Network Information and Security: Defending mechanismagainst SYBIL attack inmobile ad hoc network By: Anand Karandikar & Harshad Ghegadmal
Introduction:• Network security• Mobile Ad Hoc Network• MANET is vulnerable to attacks due to 1]Dynamic change in topology 2]Lack of proper line of defense 3]Lack of centralized Authority 4]Cooperative nature for Ad Hoc routing algorithms 5]wireless communication links
Sybil attack:• Nodes maintain the connectivity in the nodesoutside the broadcast range• Use of routing protocols for path finding• Assigning unique address by 1]IP address 2]MAC (media access channel)• In Unrestricted protocols DSR & AODV address identifier are falsified by malicious mode giving opportunity for Sybil attack
Review of Sybil attack:• MANET uses redundant algorithms createsdifficulties for attacker to destroy the integrity ofinformation• Detection of change in Packet during transmission• Detection & Isolation of suspected node• Decrease in efficiency of Sybil attack detectiontechnique due to malicious node• Prevention due to cryptographically authenticatednode
Multifactor Authentication scheme:The Multifactor authentication of the other node isusually performed in two steps:1] A certified signature key links an entity to a claimed identity.2] The reading of the physical characteristics of the examined node links the physical node to the claimed identity.
Implementation of multifactor Authentication framework:• Implementation by combining traditional cryptographic technique & certified physical attribute• Steps- 1] verification of digital signature of each other contained in message. 2]analyzing the physical attribute of other node by comparing the readings against set of certified value.
Passive Ad Hoc Sybil Identity detection scheme:• Functioning of the protocol is based on records of identities of the nodes broadcasting• Mobility of nodes in wireless Ad Hoc Network is utilized for identification• Basic fact =>individual nodes are free to move independently, all identities of a single attacker are bound to the single physical node & hence must move together• It includes-single node observer & multi-node observer
Single node observer:• Protocol with single observer• Affinity between related pair is given bywhere Tij = number of intervals in which nodes i and j were observed together, Lij = number of intervals in which either i or j was observed alone, N =total number of intervals in the observation period
Multiple node observer:• Protocols with more observer• Affinity value is given by Aij=(Tij-2Lij)wij where wij = (Tij+Lij)/N Here, Tij = number of intervals in which nodes i and are being observed together by n nodes, Lij = number of intervals in which either node i or j is being observed alone by n nodes, N = number of nodes sharing information with one another.
Passive Ad Hoc Sybil Identity Detection with group detection (PASID-GD ):• Data transmission by legitimate node is simultaneous & Data transmission by Sybil attacker is serial• Identity criteria for Sybil detection in PASID- GD=>attacker with multiple identities sends message serially with few collision at MAC layer i.e. collision rate differentiate bet group of legitimate node & Sybil attacker
Conclusion: Way to improve the Sybil attack defense mechanisms by ways:• Use of more accurate and closely synchronized clocks.• Equipment of mobile nodes with the GPS receiver• Use of mobile nodes with additional antenna
References:• J. R. Douceur, The Sybil Attack , International Workshop on Peer-to-Peer Systems• L. Zhou, and Z. J. Haas, “Securing Ad Hoc networks,” IEEE Network Vol. 13• en.wikipedia.org/wiki/Sybil_attack• www.math.cmu.edu/Sybilguard.asp