Your SlideShare is downloading. ×
Java Abs   Scalable Wireless Ad Hoc Network Simulation Using Xtc   Domain Name System Security
Java Abs   Scalable Wireless Ad Hoc Network Simulation Using Xtc   Domain Name System Security
Java Abs   Scalable Wireless Ad Hoc Network Simulation Using Xtc   Domain Name System Security
Java Abs   Scalable Wireless Ad Hoc Network Simulation Using Xtc   Domain Name System Security
Java Abs   Scalable Wireless Ad Hoc Network Simulation Using Xtc   Domain Name System Security
Java Abs   Scalable Wireless Ad Hoc Network Simulation Using Xtc   Domain Name System Security
Java Abs   Scalable Wireless Ad Hoc Network Simulation Using Xtc   Domain Name System Security
Java Abs   Scalable Wireless Ad Hoc Network Simulation Using Xtc   Domain Name System Security
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Java Abs Scalable Wireless Ad Hoc Network Simulation Using Xtc Domain Name System Security

568

Published on

Final Year Projects, IEEE Projects, Final Year Projects in Chennai, Final Year IEEE Projects, final year projects, college projects, student projects, java projects, asp.net projects, software …

Final Year Projects, IEEE Projects, Final Year Projects in Chennai, Final Year IEEE Projects, final year projects, college projects, student projects, java projects, asp.net projects, software projects, software ieee projects, ieee 2009 projects, 2009 ieee projects, embedded projects, final year software projects, final year embedded projects, ieee embedded projects, matlab projects, microcontroller projects, vlsi projects, dsp projects, free projects, project review, project report, project presentation, free source code, free project report, Final Year Projects, IEEE Projects, Final Year Projects in Chennai, Final Year IEEE Projects, final year projects, college projects, student projects, java projects, asp.net projects, software projects, software ieee projects, ieee 2009 projects, 2009 ieee projects, embedded projects, final year software projects, final year embedded projects, ieee embedded projects, matlab projects, final year java projects, final year asp.net projects, final year vb.net projects, vb.net projects, c# projects, final year c# projects, electrical projects, power electronics projects, motors and drives projects, robotics projects, ieee electrical projects, ieee power electronics projects, ieee robotics projects, power system projects, power system ieee projects, engineering projects, ieee engineering projects, engineering students projects, be projects, mca projects, mtech projects, btech projects, me projects, mtech projects, college projects, polytechnic projects, real time projects, ieee projects, non ieee projects, project presentation, project ppt, project pdf, project source code, project review, final year project, final year projects

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
568
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
31
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. SCALABLE WIRELESS AD-HOC NETWORK SIMULATION USING XTC - DOMAIN NAME SYSTEM SECURITY The Domain Name System (DNS) has become a critical operational part of the internet infrastructure, yet it has no strong security mechanisms to assure data integrity or authentication. Extensions to the DNS are described that provide these services to security aware resolves or applications through the use of cryptographic digital signatures. These digital signatures are included zones as resource records. The extensions also provide for the storage of authenticated public keys in the DNS. This storage of keys can support general public key distribution services as well as DNS security. These stored keys enable security aware resolvers to learn the authenticating key of zones, in addition to those for which they are initially configured. Keys associated with DNS names can be retrieved to support other protocols. In addition, the security extensions provide for the authentication of DNS protocol transactions. SYNOPSIS The Internet is a widespread conglomeration of hundreds of thousands of inter-connected heterogeneous networks and hosts. Computers communicate with each other on the basis of different types of addresses, on the physical layer using low level physical addresses like Ethernet- card addresses, on the data link to presentation layer using host addresses such as IP addresses, and on the application layer using host names. The task of naming hosts and network domains is addressed by creating a hierarchical relation between domains, with hosts as the furthest descendants from a root domain. By appending the domain labels one after the other to the host labels on the path up to the root in the hierarchical tree, a unique, memorizable, and usually pronounceable identifier is created: the host name. One of the management tasks in the internet is the mapping of lower level addresses to host names. A first naïve approach that was taken was to collect all names to address mapping in a single file. The file “HOSTS.TXT” contained the name to address mapping for every host connected to the ARPANET. The mapping or binding of IP addresses to host names became a major problem in the rapidly growing Internet and the higher level binding effort went through different stages of development up to the currently used Domain Name System (DNS). PROBLEM STATEMENT Authenticity is based on the identity of some entity. This entity has to prove that it is genuine. In many network applications the identity of participating entities is simply determined by their names or addresses. High level applications use mainly names for authentication purposes, because address lists are much harder to create, understand, and maintain than name lists. Assuming an entity wants to spoof the identity of some other entity, it is enough to change the mapping between its low level address and its high level name. It means that an attacker can fake the name of someone by modifying the association of his address from his own name to the name he wants to impersonate. Once an attacker has done that, an authenticator can no longer distinguish between the true and the faked entity. DESIGN OF SIG RR The SIG or “signature” resource record (RR) is the fundamental way that data is authenticated in the secure Domain Name System (DNS). As such it is the heart of the security provided. The SIG RR unforgably authenticates other RR of a particular type, class, and name and binds them to a time interval and the signer’s domain name. This is done using Cryptographic techniques and the signer’s private key. The signer is frequently the owner of the zone from which the RR originated. The syntax of a SIG resources record (signature) is a shown below. It includes the type of the RR(s) being signed, the name of the signer, the time at which the signature was created, the time in expires (when it is no longer to be believed), its original time to Live (which may be longer than its current time to live but cannot be shorter), the cryptographic algorithm in use, and the actual signature.
  • 2. Every DNS entry in a secured zone will have associated with it at least one SIG resource record for Flags each resource type and a SIG record for the zone file. The SIG Record for the 16 bits Whole Zone File can be used to verify whether all the information present is Protocol correct or not, during zone transfers. A security aware server supporting the 8 bits performance enhanced version of the DNS protocol security extensions will attempt to return, with RR’s retrieved, the corresponding SIGs. If a server does not Algorithm support the protocol, the resolver must retrieve all the SIG records for a name and 8 bits select the one or ones that sign the resource record(s) that resolver is interested Public Key in. DESIGN OF KEY RR Authentication is provided by associating with resource records in the DNS cryptographically generated digital signatures. Commonly, there will be a single private key that signs for an entire zone. If a security aware resolver reliably learns the public key of the zone, it can verify, for signed data read from that zone, that it was properly authorized and is reasonably current. The zone’s private key is to be kept off-line and can used to re-sign all of the records in the zone periodically. The PUBLIC KEY of the zone is stored in KEY Resource Records. This data origin authentication key belongs to the zone and not to the servers that store copies of the data. It means that the compromise of a server or even all servers for a zone will not necessarily affect the degree of assurance that a resolver has, that it can determine whether data is genuine. A resolver can learn the public key of a zone either by reading it from DNS or by having it statically configured. To reliably learn the public key by reading it from DNS, the key itself must be signed. Thus, to provide a reasonable degree of security, the resolve must be configured with at least the public key of one zone that it can use to authenticate signatures. MODULES: Authentication Message Digest Algorithm Cryptography PRNG Generating Signature Signature Verification Data Integrity Project Pre requisitions:- The XTC ad-hoc network topology control algorithm shows three main advantages over previously proposed algorithms. First, it is extremely simple. Second, it does not assume the network graph to be a Unit Disk Graph; XTC proves correct also on general weighted network graphs. Third, the algorithm does not require availability of node position information. Instead, XTC operates with a general notion of order over the neighbors’ link qualities. In the special case of the network graph being a Unit Disk Graph, the resulting topology proves to have bounded degree, to be a planar graph, and—on average-case graphs—to be a good spanner. Employed on Euclidean and Unit Disk Graphs. Topology Control:- For two communicating ad-hoc nodes u and v, the energy consumption of their communication grows at least quadratically with their distance. Having one or more relay nodes between u and v therefore helps to save energy. The primary target of a topology control algorithm is to abandon long-distance communication links and instead route a message over several small (energy-efficient) hops .For this purpose each node in the ad-hoc network chooses a ”handful” of ”close by” neighbors” in all points of the compass. Clearly nodes cannot abandon links to ”too many” far-away neighbors in order to prevent the ad-hoc network from being partitioned or the routing paths from becoming noncompetitively long. In general there is a trade-off between networks connectivity and sparseness. Let the graph G = (V;E) denote
  • 3. the ad-hoc network before running the topology control algorithm, with V being the set of ad-hoc nodes, and E representing the set of communication links. There is a link (u; v) in E if and only if the two nodes u and v can communicate directly. Running the topology control algorithm will yield a sparse sub graph Gtc= (V; Etc) of G, where Etc is the set of remaining links. The resulting topology Gtc should have the following properties: Property 1 (Symmetry):- The resulting topology Gtc should be symmetric, that is, node u is a neighbor of node v if and only if node v is a neighbor of node u. Asymmetric communication graphs are unpractical, because many communication primitives become unacceptably complicated. A simple ACK message confirming the receipt of a Message, for example, is already a nightmare in an asymmetric graph. Property 2 (Connectivity):- Two nodes u and v are connected if there is a path from u to v, potentially through multiple hops. If two nodes are connected in G, then they should still be connected in Gtc. Although a minimum spanning tree (MST) is a sparse connected subgraph, it is often not considered a good topology, since close-by nodes in the original graph G might end up being far away in Gtc (G being a ring, for instance). Therefore Property 2 is usually strengthened: Property 2+ (Spanner):- For any two nodes u and v, if the optimal path between u and v in G has cost c, then the optimal path between u and v in Gtc has cost f(c). If f(c) is bounded from above by a linear function in c, the graph Gtc is called a spanner. Researchers have studied a selection of cost metrics, the most popular being i) Euclidean distance and ii) various energy metrics. The cost of a link in model i) is the Euclidean distance of the link, in model ii) the distance is raised to a predefined power. In both models the cost of a path is commonly defined to be the sum of the costs of all links in the path. As mentioned, the primary target of a topology control algorithm is to abandon long-distance neighbors, or more formally. Property 3 (Sparseness):- The remaining graph Gtc should be sparse, that is, the number of links should be in the order of the number of nodes, i.e. jEtcj = O(jV j). This reflects that not too many close- by nodes must be chosen, which reduces interference and thus saves energy. Since there still might be some nodes with many neighbors (e.g. a star graph), also Property 3 features an improved version. Property 3+ (Low Degree):- Each node in the remaining graph Gtc has a small number of neighbors. In particular the maximum degree in the graph Gtc should be bounded from above by a constant. Since connectivity and sparseness run against each other, topology control has been a thriving research area. In addition to the properties 1, 2, and 3, one can often find secondary targets. For instance, it is popular (and often for free) to ask the remaining graph to be planar in order to run a geometric (a.k.a. geographic, location-based, position-based) routing algorithm, such as GOAFR/GOAFR+ [11, 13], or GFG/GPSR [2, 9]. Preliminaries:- In a weighted graph G = (V; E) every edge (u; v) 2 E is attributed a weight! uv. When referring to a weighted graph we assume that the weights are symmetric: !uv = !vu. The nodes of a Euclidean graph are assumed to be located in a Euclidean plane. Furthermore the edge weight of an edge (u; v) is defined to be !uv = juvj, where juvj is the Euclidean distance between the nodes u and v. Note that the definition of Euclidean graphs does not contain a statement on the existence of certain edges. A Unit Disk Graph is a Euclidean graph containing an edge (u; v) if and only if juvj _ 1. Unit Disk Graphs are often employed to model an ad-hoc network where all network nodes are placed in an unobstructed plane and have equal (normalized) transmission power and isotropic antennas that is antennas sending with identical power in every direction of the plane. Strongly related to edge weights is the cost of an edge. The cost of an edge c(u; v) can be considered to represent the effort an algorithm is required to expend in order to send a message over (u; v). Common definitions of edge cost metrics include the hop or link metric c(u; v) _ 1, the Euclidean metric c(u; v) = juvj, and the energy metric c(u; v) = juvje for an attenuation exponent e _ 2. A path p(u; v) from a node u to a node v being a sequence of consecutively contingent edges starting at u and ending at v, the cost of a path jp(u; v)j is accordingly defined to be the sum of the costs of all edges contained in the path.
  • 4. XTC Algorithm:- The algorithm consists of three main steps: I) Neighbor ordering, II) Neighbor order exchange, and III) Edge selection. Detail Explanation:- In the first step each network node u computes a total order over all its neighbors in the network graph G. From an abstract point of view, this order is intended to reflect the quality of the links to the neighbors. A node u will consider its neighbors in G (in the third step of the algorithm) according to _u ordered with respect to decreasing link quality: The link to a neighbor appearing early in the order _u is regarded as being of higher quality than the link to a neighbor placed later in _u. A neighbor w appearing before v in order _u is denoted as w _u v. The neighbor order reflects a much more general notion of link quality, such as signal attenuation or packet arrival rate. In the second step the neighbor order information is exchanged among all neighbors. Typically a node u broadcasts its own neighbor order while receiving the orders established by all of its neighbors. During the third step, which does not require any further Communication, each node locally selects those neighboring nodes which will form its neighborhood in the resulting topology control graph, based on the previously exchanged neighbor order information. For this purpose a node u traverses _u with decreasing link quality: “Good” neighbors are considered first, “worse” ones later. Informally speaking, a node u only builds a direct communication link to a neighbor v if u has no “better” neighbor w that can be reached more easily from v than u itself. Although the XTC algorithm is executed at all nodes, the detailed description as shown in the above box assumes the point of view of a node u. Lines 1 and 2 correspond to Steps I) and II). Lines 3-11 define Step III) in more detail: First the two sets Nu and _ Nu are initialized to be empty. Now the neighbor ordering _u established in Line 1, is traversed in increasing order. In Line 7 the neighbor order _u of the currently considered neighbor v is examined: If any of u’s neighbors w already processed appears in v’s order before u (w _v u) node v is included in _ Nu (Line 8); otherwise v is added to Nu (Line 10). After completion of the algorithm, the set Nu contains u’s neighbors in the topology control graph GXTC. More formally, the edge set EXTC of the graph GXTC = (V;EXTC) is EXTC = f(u; v)j 9u: v 2 Nug. In the algorithm as described above, each node constructs in Step I) a total order over all its neighbors in G. In a variant of the algorithm a node u could apply a growing radius technique— starting with the “best” neighbor— to decide on a neighbor v’s inclusion in Nu or _ Nu—based on _v—immediately when identifying v as the next “worse” neighbor found so far. Applying such interleaving of steps I), II) and III), u could terminate earlier, that is, as soon as having found “enough” neighbors. Property 1 is symmetry of the resulting graph, often has to be enforced by topology control algorithms.
  • 5. Project Modules:- The various modules in the protocol are as follows Module 1:- Sending the data in the form of packet Module 2:- Using the XTC algorithm the ranking for each node is calculated. Distance Energy Link Quality Module 3:- Nodes exchange rankings with neighbors. Module 4:- Each node locally goes through all neighbors in order of their ranking If the candidate ranks any of your already processed neighbors higher than yourself, then you do not need to connect to the candidate. Data Flow Diagram:- Send the distance, Energy, Host Link quality to all other nodes Receive the distance, Energy, Link quality from all other nodes Rank all the nodes Send and receive data Based on rank through those connections. calculate onnections
  • 6. Flow Chart Analysis : Identify each node Get Distance, Energy, and Link Quality for current node. Send Distance, Energy and Link Quality of current node to all nodes. Receive Distance, Energy and Link Quality of all nodes. Rank all the nodes C C For every node No Ranking is greater than current node Establish connection Next Node Remove connection Send data Yes

×