Dropped and Packet Delivery Ratio before and after prevention. Fig.7: Simulation of Selfish nodes
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 5, Issue 4, April (2014), pp. 95-104 © IAEME 102 Fig.8: Detection of Selfish nodes using LFP Fig.9: Graph showing LFP of each node before and after prevention
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 5, Issue 4, April (2014), pp. 95-104 © IAEME 103 Fig.10: Packet metrics before and after prevention Fig.11: Performance metrics of AODV and modified-AODV Fig,11 is the performance comparison of the AODV and M-AODV. It is clearly seen that the Packet drop ratio and PDR has been improved for proposed M-AODV compared to the existing AODV in the presence of Packet dropping attack. From all the above simulation results, it is evident that M-AODV is works efficiently in the packet dropping environment. 8. CONCLUSION In this paper a robust efficient approach for the detection of selfish nodes that are responsible for packet dropping attack in the mobile ad hoc network on AODV routing protocol is proposed. In the proposed approach, a solution is proposed based on the Principle of Flow of Conservation (PFC). By measuring the Local Forward Percentage of each node, the malicious selfish nodes are detected and it is eliminated in further data transmission.From all the above simulation results, it is evident that M-AODV is works efficiently in the packet dropping environment. 9. REFERENCES [1] SEVIL ¸SEN, JOHN A. CLARK, and JUAN E. TAPIADOR “Security of Self-Organizing Networks MANET,WSN,WMN,VANET - Security Threats in Mobile Ad Hoc Networks” CRC Press. [2] H. Miranda and L. Rodrigues, “Preventing Selfishness in Open Mobile Ad Hoc Networks,” Proc. Seventh CaberNet Radicals Workshop, 2002.
  • International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 5, Issue 4, April (2014), pp. 95-104 © IAEME 104 [3] S. Marti, T. J. Giuli, K. Lai, and M. Baker, “Mitigating routing misbehaviour in mobile ad hoc networks,” in Proc. 6th Annual. Int. Conf. Mobile Computing. Network, Boston, MA, 2000, pp. 255–265. [4] K. Liu, J. Deng, P. K. Varshney, and K. Balakrishnan, “An acknowledgment-based approach for the detection of routing misbehaviour in MANETs,” IEEE Trans. Mobile Computing., vol. 6, no. 5,pp. 536–550, May 2007. [5] Elhadi M. Shakshuki, Nan Kang, and Tarek R. Sheltami, “EAACK—A Secure Intrusion- Detection System for MANETs” IEEE TRANSACTIONS ON INDUSTRIAL ELECTRONICS, VOL. 60, NO. 3, MARCH 2013. [6] Oscar F. Gonzalez, Michael Howarth, George Pavlou, “Detection of Packet Forwarding Misbehavior in Mobile Ad-Hoc Networks”. [7] Tiranuch Anantvalee, Jie Wu “A Survey on Intrusion Detection in Mobile Ad Hoc Networks”; Wireless/Mobile Network Security, Springer. [8] Bhakti Thakre and S.V.Sonekar, “Design and Development of an Algorithmic Approach for Selfish and Malicious Node in Cluster Based Adhoc Wireless Networks”, International Journal of Computer Engineering & Technology (IJCET), Volume 5, Issue 1, 2014, pp. 28 - 37, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375. [9] Shah Vrutik, Dr.Nilesh Modi and Patani Ashwin, “AODVgap-An Acknowledgment Based Approach to Mitigate Selective Forwarding Attacks in MANET”, International Journal of Computer Engineering & Technology (IJCET), Volume 3, Issue 2, 2012, pp. 458 - 469, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375. [10] S. A. Nagtilak and Prof. U.A. Mande, “The Detection of Routing Misbehavior in Mobile Ad Hoc Networks using the 2ack Scheme with OLSR Protocol”, International Journal of Computer Engineering & Technology (IJCET), Volume 1, Issue 1, 2010, pp. 213 - 234, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375. [11] S. A. Nagtilak and Prof. U.A. Mande, “A Survey of Mitigating Routing Misbehavior in Mobile Ad Hoc Networks”, International Journal of Computer Engineering & Technology (IJCET), Volume 1, Issue 2, 2010, pp. 106 - 117, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375.