Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Network Information And Security

520 views

Published on

  • Be the first to comment

  • Be the first to like this

Network Information And Security

  1. 1. Network Information and Security: Defending mechanismagainst SYBIL attack inmobile ad hoc network By: Anand Karandikar & Harshad Ghegadmal
  2. 2. Introduction:• Network security• Mobile Ad Hoc Network• MANET is vulnerable to attacks due to 1]Dynamic change in topology 2]Lack of proper line of defense 3]Lack of centralized Authority 4]Cooperative nature for Ad Hoc routing algorithms 5]wireless communication links
  3. 3. Sybil attack:• Nodes maintain the connectivity in the nodesoutside the broadcast range• Use of routing protocols for path finding• Assigning unique address by 1]IP address 2]MAC (media access channel)• In Unrestricted protocols DSR & AODV address identifier are falsified by malicious mode giving opportunity for Sybil attack
  4. 4. Review of Sybil attack:• MANET uses redundant algorithms createsdifficulties for attacker to destroy the integrity ofinformation• Detection of change in Packet during transmission• Detection & Isolation of suspected node• Decrease in efficiency of Sybil attack detectiontechnique due to malicious node• Prevention due to cryptographically authenticatednode
  5. 5. Detection models:1. PKI based protocols2. Threshold-based protocols3. Reputation schemes4. Watchdog mechanism5. Improved Watchdog-like mechanism
  6. 6. Multifactor Authentication scheme:The Multifactor authentication of the other node isusually performed in two steps:1] A certified signature key links an entity to a claimed identity.2] The reading of the physical characteristics of the examined node links the physical node to the claimed identity.
  7. 7. Implementation of multifactor Authentication framework:• Implementation by combining traditional cryptographic technique & certified physical attribute• Steps- 1] verification of digital signature of each other contained in message. 2]analyzing the physical attribute of other node by comparing the readings against set of certified value.
  8. 8. Passive Ad Hoc Sybil Identity detection scheme:• Functioning of the protocol is based on records of identities of the nodes broadcasting• Mobility of nodes in wireless Ad Hoc Network is utilized for identification• Basic fact =>individual nodes are free to move independently, all identities of a single attacker are bound to the single physical node & hence must move together• It includes-single node observer & multi-node observer
  9. 9. Single node observer:• Protocol with single observer• Affinity between related pair is given bywhere Tij = number of intervals in which nodes i and j were observed together, Lij = number of intervals in which either i or j was observed alone, N =total number of intervals in the observation period
  10. 10. Multiple node observer:• Protocols with more observer• Affinity value is given by Aij=(Tij-2Lij)wij where wij = (Tij+Lij)/N Here, Tij = number of intervals in which nodes i and are being observed together by n nodes, Lij = number of intervals in which either node i or j is being observed alone by n nodes, N = number of nodes sharing information with one another.
  11. 11. Passive Ad Hoc Sybil Identity Detection with group detection (PASID-GD ):• Data transmission by legitimate node is simultaneous & Data transmission by Sybil attacker is serial• Identity criteria for Sybil detection in PASID- GD=>attacker with multiple identities sends message serially with few collision at MAC layer i.e. collision rate differentiate bet group of legitimate node & Sybil attacker
  12. 12. Conclusion: Way to improve the Sybil attack defense mechanisms by ways:• Use of more accurate and closely synchronized clocks.• Equipment of mobile nodes with the GPS receiver• Use of mobile nodes with additional antenna
  13. 13. References:• J. R. Douceur, The Sybil Attack , International Workshop on Peer-to-Peer Systems• L. Zhou, and Z. J. Haas, “Securing Ad Hoc networks,” IEEE Network Vol. 13• en.wikipedia.org/wiki/Sybil_attack• www.math.cmu.edu/Sybilguard.asp
  14. 14. Any Questions ?
  15. 15. Thank You!

×