In this paper a novel technique has been proposed for intrusion detection in MANET, where agents are fired from a node for each node randomly and detect the defective nodes. Detection is based on triangular encryption technique (TE)[9,10], and AODV[1,2,3,8] is taken as routing protocol. The scheme is an ‘Agent’ based intrusion detection system. This technique is applied on two types of defective nodes namely packet sinking and black hole attack. For simulation purpose we have taken NS2 (2.33) and three type of parameters are considered. These are number of nodes, percentage of node mobility and type of defective nodes. For analysis purpose 20, 30, 30, 40, 50 and 60 nodes are taken with variability. Percentage of defectiveness as 10%, 20%, 30% and 40%.Packet sink and black hole attack are considered as defectiveness of nodes. We have considered generated packets, forward packets, average delay and drop packets as comparisons and performance analysis parameters.
A combined approach to search for evasion techniques in network intrusion det...eSAT Journals
Abstract Network Intrusion Detection Systems (NIDS) whose base is signature, works on the signature of attacks. They must be updated quickly in order to prevent the system from new attacks. The attacker finds out new evasion techniques so that he should remain undetected. As the new evasion techniques are being developed it becomes difficult for NIDS to give accurate results and NIDS may fail. The key aspect of our paper is to develop a network intrusion detection system using C4.5 algorithm where Adaboost algorithm is used to classify the packet as normal packet or attack packet and also to further classify different types of attack. Apriori algorithm is used to find real time evasion and to generate rules to find intrusion These rules are further given as input to Snort intrusion detection system for detecting different attacks. Keywords: NIDS, Evasion, Apriori Algorithm, Adaboost Algorithm, Snort
Agent based intrusion detection system in manetcsandit
In this paper a technique for intrusion detection in MANET has been proposed where agents
are fired from a node which traverses each node randomly and detect the malicious node.
Detection is based on triangular encryption technique (TE) where AODV is taken as routing
protocol. For simulation we have taken NS2 (2.33) where two type of parameters are
considered out of which number of nodes and percentage of node mobility are the attributes.
For analysis purpose 20, 30, 30, 40, 50 and 60 nodes are taken with a variable percentage of
malicious node as 0 %( no malicious), 10%, 20%, 30% and 40%. Analysis have been done
taking generated packets, forwarded packets, delay, and average delay as parameters
AGENT BASED INTRUSION DETECTION SYSTEM IN MANETcscpconf
In this paper a technique for intrusion detection in MANET has been proposed where agents are fired from a node which traverses each node randomly and detect the malicious node.
Detection is based on triangular encryption technique (TE) where AODV is taken as routing
protocol. For simulation we have taken NS2 (2.33) where two type of parameters are
considered out of which number of nodes and percentage of node mobility are the attributes. For analysis purpose 20, 30, 30, 40, 50 and 60 nodes are taken with a variable percentage of
malicious node as 0 %( no malicious), 10%, 20%, 30% and 40%. Analysis have been done taking generated packets, forwarded packets, delay, and average delay as parameters
Black hole Attack Avoidance Protocol for wireless Ad-Hoc networksijsrd.com
A Mobile Ad-Hoc Network is a collection of mobile nodes or a temporary network set up by wireless mobile nodes moving arbitrary in the places that have no network infrastructure in such a manner that the interconnections between nodes are capable of changing on continual basis. Thus the nodes find a path to the destination node using routing protocols. However, due to security vulnerabilities of the routing protocols, wireless ad-hoc networks are unprotected to attacks of the malicious nodes. Various attacks and one of those attacks is the Black Hole Attack against network integrity absorbing all data packets in the network. Since the data packets do not reach the destination node on account of this attack, data loss will occur. Therefore, it is a severe attack that can be easily employed against routing in mobile ad hoc networks. There are lots of detection and defense mechanisms to eliminate the intruder that carry out the black hole attack. . Virtual Infrastructure achieves reliable transmission in Mobile Ad Hoc Network. Black Hole Attack is the major problem to affect the Virtual Infrastructure. In this paper, approach on analyzing and improving the security of AODV, which is one of the popular routing protocols for MANET. Our aim is to ensuring the avoidance against Black hole attack.
A combined approach to search for evasion techniques in network intrusion det...eSAT Journals
Abstract Network Intrusion Detection Systems (NIDS) whose base is signature, works on the signature of attacks. They must be updated quickly in order to prevent the system from new attacks. The attacker finds out new evasion techniques so that he should remain undetected. As the new evasion techniques are being developed it becomes difficult for NIDS to give accurate results and NIDS may fail. The key aspect of our paper is to develop a network intrusion detection system using C4.5 algorithm where Adaboost algorithm is used to classify the packet as normal packet or attack packet and also to further classify different types of attack. Apriori algorithm is used to find real time evasion and to generate rules to find intrusion These rules are further given as input to Snort intrusion detection system for detecting different attacks. Keywords: NIDS, Evasion, Apriori Algorithm, Adaboost Algorithm, Snort
Agent based intrusion detection system in manetcsandit
In this paper a technique for intrusion detection in MANET has been proposed where agents
are fired from a node which traverses each node randomly and detect the malicious node.
Detection is based on triangular encryption technique (TE) where AODV is taken as routing
protocol. For simulation we have taken NS2 (2.33) where two type of parameters are
considered out of which number of nodes and percentage of node mobility are the attributes.
For analysis purpose 20, 30, 30, 40, 50 and 60 nodes are taken with a variable percentage of
malicious node as 0 %( no malicious), 10%, 20%, 30% and 40%. Analysis have been done
taking generated packets, forwarded packets, delay, and average delay as parameters
AGENT BASED INTRUSION DETECTION SYSTEM IN MANETcscpconf
In this paper a technique for intrusion detection in MANET has been proposed where agents are fired from a node which traverses each node randomly and detect the malicious node.
Detection is based on triangular encryption technique (TE) where AODV is taken as routing
protocol. For simulation we have taken NS2 (2.33) where two type of parameters are
considered out of which number of nodes and percentage of node mobility are the attributes. For analysis purpose 20, 30, 30, 40, 50 and 60 nodes are taken with a variable percentage of
malicious node as 0 %( no malicious), 10%, 20%, 30% and 40%. Analysis have been done taking generated packets, forwarded packets, delay, and average delay as parameters
Black hole Attack Avoidance Protocol for wireless Ad-Hoc networksijsrd.com
A Mobile Ad-Hoc Network is a collection of mobile nodes or a temporary network set up by wireless mobile nodes moving arbitrary in the places that have no network infrastructure in such a manner that the interconnections between nodes are capable of changing on continual basis. Thus the nodes find a path to the destination node using routing protocols. However, due to security vulnerabilities of the routing protocols, wireless ad-hoc networks are unprotected to attacks of the malicious nodes. Various attacks and one of those attacks is the Black Hole Attack against network integrity absorbing all data packets in the network. Since the data packets do not reach the destination node on account of this attack, data loss will occur. Therefore, it is a severe attack that can be easily employed against routing in mobile ad hoc networks. There are lots of detection and defense mechanisms to eliminate the intruder that carry out the black hole attack. . Virtual Infrastructure achieves reliable transmission in Mobile Ad Hoc Network. Black Hole Attack is the major problem to affect the Virtual Infrastructure. In this paper, approach on analyzing and improving the security of AODV, which is one of the popular routing protocols for MANET. Our aim is to ensuring the avoidance against Black hole attack.
AN IMPROVED WATCHDOG TECHNIQUE BASED ON POWER-AWARE HIERARCHICAL DESIGN FOR I...IJNSA Journal
Preserving security and confidentiality in wireless sensor networks (WSN) are crucial. Wireless sensor networks in comparison with wired networks are more substantially vulnerable to attacks and intrusions. In WSN, a third person can eavesdrop to the information or link to the network. So, preventing these intrusions by detecting them has become one of the most demanding challenges. This paper, proposes an
improved watchdog technique as an effective technique for detecting malicious nodes based on a power aware hierarchical model. This technique overcomes the common problems in the original Watchdog mechanism. The main purpose to present this model is reducing the power consumption as a key factor
for increasing the network's lifetime. For this reason, we simulated our model with Tiny-OS simulator and then, compared our results with non hierarchical model to ensure the improvement. The results indicate that, our proposed model is better in performance than the original models and it has increased the lifetime of the wireless sensor nodes by around 2611.492 seconds for a network with 100 sensors.
Review on key predistribution schemes in wireless sensor networksijassn
A wireless sensor network consist distributed sensors which are used to monitor physical or environmental
conditions like temperature, sound, pressure and so on. Wireless sensor network are used in future in many
applications like military, investigation teams, researches and so on. Security is the main issue in wireless
sensor network. Sensor network arrange several types of data packets, packets of routing protocols and
packets of key management protocols. Key management is the most effective method for providing better
security against several types of attacks. This paper discusses the various key pre-distribution approaches
along with their advantages and disadvantages.
An analysis of Network Intrusion Detection System using SNORTijsrd.com
This paper describes the analysis of signature based intrusion detection systems. Snort which is a signature based intrusion detection system are used for this purpose. We use DARPA dataset for the evaluation of Intrusion detection system.
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
A LIGHT WEIGHT PROTOCOL TO PROVIDE LOCATION PRIVACY IN WIRELESS BODY AREA NET...IJNSA Journal
Location privacy is one of the major security problems in a Wireless Body Area Networks (WBANs). An eavesdropper can keep track of the place and time devices are communicating. To make things even worse, the attacker does not have to be physically close to the communicating devices, he can use a device with a stronger antenna. The unique hardware address of a mobile device can often be linked to the identity of the user operating the device. This represents a violation of the user’s privacy. The user should decide when his/her location is revealed and when not. In this paper, we first categorize the type of eavesdroppers for WBANs, and then we propose a new scheme to provide the location privacy in Wireless Body Area Networks (WBANs).
PDS- A Profile based Detection Scheme for flooding attack in AODV based MANETijsptm
One of the main challenges in MANET is to design the robust security solution that can protect MANET
from various routing attacks. Flooding attack launched at network layer is a serious routing attack which
can consume more resources like bandwidth, battery power, etc. It is more concealed form of Denial of
service attack and resource consumption attack. The route discovery scheme in reactive routing protocols
like Adhoc On Demand Distance Vector (AODV) and Dynamic Source Routing (DSR) used in MANET
makes it more easy for malicious nodes to launch connection request floods by flooding the route request
packets (RREQ) on the network. A novel detection technique based on dynamic profile with traffic pattern
analysis (PDS) is proposed. Its effectiveness in detecting and isolating the malicious node that floods the
route request packets is evaluated using java simulator jist/swans.
An intrusion detection system plays a major role in network security. We
propose a model “DB-OLS: An Approach for IDS” which is a Deviation Based-Outlier
approach for Intrusion detection using Self Organizing Maps. In this model “Self
Organizing Map” approach is to be used for behavior learning and “Outlier mining”
approach, for detecting an intruder by calculating deviation from known user profile.
This model aims to improve the capability of detecting intruders.
Networked Dynamic Systems: Identification, Controllability, and RandomnessMarzieh Nabi
As part of my research, we aimed to develop a graph-centric framework for the analysis and synthesis of networked dynamic systems (NDS) consisting of multiple dynamic units that interact via an interconnection topology. We examined three categories of network problems, namely, identification, controllability, and randomness. In network identification, we made explicit relation between the input-output behavior of a NDS
and the underlying interacting network.
In network controllability, we provided structural and algebraic insights into features of the network that enable external signal(s) to control the state of the nodes in the network for certain classes of networks, namely, path, circulant, and Cartesian networks. We also examined the relation between network controllability and the symmetry structure
of the graph.
Motivated by the analysis results for the controllability and observability of deterministic networks, a natural question is whether randomness in the network layer or in the layer of inputs and outputs generically lead to favorable system theoretic properties.
In this direction, we examined system theoretic properties of random networks including controllability, observability, performance of optimal feedback controller, and estimator design. We explored some of the ramifications of such an analysis framework in opinion dynamics over social networks and also sensor networks to estimate the position of a Seaglider in real-time from experimental data with intermittent observations.
Limiting Self-Propagating Malware Based on Connection Failure Behavior csandit
Self-propagating malware (e.g., an Internet worm) exploits security loopholes in software to
infect servers and then use them to scan the Internet for more vulnerable servers. While the
mechanisms of worm infection and their propagation models are well understood, defense
against worms remains an open problem. One branch of defense research investigates the
behavioral difference between worm-infected hosts and normal hosts to set them apart. One
particular observation is that a worm-infected host, which scans the Internet with randomly
selected addresses, has a much higher connection-failure rate than a normal host. Rate-limit
algorithms have been proposed to control the spread of worms by traffic shaping based on
connection failure rate. However, these rate-limit algorithms can work properly only if it is
possible to measure failure rates of individual hosts efficiently and accurately. This paper points
out a serious problem in the prior method and proposes a new solution based on a highly
efficient double-bitmap data structure, which places only a small memory footprint on the
routers, while providing good measurement of connection failure rates whose accuracy can be
tuned by system parameters.
COMBINING NAIVE BAYES AND DECISION TREE FOR ADAPTIVE INTRUSION DETECTIONIJNSA Journal
In this paper, a new learning algorithm for adaptive network intrusion detection using naive Bayesian classifier and decision tree is presented, which performs balance detections and keeps false positives at acceptable level for different types of network attacks, and eliminates redundant attributes as well as contradictory examples from training data that make the detection model complex. The proposed algorithm also addresses some difficulties of data mining such as handling continuous attribute, dealing with missing attribute values, and reducing noise in training data. Due to the large volumes of security audit data as well as the complex and dynamic properties of intrusion behaviours, several data miningbased intrusion detection techniques have been applied to network-based traffic data and host-based data in the last decades. However, there remain various issues needed to be examined towards current intrusion detection systems (IDS). We tested the performance of our proposed algorithm with existing learning algorithms by employing on the KDD99 benchmark intrusion detection dataset. The experimental results prove that the proposed algorithm achieved high detection rates (DR) and significant reduce false positives (FP) for different types of network intrusions using limited computational resources.
Survey of wormhole attack in wireless sensor networksCSITiaesprime
From the last decade, a wireless sensor network (WSN) has a very important role over the networks. The primary features of WSN include satellite communication, broadcast channel, hostile environment, medical system and data gathering. There are a lot of attacks available in WSN. In wormhole attack scenario is brutal from other attacks, which is smoothly resolved in networks but tough to observe. This survey paper is an experiment to observing threats and also focuses on some different method to identify the wormhole attacks.
Generating images from a text description is as challenging as it is interesting. The Adversarial network
performs in a competitive fashion where the networks are the rivalry of each other. With the introduction of
Generative Adversarial Network, lots of development is happening in the field of Computer Vision. With
generative adversarial networks as the baseline model, studied Stack GAN consisting of two-stage GANS
step-by-step in this paper that could be easily understood. This paper presents visual comparative study of
other models attempting to generate image conditioned on the text description. One sentence can be related
to many images. And to achieve this multi-modal characteristic, conditioning augmentation is also
performed. The performance of Stack-GAN is better in generating images from captions due to its unique
architecture. As it consists of two GANS instead of one, it first draws a rough sketch and then corrects the
defects yielding a high-resolution image.
PERUSAL OF INTRUSION DETECTION AND PREVENTION SYSTEM ON A MANET WITH BLACK HO...ijsptm
MANET is a self configuring network of nodes which is a wireless . The nodes in this network move
randomly .Mobility of nodes is more. The nodes are dynamic and infrastructure less ,self maintainable. In
MANET there are many types of security attacks like Blackhole, greyhole attack, wormhole, jellyfish etc.
When the MANET is under blackhole attack there is a loss of energy which is high at the node resulting in
loss of battery backup and also excess of bandwidth may be consumed by the attacker. The attacker is an
insider. Among various mobility models to generate mobility patterns the Random waypoint mobility
model is used .To solve these issues an IDPS framework for MANET using image processing techniques
under blackhole attack is proposed to detect the blackhole attack RREP by providing security services like
authentication and confidentiality.
Impact of Black Hole Attack on AODV Routing ProtocolZac Darcy
A mobile ad-hoc network (MANET) is a collection of wireless mobile nodes that dynamically self-organize
to form an arbitrary and temporary network. The mobile nodes can communicate with each other without
any fixed infrastructure. MANET can be set up quickly to facilitate communication in a hostile environment
such as battlefield or emergency situation. The various severe security threats are increasing on the
MANET. One of these security threats is black hole attack which drops all received data packets intended
for forwarding. In this paper, we are simulating and analyzing the impact of black hole attack on Ad Hoc
On-Demand Distance Vector (AODV) protocol. The simulation is carried on NS-2 and the simulation
results are analyzed on various network performance metrics such as packet delivery ratio, normalized
routing overhead and average end-to-end delay.
Impact of Black Hole Attack on AODV Routing ProtocolZac Darcy
A mobile ad-hoc network (MANET) is a collection of wireless mobile nodes that dynamically self-organize
to form an arbitrary and temporary network. The mobile nodes can communicate with each other without
any fixed infrastructure. MANET can be set up quickly to facilitate communication in a hostile environment
such as battlefield or emergency situation. The various severe security threats are increasing on the
MANET. One of these security threats is black hole attack which drops all received data packets intended
for forwarding. In this paper, we are simulating and analyzing the impact of black hole attack on Ad Hoc
On-Demand Distance Vector (AODV) protocol. The simulation is carried on NS-2 and the simulation
results are analyzed on various network performance metrics such as packet delivery ratio, normalized
routing overhead and average end-to-end delay
AN IMPROVED WATCHDOG TECHNIQUE BASED ON POWER-AWARE HIERARCHICAL DESIGN FOR I...IJNSA Journal
Preserving security and confidentiality in wireless sensor networks (WSN) are crucial. Wireless sensor networks in comparison with wired networks are more substantially vulnerable to attacks and intrusions. In WSN, a third person can eavesdrop to the information or link to the network. So, preventing these intrusions by detecting them has become one of the most demanding challenges. This paper, proposes an
improved watchdog technique as an effective technique for detecting malicious nodes based on a power aware hierarchical model. This technique overcomes the common problems in the original Watchdog mechanism. The main purpose to present this model is reducing the power consumption as a key factor
for increasing the network's lifetime. For this reason, we simulated our model with Tiny-OS simulator and then, compared our results with non hierarchical model to ensure the improvement. The results indicate that, our proposed model is better in performance than the original models and it has increased the lifetime of the wireless sensor nodes by around 2611.492 seconds for a network with 100 sensors.
Review on key predistribution schemes in wireless sensor networksijassn
A wireless sensor network consist distributed sensors which are used to monitor physical or environmental
conditions like temperature, sound, pressure and so on. Wireless sensor network are used in future in many
applications like military, investigation teams, researches and so on. Security is the main issue in wireless
sensor network. Sensor network arrange several types of data packets, packets of routing protocols and
packets of key management protocols. Key management is the most effective method for providing better
security against several types of attacks. This paper discusses the various key pre-distribution approaches
along with their advantages and disadvantages.
An analysis of Network Intrusion Detection System using SNORTijsrd.com
This paper describes the analysis of signature based intrusion detection systems. Snort which is a signature based intrusion detection system are used for this purpose. We use DARPA dataset for the evaluation of Intrusion detection system.
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
A LIGHT WEIGHT PROTOCOL TO PROVIDE LOCATION PRIVACY IN WIRELESS BODY AREA NET...IJNSA Journal
Location privacy is one of the major security problems in a Wireless Body Area Networks (WBANs). An eavesdropper can keep track of the place and time devices are communicating. To make things even worse, the attacker does not have to be physically close to the communicating devices, he can use a device with a stronger antenna. The unique hardware address of a mobile device can often be linked to the identity of the user operating the device. This represents a violation of the user’s privacy. The user should decide when his/her location is revealed and when not. In this paper, we first categorize the type of eavesdroppers for WBANs, and then we propose a new scheme to provide the location privacy in Wireless Body Area Networks (WBANs).
PDS- A Profile based Detection Scheme for flooding attack in AODV based MANETijsptm
One of the main challenges in MANET is to design the robust security solution that can protect MANET
from various routing attacks. Flooding attack launched at network layer is a serious routing attack which
can consume more resources like bandwidth, battery power, etc. It is more concealed form of Denial of
service attack and resource consumption attack. The route discovery scheme in reactive routing protocols
like Adhoc On Demand Distance Vector (AODV) and Dynamic Source Routing (DSR) used in MANET
makes it more easy for malicious nodes to launch connection request floods by flooding the route request
packets (RREQ) on the network. A novel detection technique based on dynamic profile with traffic pattern
analysis (PDS) is proposed. Its effectiveness in detecting and isolating the malicious node that floods the
route request packets is evaluated using java simulator jist/swans.
An intrusion detection system plays a major role in network security. We
propose a model “DB-OLS: An Approach for IDS” which is a Deviation Based-Outlier
approach for Intrusion detection using Self Organizing Maps. In this model “Self
Organizing Map” approach is to be used for behavior learning and “Outlier mining”
approach, for detecting an intruder by calculating deviation from known user profile.
This model aims to improve the capability of detecting intruders.
Networked Dynamic Systems: Identification, Controllability, and RandomnessMarzieh Nabi
As part of my research, we aimed to develop a graph-centric framework for the analysis and synthesis of networked dynamic systems (NDS) consisting of multiple dynamic units that interact via an interconnection topology. We examined three categories of network problems, namely, identification, controllability, and randomness. In network identification, we made explicit relation between the input-output behavior of a NDS
and the underlying interacting network.
In network controllability, we provided structural and algebraic insights into features of the network that enable external signal(s) to control the state of the nodes in the network for certain classes of networks, namely, path, circulant, and Cartesian networks. We also examined the relation between network controllability and the symmetry structure
of the graph.
Motivated by the analysis results for the controllability and observability of deterministic networks, a natural question is whether randomness in the network layer or in the layer of inputs and outputs generically lead to favorable system theoretic properties.
In this direction, we examined system theoretic properties of random networks including controllability, observability, performance of optimal feedback controller, and estimator design. We explored some of the ramifications of such an analysis framework in opinion dynamics over social networks and also sensor networks to estimate the position of a Seaglider in real-time from experimental data with intermittent observations.
Limiting Self-Propagating Malware Based on Connection Failure Behavior csandit
Self-propagating malware (e.g., an Internet worm) exploits security loopholes in software to
infect servers and then use them to scan the Internet for more vulnerable servers. While the
mechanisms of worm infection and their propagation models are well understood, defense
against worms remains an open problem. One branch of defense research investigates the
behavioral difference between worm-infected hosts and normal hosts to set them apart. One
particular observation is that a worm-infected host, which scans the Internet with randomly
selected addresses, has a much higher connection-failure rate than a normal host. Rate-limit
algorithms have been proposed to control the spread of worms by traffic shaping based on
connection failure rate. However, these rate-limit algorithms can work properly only if it is
possible to measure failure rates of individual hosts efficiently and accurately. This paper points
out a serious problem in the prior method and proposes a new solution based on a highly
efficient double-bitmap data structure, which places only a small memory footprint on the
routers, while providing good measurement of connection failure rates whose accuracy can be
tuned by system parameters.
COMBINING NAIVE BAYES AND DECISION TREE FOR ADAPTIVE INTRUSION DETECTIONIJNSA Journal
In this paper, a new learning algorithm for adaptive network intrusion detection using naive Bayesian classifier and decision tree is presented, which performs balance detections and keeps false positives at acceptable level for different types of network attacks, and eliminates redundant attributes as well as contradictory examples from training data that make the detection model complex. The proposed algorithm also addresses some difficulties of data mining such as handling continuous attribute, dealing with missing attribute values, and reducing noise in training data. Due to the large volumes of security audit data as well as the complex and dynamic properties of intrusion behaviours, several data miningbased intrusion detection techniques have been applied to network-based traffic data and host-based data in the last decades. However, there remain various issues needed to be examined towards current intrusion detection systems (IDS). We tested the performance of our proposed algorithm with existing learning algorithms by employing on the KDD99 benchmark intrusion detection dataset. The experimental results prove that the proposed algorithm achieved high detection rates (DR) and significant reduce false positives (FP) for different types of network intrusions using limited computational resources.
Survey of wormhole attack in wireless sensor networksCSITiaesprime
From the last decade, a wireless sensor network (WSN) has a very important role over the networks. The primary features of WSN include satellite communication, broadcast channel, hostile environment, medical system and data gathering. There are a lot of attacks available in WSN. In wormhole attack scenario is brutal from other attacks, which is smoothly resolved in networks but tough to observe. This survey paper is an experiment to observing threats and also focuses on some different method to identify the wormhole attacks.
Generating images from a text description is as challenging as it is interesting. The Adversarial network
performs in a competitive fashion where the networks are the rivalry of each other. With the introduction of
Generative Adversarial Network, lots of development is happening in the field of Computer Vision. With
generative adversarial networks as the baseline model, studied Stack GAN consisting of two-stage GANS
step-by-step in this paper that could be easily understood. This paper presents visual comparative study of
other models attempting to generate image conditioned on the text description. One sentence can be related
to many images. And to achieve this multi-modal characteristic, conditioning augmentation is also
performed. The performance of Stack-GAN is better in generating images from captions due to its unique
architecture. As it consists of two GANS instead of one, it first draws a rough sketch and then corrects the
defects yielding a high-resolution image.
PERUSAL OF INTRUSION DETECTION AND PREVENTION SYSTEM ON A MANET WITH BLACK HO...ijsptm
MANET is a self configuring network of nodes which is a wireless . The nodes in this network move
randomly .Mobility of nodes is more. The nodes are dynamic and infrastructure less ,self maintainable. In
MANET there are many types of security attacks like Blackhole, greyhole attack, wormhole, jellyfish etc.
When the MANET is under blackhole attack there is a loss of energy which is high at the node resulting in
loss of battery backup and also excess of bandwidth may be consumed by the attacker. The attacker is an
insider. Among various mobility models to generate mobility patterns the Random waypoint mobility
model is used .To solve these issues an IDPS framework for MANET using image processing techniques
under blackhole attack is proposed to detect the blackhole attack RREP by providing security services like
authentication and confidentiality.
Impact of Black Hole Attack on AODV Routing ProtocolZac Darcy
A mobile ad-hoc network (MANET) is a collection of wireless mobile nodes that dynamically self-organize
to form an arbitrary and temporary network. The mobile nodes can communicate with each other without
any fixed infrastructure. MANET can be set up quickly to facilitate communication in a hostile environment
such as battlefield or emergency situation. The various severe security threats are increasing on the
MANET. One of these security threats is black hole attack which drops all received data packets intended
for forwarding. In this paper, we are simulating and analyzing the impact of black hole attack on Ad Hoc
On-Demand Distance Vector (AODV) protocol. The simulation is carried on NS-2 and the simulation
results are analyzed on various network performance metrics such as packet delivery ratio, normalized
routing overhead and average end-to-end delay.
Impact of Black Hole Attack on AODV Routing ProtocolZac Darcy
A mobile ad-hoc network (MANET) is a collection of wireless mobile nodes that dynamically self-organize
to form an arbitrary and temporary network. The mobile nodes can communicate with each other without
any fixed infrastructure. MANET can be set up quickly to facilitate communication in a hostile environment
such as battlefield or emergency situation. The various severe security threats are increasing on the
MANET. One of these security threats is black hole attack which drops all received data packets intended
for forwarding. In this paper, we are simulating and analyzing the impact of black hole attack on Ad Hoc
On-Demand Distance Vector (AODV) protocol. The simulation is carried on NS-2 and the simulation
results are analyzed on various network performance metrics such as packet delivery ratio, normalized
routing overhead and average end-to-end delay
Impact of black hole attack on aodv routing protocolZac Darcy
A
m
obile
a
d
-
hoc
n
etwork (MANET)
is a
collection
of wireless mobile nodes
that dynamically self
-
organize
to form an
arbitrary and temporary network.
The mobile nodes can communicate wit
h each other
without
any fixed infrastructure.
MANET
can be set
up quickly to facilitate communication in a hostile environment
such as battlefield or emergency situation.
The various severe security threats are
increasing
on the
MANET
. One of these secur
ity threats is black hole attack which drops all received data packets intended
for forwarding. In this paper, we are simulating and analyzing the impact of black hole attack on Ad Hoc
On
-
Demand Distance Vector (AODV) protocol. Th
e simulation is carried on
NS
-
2 and t
he simulation
results are analyzed
on
various network performance
metric
s such as packet delivery ratio, normalized
routing overhead
and
average end
-
to
-
end delay
NTRUSION D ETECTION S YSTEMS IN M OBILE A D H OC N ETWORKS : S TATE OF ...ijcsa
Mobile Ad Hoc Networks (MANETs) are more vulnerable
to different attacks. Prevention methods as
cryptographic techniques alone are not sufficient t
o make them secure; therefore, efficient intrusion
detection must be deployed and elaborated to facili
tate the identification of attacks. An Intrusion De
tection
System (IDS) aims to detect malicious and selfish n
odes in a network. The intrusion detection methods
used
normally for wired networks can no longer adequate
when adapted directly to a wireless ad-hoc network,
so existing techniques of intrusion detection have
to be changed and new techniques have to be determi
ned
to work efficiency and effectively in this new netw
ork architecture of MANETs. In this paper we give a
survey of different architectures and methods of in
trusion detection systems (IDSs) for MANETs
accordingly to the recent literature.
Mobile ad hoc network (MANET) is an autonomous system of mobile nodes. Each node operates not only as an end system, but also as a router to forward packets. The nodes are free to move about and organize themselves into a network. These cause extra challenges on security. In this paper, evaluation of prominent on-demand routing protocol i.e. AODV,MAODV,RAODV has been done by varying the network size. An effort has been carried out to do the performance evaluation of these protocols using random way point model. The simulator used is NS 2.34. The performance of either protocol has been studied by using a self created network scenario with respect to pause time.
Review on Grey- Hole Attack Detection and PreventionIJARIIT
These Grey Hole attacks poses a serious security threat to the routing services by attacking the reactive routing protocols resulting in drastic drop of data packets. AODV (Ad hoc on demand Distance Vector) routing being one of the many protocols often becomes an easy victim to such attacks. The survey also gives up-to-date information of all the works that have been done in this area. Besides the security issues they also described the layered architecture of MANET, their applications and a brief summary of the proposed works that have been done in this area to secure the network from Grey Hole attacks
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
A black-hole attack in the Mobile Ad-hoc NETwork (MANET) is an attack occurs due to malicious nodes,
which attracts the data packets by falsely advertising a fresh route to the destination. In this paper, we
present a clustering approach in Ad-hoc On-demand Distance Vector (AODV) routing protocol for the
detection and prevention of black-hole attack in MANETs. In this approach every member of the cluster will
ping once to the cluster head, to detect the peculiar difference between the number of data packets received
and forwarded by the node. If anomalousness is perceived, all the nodes will obscure the malicious nodes
from the network.
AN APPROACH TO PROVIDE SECURITY IN MOBILE AD-HOC NETWORKS USING COUNTER MODE ...IJNSA Journal
Security in any of the networks became an important issue in this paper we have implemented a security mechanism on Medium Access Control layer by Assured Neighbor based Security Protocol to provide authentication and confidentiality of packets along with High speed transmission for Ad hoc networks. Here we have divided the protocol into two different parts. The first part deals with Routing layer information; in this part we have tried to implement a possible strategy for detecting and isolating the malicious nodes. A trust counter for each node is determined which can be actively increased and decreased depending upon the trust value for the purpose of forwarding the packets from source node to destination node with the help of intermediate nodes. A threshold level is also predetermined to detect the malicious nodes. If the value of the node in trust counter is less than the threshold value then the node is denoted ‘malicious’. The second part of our protocol deals with the security in the link layer. For this security reason we have used CTR (Counter) approach for authentication and encryption. We have simulated all our strategies and schemes in NS-2, the result of which gives a conclusion that our proposed protocol i.e. Assured Neighbor based Security Protocol can perform high packet delivery against various intruders and also packet delivery ratio against mobility with low delays and low overheads.
Black Hole Attack Prevention Using Random Dispersive Routing for Mobile Adhoc...pijans
Mobile Adhoc Networks is a wireless network and it has become an important technology in current years
in which security has become an important problem. Black hole Attack is one of the promising and severe
security attacks in mobile ad hoc networks which block the communication of secret data during packet
delivery. Black hole attack directly attacks the node’s data traffic on the path and with intent drops, alters
or delays the data traffic passing through that node. In other type of black hole attack which misleadingly
replies for the route request which comes from the node which initiates the route discovery process that it
has as much as necessary routes to the destination even it does not have path to the destination. This paper
deals with prevention of black hole attacks using Shamir’s secret sharing and Random Multipath Routing
Algorithm
A Combined Approach for Worm-Hole and Black-Hole Attack Detection in MANETIJERA Editor
Mobile ad hoc network is a kind of wireless network, in this network all nodes are connected through the wireless links and perform cooperative communication.Due to limited radio range of these devices any time can leave or join the network. Therefore the routing techniques are responsible for the network organization and communication flow. Due to this the performance of MANET is low as compared with the traditional wired communication networks. In addition of that network is suffers from the probability of attacks. Thus in this paper MANET routing strategy and their attacks are investigated and learned. In addition of that in order to secure the communication recent approaches of security in MANET also investigated. Finally a new algorithm for prevention of malicious attack in MANET is suggested. Additionally the based on the concluded facts, future extension of the proposed work is also suggested.
Consensus Routing And Environmental Discrete Trust Based Secure AODV in MANETsIJCNCJournal
The Mobile Adhoc Network (MANET) is a wireless network model for infrastructure-less communication, and it provides numerous applications in different areas. The MANET is vulnerable to a Black-hole attack, and it affects routing functionality by dropping all the incoming packets purposefully. The Black-hole attackers pretend that it always has the best path to the destination node to mislead the source nodes. Trust is the critical factor for detecting and isolating the Black-hole attackers from the network. However, the harsh channel conditions make it difficult to differentiate the Black-hole routing activities and accurate trust measurement. Hence, incorporating the consensus-based trust evidence collection from the neighbouring nodes improves the accuracy of trust. For improving the accuracy of trust, this work suggests Consensus Routing and Environmental DIscrete Trust (CREDIT) Based Secure AODV. The CREDIT incorporates Discrete and Consensus trust information. The Discrete parameters represent the specific characteristics of the Black-hole attacks, such as routing behaviour, hop count deviation, and sequence number deviation. The direct trust accurately differentiates the Black-hole attackers using Discrete parameters, only when the nodes perform sufficient communication between the nodes. To solve such issues, the CREDIT includes the Consensus-based trust information. However, secure routing against the Black-hole attack is challenging due to incomplete preferences. The in-degree centrality and Importance degree measurement on the collected consensus-based trust from decisionmakers solve the incomplete preference issue as well as improves the accuracy of trust. The performance of the proposed scheme is evaluated using Network Simulator-2 (NS2). From the simulation results, it is proved that the detection accuracy and throughput of the proposed CREDIT are substantially high and the proposed CREDIT scheme outperforms the existing work.
Similar to A NOVEL TECHNIQUE TO DETECT INTRUSION IN MANET (20)
Final project report on grocery store management system..pdfKamal Acharya
In today’s fast-changing business environment, it’s extremely important to be able to respond to client needs in the most effective and timely manner. If your customers wish to see your business online and have instant access to your products or services.
Online Grocery Store is an e-commerce website, which retails various grocery products. This project allows viewing various products available enables registered users to purchase desired products instantly using Paytm, UPI payment processor (Instant Pay) and also can place order by using Cash on Delivery (Pay Later) option. This project provides an easy access to Administrators and Managers to view orders placed using Pay Later and Instant Pay options.
In order to develop an e-commerce website, a number of Technologies must be studied and understood. These include multi-tiered architecture, server and client-side scripting techniques, implementation technologies, programming language (such as PHP, HTML, CSS, JavaScript) and MySQL relational databases. This is a project with the objective to develop a basic website where a consumer is provided with a shopping cart website and also to know about the technologies used to develop such a website.
This document will discuss each of the underlying technologies to create and implement an e- commerce website.
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)MdTanvirMahtab2
This presentation is about the working procedure of Shahjalal Fertilizer Company Limited (SFCL). A Govt. owned Company of Bangladesh Chemical Industries Corporation under Ministry of Industries.
Water scarcity is the lack of fresh water resources to meet the standard water demand. There are two type of water scarcity. One is physical. The other is economic water scarcity.
Explore the innovative world of trenchless pipe repair with our comprehensive guide, "The Benefits and Techniques of Trenchless Pipe Repair." This document delves into the modern methods of repairing underground pipes without the need for extensive excavation, highlighting the numerous advantages and the latest techniques used in the industry.
Learn about the cost savings, reduced environmental impact, and minimal disruption associated with trenchless technology. Discover detailed explanations of popular techniques such as pipe bursting, cured-in-place pipe (CIPP) lining, and directional drilling. Understand how these methods can be applied to various types of infrastructure, from residential plumbing to large-scale municipal systems.
Ideal for homeowners, contractors, engineers, and anyone interested in modern plumbing solutions, this guide provides valuable insights into why trenchless pipe repair is becoming the preferred choice for pipe rehabilitation. Stay informed about the latest advancements and best practices in the field.
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxR&R Consult
CFD analysis is incredibly effective at solving mysteries and improving the performance of complex systems!
Here's a great example: At a large natural gas-fired power plant, where they use waste heat to generate steam and energy, they were puzzled that their boiler wasn't producing as much steam as expected.
R&R and Tetra Engineering Group Inc. were asked to solve the issue with reduced steam production.
An inspection had shown that a significant amount of hot flue gas was bypassing the boiler tubes, where the heat was supposed to be transferred.
R&R Consult conducted a CFD analysis, which revealed that 6.3% of the flue gas was bypassing the boiler tubes without transferring heat. The analysis also showed that the flue gas was instead being directed along the sides of the boiler and between the modules that were supposed to capture the heat. This was the cause of the reduced performance.
Based on our results, Tetra Engineering installed covering plates to reduce the bypass flow. This improved the boiler's performance and increased electricity production.
It is always satisfying when we can help solve complex challenges like this. Do your systems also need a check-up or optimization? Give us a call!
Work done in cooperation with James Malloy and David Moelling from Tetra Engineering.
More examples of our work https://www.r-r-consult.dk/en/cases-en/
Student information management system project report ii.pdfKamal Acharya
Our project explains about the student management. This project mainly explains the various actions related to student details. This project shows some ease in adding, editing and deleting the student details. It also provides a less time consuming process for viewing, adding, editing and deleting the marks of the students.
Student information management system project report ii.pdf
A NOVEL TECHNIQUE TO DETECT INTRUSION IN MANET
1. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
DOI : 10.5121/ijnsa.2013.5515 179
A NOVEL TECHNIQUE TO DETECT
INTRUSION IN MANET
J. K. Mandal 1
and Khondekar Lutful Hassan
2
1
Department of Computer Engineering, University of Kalyani, Kalyani,
Nadia-741235, West Bengal, India
2
A.K.C. School of I.T, University of Calcutta, Kolkata, West Bengal, India
ABSTRACT
In this paper a novel technique has been proposed for intrusion detection in MANET, where agents are
fired from a node for each node randomly and detect the defective nodes. Detection is based on triangular
encryption technique (TE)[9,10], and AODV[1,2,3,8] is taken as routing protocol. The scheme is an
‘Agent’ based intrusion detection system. This technique is applied on two types of defective nodes namely
packet sinking and black hole attack. For simulation purpose we have taken NS2 (2.33) and three type of
parameters are considered. These are number of nodes, percentage of node mobility and type of defective
nodes. For analysis purpose 20, 30, 30, 40, 50 and 60 nodes are taken with variability. Percentage of
defectiveness as 10%, 20%, 30% and 40%.Packet sink and black hole attack are considered as
defectiveness of nodes. We have considered generated packets, forward packets, average delay and drop
packets as comparisons and performance analysis parameters.
KEYWORDS
Agent Based Intrusion Detection System (AIDS), MANET, NS2, AODV, Mobile Agent, Black hole Attack
1. INTRODUCTION
As MANET is infrastructure less and also has the ability of node mobility and it is distributed in
nature. Every node act as router So security is the main challenge in MANET [1][2][3] .
MANET routing protocols are basically three types, they are Proactive or Table driven Reactive
or On Demand, and hybrid routing protocol, which is combination of proactive and reactive.
AODV[1,2,3,8,12] is on demand routing protocol. Which find the route on the basis of on
demand. In AODV[1,2,3,8,12] a node want to send a packet it broadcast a route request message
(RERQ). With the help of RERQ message AODV [1, 2, 3, 8,12] routing protocol create the route.
In this routing protocol when nodes are moving the same process apply to find new route.
As the security is the main challenge of MANET, as MANET is dynamic in nature. There are
basically two types of attacks in MANET. They are passive attack and active attack. A Passive
attack does not disrupt the operation of the network. It just snoop the data without any alert from
the network and confidentiality of the data has been lost. It is very hard to detect the passive
attack in the network. The active attacks destroy the data and disrupt the operation of the network.
Black hole attack is the example of active attack. Attacker uses the routing protocol to advertise
itself as having the shortest path to the node whose packets wants to intercept. An attacker listen
the requests for routes in a flooding based protocol. When the attacker receives a request for a
route to the destination node, it creates a reply consisting of an extremely short route. If the
2. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
180
malicious reply reaches the initiating node before the reply from the actual node, a fake route gets
created. Once the malicious device has been able to insert itself between the communicating
nodes, it is able to do anything with the packets passing between them. It can drop the packets
between them to perform a denial-of-service attack. Many researchers have proposed and
implemented various techniques for intrusion detection. Intrusion detection requires cooperation
among nodes. Intrusion detection is the automated detection and subsequent generation of an
alarm to alert the security apparatus at a location if intrusions have taken place or are taking place.
An intrusion detection system (IDS)[4] is a defense system, which detects hostile activities in a
network and then tries to prevent such activities that may compromise system security. Intrusion
detection systems detect malicious activity by continuously monitoring the network. In other
words, intrusion detection is a process of identifying and responding to malicious activity targeted
at computing and networking resources. IDSs [15] implemented using mobile agents is one of the
new paradigms for intrusion detection. Mobile agents are special type of software agent, having
the capability to move from one host to another.
Based on the sources of the audit information used by each IDS,[15] the IDSs may be classified
into
Host-base IDSs: host based IDS detects attack against a single host. IDS get audit information
from host audit trails.
Distributed IDSs. In this distributed IDS, an IDS agent runs at each mobile node and performs
local data collection and local detection, whereas cooperative detection and global intrusion
response can be triggered when a node reports an anomaly
Network-based IDSs: In network based IDS detects attack in network,. System uses network
traffic as audit information source Mobile agent is a software agent which can move through the
network from host to host. For a large scale network it can move to the node and collect the audit
data, and information and can perform the specific task to the destination.
In this paper A Novel Technique for Intrusion Detection System has been proposed in MANET.
An agent has been triggered randomly from a node which traverses all nodes sequentially one
after another till the end of nodes associated with the cell in a round. It computes the security
parameters and finds the conflicted activities if any which reported as malicious activities of the
node. Two type of defectiveness are considered here one is simple packet sink in any node
(malicious node), another is black hole.
Black hole [11, 14, 16] attack is an active type of attack in MANET. This type of attack the
attacker selectively drop RREQ/RREP message. In this type of attack malicious node waits for
neighbouring nodes to send RREQ messages. When RERQ message is send to neighbour
without checking its routing table then the malicious node sends immediately a false
RERP message for route destination. So sending node considered that route has been
discovered and it will ignore other RERP message. And victim node sends the data
towards the malicious node. And black hole attack occurred in the network.
Section 2 of the paper deals with the proposed detection technique. Simulation environment has
been presented in section 3. Section 4 deals with simulations. In section 5 results and comparison
of performance are described. Conclusion is drawn in section 6 and conclusion is given at end.
3. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
181
2. PROPOSED TECHNIQUE
In proposed method AODV [1, 2, 3, and 8] is taken as routing protocol. A mobile agent named
‘IDECT’ fired from a monitor node of the network traverse all nodes intern one after another,
monitor the activity of the nodes for its malicious behavior if exist, detect the node as malicious
through an agent . As security measure each node computes some information as source
information of the node through an agent at triggering nodes followed by encryption using an
algorithm called Triangular Encryption [TE][9,10] and encapsulate the information within the
packet which traverse in the network. The agent ‘Idect ‘randomly triggered its process of
detection in randomly selected node computes the information, decode the encrypted information
and compare for authentication. If this authentication fails, the node is detected as malicious and
the information is forwarded to its neighbors accordingly and also the detection status is shown in
the system terminal. The detection of malicious node is guided through an encryption process
where various parameters of nodes normally affected through intrusion are taken as input and a
triangular based encryption is done in of these parameters to capsule the parameters in each node.
The process of encryption is described is as follows. Consider a block S= s0
0 s0
1 s0
2 s0
3 s0
4 s0
5
.................. s0
n-2 s0
n-1 of size n bits , where s0
1 = 0 or 1 for 0<=i<=(n-1).Starting from MSB (s0
0)
and the next to MSB (s0
1), bits are pair-wise XNOR ed, so that the first intermediate sub-stream
S1 =
S= s1
0 s1
1 s1
2 s1
3 s1
4 s1
5 .............. s1
n-2 s1
n-1 is generated consisting of (n-1) bits, where s1
j = s0
j
(XNOR) s0
j+1 for 0<=j<=n-2.The first intermediate sub stream S1
is also pair-wise XNORed to
generate S2
=s 2
0 s2
1 s2
2 s2
3 s2
4 s2
5… s2
n-2 s2
n-1, which is the second intermediate sub-stream of
length (n-2). This process continues (n-1) times to ultimately generate Sn-1
=Sn-1
0, which is a single
bit only. Thus the size of the first intermediate sub-stream is one bit less than the source sub-
stream; the size of each of the intermediate sub-stream starting from the second one is one bit less
than that of the sub-stream wherefrom it was generated; and finally the size of the final sub-
stream. Figure 1 shows the generation of the intermediate sub-stream Sj+1
= sj+1
0 sj+1
1 sj+1
2 sj+1
3 sj+1
4
sj+1
5… sj+1
n-(j+2) from the previous intermediate sub-stream Sj
= sj
0 sj
1 sj
2 sj
3 sj
4 sj
5… sj
n-(j-1). The
formation of the triangular shape for the source sub-stream S= s0
0 s0
1 s0
2 s0
3 s0
4 s0
5… s0
n-2 s0
n-1 is
shown in figure 1.
S= s0
0 s01 s0
2 s0
3 s0
4 s0
5 .................. s0
n-2 s0
n-1
S1 =
s1
0 s11 s1
2 s1
3 s1
4.............. s1
n-2
S2
= s 2
0 s21 s2
2 s2
3 … s2
n-3
.................................
S
n-2
= s n-2
0 s n-2
1
Sn-1=
s n-1
0
Figure 1 Formation of triangle in TE
On generating this triangle various possibilities are there to encode. For the propose of the
present scheme, all MSBs are taken in order including source bit to form the encrypted bit. This
process is applied to various sensitive parameters of a node where attack may occur and the same
are encapsulated for detection by the agent ‘Idect’. When the agent triggered on a node for
intrusion detection, it will take values of same parameters from the node under scanner and again
encrypt the parameters using Triangular Encryption (TE)[9,10] through same option of
encryptions. After that it compared the values of encrypted parameters with the encapsulated
parameters for authentications. If the encapsulate parameters and computed parameters obtained
by ‘Idect’ are matched then the node is non malicious otherwise it designate the node as malicious
and mark the node accordingly before dropping of the Idect. The graphical view of an ideal
‘Idect’ is given in figure 2.
4. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
182
Figure 2 Graphical view of IDS technique
3. Simulation Environment
Network Simulator 2 (NS2.33) [6][7] is taken as a tool for simulation purpose. The Network
Simulator 2 is widely used tool in network research and network industry. It is discrete event
simulation, and capable of simulating various types of networks. NS2 [6, 7] consists of two
languages, C++ and Otcl. In the back end C++, which defines the internal mechanism of the
simulation object, and the front end Otcl set up simulation by assembling and configuring objects
as well as scheduling discrete events. To simulate NS2, a (.tcl) script file is required. After
simulation it creates two types of file, one is trace file (tr) and another is (.nam) file. Trace file is
used for calculation and statistical analysis, and that of .nam file is used to visualize the
simulation process.
3.1. Implementation of this Technique in NS2.
For the implementation of this technique an agent IDECT(protocol ) is created in NS2 and this
‘Idect’ is merge with NS2[6,7] package . AODV routing protocol is taken as a routing protocol.
Simple packet sinking technique is implemented adding some code in AODV.CC file. A specific
node is configured as malicious in the scripting file (.tcl) file then the malicious behaviour of the
node will be activated. As the nature of malicious is defined in aodv.cc file then it will drop the
packet accordingly. Now this Technique is applied against to the sink of the packet in aodv.cc
file. When the Idect agent come and going authenticate .if the destination node is malicious then
Idect will be going to drop. Before dropping Idect will indicate that the node is malicious. In the
other hand black hole attack is implemented in AODV protocol. When Idect come to the black
hole node and try to authenticate the node with our proposed technique, and authentication will be
failure and ‘Idect’ going to drop because node is black hole node. And before dropping Idect, it
will also indicate that the node is black hole node. This technique is applied in blackholeaodv.cc
file.
4. Simulations Parameters
For the purpose of simulation five parameters are taken as common in each case. These are given
in table 1.
5. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
183
Table 1: Parameter (fixed) of the simulation in ‘Idect’
Routing protocols AODV
Percentage of node mobility 40 %
Maximum packets in IFQ 50
Speed of the nodes 100 m/s
Time of simulation 10 sec
Variable parameters are
i. Number of nodes (20, 30, 40, 50 and 60)
ii. Types of malicious : simple packet sink and black hole attack
iii. Percentage of malicious node (10%, 20%, 30% and 40%)
Snapshot of simulation output is given in figure 3 and 3.1 where outputs of various
parameters are shown in details
Figure 3. Snapshot of simulation in network animator (NAM)
6. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
184
Figure 3.1. Snapshot of simulation in terminal
5. Performance analysis and Comparison
On applying this technique effect of performance in the network is described below.
Comparison of performance is measured with the following parameters.
A. Generated packets.
B. Forward packets.
C. Average delay.
D. Drop packets.
Results are taken considering the variable parameter like number of nodes, two types malicious
and percentage of malicious node. Numbers of nodes are taken 20, 30, 40, 50 and 60. The
malicious types are considered simple packet sink and black hole attack and percentage of node
malicious is taken as 10%, 20%, 30%, and 40%.
A. Generated packet
Comparison of the Idect packet generation is given bellow
a. When 20 nodes are taken: the comparison of generation packets given in the fig 4. In
this figure it is seen that packet (Idect) generation is high when black hole attack
occurred than simple packet sink attack occur, except when % of malicious is 10%.
7. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
185
Figure 4. Generation of packets when nodes are 20 in the network
b. When 30 nodes taken: the comparison of generation packets is given in the fig 5. In
this figure it is seen that packet (Idect) generation is always high when packet sink
attack occur than black hole attack occur.
Figure 5. Fig4. Generation of packets when nodes are 30 in the network
c. When 40 nodes taken: the comparison of generated packets is given in the fig 6. In this
figure it is seen that packet (Idect) generation is always high in packet sink attack than
black hole attack.
Figure 6. Generation of packets when nodes are 40 in the network
d. When 50 nodes taken: the comparison of generated packets is given in the fig 7. In this
figure it is seen that packet (Idect) generation is higher in simple packet sink nature
than black hole attack.
8. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
186
Figure 7. Generation of packets when nodes are 50 in the network
e. When 60 nodes taken: the comparison of generated packets is given in the fig 8. In this
figure it is seen that packet (Idect) generation is of simple packet sinking behavior is
higher than black hole attack like above figures.
Figure 8. Generation of packets when nodes are 60 in the network
From the above figure 4,5,6,7 and 8 it is seen that number of packet generation is less in the
where black hole attack occur. Only figure 4 shows that when node number is 20 at that time
result of packet generation is mixed.
B. Forward Packets:
Comparison of forward packets are given bellow
a. When 20 nodes taken: the comparison of forwarded packets is given in the fig 9. In this
figure it is seen that packet forward of black hole attack is higher than simple packet sink
behavior of the nodes except when %malicious is 10%.
Figure 9. Forward packets when nodes are 20
9. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
187
b. When 30 nodes taken: the comparison of forwarded packets is given in the fig 10. In this
figure it is seen that packet forward is higher in black hole attack than simple packet sink
behavior.
Figure 10. Forward packets when nodes are 30
c. When 40 nodes taken: the comparison of forwarded packets is given in the fig 11. In this
figure it is seen that packet forward of black hole attack is higher than simple packet sink
behavior of the nodes except when %malicious is 10%.
Figure 11. Forward packets when nodes are 40
d. When 50 nodes taken: the comparison of forwarded packets is given in the fig 12. In this
figure it is seen that packet forward of black hole attack is higher than simple packet sink
behavior of the nodes except when %malicious is 10% and 20%.
Figure 12. Forward packets when nodes are 50
e. When 60 nodes taken: the comparison of forwarded packets is given in the fig 13. In this
figure it is seen that packet forward of black hole attack is always higher than simple
10. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
188
packet sink behavior. Difference between both is increased with increase of % of node
malicious.
Figure 13. Forward packets when nodes are 60
From the above figure 9,10,11,12 and 13 it is seen that generally number of forward packet is
more in those network where black hole attack occurs. Sometime this is violated. It may cause of
another parameters.
C. Average Delay
Comparison of Average Delay are given bellow
a. When 20 nodes taken: the comparison of average delay is given in the fig 14. In this figure
it is seen that average delay of data transmission in the network traffic is very low when
black hole attack occur than simple packet sinking behavior.
Figure 14. Average Delay when nodes are 20
b. When 30 nodes taken: the comparison of average delay is given in the fig 15. In this figure
it is seen that average delay of data transmission in the network traffic is higher when black
hole attack occur than simple packet sinking behavior except 20% node malicious. At 20%
node malicious in both cases the average delay is about equal.
11. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
189
Figure 15. Average Delay when nodes are 30
c. When 40 nodes taken: the comparison of average delay is given in the fig 16. In this figure
it is seen that average delay of data transmission in the network is lower when black hole
attack occur than simple packet sinking behavior. But when % of malicious is 40% the
average delay increased rapidly than simple packet sinking behavior.
Figure 16. Average Delay when nodes are 40
d. When 50 nodes taken: the comparison of average delay is given in the fig 17. In this figure
it is seen that average delay of data transmission in the network more or less equal .when %
of malicious is 10% , average delay of black hole attack is a little higher
Figure 17. Average Delay when nodes are 50
e. When 60 nodes taken: when 60 nodes are taken the average delay of black hole attack is
very high than simple packet sinking behavior in the network. Fig. 18 shows the
comparison of average delay.
12. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
190
Figure 18. Average Delay when nodes are 60
From the figure 14 and 16 when node number is 20 and 40 the average delay is less in the
networks where black hole attack occurs. From the figure 15 and 18 it is seen that when node
number is 30 and 60 where black hole attacks occur the average delay is more. From the figure 17
where node number is 50 gives the mixed feedback.
D. Number of drop packets
Comparison of number of drop packet are given below
a. When 20 nodes taken: comparison of drop packets are shown in the fig. 19 when 20 nodes
are taken. Number of packet drop of simple packet sink behavior is higher than black hole
attack.
Figure 19. Number of drop packets when nodes are 20
b. When 30 nodes taken: comparison of drop packets are shown in the fig. 20 when 30 nodes
are taken. Drop packet of black hole attack is less than simple packet sink behavior in the
network.
Figure 20. Number of drop packets when nodes are 30
13. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
191
c. When 40 nodes taken: comparison of drop packets are shown in the fig. 21 when 40 nodes
are taken. Drop packets of black hole attack is very less than simple packet sink behavior
of the network
Figure 21. Number of drop packets when nodes are 40
d. When 50 nodes taken: comparison of drop packets are shown in the fig. 22 when 50 nodes
are taken. In this figure it is seen that drop packet of black hole attack is also very less than
simple packet sink behavior of the nodes.
Figure 22. Number of drop packets when nodes are 50
e. When 60 nodes taken: comparison of drop packets are shown in the fig. 23 when 60 nodes
are taken. This figure also represented that black hole attack has less packet drop than other
one.
Figure 22. Number of drop packets when nodes are 50
From the figure 19,20,21,22 it is seen that number of drop packet are less where black hole attack
occur than the network where simple packet sink occur.
14. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
192
3. CONCLUSIONS
In this paper a novel technique is proposed and applied to detect intrusion in MANET using
mobile Agent (‘Idect’). This novel technique is applied on two types of intrusion nodes, they are
simple packet sink nodes and another is black hole node. This technique successfully detects the
nodes with both type of defectiveness in the MANET. Comparisons and analysis of the
performance at various parameters in AODV routing protocol are also done extensively. It is seen
from the simulation that in some cases the network behave abnormally. The reason of
abnormality is due to 40 % nodes are moving with high speed (100m/s).and maximum 40% nodes
are malicious .If any network consist about 40% defective nodes then it can behave abonormally.
Only source node is firing the secure agent ‘Idect’ to every node with a high frequency so it is
unable to control all the packets, as a result it drop many packets. The propose technique
proposed are very simple for detection of malicious node as the ‘Idect’ agent visit all nodes
randomly across all nodes of the network irrespective of the topologies and thus it is an agent
based intrusion detection system.
For future work this simple technique can be applied in the other types of attacks like gray hole
attack , warm hole attack etc as well as this technique can be applied in other routing protocols.
ACKNOWLEDGEMENTS
The authors express deep sense of gratuity towards the Dept of CSE University of Kalyani where
the computational resources are used for the work and the PURSE scheme of DST, Govt. of
India.
REFERENCES
[1] C.Siva Ram Murthy and B.S manoj” Ad Hoc Wireless networks architecture and protocols”
Pearson education, India 2005.
[2] Prasant Mohapatra, Srikanth Krishnamurthy “Ad hoc networks: technologies and protocols”
Springer 2005.
[3] Chai-Keong Toh “Ad hoc mobile wireless networks: protocols and systems” Prentice Hall.
[4] Amitava Mishra “Security and Quality of Service in Adhoc Wireless Network”, Cambridge
University Press .
[5] Sarkar, S.K., Basavaraju, T.G., Puttamadappa, C.: Ad hoc Mobile Wireless Networks: Principles,
Protocols and Applications. Auerbach Publications (2008)
[6] Teerawat Issariyakul, Ekram Hossain “Introduction to Network Simulator NS2” Springer (2009)
[7] Marc Greis' Tutorial http://www.isi.edu/nsnam/ns/tutorial/
[8] Mubashir Husain Rehmani, Sidney Doria, and Mustapha Reda Senouci “A Tutorial on he
Implementation of Ad-hoc On Demand Distance Vector (AODV) Protocol in Network Simulator
(NS-2)”
[9] Mandal, J. K.,Dutta, S.,Mal, S., “A Multiplexing Triangular Encryption Technique – A Move
Towards Enhancing Security in E-Commerce, Proc. of Conference of Computer Association of
Nepal, December, 2001.
[10] Mandal, J. K., Chatterjee R, “Authentication of PCSs with Triangular Encryption Technique”,
Proceedings of 6th Philippine Computing Science Congress(PCSC 2006), Ateneo de Manila
University, Manila, Philippine, March 28-29,2006.
15. International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.5, September 2013
193
[11] Dokurer, S. Ert, Y.M. ; Acar, C.E.” Performance analysis of ad-hoc networks under black hole
attacks”, Proceedings. IEEE. pp. 148 – 153, 2007
[12] Perkins, C.E., Royer, E.M., "Ad-hoc on-demand distance vector routing”,
www.cs.ucsb.edu/~ravenben/classes/papers/aodv-wmcsa99.pdf
[13] Deng, H., Li, W., Agrawal, D., "Routing Security in Wireless Ad Hoc Networks" IEEE
Communication Magazine ( October 2002) pp. 70-75
[14] Al-Shurman, M., Yoo, S., Park, S., "Black hole Attack in Mobile Ad Hoc Networks", ACM
Southeast Regional Conference (2004) pp. 96-97
[15] Mishra, A., Nadkarni, K., Patcha, A., "Intrusion detection in wireless ad-hoc networks", IEEE
Wireless Communications, February 2004, pp. 48-60.
[16] Usha, Bose “Understanding Black Hole Attack in Manet” European Journal of Scientific
Research, ISSN 1450-216X Vol.83 No.3 (2012), pp.383-396
AUTHORS
Jyotsna Kumar Mandal, M. Tech.(Computer Science, University of Calcutta),Ph.D.(Engg.,
Jadavpur University) in the field of Data Compression and Error Correction Techniques,
Professor in Computer Science and Engineering, University of Kalyani, India. Life Member
of Computer Societ y of India since 1992 and life member of cryptology Research Society of
India. Ex-Dean Faculty of Engineering, Teachnology & Management, working in the field of
Network Security, Steganography, Remote Sensing & GIS Application, Image Processing. 26 years of
teaching and research experiences. Nine Scholars awarded Ph.D. and eight are pursuing. Total number of
publications is two hundred seventy seven in addition of publication of five books from LAP Lambert,
Germany.