SlideShare a Scribd company logo

NetSim Webinar on Network Attacks and Detection

Download as PPTX, PDF
D
DESHPANDE M

Webinar Contents: Why use a Network Simulator Introduction to NetSim Introduction to Sinkhole Attack : Attack scenario in MANET using NetSim Intrusion Detection System: Detection mechanism in MANET using NetSim Analyzing Metrics Areas of R & D in MANET Q & A

Technology
1 of 29
Twitter.com/tetcos linkedin.com/tetcos youtube.com/tetcos NetSim v9Network Simulation/Emulation Platform TM Webinar: Network Attacks and Detection 29th April 2016
NetSim TM Webinar Contents 1.Why use a Network Simulator 2.Introduction to NetSim 3.Introduction to Sinkhole Attack : Attack scenario in MANET using NetSim 4.Intrusion Detection System: Detection mechanism in MANET using NetSim 5.Analyzing Metrics 6.Areas of R & D in MANET 7.Q & A
NetSim TM Why use a Network Simulator for research ?
NetSim TM Communication Networks have become too complex for traditional analytical methods or “rules of thumb” to provide an accurate understanding of system behavior and possible problems and solutions
NetSim TM I. Networking traffic will quadruple by 2017 driven by wireless & mobile communication II. 2+ billion videos watched online every day III. Mobiles, tablets & sensors to join with existing internet cloud to form “network of things” I. Mobile Ad-hoc Networks II. Wireless Sensor Networks III. Cognitive Radio IV. LTE / LTE-A V. Internet of Things (IOT) 50 % of all research papers in IEEE & ACM refer a Network Simulator Observations in computer networking domain Key areas of research & development
NetSim TM Introduction to NetSim
NetSim TM NetSim is a popular tool for Network Design, Network R & D and defense applications. It allows users to create network scenarios, model traffic and study network performance metrics Wide range of technologies across LAN, WAN, BGP, WLAN, MANET, Wi-MAX, Cellular(GSM and CDMA), Cognitive Radio, Sensor Networks, IOT and LTE as per international Standards Open architecture with protocol C source code for users to write, link and de- bug.
NetSim TM NetSim - Customer Segments • Enterprise • Network design • Network validation • Defence • Network Centric Warfare • R&D Labs • Protocol Development • New Technology testing • Academic • Network Labs (B.Tech/BS), • Advanced Network Labs(M.Tech/MS) – ECE,CSE,IT • Phd thesis/M.Tech Projects
NetSim TM Technology Libraries Component No Networks / Protocols Component 1 (Base. Required for all components) Internetworks: Ethernet - Fast & Gigabit, Address Resolution Protocol, WLAN - 802.11 a, b, g , n, ac and e, Propagation - Free space, Log-normal Shadowing, Rayleigh Fading, IPv4 with VPN, Firewalls, Routing - RIP, OSPF, Queuing - Round Robin, FIFO, Priority, TCP, UDP. Common Modules Applications: Traffic Generator: Voice, Video, FTP, Database, HTTP, Email, Peer-to-peer and Custom. Virtual Network Stack, Simulation Kernel Command Line Interface, Metrics Engine with packet and event trace, Packet Animator Component 2 Legacy Networks: Aloha - Pure & Slotted, CSMA/CD, Token Ring, Token Bus, ATM, X.25, Frame Relay, Multi-Protocol Label Switching (MPLS) Component 3 BGP Networks: Border Gateway Protocol (BGP) Component 4 Advanced Wireless Networks: MANET - DSR, AODV, OLSR, ZRP, Wi-Max Component 5 Cellular Networks - GSM, CDMA Component 6 (Component 4 required) Wireless Sensor Networks, IOT & Personal Area Networks: WSN with agent model & battery models ZigBee Component 7 Cognitive Radio Networks WRAN Component 8 Long Term Evolution LTE Component 9 (Component 4 required) Military Radio TDMA Link 16
NetSim TM 1. New Technologies • Internet of things • 802.11 ac (Gigabit Wi-Fi) • Rate adaptation algorithm for WLAN • Military Radios: HF, UHF and VHF Bands 2. Network Emulator Add-on Module • Connect NetSim to Real Devices running Live Application 3. Interfacing with softwares • MATLAB interface • Wireshark Interface 4. Accelerated and multithreaded kernel • Approx. 40x times faster than v8.3 for large simulations 5. Simulation Scale up • Pro version tested up to 100,000 devices What’s new in v9
NetSim TM Introduction to Sinkhole Attack
NetSim TM Sinkhole Attack in MANET • Sinkhole attack is one of the severe attacks in wireless Ad hoc network. • In sinkhole Attack, a compromised node or malicious node advertises wrong routing information to produce itself as a specific node and receives whole network traffic. • After receiving whole network traffic it can either modify the packet information or drop them to make the network complicated. • Sinkhole attacks affects the performance of Ad hoc networks protocols such as DSR protocol.
NetSim TM Sinkhole in DSR in NetSim • In DSR the source broadcasts RREQ packet during Route Discovery. • The destination on receiving the RREQ packet replies with a RREP packet containing the route to reach the destination. • But Intermediate nodes can also send RREP packet to the source if they have a route to the destination in their route cache. • Using this loophole the malicious node adds a fake route entry into its route cache with the destination node as its next hop.
NetSim TM Sinkhole in DSR in NetSim • On receiving the RREQ packet from the source the malicious node sends a fake RREP packet with the fake route. • The source node on receiving this packet observes this as a better route to the destination. • All the Network Traffic is attracted towards the Sinkhole (Malicious Node) and it can either modify the packet information or simply drop the packet (NetSim implementation)
NetSim TM Malicious.c • A file Malicious.c is added to the DSR project which contains the following functions: • fn_NetSim_DSR_MaliciousNode( ) - This function is used to identify whether a current device is malicious or not in-order to establish malicious behavior • fn_NetSim_DSR_MaliciousRouteAddToCache() - This function is used to add a fake route entry into the route cache of the malicious device with its next hop as the destination • fn_NetSim_DSR_MaliciousProcessSourceRouteOption() - This function is used to drop the received packets if the device is malicious, instead of forwarding the packet to the next hop
NetSim TM Simulation of sinkhole attack in NetSim Source – Device id 1 Destination – Device id 6 Sinkhole (malicious node) – Device id 2
NetSim TM Intrusion Detection System
NetSim TM Introduction • An intrusion detection system (IDS) monitors network for malicious activities • Once an attack is identified, or abnormal behaviour is sensed, measures are taken to recover from the attack. • The system also keeps track of the intruders so as to avoid further attacks in future.
NetSim TM IDS in NetSim In NetSim Intrusion Detection System has two major functionalities 1.Watchdog • A watchdog timer is added to each Node in the Network. • The timer starts the moment a packet is sent. • Once the packet is forwarded to the next hop within the Watchdog time duration. • If the next hop is malicious then it need not forward the packet (as per the sinkhole attack implemented) • A counter is used to keep track of number of time watchdog timer expires. • Once the counter reaches the failure threshold the current node marks its next hop as malicious and sends it for blacklisting. 2.Pathrater • Adds malicious nodes to blacklist. • Validates routes by verifying route reply. • Discards route reply if blacklisted nodes are present in it.
NetSim TM Watchdog.c Some of the important functions are: • add_watchdog_timer() - Adds a watchdog timer to each Node in the Network. • watchdog_timer_execute() - Checks if the packet is sent before timer expiry & checks if failure threshold is reached. Pathrater.c Some of the important functions are: • add_to_blacklist() - Adds malicious nodes to blacklist of the current device • verify_route_reply() - Checks if the IP addresses in the route reply contains the IP of any blacklisted node. IDS in NetSim
NetSim TM Simulation of IDS in NetSim Source – Device id 1 Destination – Device id 6 Intruder (malicious node) – Device id 3 , Device id 4 IDS running in all the nodes
Analyzing Metrics: Comparison of Network performance
NetSim TM Comparison of Throughput • Normal working • After attack • With IDS 0 0.02 0.04 0.06 0.08 0.1 0.12 Throughput Normal Attack IDS
NetSim TM Comparison of Application Delay 0 5000000 10000000 15000000 20000000 25000000 30000000 35000000 40000000 Delay Application Delay Normal Attack IDS
NetSim TM Youtube Channel http://www.youtube.com/tetcos
NetSim TM Over 300+ Customers across 15 countries Education - International Defence / Space / Industry Education - India
NetSim TM Research Areas in MANET • Routing protocols – Location based, Power aware etc. • QoS in adhoc networks • Intrusion detection • Performance Analysis • Vehicular adhoc networks etc., The Project Codes of Sinkhole Attack, IDS and other projects in different Networks can be accessed using the link: http://www.tetcos.com/File_Exchange/
NetSim TM Q & A Session Note: Depending on the available time, we will try to cover all your questions. In case your query is not answered, we assure you to answer your question via email.
NetSim TM For technical information contact Visit: www.tetcos.com E-mail: sales@tetcos.com Tele-fax: +91 80 2663 062411 For Commercial information: please contact our local channel partner available at http://tetcos.com/listcp.html

Recommended

Wormhole attack
Wormhole attackWormhole attack
Wormhole attack
Harsh Kishore Mishra
 
Blackhole attack in Manet
Blackhole attack in ManetBlackhole attack in Manet
Blackhole attack in Manet
Prof Ansari
 
wormhole attacks in wireless networks
wormhole attacks in wireless networkswormhole attacks in wireless networks
wormhole attacks in wireless networks
Thesis Scientist Private Limited
 
Wormhole Attack
Wormhole AttackWormhole Attack
Wormhole Attack
Pecific University
 
Flooding attack manet
Flooding attack manetFlooding attack manet
Flooding attack manet
Meena S Pandi
 
Attacks on mobile ad hoc networks
Attacks on mobile ad hoc networksAttacks on mobile ad hoc networks
Attacks on mobile ad hoc networks
Zdravko Danailov
 
Protocol manet
Protocol manetProtocol manet
Protocol manet
Kunal Prajapati
 
DETECTION OF SYBIL ATTACK IN MOBILE ADHOCK NETWORKING
DETECTION OF SYBIL ATTACK IN MOBILE ADHOCK NETWORKINGDETECTION OF SYBIL ATTACK IN MOBILE ADHOCK NETWORKING
DETECTION OF SYBIL ATTACK IN MOBILE ADHOCK NETWORKING
Prakash Kumar
 

Recommended

Wormhole attack
Wormhole attackWormhole attack
Wormhole attack
Harsh Kishore Mishra
 
Blackhole attack in Manet
Blackhole attack in ManetBlackhole attack in Manet
Blackhole attack in Manet
Prof Ansari
 
wormhole attacks in wireless networks
wormhole attacks in wireless networkswormhole attacks in wireless networks
wormhole attacks in wireless networks
Thesis Scientist Private Limited
 
Wormhole Attack
Wormhole AttackWormhole Attack
Wormhole Attack
Pecific University
 
Flooding attack manet
Flooding attack manetFlooding attack manet
Flooding attack manet
Meena S Pandi
 
Attacks on mobile ad hoc networks
Attacks on mobile ad hoc networksAttacks on mobile ad hoc networks
Attacks on mobile ad hoc networks
Zdravko Danailov
 
Protocol manet
Protocol manetProtocol manet
Protocol manet
Kunal Prajapati
 
DETECTION OF SYBIL ATTACK IN MOBILE ADHOCK NETWORKING
DETECTION OF SYBIL ATTACK IN MOBILE ADHOCK NETWORKINGDETECTION OF SYBIL ATTACK IN MOBILE ADHOCK NETWORKING
DETECTION OF SYBIL ATTACK IN MOBILE ADHOCK NETWORKING
Prakash Kumar
 
Attacks in MANET
Attacks in MANETAttacks in MANET
Attacks in MANET
Sunita Sahu
 
Black hole Attack Avoidance Protocol for wireless Ad-Hoc networks
Black hole Attack Avoidance Protocol for wireless Ad-Hoc networksBlack hole Attack Avoidance Protocol for wireless Ad-Hoc networks
Black hole Attack Avoidance Protocol for wireless Ad-Hoc networks
ijsrd.com
 
Security in mobile ad hoc networks
Security in mobile ad hoc networksSecurity in mobile ad hoc networks
Security in mobile ad hoc networks
Piyush Mittal
 
A survey on complex wormhole attack in wireless
A survey on complex wormhole attack in wirelessA survey on complex wormhole attack in wireless
A survey on complex wormhole attack in wireless
farrukh Farrukh
 
Security Issues in MANET
Security Issues in MANETSecurity Issues in MANET
Security Issues in MANET
Nitin Verma
 
Black hole attack
Black hole attackBlack hole attack
Black hole attack
Richa Kumari
 
Security in wireless sensor networks
Security in wireless sensor networksSecurity in wireless sensor networks
Security in wireless sensor networks
Piyush Mittal
 
Detection and prevention of wormhole attack in mobile adhoc networks
Detection and prevention of wormhole attack in mobile adhoc networksDetection and prevention of wormhole attack in mobile adhoc networks
Detection and prevention of wormhole attack in mobile adhoc networks
ambitlick
 
WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...
WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...
WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...
ijsrd.com
 
Abdullah Mukhtar ppt
Abdullah Mukhtar pptAbdullah Mukhtar ppt
Abdullah Mukhtar ppt
Abdullah Mukhtar
 
Security issues in manet
Security issues in manetSecurity issues in manet
Security issues in manet
flowerjaan
 
Wormhole attack detection algorithms in wireless network coding systems
Wormhole attack detection algorithms in wireless network coding systemsWormhole attack detection algorithms in wireless network coding systems
Wormhole attack detection algorithms in wireless network coding systems
Pvrtechnologies Nellore
 
Study of security attacks in manet
Study of security attacks in manetStudy of security attacks in manet
Study of security attacks in manet
Kunal Prajapati
 
Presentation1
Presentation1Presentation1
Presentation1
Rajat Soni
 
Grayhole
GrayholeGrayhole
Grayhole
Kumud Dixit
 
Various Security Attacks in mobile ad hoc networks
Various Security Attacks in mobile ad hoc networksVarious Security Attacks in mobile ad hoc networks
Various Security Attacks in mobile ad hoc networks
Kishan Patel
 
Wireless sensor networks
Wireless sensor networksWireless sensor networks
Wireless sensor networks
nagibtech
 
D0961927
D0961927D0961927
D0961927
IOSR Journals
 
Security of ad hoc networks
Security of ad hoc networksSecurity of ad hoc networks
Security of ad hoc networks
Jayesh Rane
 
Blackhole Attck detection in AODV Protocol
Blackhole Attck detection in AODV ProtocolBlackhole Attck detection in AODV Protocol
Blackhole Attck detection in AODV Protocol
Birju Tank
 
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A probabilistic-misbehavior-de...
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A probabilistic-misbehavior-de...IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A probabilistic-misbehavior-de...
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A probabilistic-misbehavior-de...
IEEEMEMTECHSTUDENTPROJECTS
 
Network monotoring
Network monotoringNetwork monotoring
Network monotoring
Programmer
 

More Related Content

What's hot

Black hole Attack Avoidance Protocol for wireless Ad-Hoc networks
Black hole Attack Avoidance Protocol for wireless Ad-Hoc networksBlack hole Attack Avoidance Protocol for wireless Ad-Hoc networks
Black hole Attack Avoidance Protocol for wireless Ad-Hoc networks
ijsrd.com
 
Security in mobile ad hoc networks
Security in mobile ad hoc networksSecurity in mobile ad hoc networks
Security in mobile ad hoc networks
Piyush Mittal
 
Security in wireless sensor networks
Security in wireless sensor networksSecurity in wireless sensor networks
Security in wireless sensor networks
Piyush Mittal
 
WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...
WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...
WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...
ijsrd.com
 
Abdullah Mukhtar ppt
Abdullah Mukhtar pptAbdullah Mukhtar ppt
Abdullah Mukhtar ppt
Abdullah Mukhtar
 
Study of security attacks in manet
Study of security attacks in manetStudy of security attacks in manet
Study of security attacks in manet
Kunal Prajapati
 
Wireless sensor networks
Wireless sensor networksWireless sensor networks
Wireless sensor networks
nagibtech
 

What's hot (20)

Attacks in MANET
Attacks in MANETAttacks in MANET
Attacks in MANET
 
Black hole Attack Avoidance Protocol for wireless Ad-Hoc networks
Black hole Attack Avoidance Protocol for wireless Ad-Hoc networksBlack hole Attack Avoidance Protocol for wireless Ad-Hoc networks
Black hole Attack Avoidance Protocol for wireless Ad-Hoc networks
 
Security in mobile ad hoc networks
Security in mobile ad hoc networksSecurity in mobile ad hoc networks
Security in mobile ad hoc networks
 
A survey on complex wormhole attack in wireless
A survey on complex wormhole attack in wirelessA survey on complex wormhole attack in wireless
A survey on complex wormhole attack in wireless
 
Security Issues in MANET
Security Issues in MANETSecurity Issues in MANET
Security Issues in MANET
 
Black hole attack
Black hole attackBlack hole attack
Black hole attack
 
Security in wireless sensor networks
Security in wireless sensor networksSecurity in wireless sensor networks
Security in wireless sensor networks
 
Detection and prevention of wormhole attack in mobile adhoc networks
Detection and prevention of wormhole attack in mobile adhoc networksDetection and prevention of wormhole attack in mobile adhoc networks
Detection and prevention of wormhole attack in mobile adhoc networks
 
WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...
WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...
WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...
 
Abdullah Mukhtar ppt
Abdullah Mukhtar pptAbdullah Mukhtar ppt
Abdullah Mukhtar ppt
 
Security issues in manet
Security issues in manetSecurity issues in manet
Security issues in manet
 
Wormhole attack detection algorithms in wireless network coding systems
Wormhole attack detection algorithms in wireless network coding systemsWormhole attack detection algorithms in wireless network coding systems
Wormhole attack detection algorithms in wireless network coding systems
 
Study of security attacks in manet
Study of security attacks in manetStudy of security attacks in manet
Study of security attacks in manet
 
Presentation1
Presentation1Presentation1
Presentation1
 
Grayhole
GrayholeGrayhole
Grayhole
 
Various Security Attacks in mobile ad hoc networks
Various Security Attacks in mobile ad hoc networksVarious Security Attacks in mobile ad hoc networks
Various Security Attacks in mobile ad hoc networks
 
Wireless sensor networks
Wireless sensor networksWireless sensor networks
Wireless sensor networks
 
D0961927
D0961927D0961927
D0961927
 
Security of ad hoc networks
Security of ad hoc networksSecurity of ad hoc networks
Security of ad hoc networks
 
Blackhole Attck detection in AODV Protocol
Blackhole Attck detection in AODV ProtocolBlackhole Attck detection in AODV Protocol
Blackhole Attck detection in AODV Protocol
 

Similar to NetSim Webinar on Network Attacks and Detection

A wireless intrusion detection system and a new attack model (synopsis)
A wireless intrusion detection system and a new attack model (synopsis)A wireless intrusion detection system and a new attack model (synopsis)
A wireless intrusion detection system and a new attack model (synopsis)
Mumbai Academisc
 
Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...
Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...
Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...
Editor IJCATR
 
For your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laFor your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and la
ShainaBoling829
 

Similar to NetSim Webinar on Network Attacks and Detection (20)

IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A probabilistic-misbehavior-de...
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A probabilistic-misbehavior-de...IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A probabilistic-misbehavior-de...
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A probabilistic-misbehavior-de...
 
Network monotoring
Network monotoringNetwork monotoring
Network monotoring
 
2014 IEEE DOTNET PARALLEL DISTRIBUTED PROJECT A probabilistic-misbehavior-det...
2014 IEEE DOTNET PARALLEL DISTRIBUTED PROJECT A probabilistic-misbehavior-det...2014 IEEE DOTNET PARALLEL DISTRIBUTED PROJECT A probabilistic-misbehavior-det...
2014 IEEE DOTNET PARALLEL DISTRIBUTED PROJECT A probabilistic-misbehavior-det...
 
6
66
6
 
A REVIEW ON NMAP AND ITS FEATURES
A REVIEW ON NMAP AND ITS FEATURESA REVIEW ON NMAP AND ITS FEATURES
A REVIEW ON NMAP AND ITS FEATURES
 
A wireless intrusion detection system and a new attack model (synopsis)
A wireless intrusion detection system and a new attack model (synopsis)A wireless intrusion detection system and a new attack model (synopsis)
A wireless intrusion detection system and a new attack model (synopsis)
 
Snort
SnortSnort
Snort
 
Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...
Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...
Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...
 
JPD1423 A Probabilistic Misbehavior Detection Scheme toward Efficient Trust ...
JPD1423 A Probabilistic Misbehavior Detection Scheme toward Efficient Trust ...JPD1423 A Probabilistic Misbehavior Detection Scheme toward Efficient Trust ...
JPD1423 A Probabilistic Misbehavior Detection Scheme toward Efficient Trust ...
 
Internet Worm Classification and Detection using Data Mining Techniques
Internet Worm Classification and Detection using Data Mining TechniquesInternet Worm Classification and Detection using Data Mining Techniques
Internet Worm Classification and Detection using Data Mining Techniques
 
L017317681
L017317681L017317681
L017317681
 
For your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laFor your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and la
 
Network Penetration Testing
Network Penetration TestingNetwork Penetration Testing
Network Penetration Testing
 
Scanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxScanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptx
 
Implementation Of Byzantine Fault Tolerant Algorithm on WSN
Implementation Of Byzantine Fault Tolerant Algorithm on WSNImplementation Of Byzantine Fault Tolerant Algorithm on WSN
Implementation Of Byzantine Fault Tolerant Algorithm on WSN
 
Isys20261 lecture 06
Isys20261 lecture 06Isys20261 lecture 06
Isys20261 lecture 06
 
VTU 8TH SEM INFORMATION AND NETWORK SECURITY SOLVED PAPERS
VTU 8TH SEM INFORMATION AND NETWORK SECURITY SOLVED PAPERSVTU 8TH SEM INFORMATION AND NETWORK SECURITY SOLVED PAPERS
VTU 8TH SEM INFORMATION AND NETWORK SECURITY SOLVED PAPERS
 
Artificial neural networks
Artificial neural networks Artificial neural networks
Artificial neural networks
 
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
 
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
 

Recently uploaded

Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
CzechDreamin
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
ScyllaDB
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
CzechDreamin
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
Bhaskar Mitra
 

Recently uploaded (20)

Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG Evaluation
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and Planning
 
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxWSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
 
Demystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyDemystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John Staveley
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
The architecture of Generative AI for enterprises.pdf
The architecture of Generative AI for enterprises.pdfThe architecture of Generative AI for enterprises.pdf
The architecture of Generative AI for enterprises.pdf
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. Startups
 
Agentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdfAgentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdf
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 

NetSim Webinar on Network Attacks and Detection

  • 1. Twitter.com/tetcos linkedin.com/tetcos youtube.com/tetcos NetSim v9Network Simulation/Emulation Platform TM Webinar: Network Attacks and Detection 29th April 2016
  • 2. NetSim TM Webinar Contents 1.Why use a Network Simulator 2.Introduction to NetSim 3.Introduction to Sinkhole Attack : Attack scenario in MANET using NetSim 4.Intrusion Detection System: Detection mechanism in MANET using NetSim 5.Analyzing Metrics 6.Areas of R & D in MANET 7.Q & A
  • 3. NetSim TM Why use a Network Simulator for research ?
  • 4. NetSim TM Communication Networks have become too complex for traditional analytical methods or “rules of thumb” to provide an accurate understanding of system behavior and possible problems and solutions
  • 5. NetSim TM I. Networking traffic will quadruple by 2017 driven by wireless & mobile communication II. 2+ billion videos watched online every day III. Mobiles, tablets & sensors to join with existing internet cloud to form “network of things” I. Mobile Ad-hoc Networks II. Wireless Sensor Networks III. Cognitive Radio IV. LTE / LTE-A V. Internet of Things (IOT) 50 % of all research papers in IEEE & ACM refer a Network Simulator Observations in computer networking domain Key areas of research & development
  • 7. NetSim TM NetSim is a popular tool for Network Design, Network R & D and defense applications. It allows users to create network scenarios, model traffic and study network performance metrics Wide range of technologies across LAN, WAN, BGP, WLAN, MANET, Wi-MAX, Cellular(GSM and CDMA), Cognitive Radio, Sensor Networks, IOT and LTE as per international Standards Open architecture with protocol C source code for users to write, link and de- bug.
  • 8. NetSim TM NetSim - Customer Segments • Enterprise • Network design • Network validation • Defence • Network Centric Warfare • R&D Labs • Protocol Development • New Technology testing • Academic • Network Labs (B.Tech/BS), • Advanced Network Labs(M.Tech/MS) – ECE,CSE,IT • Phd thesis/M.Tech Projects
  • 9. NetSim TM Technology Libraries Component No Networks / Protocols Component 1 (Base. Required for all components) Internetworks: Ethernet - Fast & Gigabit, Address Resolution Protocol, WLAN - 802.11 a, b, g , n, ac and e, Propagation - Free space, Log-normal Shadowing, Rayleigh Fading, IPv4 with VPN, Firewalls, Routing - RIP, OSPF, Queuing - Round Robin, FIFO, Priority, TCP, UDP. Common Modules Applications: Traffic Generator: Voice, Video, FTP, Database, HTTP, Email, Peer-to-peer and Custom. Virtual Network Stack, Simulation Kernel Command Line Interface, Metrics Engine with packet and event trace, Packet Animator Component 2 Legacy Networks: Aloha - Pure & Slotted, CSMA/CD, Token Ring, Token Bus, ATM, X.25, Frame Relay, Multi-Protocol Label Switching (MPLS) Component 3 BGP Networks: Border Gateway Protocol (BGP) Component 4 Advanced Wireless Networks: MANET - DSR, AODV, OLSR, ZRP, Wi-Max Component 5 Cellular Networks - GSM, CDMA Component 6 (Component 4 required) Wireless Sensor Networks, IOT & Personal Area Networks: WSN with agent model & battery models ZigBee Component 7 Cognitive Radio Networks WRAN Component 8 Long Term Evolution LTE Component 9 (Component 4 required) Military Radio TDMA Link 16
  • 10. NetSim TM 1. New Technologies • Internet of things • 802.11 ac (Gigabit Wi-Fi) • Rate adaptation algorithm for WLAN • Military Radios: HF, UHF and VHF Bands 2. Network Emulator Add-on Module • Connect NetSim to Real Devices running Live Application 3. Interfacing with softwares • MATLAB interface • Wireshark Interface 4. Accelerated and multithreaded kernel • Approx. 40x times faster than v8.3 for large simulations 5. Simulation Scale up • Pro version tested up to 100,000 devices What’s new in v9
  • 12. NetSim TM Sinkhole Attack in MANET • Sinkhole attack is one of the severe attacks in wireless Ad hoc network. • In sinkhole Attack, a compromised node or malicious node advertises wrong routing information to produce itself as a specific node and receives whole network traffic. • After receiving whole network traffic it can either modify the packet information or drop them to make the network complicated. • Sinkhole attacks affects the performance of Ad hoc networks protocols such as DSR protocol.
  • 13. NetSim TM Sinkhole in DSR in NetSim • In DSR the source broadcasts RREQ packet during Route Discovery. • The destination on receiving the RREQ packet replies with a RREP packet containing the route to reach the destination. • But Intermediate nodes can also send RREP packet to the source if they have a route to the destination in their route cache. • Using this loophole the malicious node adds a fake route entry into its route cache with the destination node as its next hop.
  • 14. NetSim TM Sinkhole in DSR in NetSim • On receiving the RREQ packet from the source the malicious node sends a fake RREP packet with the fake route. • The source node on receiving this packet observes this as a better route to the destination. • All the Network Traffic is attracted towards the Sinkhole (Malicious Node) and it can either modify the packet information or simply drop the packet (NetSim implementation)
  • 15. NetSim TM Malicious.c • A file Malicious.c is added to the DSR project which contains the following functions: • fn_NetSim_DSR_MaliciousNode( ) - This function is used to identify whether a current device is malicious or not in-order to establish malicious behavior • fn_NetSim_DSR_MaliciousRouteAddToCache() - This function is used to add a fake route entry into the route cache of the malicious device with its next hop as the destination • fn_NetSim_DSR_MaliciousProcessSourceRouteOption() - This function is used to drop the received packets if the device is malicious, instead of forwarding the packet to the next hop
  • 16. NetSim TM Simulation of sinkhole attack in NetSim Source – Device id 1 Destination – Device id 6 Sinkhole (malicious node) – Device id 2
  • 18. NetSim TM Introduction • An intrusion detection system (IDS) monitors network for malicious activities • Once an attack is identified, or abnormal behaviour is sensed, measures are taken to recover from the attack. • The system also keeps track of the intruders so as to avoid further attacks in future.
  • 19. NetSim TM IDS in NetSim In NetSim Intrusion Detection System has two major functionalities 1.Watchdog • A watchdog timer is added to each Node in the Network. • The timer starts the moment a packet is sent. • Once the packet is forwarded to the next hop within the Watchdog time duration. • If the next hop is malicious then it need not forward the packet (as per the sinkhole attack implemented) • A counter is used to keep track of number of time watchdog timer expires. • Once the counter reaches the failure threshold the current node marks its next hop as malicious and sends it for blacklisting. 2.Pathrater • Adds malicious nodes to blacklist. • Validates routes by verifying route reply. • Discards route reply if blacklisted nodes are present in it.
  • 20. NetSim TM Watchdog.c Some of the important functions are: • add_watchdog_timer() - Adds a watchdog timer to each Node in the Network. • watchdog_timer_execute() - Checks if the packet is sent before timer expiry & checks if failure threshold is reached. Pathrater.c Some of the important functions are: • add_to_blacklist() - Adds malicious nodes to blacklist of the current device • verify_route_reply() - Checks if the IP addresses in the route reply contains the IP of any blacklisted node. IDS in NetSim
  • 21. NetSim TM Simulation of IDS in NetSim Source – Device id 1 Destination – Device id 6 Intruder (malicious node) – Device id 3 , Device id 4 IDS running in all the nodes
  • 22. Analyzing Metrics: Comparison of Network performance
  • 23. NetSim TM Comparison of Throughput • Normal working • After attack • With IDS 0 0.02 0.04 0.06 0.08 0.1 0.12 Throughput Normal Attack IDS
  • 24. NetSim TM Comparison of Application Delay 0 5000000 10000000 15000000 20000000 25000000 30000000 35000000 40000000 Delay Application Delay Normal Attack IDS
  • 26. NetSim TM Over 300+ Customers across 15 countries Education - International Defence / Space / Industry Education - India
  • 27. NetSim TM Research Areas in MANET • Routing protocols – Location based, Power aware etc. • QoS in adhoc networks • Intrusion detection • Performance Analysis • Vehicular adhoc networks etc., The Project Codes of Sinkhole Attack, IDS and other projects in different Networks can be accessed using the link: http://www.tetcos.com/File_Exchange/
  • 28. NetSim TM Q & A Session Note: Depending on the available time, we will try to cover all your questions. In case your query is not answered, we assure you to answer your question via email.
  • 29. NetSim TM For technical information contact Visit: www.tetcos.com E-mail: sales@tetcos.com Tele-fax: +91 80 2663 062411 For Commercial information: please contact our local channel partner available at http://tetcos.com/listcp.html