One of the main challenges in MANET is to design the robust security solution that can protect MANET
from various routing attacks. Flooding attack launched at network layer is a serious routing attack which
can consume more resources like bandwidth, battery power, etc. It is more concealed form of Denial of
service attack and resource consumption attack. The route discovery scheme in reactive routing protocols
like Adhoc On Demand Distance Vector (AODV) and Dynamic Source Routing (DSR) used in MANET
makes it more easy for malicious nodes to launch connection request floods by flooding the route request
packets (RREQ) on the network. A novel detection technique based on dynamic profile with traffic pattern
analysis (PDS) is proposed. Its effectiveness in detecting and isolating the malicious node that floods the
route request packets is evaluated using java simulator jist/swans.
DDoS Attack and Defense Scheme in Wireless Ad hoc NetworksIJNSA Journal
The wireless ad hoc networks are highly vulnerable to distributed denial of service(DDoS) attacks because of its unique characteristics such as open network architecture, shared wireless medium and stringent resource constraints. These attacks throttle the tcp throughput heavily and reduce the quality of service(QoS) to end systems gradually rather than refusing the clients from the services completely. In this paper, we discussed the DDoS attacks and proposed a defense scheme to improve the performance of the ad hoc networks. Our proposed defense mechanism uses the medium access control (MAC) layer information to detect the attackers. The status values from MAC layer that can be used for detection are Frequency of receiving RTS/CTS packets, Frequency of sensing a busy channel and the number of RTS/DATA retransmissions. Once the attackers are identified, all the packets from those nodes will be blocked. The network resources are made available to the legitimate users. We perform the simulation with Network Simulator NS2 and we proved that our proposed system improves the network performance.
Consensus Routing And Environmental Discrete Trust Based Secure AODV in MANETsIJCNCJournal
The Mobile Adhoc Network (MANET) is a wireless network model for infrastructure-less communication, and it provides numerous applications in different areas. The MANET is vulnerable to a Black-hole attack, and it affects routing functionality by dropping all the incoming packets purposefully. The Black-hole attackers pretend that it always has the best path to the destination node to mislead the source nodes. Trust is the critical factor for detecting and isolating the Black-hole attackers from the network. However, the harsh channel conditions make it difficult to differentiate the Black-hole routing activities and accurate trust measurement. Hence, incorporating the consensus-based trust evidence collection from the neighbouring nodes improves the accuracy of trust. For improving the accuracy of trust, this work suggests Consensus Routing and Environmental DIscrete Trust (CREDIT) Based Secure AODV. The CREDIT incorporates Discrete and Consensus trust information. The Discrete parameters represent the specific characteristics of the Black-hole attacks, such as routing behaviour, hop count deviation, and sequence number deviation. The direct trust accurately differentiates the Black-hole attackers using Discrete parameters, only when the nodes perform sufficient communication between the nodes. To solve such issues, the CREDIT includes the Consensus-based trust information. However, secure routing against the Black-hole attack is challenging due to incomplete preferences. The in-degree centrality and Importance degree measurement on the collected consensus-based trust from decisionmakers solve the incomplete preference issue as well as improves the accuracy of trust. The performance of the proposed scheme is evaluated using Network Simulator-2 (NS2). From the simulation results, it is proved that the detection accuracy and throughput of the proposed CREDIT are substantially high and the proposed CREDIT scheme outperforms the existing work.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Performance investigation of re shuffling packet attack on transport layer pr...eSAT Journals
Abstract Over the past decade, the wireless world has experienced significant developments. The emergence and proliferation of radio frequency networking products, wireless devices like handheld, wearable and portable computers, Personal Digital Assistants (PDA)s, cellular phone have given rise to a kind of wireless revolution. A mobile ad hoc network is much more assailable to attacks than a wired network due to its limited physical security, high mobility and lack of centralized administration. In this paper, we present and analyze the effects of re-shuffling attack on TCP based mobile ad-hoc networks named as Packet Re-Shuffling. In the packet reshuffling attack the malicious node will reorder the packets in its FIFO buffer before forwarding them towards their destination. Due to the out of order delivery the retransmission time out of the packet is triggered and the source TCP and UDP has to retransmit the packet. In this way it also stops the TCP to perform the congestion avoidance technique. A malicious node will always participate in route setup operations. For example, if source routing is employed, malicious nodes always relay Route Request packets in order to have as many routes as possible flowing through themselves; if distance vector routing is employed, malicious nodes will also obey all control-plane protocol specifications. However, once a route is established, attacking nodes will thwart the end-to-end throughput of the flow via above mentioned attacks. The effect of the proposed attack is analyzed with the simulation results generated using the trial version of the simulator known as Exata Cyber 2.0. The simulation results are given in terms of metrics such as data flow throughput, Packet Retransmission, average end-to-end delay and packet delivery ratio. In this paper, we are giving The study on UDP and TCP. Keywords: MANETs; Multimedia Streaming; Routing protocols; QoS; Topology; Node Mobility; Network Scalability;
DDoS Attack and Defense Scheme in Wireless Ad hoc NetworksIJNSA Journal
The wireless ad hoc networks are highly vulnerable to distributed denial of service(DDoS) attacks because of its unique characteristics such as open network architecture, shared wireless medium and stringent resource constraints. These attacks throttle the tcp throughput heavily and reduce the quality of service(QoS) to end systems gradually rather than refusing the clients from the services completely. In this paper, we discussed the DDoS attacks and proposed a defense scheme to improve the performance of the ad hoc networks. Our proposed defense mechanism uses the medium access control (MAC) layer information to detect the attackers. The status values from MAC layer that can be used for detection are Frequency of receiving RTS/CTS packets, Frequency of sensing a busy channel and the number of RTS/DATA retransmissions. Once the attackers are identified, all the packets from those nodes will be blocked. The network resources are made available to the legitimate users. We perform the simulation with Network Simulator NS2 and we proved that our proposed system improves the network performance.
Consensus Routing And Environmental Discrete Trust Based Secure AODV in MANETsIJCNCJournal
The Mobile Adhoc Network (MANET) is a wireless network model for infrastructure-less communication, and it provides numerous applications in different areas. The MANET is vulnerable to a Black-hole attack, and it affects routing functionality by dropping all the incoming packets purposefully. The Black-hole attackers pretend that it always has the best path to the destination node to mislead the source nodes. Trust is the critical factor for detecting and isolating the Black-hole attackers from the network. However, the harsh channel conditions make it difficult to differentiate the Black-hole routing activities and accurate trust measurement. Hence, incorporating the consensus-based trust evidence collection from the neighbouring nodes improves the accuracy of trust. For improving the accuracy of trust, this work suggests Consensus Routing and Environmental DIscrete Trust (CREDIT) Based Secure AODV. The CREDIT incorporates Discrete and Consensus trust information. The Discrete parameters represent the specific characteristics of the Black-hole attacks, such as routing behaviour, hop count deviation, and sequence number deviation. The direct trust accurately differentiates the Black-hole attackers using Discrete parameters, only when the nodes perform sufficient communication between the nodes. To solve such issues, the CREDIT includes the Consensus-based trust information. However, secure routing against the Black-hole attack is challenging due to incomplete preferences. The in-degree centrality and Importance degree measurement on the collected consensus-based trust from decisionmakers solve the incomplete preference issue as well as improves the accuracy of trust. The performance of the proposed scheme is evaluated using Network Simulator-2 (NS2). From the simulation results, it is proved that the detection accuracy and throughput of the proposed CREDIT are substantially high and the proposed CREDIT scheme outperforms the existing work.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Performance investigation of re shuffling packet attack on transport layer pr...eSAT Journals
Abstract Over the past decade, the wireless world has experienced significant developments. The emergence and proliferation of radio frequency networking products, wireless devices like handheld, wearable and portable computers, Personal Digital Assistants (PDA)s, cellular phone have given rise to a kind of wireless revolution. A mobile ad hoc network is much more assailable to attacks than a wired network due to its limited physical security, high mobility and lack of centralized administration. In this paper, we present and analyze the effects of re-shuffling attack on TCP based mobile ad-hoc networks named as Packet Re-Shuffling. In the packet reshuffling attack the malicious node will reorder the packets in its FIFO buffer before forwarding them towards their destination. Due to the out of order delivery the retransmission time out of the packet is triggered and the source TCP and UDP has to retransmit the packet. In this way it also stops the TCP to perform the congestion avoidance technique. A malicious node will always participate in route setup operations. For example, if source routing is employed, malicious nodes always relay Route Request packets in order to have as many routes as possible flowing through themselves; if distance vector routing is employed, malicious nodes will also obey all control-plane protocol specifications. However, once a route is established, attacking nodes will thwart the end-to-end throughput of the flow via above mentioned attacks. The effect of the proposed attack is analyzed with the simulation results generated using the trial version of the simulator known as Exata Cyber 2.0. The simulation results are given in terms of metrics such as data flow throughput, Packet Retransmission, average end-to-end delay and packet delivery ratio. In this paper, we are giving The study on UDP and TCP. Keywords: MANETs; Multimedia Streaming; Routing protocols; QoS; Topology; Node Mobility; Network Scalability;
INFRINGEMENT PRECLUSION SYSTEM VIA SADEC: STEALTHY ATTACK DETECTION AND COUNT...ijp2p
In this paper we are providing a implementation details about simulated solution of stealthy packet drop
attack. Stealthy packet drop attack is a suite of four attack types, includes colluding collision, packet
misrouting, identity delegation and power control. Stealthy packet drop attacks disrupts the packet from
reaching to it’s destination through malicious behaviour. These attacks can be easily breakdown the
multi-hop wireless ad-hoc networks. Most widely preferred method for detecting attacks in wireless
network is behaviour based detection method. In this method a normal network overhears
communication from its neighbourhood. Here we are implementing a SADEC protocol which is
proposed solution of stealthy packet drop attacks. SADEC overlaid the base line local monitoring. In
base line local monitoring each neighbour maintains additional information about routing path also it
adds some checking responsibility to all its neighbours. SADEC proves more efficient than baseline local
monitoring to mitigate successfully all the stealthy attack types.
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
A New Way of Identifying DOS Attack Using Multivariate Correlation Analysisijceronline
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
Modified AODV Algorithm using Data Mining Process: Classification and Clusteringidescitation
Security of Wireless Ad hoc network has a primary
concern to provide protected communication between mobile
nodes. When we routing some packet it can use both malicious
node or authenticate node for forwarding and receiving data.
Malicious node can attack like black hole, misuse of data or
hacked information. Our aim is to discuss the feasibility of
monitoring the node of different networks, to analyze it for
providing better security in AODV routing protocol. We
implement data mining techniques for search large amount
of data according characteristic rules and patterns to detect
malicious node. We have used growing neural gas (GNS)
clustering algorithm to make clusters and analysis data. Using
soft computing technique we find patterns, analysis node and
take decision based on decision tree.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Efficient ddos attacks security scheme using asvseSAT Journals
Abstract A distributed Denial of Service (DDoS) attack enables higher threats to the internet. There are so many scheme designed to identify the node which is to be attacker node. The real process is such as we want to trace the source of the attacker and enable security to our network. The protocol introduced here, called Adaptive Selective Verification with Stub (ASVS) is shown to use bandwidth efficiently and uses stub creation. The Stub procedure to reduce the server load at the time of emergency and congestion. Using this stub idea we can store the ASVS protocol procedure in the server and we can have the stub in the every client so that we can detect the hacker system by the client itself. We use omniscient protocol which enables to send information about the attacker to all the clients. Keywordss: Adaptive Selective Verification With Stub (ASVS), Distributive Denial Of Service Attacks (DDoS) Flooding, Performance Analysis.
Review on Grey- Hole Attack Detection and PreventionIJARIIT
These Grey Hole attacks poses a serious security threat to the routing services by attacking the reactive routing protocols resulting in drastic drop of data packets. AODV (Ad hoc on demand Distance Vector) routing being one of the many protocols often becomes an easy victim to such attacks. The survey also gives up-to-date information of all the works that have been done in this area. Besides the security issues they also described the layered architecture of MANET, their applications and a brief summary of the proposed works that have been done in this area to secure the network from Grey Hole attacks
Cluster Based Misbehaviour Detection and Authentication Using Threshold Crypt...CSCJournals
In mobile ad hoc networks, the misbehaving nodes can cause dysfunction in the network resulting in damage of other nodes. In order to establish secure communication with the group members of a network, use of a shared group key for confidentiality and authentication is required. Distributing the shares of secret group key to the group members securely is another challenging task in MANET. In this paper, we propose a Cluster Based Misbehavior Detection and Authentication scheme using threshold cryptography in MANET. For secure data transmission, when any node requests a certificate from a cluster head (CH), it utilizes a threshold cryptographic technique to issue the certificate to the requested node for authentication. The certificate of a node is renewed or rejected by CH, based on its trust counter value. An acknowledgement scheme is also included to detect and isolate the misbehaving nodes. By simulation results, we show that the proposed approach reduces the overhead.
Secure dynamic source routing protocol for defending black hole attacks in mo...nooriasukmaningtyas
Wireless Ad Hoc Network is a dynamically organized network on emergency
situations, in which a group of wireless devices send data among themselves
without requiring any base stations for forwarding data. Here the nodes itself
perform the functions of routing. This important characteristic of mobile ad
hoc networks allows the hassle free set up of the network for
communications in different crisis such as battlefield and natural disaster
zones. Multi hop communication in MANET is achieved by the cooperation
of nodes in forwarding data packets. This feature of MANET is largely
exploited to launch a security attack called black hole attack. A light weight
solution called SEC-DSR is proposed to defend the network from black hole
attack and enables communication among nodes even in the presence of
attackers. In this scheme, by analyzing only the control packets used for
routing in the network, the compromised nodes launching the attack are
identified. From the collective judgment by the participating nodes in the
routing path, a secure route free of black hole nodes is selected for
communication by the host. Simulation results validate and ensure the
effectiveness of the proposed solution tested on an ad hoc network with
compromised black hole nodes.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
MLDW- A MultiLayered Detection mechanism for Wormhole attack in AODV based MANETijsptm
Wormhole attack is one of the serious routing attacks amongst all the network layer attacks launched on
MANET. Wormhole attack is launched by creation of tunnels and it leads to total disruption of the routing
paths on MANET. In this paper, MLDW- a multilayered Intrusion Detection Prevention System approach is
proposed to detect and isolate wormhole attack on MANET. The routing protocol used is Adhoc On Demand
Distance Vector (AODV). MLDW has a layered framework consisting of link latency estimator, intermediate
neighbor node discovery mechanism, packet drop calculator, node energy degrade estimator followed by
isolation technique. MLDW effectiveness is evaluated using ns2 network simulator.
PERFORMANCE ANALYSIS OF ROUTING PROTOCOLS IN MANET UNDER MALICIOUS ATTACKSIJNSA Journal
MANETs routing protocols are vulnerable to various types of security attacks such as selfish nodes, grey-hole and black-hole attacks. These routing protocols are unprotected and subsequently result in various kinds of malicious mobile nodes being injected into the networks. In this paper, three types of attacks such as selfish, grey-hole and black-hole attacks have been applied to two important MANET routing protocols; Ad-hoc On demand Distance Vector (OADV) and Dynamic Source Routing (DSR) in order to analyse and compare the impact of these attacks on the network performance based on throughput, average delay, packet loss and consumption of energy.
PERFORMANCE ANALYSIS OF ROUTING ROTOCOLS IN MANET UNDER MALICIOUS ATTACKSIJNSA Journal
MANETs routing protocols are vulnerable to various
hole and black-hole attacks. These routing protocols are unprotected and subsequently result in various
kinds of malicious mobile nodes being injected into the networks. In this paper, three types of a
as selfish, grey-hole and black-hole attacks have been applied to two important MANET routing protocols;
Ad-hoc On demand Distance Vector (OADV) and Dynamic Source Routing (DSR) in order to analyse and
compare the impact of these attacks on the
packet loss and consumption of energy.
INFRINGEMENT PRECLUSION SYSTEM VIA SADEC: STEALTHY ATTACK DETECTION AND COUNT...ijp2p
In this paper we are providing a implementation details about simulated solution of stealthy packet drop
attack. Stealthy packet drop attack is a suite of four attack types, includes colluding collision, packet
misrouting, identity delegation and power control. Stealthy packet drop attacks disrupts the packet from
reaching to it’s destination through malicious behaviour. These attacks can be easily breakdown the
multi-hop wireless ad-hoc networks. Most widely preferred method for detecting attacks in wireless
network is behaviour based detection method. In this method a normal network overhears
communication from its neighbourhood. Here we are implementing a SADEC protocol which is
proposed solution of stealthy packet drop attacks. SADEC overlaid the base line local monitoring. In
base line local monitoring each neighbour maintains additional information about routing path also it
adds some checking responsibility to all its neighbours. SADEC proves more efficient than baseline local
monitoring to mitigate successfully all the stealthy attack types.
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
A New Way of Identifying DOS Attack Using Multivariate Correlation Analysisijceronline
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
Modified AODV Algorithm using Data Mining Process: Classification and Clusteringidescitation
Security of Wireless Ad hoc network has a primary
concern to provide protected communication between mobile
nodes. When we routing some packet it can use both malicious
node or authenticate node for forwarding and receiving data.
Malicious node can attack like black hole, misuse of data or
hacked information. Our aim is to discuss the feasibility of
monitoring the node of different networks, to analyze it for
providing better security in AODV routing protocol. We
implement data mining techniques for search large amount
of data according characteristic rules and patterns to detect
malicious node. We have used growing neural gas (GNS)
clustering algorithm to make clusters and analysis data. Using
soft computing technique we find patterns, analysis node and
take decision based on decision tree.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Efficient ddos attacks security scheme using asvseSAT Journals
Abstract A distributed Denial of Service (DDoS) attack enables higher threats to the internet. There are so many scheme designed to identify the node which is to be attacker node. The real process is such as we want to trace the source of the attacker and enable security to our network. The protocol introduced here, called Adaptive Selective Verification with Stub (ASVS) is shown to use bandwidth efficiently and uses stub creation. The Stub procedure to reduce the server load at the time of emergency and congestion. Using this stub idea we can store the ASVS protocol procedure in the server and we can have the stub in the every client so that we can detect the hacker system by the client itself. We use omniscient protocol which enables to send information about the attacker to all the clients. Keywordss: Adaptive Selective Verification With Stub (ASVS), Distributive Denial Of Service Attacks (DDoS) Flooding, Performance Analysis.
Review on Grey- Hole Attack Detection and PreventionIJARIIT
These Grey Hole attacks poses a serious security threat to the routing services by attacking the reactive routing protocols resulting in drastic drop of data packets. AODV (Ad hoc on demand Distance Vector) routing being one of the many protocols often becomes an easy victim to such attacks. The survey also gives up-to-date information of all the works that have been done in this area. Besides the security issues they also described the layered architecture of MANET, their applications and a brief summary of the proposed works that have been done in this area to secure the network from Grey Hole attacks
Cluster Based Misbehaviour Detection and Authentication Using Threshold Crypt...CSCJournals
In mobile ad hoc networks, the misbehaving nodes can cause dysfunction in the network resulting in damage of other nodes. In order to establish secure communication with the group members of a network, use of a shared group key for confidentiality and authentication is required. Distributing the shares of secret group key to the group members securely is another challenging task in MANET. In this paper, we propose a Cluster Based Misbehavior Detection and Authentication scheme using threshold cryptography in MANET. For secure data transmission, when any node requests a certificate from a cluster head (CH), it utilizes a threshold cryptographic technique to issue the certificate to the requested node for authentication. The certificate of a node is renewed or rejected by CH, based on its trust counter value. An acknowledgement scheme is also included to detect and isolate the misbehaving nodes. By simulation results, we show that the proposed approach reduces the overhead.
Secure dynamic source routing protocol for defending black hole attacks in mo...nooriasukmaningtyas
Wireless Ad Hoc Network is a dynamically organized network on emergency
situations, in which a group of wireless devices send data among themselves
without requiring any base stations for forwarding data. Here the nodes itself
perform the functions of routing. This important characteristic of mobile ad
hoc networks allows the hassle free set up of the network for
communications in different crisis such as battlefield and natural disaster
zones. Multi hop communication in MANET is achieved by the cooperation
of nodes in forwarding data packets. This feature of MANET is largely
exploited to launch a security attack called black hole attack. A light weight
solution called SEC-DSR is proposed to defend the network from black hole
attack and enables communication among nodes even in the presence of
attackers. In this scheme, by analyzing only the control packets used for
routing in the network, the compromised nodes launching the attack are
identified. From the collective judgment by the participating nodes in the
routing path, a secure route free of black hole nodes is selected for
communication by the host. Simulation results validate and ensure the
effectiveness of the proposed solution tested on an ad hoc network with
compromised black hole nodes.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
MLDW- A MultiLayered Detection mechanism for Wormhole attack in AODV based MANETijsptm
Wormhole attack is one of the serious routing attacks amongst all the network layer attacks launched on
MANET. Wormhole attack is launched by creation of tunnels and it leads to total disruption of the routing
paths on MANET. In this paper, MLDW- a multilayered Intrusion Detection Prevention System approach is
proposed to detect and isolate wormhole attack on MANET. The routing protocol used is Adhoc On Demand
Distance Vector (AODV). MLDW has a layered framework consisting of link latency estimator, intermediate
neighbor node discovery mechanism, packet drop calculator, node energy degrade estimator followed by
isolation technique. MLDW effectiveness is evaluated using ns2 network simulator.
PERFORMANCE ANALYSIS OF ROUTING PROTOCOLS IN MANET UNDER MALICIOUS ATTACKSIJNSA Journal
MANETs routing protocols are vulnerable to various types of security attacks such as selfish nodes, grey-hole and black-hole attacks. These routing protocols are unprotected and subsequently result in various kinds of malicious mobile nodes being injected into the networks. In this paper, three types of attacks such as selfish, grey-hole and black-hole attacks have been applied to two important MANET routing protocols; Ad-hoc On demand Distance Vector (OADV) and Dynamic Source Routing (DSR) in order to analyse and compare the impact of these attacks on the network performance based on throughput, average delay, packet loss and consumption of energy.
PERFORMANCE ANALYSIS OF ROUTING ROTOCOLS IN MANET UNDER MALICIOUS ATTACKSIJNSA Journal
MANETs routing protocols are vulnerable to various
hole and black-hole attacks. These routing protocols are unprotected and subsequently result in various
kinds of malicious mobile nodes being injected into the networks. In this paper, three types of a
as selfish, grey-hole and black-hole attacks have been applied to two important MANET routing protocols;
Ad-hoc On demand Distance Vector (OADV) and Dynamic Source Routing (DSR) in order to analyse and
compare the impact of these attacks on the
packet loss and consumption of energy.
Generating images from a text description is as challenging as it is interesting. The Adversarial network
performs in a competitive fashion where the networks are the rivalry of each other. With the introduction of
Generative Adversarial Network, lots of development is happening in the field of Computer Vision. With
generative adversarial networks as the baseline model, studied Stack GAN consisting of two-stage GANS
step-by-step in this paper that could be easily understood. This paper presents visual comparative study of
other models attempting to generate image conditioned on the text description. One sentence can be related
to many images. And to achieve this multi-modal characteristic, conditioning augmentation is also
performed. The performance of Stack-GAN is better in generating images from captions due to its unique
architecture. As it consists of two GANS instead of one, it first draws a rough sketch and then corrects the
defects yielding a high-resolution image.
PERUSAL OF INTRUSION DETECTION AND PREVENTION SYSTEM ON A MANET WITH BLACK HO...ijsptm
MANET is a self configuring network of nodes which is a wireless . The nodes in this network move
randomly .Mobility of nodes is more. The nodes are dynamic and infrastructure less ,self maintainable. In
MANET there are many types of security attacks like Blackhole, greyhole attack, wormhole, jellyfish etc.
When the MANET is under blackhole attack there is a loss of energy which is high at the node resulting in
loss of battery backup and also excess of bandwidth may be consumed by the attacker. The attacker is an
insider. Among various mobility models to generate mobility patterns the Random waypoint mobility
model is used .To solve these issues an IDPS framework for MANET using image processing techniques
under blackhole attack is proposed to detect the blackhole attack RREP by providing security services like
authentication and confidentiality.
AN APPROACH TO PROVIDE SECURITY IN MOBILE AD-HOC NETWORKS USING COUNTER MODE ...IJNSA Journal
Security in any of the networks became an important issue in this paper we have implemented a security mechanism on Medium Access Control layer by Assured Neighbor based Security Protocol to provide authentication and confidentiality of packets along with High speed transmission for Ad hoc networks. Here we have divided the protocol into two different parts. The first part deals with Routing layer information; in this part we have tried to implement a possible strategy for detecting and isolating the malicious nodes. A trust counter for each node is determined which can be actively increased and decreased depending upon the trust value for the purpose of forwarding the packets from source node to destination node with the help of intermediate nodes. A threshold level is also predetermined to detect the malicious nodes. If the value of the node in trust counter is less than the threshold value then the node is denoted ‘malicious’. The second part of our protocol deals with the security in the link layer. For this security reason we have used CTR (Counter) approach for authentication and encryption. We have simulated all our strategies and schemes in NS-2, the result of which gives a conclusion that our proposed protocol i.e. Assured Neighbor based Security Protocol can perform high packet delivery against various intruders and also packet delivery ratio against mobility with low delays and low overheads.
PACKET DROP ATTACK DETECTION TECHNIQUES IN WIRELESS AD HOC NETWORKS: A REVIEWIJNSA Journal
Wireless ad hoc networks have gained lots of attention due to their ease and low cost of deployment. This has made ad hoc networks of great importance in numerous military and civilian applications. But, the lack of centralized management of these networks makes them vulnerable to a number of security attacks. One of the attacks is packet drop attack, where a compromised node drops packets maliciously. Several techniques have been proposed to detect the packet drop attack in wireless ad hoc networks. Therefore, in this paper we review some of the packet drop attack detection techniques and comparatively analyze them basing on; their ability to detect the attack under different attack strategies (partial and or cooperate attacks), environments and the computational and communication overheads caused in the process of detection.
A Review of Network Layer Attacks and Countermeasures in WSNiosrjce
IOSR Journal of Electronics and Communication Engineering(IOSR-JECE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of electronics and communication engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in electronics and communication engineering. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
Review of Flooding Attack Detection in AODV Protocol for Mobile Ad-hoc Networkijsrd.com
Ad Hoc Networks are extremely vulnerable to attacks due to their dynamically changing topology, absence of conventional security infrastructures, vulnerability of nodes and channels and open medium of communication. Denial of Service (DoS) and Distributed DoS (DDoS) attacks are two of the most harmful threats to the network functionality. The Prevention methods like authentication and cryptography techniques alone are not able to provide the security to these types of networks. Therefore, efficient intrusion detection must be deployed to facilitate the identification and isolation of attacks. Major attacks on Mobile Ad hoc networks are flooding, selective forwarding, sinkhole, wormhole etc. We have presented various intrusion detection techniques in MANET. Then we have proposed a method to detect flooding attack in MANET.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Survey of wormhole attack in wireless sensor networksCSITiaesprime
From the last decade, a wireless sensor network (WSN) has a very important role over the networks. The primary features of WSN include satellite communication, broadcast channel, hostile environment, medical system and data gathering. There are a lot of attacks available in WSN. In wormhole attack scenario is brutal from other attacks, which is smoothly resolved in networks but tough to observe. This survey paper is an experiment to observing threats and also focuses on some different method to identify the wormhole attacks.
PREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORKIJNSA Journal
Ubiquitous and pervasive applications, where the Wireless Sensor Networks are typically deployed, lead to the susceptibility to many kinds of security attacks. Sensors used for real time response capability also make it difficult to devise the resource intensive security protocols because of their limited battery, power, memory and processing capabilities. One of potent form of Denial of Service attacks is Wormhole attack that affects on the network layer. In this paper, the techniques dealing with wormhole attack are investigated and an approach for wormhole prevention is proposed. Our approach is based on the analysis of the two-hop neighbors forwarding Route Reply packet. To check the validity of the sender, a unique key between the individual sensor node and the base station is required to be generated by suitable scheme.
WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...ijsrd.com
The recent advancements in the wireless arena and their wide-spread utilization have introduced new security vulnerabilities. The wireless media being shared is exposed to outside world, so it is susceptible to various attacks at different layers of OSI network stack. For example, jamming and device tampering at the physical layer; disruption of the medium access control (MAC) layer; routing attacks like Blackhole, rushing, wormhole; targeted attacks on the transport protocol like session hijacking, SYN flooding or even attacks intended to disrupt specific applications through viruses, worms and Trojan Horses. Wormhole attack is one of the serious routing attacks amongst all the network layer attacks launched on MANET. Wormhole attack is launched by creation of tunnels and it leads to total disruption of the routing paths on MANET. In this paper, Wormhole detection algorithm (WDA) is proposed based on modifying the forwarding packet process that detects and isolates wormhole nodes in ad hoc on demand distance vector (AODV) routing protocol.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
PDS- A Profile based Detection Scheme for flooding attack in AODV based MANET
1. International Journal of Security, Privacy and Trust Management ( IJSPTM) vol 2, No 3, June 2013
DOI : 10.5121/ijsptm.2013.2302 17
PDS- A Profile based Detection Scheme for
flooding attack in AODV based MANET
Bhuvaneshwari .k1
, Dr. A. Francis Saviour Devaraj 2
1
Scholar, Department of Information Science Engineering
Oxford College of Engineering, Bangalore, India
bhuvana.karthikeyan@gmail.com
2
Professor, Department of Information Science Engineering
Oxford College of Engineering, Bangalore, India
saviodev@gmail.com
Abstract
One of the main challenges in MANET is to design the robust security solution that can protect MANET
from various routing attacks. Flooding attack launched at network layer is a serious routing attack which
can consume more resources like bandwidth, battery power, etc. It is more concealed form of Denial of
service attack and resource consumption attack. The route discovery scheme in reactive routing protocols
like Adhoc On Demand Distance Vector (AODV) and Dynamic Source Routing (DSR) used in MANET
makes it more easy for malicious nodes to launch connection request floods by flooding the route request
packets (RREQ) on the network. A novel detection technique based on dynamic profile with traffic pattern
analysis (PDS) is proposed. Its effectiveness in detecting and isolating the malicious node that floods the
route request packets is evaluated using java simulator jist/swans.
Keywords
MANET, AODV, Flooding attack, RREQ, PDS
1.INTRODUCTION
Mobile Ad Hoc Networks (MANETs) are formed dynamically by an autonomous system of nodes
that are connected via wireless links without using the existing network infrastructure [1]. The
nodes in an ad hoc network can communicate with any other node that resides within its
transmission range. For communicating beyond its transmission range, the nodes use intermediate
nodes to reach destination [2].
The principal objective of a routing protocol is efficient discovery and establishment of a route
between the source and the destination so that there can be a timely and efficient delivery of
information between them. The reactive routing protocol AODV [3] invoke route discovery on
demand. In other words only when node needs to send information to its peers the route is
discovered by the protocol. It does not require the nodes to maintain routes that are not actively
used for communication.
1.1 FLOODING ATTACK
The Flooding attack [4] is launched at the network layer by the malicious node. It sends massive
amount of control packets to the network. This attack aims at depleting the network resources like
2. International Journal of Security, Privacy and Trust Management ( IJSPTM) Vol 2, No 3, June 2013
18
bandwidth, battery power and thereby preventing the network from providing services to
legitimate users. The flooding attack can target the victim node or the network as a whole.
In case of RREQ flooding attack the malicious node imitates like normal node in all aspects,
except in performing unnecessary route discoveries. These malicious nodes frequently initiate
route discovery to destinations with the intent to flood the network with route request packets. As
it is difficult to distinguish between a route discovery initiated with a malicious intent and a
legitimate route discovery for repairing broken/stale routes, this type of attack is hard to detect.
1.2 FLOODING ATTACK IN AODV BASED MANET
AODV is particularly vulnerable to RREQ flooding attack because of its route discovery scheme
and broadcast mechanism. In AODV the RREQ broadcast is limited by the rate_limit parameter.
This rate_limit parameter is self configurable and hence the malicious node would exploit this
behavior and start flooding the network with RREQ packets [5]. Each RREQ is associated with
unique ‘id’ to prevent redundant broadcast. The malicious node would flood the network with
RREQ packets having diff rent’ id’ so that it always appears to be fresh request to other nodes and
is repeatedly re broadcasted by them.
The network resource like bandwidth is adversely affected by Flooding attack launched in AODV
based MANET. The same is studied through simulation results in Examination of Impact of
Flooding attack on MANET and to accentuate on Performance degradation [6] depicting the
importance of detection of Flooding attack in MANET.
In the proposed PDS approach, each node is set with profile based on the traffic pattern. Here all
the nodes in the network run the detection mechanism to encounter the disseminated attack. The
malicious node is detected and isolated by all its one hop neighbors. The evident contribution made
by this approach is that it is able to detect the attacker as soon as the attacker starts exhibiting its
attack behavior irrespective of the rate limit and unique ‘id’ characteristics.
This paper is organized as follows: Section 2 presents the related work done to detect and prevent
the flooding attack in MANET. Section 3 explains the detection features and attack scenario
Section 4 describes about the proposed PDS approach and its architecture Section 5 describes the
attack model used for study, simulation study of proposed detection scheme (PDS) and its result
analysis. Section 6 explains the conclusion and future work.
2. RELATED WORK
2.1 RATE LIMIT BASED APPROACH
The rate limit based [7] approach aims at detecting the route request flooding attack based on
certain threshold. Every node in the network is set to adhere to the threshold limit on sending
RREQ packets. However it does not hold good for dynamic environment like MANET. The static
threshold values are not sufficient enough to detect the attacker.
2.2 TRUST AND REPUTATION BASED APPROACH
Trust [8] and reputation [9] based schemes are used for identifying the attacker inside the network.
Here the genuine nodes which turn to be malicious nodes are considered as inside attacker. The
trust and reputation value is set as high and low based on how they co-operatively participate in the
3. International Journal of Security, Privacy and Trust Management ( IJSPTM) Vol 2, No 3, June 2013
19
network. Here the false positive rate is high as genuine nodes can also have their value estimated
as low on certain scenarios.
2.3 BEHAVIOR BASED APPROACH
The behavior based detection [10] defines a profile for the normal behavior of nodes. Any
deviation from the normal profile is considered to be malicious attempt. However the profile is
collected one time from the training data and is highly static which does not hold good for dynamic
scenarios.
2.4 TRACE BACK SCHEME
In Trace back Mechanism [11] each packet is traced to its source with help of special devices
monitoring the network. When these special devices are levied on nodes in the network, the nodes
resource consumption will be more. Further centralized equipment is not feasible in the network.
2.5 PRECEPTOR BASED APPROACH
The preceptor model [12] is entirely based on training data collected from past experiences. This
model can be applied for only linearly separable data points. The attack instances and the normal
instances are linearly separable in the space of detection metrics. This model is effective only
when high attack rate is present as the data’s can be easily separable in detection metrics and
hence easily classified in the perception model.
3. DETECTION FEATURE SELECTION
3.1ATTACK SCENARIO
The attackers usually use any one of these following scenario [13] for generating the attack traffic.
In scenario1, the attacker will send excess amount of route request packets to the destination
without adhering to the rate_limit parameter. In this case many RREQ packets with identical (SA,
DA) pair will be present in the network. In scenario2, the attackers will attack from different origin
with fewer amounts of RREQ packets by adhering to rate_limit. Here many new RREQ packets
with different (SA, DA) pair will be present. This case is highly difficult to detect as the attack is
originating from different nodes. Further it is also difficult to identify this type of attack packets
from that of normal one which is send by genuine node because of link break or stale route.
3.2. FEATURE SELECTION
Two detection features based on the above flooding attack scenario 1 and 2 are designed. The
model is described as follows. (N, R, L) where N is the number of malicious nodes, R is rate at
which bogus RREQ packets are generated by the malicious nodes; L is the frequency to generate
the bogus RREQ packets. The attackers smartly choose these parameters and make it difficult to
differentiate attack traffic from normal traffic.
The Detection Feature (DF1) aims at detecting the attack based on the identical pattern of RREQ
flows. Here it observes the RREQ packet flow from the same (SA, DA) pair for the sampling
interval time T. The flow will be more as the attacker do not adhere to rate limit. This DF1 is
enabled based on the rate limit parameter, further the threshold on rate limit is made dynamic
based on average number on nodes on the network. The sampling interval is the time difference
between any two successive RREQ flows from the same (SA, DA) pair
4. International Journal of Security, Privacy and Trust Management ( IJSPTM) Vol 2, No 3, June 2013
20
The Detection Feature (DF2) targets the attacks which are from different origin. Here it observes
the new RREQ flows for the interval T. The attacker uses different (SA, DA) pair to launch the
attack and they strictly adhere to rate limit. Hence the RREQ flows will be less but new to the
receiving node. In this feature the pattern is identified based on unique RREQ’ id’ for the interval
T.The interval T is combination of the path discovery time and net traversal time. The interval T is
decided using the below mentioned formula.
Path discovery time= 2*Net traversal time [14] -------------- (1)
4. PDS –DETECTION SCHEME
4.1 THREAT MODEL
In PDS, the Flooding attack is launched by modifying the rate limit parameter for the malicious
nodes. The threat model with 50 nodes used for simulation is shown in Figure1. Here there are five
attackers each targeting one connection. First category of attackers (H1, H2) is made to send more
bogus RREQ without adhering to rate limit i.e. more than 10 RREQ/sec. Second category attackers
(H3,H4) is made to send less than 10 RREQ/sec but it is originated from different origin i.e. two
source targeting same destination with each 5RREQ/sec. The third category attacker (H5) is made
to exhibit both behaviors i.e. for initial simulation time period it sends more RREQ and after
certain time it adheres to rate limit (exhibiting second category) but shows malicious behavior.
Figure 1.Threat Model
4.2 PDS APPROACH
The proposed detection scheme (PDS) aims at detecting the flooding attack on MANET. The PDS
approach uses dynamic profile based traffic analysis to detect misbehaving nodes and isolate them.
The PDS approach has two phases of operations detection phase and isolation phase. The PDS
system architecture is shown in Figure 2 will have set of modules which try to quantify the normal
behavior of the nodes and identify the abnormal behavior of the malicious node. Normal mode:
This mode collects the details about the normal operation of AODV like sending request receiving
reply and data transfer. Here the RREQ broadcast mechanism adheres to the rate limit parameter in
sending the RREQ packets. All the nodes will be sending 10RREQ/sec as per RFC3561 [14]. The
details in terms of network parameters are collected by the performance mode.
5. International Journal of Security, Privacy and Trust Management ( IJSPTM) Vol 2, No 3, June 2013
21
Figure 2. System Architecture
Flooding mode: The attacker is active in this mode. Few nodes on the network are made malicious
while other nodes operate in normal AODV mode. The malicious node starts sending bogus RREQ
packets without adhering to the rate limit parameter. As the malicious node starts sending the
packets there will be degrade in the normal functioning of the network.
The RREQ generator () function is made iterative inside the timer function () in order to generate
the bogus RREQ for H1 and H2.In case of H3 and H4 the rate limit of RREQ is kept constant but
the frequency is adjusted using the Time interval () function.H5 is made to run all the three
function one buy one hence they could exhibit both the attack behavior.
Detection mode: This mode aims at detecting the malicious node which sends the bogus RREQ
packets. The threshold value based on rate limit parameter is stored in profile table of each node.
Each nodes profile table stores all its one hop neighbor profile information. The profile
information is dynamically updated based on the average number of nodes in the network with the
help of hello message [15]. This profile table helps in detecting the attackers who exhibit the
scenario1 behavior as discussed in section3.1.The next step is to detect the distributed attacker who
exhibits the scenario 2 behavior by analyzing the traffic .Detection of attackers adhering to the rate
limit parameter is done based on the frequency of RREQ’ id’ update. The pattern of RREQ ‘id’
update interval is captured for the sampling interval which is again based on path discovery time.
The frequency and pattern of RREQ’ id’ update helps in detecting the attack from different origin.
Each receiving node would check with its profile table before forwarding the RREQ to its
neighbor. The malicious behavior of H1 and H2 would easily identified by its one hop neighbor as
the bogus RREQ received from H1 and H2 them will exceed the threshold in profile table. Further
the profile table is updated dynamically based on hello message. It is assumed that the profile table
is password protected and it cannot be accessed by attackers. The threshold values are dynamic
enough to detect the attacker as soon as possible.
In case of H3 and H4 the RREQ ‘id’ buffered in each of its one hop neighbor will be frequently
updated. The time interval of update will be very less in case of this type of attackers. In case of
6. International Journal of Security, Privacy and Trust Management ( IJSPTM) Vol 2, No 3, June 2013
22
genuine node behavior each node will be buffering the RREQ ‘id and source address for path
discovery time. Within this time interval if it receives the same’ id’ then it discards the packet. For
every new set of RREQ there will be unique ‘id’ generated and new set or RREQ can be originated
only if the path is not received within net traversal time. From the above behavior, the interval
threshold for the RREQ ‘id’ update is set and if the nodes exceed the threshold they are classified
as attackers. The attacker H5 will be detected in both the cases for its change in behavior.
Isolation mode: The attackers detected in the previous mode should be isolated from participating
in the network. If attackers are not isolated they would continue their behavior and thereby deplete
the resources and bring down the network performance. The detected attackers are made passive
(sending and receiving radio interface are made down) so that they cannot actively participate on
the network. Unlike other path cut off process [16] where attacker are added to blacklist and not
completed isolated.
Performance mode: The network parameters are captured for the normal AODV operation,
flooding operation and detection mode. The performance of the same is analyzed in order to
known the effect of the flooding attack and effectiveness of the proposed PDS detection scheme.
5. SIMULATION STUDY
5.1 SIMULATION ENVIRONMENT
Java network simulator jist/swans [17, 18] are used for the implementation for the proposed PDS
approach. The simulator is further customized with code for generating the flooding attack and the
detection mechanism. The AODV routing protocol with 50 nodes, random way point mobility
model [19] is used. The Mac 802.11 protocol is used. The simulation parameter is shown in table1.
Table.1 Parameters used for simulation
PARAMETER VALUE
Area 1000 * 1000 m
Simulation Time 50s
Number of nodes 50
Number of connection 5
Traffic Model CBR
Mobility model Random Way Point
Transmission range 250m
Number of attacker 5
Data rate 2Mbps
Packet size 512 bytes
5.2 RESULT ANALYSIS
The snapshot showing the attack detection and isolation is shown in Figure 3. The effectiveness of
the proposed PDS approach is studied in terms of bandwidth, packet delivery ratio, end to end
delay and packet drop is discussed in detail below.
7. International Journal of Security, Privacy and Trust Management ( IJSPTM) Vol 2, No 3, June 2013
23
Figure 3. Detection and Isolation (Grey nodes)
Bandwidth consumption
It is measured as the average number of packets received by the intermediate node from source to
destination over a period of time and expressed in Mbps. Figure.4 shows the bandwidth
consumption drastically increases throughout the simulation time as the attacker (5 attackers) send
out more RREQ packets into the network. By launching the PDS detection scheme the bandwidth
consumption is reduced by 54% as it is detecting and isolating the attacker which is clogging the
network with bogus RREQ packets. Table 2 shows the percentage reduction in bandwidth
consumption with the proposed PDS approach.
Figure 4. Bandwidth consumption comparison
Table.2 Bandwidth consumption in Mbps
Simulation
Time in
sec
In
Flooding
infected
AODV
In AODV
with PDS
%
reduction in
bandwidth
consumption
10 0.52499671 0.37969132 15%
20 1.04535121 0.58796673 46%
30 1.12453827 0.61022193 51%
40 1.17917472 0.63919989 53.1%
50 1.21107074 0.68091209 54.7%
8. International Journal of Security, Privacy and Trust Management ( IJSPTM) Vol 2, No 3, June 2013
24
End to end delay
It is the total time taken for the packet to reach from source to destination and it is measured in
seconds. Figure 5 shows the delay with flooding attack is more as the RREQ packets capture the
intermediate nodes, so the time taken by genuine packets to reach the destination is more [20].
With the launch of PDS, the delay is reduced by 2.3% as the attacker is detected and isolated from
participating in the network. Table 3 shows the decrease in delay with PDS detection scheme.
Figure 5. Delay comparison
Table.3 End to end delay in sec
Simulation
time in sec
In
Flooding
infected
AODV
In AODV
with PDS
%
decrease
in delay
10 1.529582 0.612438 0.9%
20 1.985656 0.630922 1.2%
30 2.575555 1.197620 1.38%
40 3.161111 1.211664 1.9%
50 3.773232 1.382199 2.3%
Packet delivery ratio (PDR)
The packet delivery ratio is the ratio of number of packets received at destination node to that of
number of packets sent by the source node. It is expressed in percentage. Figure 6 shows the
delivery ratio decreases to 68% with flooding attack. With the proposed PDS approach the PDR
again raises to 27% once the malicious node is detected and isolated. Table 4 shows the percentage
increase in PDR by launching PDS detection scheme.
Figure 6. Packet Delivery Ratio Comparison
9. International Journal of Security, Privacy and Trust Management ( IJSPTM) Vol 2, No 3, June 2013
25
Table.4 Packet delivery ratio in Percentage
Simulation
time in sec
In Flooding
infected
AODV
In AODV
with PDS
%
increase
in PDR
10 85.320715 87.579390 2%
20 83.381703 91.073361 8%
30 78.281703 91.993356 13%
40 73.181803 93.979390 20%
50 68.281703 95.698340 27%
Packet drop rate
Packet Drop rate is the ratio of number of packets dropped during transmission to that of number
of packets sent by the source node.Figure 7 shows the drop rate with floodign attack and PDS
detection scheme.The drop is more in case of flooding attack as more of RREQ capture the
channel and the destination node busy in processing the bogus RREQ so the packest buffered in
destination are dropped as the buffer interval[21] is over.By launching PDS mechanism the drop
rate is recued by 25% as the attacker is isolated from the network.Table 5 shows the drecease in
packet drop rate.
Figure 7. Packet drop rate comparison
Table 5. Packet drop rate in (%)
Simulation
time in sec
In
Flooding
infected
AODV
In AODV
with PDS
%
decrease
in drop
rate
10 22.618297 10.420610 12%
20 34.679285 21.788644 17%
30 42.133193 28.026639 20%
40 45.158780 20.748686 25%
50 45.119999 20.343434 25%
Response Time
PDS response time is when all the 5 Flooding nodes are detected and isolated from the network.
Figure 8 shows the response time of the proposed PDS approach. Here the entire 5 attacker are
isolated at different timings. The last attacker (5th
) is isolated at 17.4 second after which the
network is brought back to stable condition.
10. International Journal of Security, Privacy and Trust Management ( IJSPTM) Vol 2, No 3, June 2013
26
Figure 8.Response time of proposed PDS
PDS Performance Level
It describes the performance of the proposed PDS approach with different attack intensity. The
network parameters discussed above are analysed at each level of attackers (1 to 5).PDS response
time taken for each attacker and their effectiveness till the response time is discussed below.
Table 6. Performance interference table
It is observed from Table 6, that PDS isolates the 1st attacker at 9.34 seconds and completes
isolating the entire 5 attacker by end of 17.4 seconds. Bandwidth consumption has come down by
31% at the end on PDS response time. PDR improves by 28% when all the 5 attackers are isolated
by PDS during its response time. Packet drop rate improves by 26% from the initial isolation time
till the final response time. Average end to end delay has reduced to 0.93 seconds at the end of
PDS response time. From the above response time it is clear that the system is able to detect and
isolate attacker at faster rate
6. CONCLUSION AND FUTURE WORK
PDS detect the attacker as soon as the attacker starts exhibiting its attack behavior.PDS detects and
isolates the attacker efficiently with better response time and do not engage much overhead. In
future this work can be further extended for other kind of flooding attacks with respect to AODV
like hello packets; data packets etc.PDS can be applied for application involving POS (point of
sale) where timely delivery of data is more important in small mobile environment.
11. International Journal of Security, Privacy and Trust Management ( IJSPTM) Vol 2, No 3, June 2013
27
REFERENCES
[1] Imrich Chlamtac, Marco conti, Jennifer J, N.Liu, “Mobile ad hoc networking imperatives and
challenges”. Ad hoc networks I (2003) pages 13-64, Elseiver publications.
[2] V.Gupta, S.Krishnamurthy, and M.Faloutsos,”Denial of Service attacks at the MAC Layer in Wireless
Ad Hoc Networks”, In Proc.of MILCOM,2002.
[3] C.E Perkins, E.M Royer, “The Ad-hoc on-demand distance vector protocol (AODV)”, in Ad-hoc
networking,C.E.Perkins (Ed), pp 173-219, Addison- Wesley, 2001.
[4] R.H. Khokhar, Md. A.Ngadi, S. Manda. “A Review of Current Routing Attacks in Mobile Ad Hoc
Networks”, International Journal of Computer Science and Security, 2 (3), pp. 18-29, 2008.
[5] P.Ning, K.Sun,”How to Misuse AODV:A Case Study of Insider Attacks against Mobile Ad hoc
Routing Protocols”, Proceedings of the 4th Annual IEEE Information Assurance Workshop,60(2003).
[6] Bhuvaneshwari K, A. Francis Saviour Devaraj, “Examination of impact of flooding attack on
MANET and to accentuate on Performance degradation”, International Journal of Advanced
Networking and Applications, ISSN 0975-0290 Volume: 04 Issue: 04 pp. 1652-1656, 2013
[7] ZhiAng EU and Winston Khoon Guan SEAH, “Mitigating Route Request Flooding Attacks in Mobile
Ad hoc Networks”, Proceedings of International Conferences on Information networking (ICOIN-
2006),Sendai,Japan, 2006.
[8] Shishir K. Shandilya, SunitaSahu, “A trust based security scheme for RREQ flooding attack in
MANET” International Journal of Computer Applications (0975 – 8887), Volume 5-No.12, August
2010.
[9] Samesh R. Zakhary and Milena Randenkovic,”Reputation based security protocol for MANETs in
highly mobile disconnection –prone environments”, International conference on Wireless On-demand
Network Systems and Services (WONS), pp.161-167, Feb.2010.
[10] Neeraj Sharma, B.L. Raina, Prabha Rani et. al “Attack Prevention Methods For DDOS Attacks In
MANETS” AJCSIT 1.1 (2011) pp. 18-21.
[11] X. Jin, et al, "ZSBT: A novel algorithm for tracing DOS attackers in MANETs," EURASIP Journal
on Wireless Communications and Networking, vol.2006, pp.1-9, 2006.
[12] Y.-A. Huang and W. Lee, “A cooperative intrusion detection system for ad hoc networks,” In the
Proc. Of 1st ACM Workshop on Ad hoc and Sensor Networks,pp. 135-147, 2003.
[13] YinghuaGuo, StevenGordon, SylviePerreau,”A flow based detection mechanism against flooding
attack in mobile ad hoc networks” in proceedings of WCNC 2007.
[14] AODV, http://www.ietf.org/rfc/rfc3561.txt
[15] Bhuvaneshwari .K, A. Francis Saviour Devaraj, “ANP-Adaptive Node Profile based detection
mechanism for flooding attack in MANET”, International Journal of Advanced Networking and
Applications, ISSN 0975-0290 Volume: 04 Issue: 04, 2013
[16] S. Kannan, T. Maragatham, S. Karthik and V.P. Arunachalam; “A Study of Attacks, Attack Detection
and Prevention Methods in Proactive and Reactive Routing Protocols”; International Business
Management, 2011.
[17] Java simulator for MANET -Jist/swans http://jist.ece.cornell.edu/
[18] R. Barr, Z. Haas, and R. van Renesse. “JiST: An efficient approach to simulation using virtual
machines”. Software practice & experience, 35(6):539
[19] Geetha Jayakumar, Gopinath Ganapathi, “Reference Point Group Mobility and Random Waypoint
Models in Performance Evaluation of MANET Routing Protocols”, Journal of Computer Systems,
Networks, and Communications, 2008
[20] Lee K. Thong. “Performance Analysis of Mobile Adhoc Network Routing Protocols”. Thesis Paper
submitted to the Department of Computer Science, Naval Post Graduate School, Monterey, CA, 2004.
[21] YogeshChaba, Yudhvir Singh, Manish Joon, "Simulation Based Performance Analysis of On-
Demand Routing Protocols in MANETs,"Second International Conference on Computer Modeling
and Simulation, 2010.
12. International Journal of Security, Privacy and Trust Management ( IJSPTM) Vol 2, No 3, June 2013
28
Authors Biography
Bhuvaneshwari K is currently perusing her M.Tech in computer networks under VTU
University. She has 5 years of software industry experience in Retail and healthcare
domain providing ERP solutions. Her research interest includes security issues in
MANET, security in Cloud computing.
Dr A Francis Saviour Devaraj has done his B.Sc and M.Sc in Computer Science from
St.Xavier’s College, M.E (Computer Science & Engineering) from Anna University. He
obtained his PhD in computer Science from Manonmaniam Sundaranar University,
Tirunelveli. He has also obtained certification in CCNA. He is a life member in technical
societies like CSI, ISTE, CRSI, and ISOC. He has around eleven years of teaching
experience in leading educational institutions in India and abroad. He has authored/co-
authored research papers at the national and international levels. He has atten
ded/conducted various national and international level workshops/ seminars/conferences.