DEFENSE MECHANISM AGAINST FLOODING ATTACKS ON MANET Presented by M. MuthuMeenakshi Reg.No: 11CS11 Guide : Dr. P. Subathra1 September 14, 2012
BROAD AREA • Networks Network is a collection of hardware components and computers interconnected by communication channels that allow sharing of resources and information. • Network Security Network security consists of provisions and policies adopted by the network administrator to prevent and monitor unauthorized access, misuse, modification and network accessible resources.2 September 14, 2012
SPECIFIC AREA MANET The MANET(Mobile Adhoc Networks) is a self- configuring infrastructureless networks of mobile devices connected by wireless links. Flooding Attack The flooding attack is an attack that attempts to cause a failure in a computer system or other data processing entity by providing more input than entry can process properly.3 September 14, 2012
NOVEL DEFENSE MECHANISM AGAINST DATAFLOODING ATTACKS IN WIRELESS AD-HOC NETWORKS(2010) Methodology The Period Based Defense Mechanism (PDM) is used here, & is used to enhancing the throughput of burst traffic. Advantage It can guarantee the Quality of Service (QoS) of burst traffic. Drawback When the number of packets per second is high (burst traffic), AODV cannot process packets because of the resource exhaustion.6 September 14, 2012
FLOODING ATTACKS PREVENTION IN MANET(2011) Methodology Flooding Attack Prevention (FAP) has been developed, where FAP refers a defense system against the Ad Hoc Flooding Attack. It analyse the behaviour of intruder and check it by trust function. Advantage In FAP, the neighbors are categorized into friends (most trusted), acquaintances (trusted) and strangers(not trusted). Therefore it is easily identified. Drawback The Problem is it doesn’t work properly with HIGHER7 September 14, 2012 NODE MOBILITY.
PERFORMANCE ANALYSIS OF MOBILE AD HOC NETWORKS UNDER FLOODING ATTACKS (2011) Methodology The influence of flooding attack on the entire network performance is analyzed under the circumstances of different parameters including i. Number of attack nodes ii. Flooding frequency iii.Network bandwidth iv.Number of normal nodes. Advantage When the number of flooding packets occurs in NIC’s processing power, most of the packets in the queue are8 September 14, 2012 discarded.
Drawback When the frequency of flooding increases, the packet delays occurs. when network resources have been exhausted, with the increasing frequency of flooding attacks, It results in the loss of packets with long routes .9 September 14, 2012
HELLO FLOOD ATTACK AND ITS COUNTERMEASURES IN WIRELESS SENSOR NETWORKS (2010) Methodology The proposed security framework for hello flood detection via A signal strength method A client puzzle method Advantage The Accuracy will be considerly improved, leading to better understanding and forecasting such phenomena. Drawback In these methods, When the node doesn’t receive any reply message in a predefined time, it treats sender as a10 attacker. September 14, 2012
A TRUST BASED SECURITY SCHEME FOR RREQ FLOODING ATTACK IN MANET (2010) Methodology The Distributive approach has been proposed to detect and prevent the RREQ flooding attack. The effectiveness of the proposed technique depends on the selection of threshold values. Advantage When the node identifies that sender is originating dataflooding, it cutt off the path & send error message. Drawback It get delays to detect the misbehaving node by allowing him to sends more packet until timeout occurs.11 September 14, 2012
PERFORMANCE ANALYSIS OF FLOODING ATTACK PREVENTION ALGORITHM IN MANETS (2009) Methodology The performance of trust algorithm is used to test the adhoc networks to implementing the AODV protocol. Advantage In this method, the unnecessary traffic is reduced and hence the node able to process the data traffic. And also send to the destination node in less time. Drawback This work didnt develop comprehensive models for security attacks and a trustworthy security frame-work against all possible security attacks in an ad hoc network. .12 September 14, 2012
IMPROVING THE PERFORMANCE OF PROBABILISTIC FLOODING IN MANETS (2008) Methodology This paper has proposed the probabilistic flooding algorithm in MANETs. The algorithm determines rebroadcast probability by considering network density. Advantage The algorithm provides flexibility. It is easy to implement with guaranteed message dissemination. Drawback If the rebroadcast probability p is set to a small value, the13 September 14, 2012 reachability will be poor.
PROBABILISTIC BROADCAST FOR FLOODING IN WIRELESS MOBILE AD HOC NETWORKS (2002) Methodology A purely probabilistic approach has been discussed about flooding, its attempting to exploit the phase transition phenomenon. Advantage To maintain high reliability, when inorder to reduce the number of broadcast packets. Drawback In the mechanism where a system undergoes a small changes of a given parameter in the system induces a great shift in the systems global behavior. The phenomenon should be extremely cost efficient. 14, 201214 September
EFFECTIVE FILTERING SCHEME AGAINST RREQ FLOODING ATTACK IN MOBILE AD HOC NETWORKS (2007) Methodology A simple rate based control packet forwarding mechanism has been introduced to mitigate malicious control packet. Advantage The protocol can be made secure against other types of possible DOS attacks. And none of the genuine nodes in the network are wrongly accused as misbehaving node. Drawback This method does not able to distinguish between genuine and forged RREQs from the malicious or victim nodes.15 September 14, 2012
MISTRAL: EFFICIENT FLOODING IN MOBILE AD-HOC NETWORKS (2006) Methodology The Mistral compensating mechanism can support flooding by a wide range of active applications. Advantage The Mistral compensating mechanism can be applied to other application where the packet loss is an issue. Drawback It allows only limited simulation modification. And the source code can be evaluated with only minor modifications.16 September 14, 2012
MITIGATING FLOODING ATTACKS IN MOBILE ADHOC NETWORKS SUPPORTING ANONYMOUS COMMUNICATIONS (2006) Methodology Anonymous Secure Routing (ASR) protocol was considered It analyze how an attacker can severely degrade the performance of the network. Advantage It can effectively identify and eliminate the nodes that are flooding the network. Drawback In ASR routing protocol, it is not possible to track back the source and destination nodes in an anonymous network.17 September 14, 2012
S.NO YEAR COMPARITIVE STUDY TITLE AUTHOR EXTRACT 01 2010 Novel Defense Mechanism Hyojin Kim, • PDM mechanism against flooding Against Dataflooding Ramachandra attacks. Attacks in Wireless Adhoc BhargaChitti, • Uses Black list by proposed scheme. Networks. and JooSeo • Processes packets according to IEEE Transactions on Song, Member, priority in the black list. Consumer Electronics, IEEE Vol.56, No. 2, May2010 02 2011 Flooding Attacks Ms. Neetu Singh • A distributive approach to identified Prevention in MANET. Chouhan, Ms. and prevent the flooding attack. International Journal of Shweta • Prevents flooding attack in AODV Computer Technology and Yadav. Protocol. Electronics Engineering (IJCTEE) Volume 1,Issue 3 03 2011 Performance analysis of Ping Yi , Futai • Effect of flooding attack on the MANETs under flooding Zou, YanZou , performance of them is analyzed. attacks. Journal of Systems and Zhiyang • Analysis is done under differ Engineering & Electronics Wang circumstances. Vol.22, No. 2, April 2011. 18 September 14, 2012
S.NO YEAR TITLE AUTHOR EXTRACT 04 2010 Hello Flood Attack and its Virendra Pal • The Signal strength and Client puzzle Counterme-asures in WSNs. Singh, method uses for attack detection. IJCSI International Journal Sweta Jain • Nodes have been classified as friend and of Computer Science Issues, and Jyoti stranger based on the signal strength. Vol. 7, Issue 3, No 11, May Singhai 2010 05 2010 A Trust Based Security Shishir K. • A novel technique uses to mitigate the Scheme for RREQ Flooding Shandilya effect of RREQ flooding attack. Attack in MANET. Sunita Sahu. • Using trust estimation function in DSR International Journal of on demand routing protocol. Computer Applns. Vol5 • Presents a distributive approach in them. No.12, Aug2010 06 2009 Performance Analysis Revathi • It addresses trust evaluation in ad hoc of Flooding Attack Venkatara- networks. Prevention Algori-thm in man, M. • It based on the extent of friendship MANETs. World Academy Pushpalatha, between the nodes. of Science, Engineering and and Technology. 2009. T.Rama Rao 19
S.NO YEAR TITLE AUTHOR EXTRACT 07 2008 Improving the Perfor- M. Bani • Presents a new probabilistic approach mance of Yassein, • It dynamically adjusts the rebroadcasting proba- Probabilistic Flooding M.Ould bility as per the node movement. in MANETs. Khaoua, L. • It without requiring any assistance of distance Second Interna-tional M.Mackenzi measurements or exact location determination proceedings in Univ and devices. of Glasgow, G12 S.Papanastas 8RZ U.K. iou 08 2007 Effective Filtering Sc- Jian-Hua • A simple rate based control packet forwarding heme against RREQ Song, Fan mechanism was introduced. Flooding Attack in Hong , Yu • Used to mitigate malicious control packet MANETs.Internation Zhang. floods. A distrusted filtering mechanism is al proceedings on proposed to mitigate the loss of throughput. net-works in Huazhong Univ. of Science & Technology 2007. 09 2006 MISTRAL: Efficient Stefan Plis- • An novel approach to flooding compensating for Flooding in Mobile ch, Mahesh flooding packets that are not rebroadcast. Adhoc Networks. Balakrishnan • Mistrals compensation mechanism applies to ACM proceedings , KenBirmn, applications where packet loss is an issue. 20 MobiHoc 06,May Robbert Florence, 2006 van Renesse
S.NO YEAR TITLE AUTHOR EXTRACT 10 2006 Mitigating Flooding Venkat • The flooding and packet drop attacks was Attacks in Mobile Balakrishnan analyzed that support anonymous Adhoc Networks ,Vijay Vara- communication. Sup-porting dharajan, & • The technique has to identify the benign Anonymous UdayTupak behaviour of expelled node. Communications. ula, 2006,Proceedings on Elisabeth Network Macquarie Gaup Moe University, Australia 11 2002 Probabilistic Broad- Jian-Hua • The proposed mechanism prevents this specific cast for Flooding in Song, Fan kind of DoS attack. Wireless Mobile Ad Hong , Yu • It does not use any additional network hoc Networks. Zhang. bandwidth. Technical Report •A purely probabilistic approach attempting to IC/2002 Swiss exploit the phase transition phenomenon. Federal institute of Technology (EPFL) Lausanne,Switzerland 21
BASE PAPER NOVEL DEFENSE MECHANISM AGAINST DATAFLOODING ATTACKS IN WIRELESS AD-HOC NETWORKS AUTHOR : HYOJIN KIM, RAMACHANDRA BHARGAV CHITTI, AND JOOSEOK SONG, MEMBER, IEEE IEEE TRANSACTIONS ON CONSUMER ELECTRONICS, VOL. 56, NO. 2, MAY 2010 The identified problem is, When the number of packets per second is high (burst traffic), AODV cannot process packets because of the resource exhaustion. The proposed scheme of Period Based Defense Mechanism(PDM) enhances the throughput of burst traffic under the data flooding attack. PROPOSED WORK The work is looking forward to use Modified Adhoc22 Ondemand Distance Vector (MAODV) protocol. September 14, 2012
CONCLUSION In the first phase, by the discussion of about some flooding attacks and their prevention measures in MANETs, its going to implement a Period based defense mechanism, it is also seen that MAODV would give better results than AODV. And in the second phase, the work will aim at simulating the throughput of the PDM scheme according to the number of attackers and the number of transferred packets per second by using NS-2 simulations.23 September 14, 2012
REFERENCES A. Jamalipour, "Self-organizing networks [message from the editor-in-chief]," IEEE Wireless Communications , vol. 15, no. 6, pp.2-3, Dec. 2008. S.-J. Lee and M. Gerla, "Split multipath routing with maximally disjoint paths in ad hoc networks," IEEE International Conference on Communications(ICC2001) vol. 10, pp. 3201-3205, Jun. 2001. L. Xia and J. Slay, "Securing wireless adhocnetworks: towards a mobile agent security architecture," the 2nd Australian Information Security Management Conference 2004 (InfoSec 2004) Nov. 2004. M. Al-Shurman, S.M. Yoo, and S. Park, "Black hole attack in mobile ad hoc networks," the 42nd annual Southeast regional conference ACM Southeast Regional Conference (ACMSE24 September 14, 2012 2004) , pp. 96-97, Apr. 2004.
Ming-Yang Su, “ Prevention of selective black hole attacks on mobile adhoc networks through intrusion detection systems” , Elsevier computer communication 34 on 2007. Yingbin liang, Member, IEEE, H. Vincent Poor, Fellow, and Lei Ying, “ Secrecy Throughput of MANETs Under Passive and Active Attacks “, IEEE Transactions on Information Theory, Vol. 57, No.10, October 2011. Todd R. Andel, Alec Yasinsac , “ Surveying Security Analysis Techniques in MANET Routing Protocols “, the 4th quarter 2007, Volume 9, No.4, October 2007. Charles E. Perkins and Elizabeth M.Royer, “ Adhoc On-Demand Distance Vector Routing” , the Second international conference ACMSE, Jan. 2000. Panagiotics Padadimitratos , Member, IEEE, Zygmunt J.Hass, “ Secure Data Communication in Mobile Adhoc Networks” , IEEE Journal on25 Selected Areas in Communications, Vol.24, No.2, Febryary 2006. 2012 September 14,