This document discusses vampire attacks on wireless sensor networks and proposes solutions. It begins by defining an ad hoc wireless sensor network and describing applications. It then defines a vampire attack as creating messages that drain network energy by forcing excessive processing. Existing protocols like PLGP are vulnerable as nodes can't validate packet paths. The document proposes PLGPa, which adds verifiable path histories to packets. This allows nodes to validate that packets always make forwarding progress toward the destination, preventing energy wastage from malicious rerouting. By satisfying the no-backtracking property, PLGPa provides provable security against vampire attacks.
Vampire attacks draining life from wireless ad hoc sensor networksIEEEFINALYEARPROJECTS
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09849539085, 09966235788 or mail us - ieeefinalsemprojects@gmail.co¬m-Visit Our Website: www.finalyearprojects.org
Review on Grey- Hole Attack Detection and PreventionIJARIIT
These Grey Hole attacks poses a serious security threat to the routing services by attacking the reactive routing protocols resulting in drastic drop of data packets. AODV (Ad hoc on demand Distance Vector) routing being one of the many protocols often becomes an easy victim to such attacks. The survey also gives up-to-date information of all the works that have been done in this area. Besides the security issues they also described the layered architecture of MANET, their applications and a brief summary of the proposed works that have been done in this area to secure the network from Grey Hole attacks
A Comparison of Routing Protocol for WSNs: Redundancy Based Approach A Compar...ijeei-iaes
Wireless Sensor Networks (WSNs) with their dynamic applications gained a tremendous attention of researchers. Constant monitoring of critical situations attracted researchers to utilize WSNs at vast platforms. The main focus in WSNs is to enhance network localization as much as one could, for efficient and optimal utilization of resources. Different approaches based upon redundancy are proposed for optimum functionality. Localization is always related with redundancy of sensor nodes deployed at remote areas for constant and fault tolerant monitoring. In this work, we propose a comparison of classic flooding and the gossip protocol for homogenous networks which enhances stability and throughput quiet significantly.
Wireless Sensor Networks (WSNs) are used nowadays, and therefore have broad range of
interesting applications. WSN can be of hypersensitive nature and therefore might require enhanced
secured environment. In today's world WSNs are the basic means of communication. The resources like
battery power, processing capabilities, communication and transmitting range are limitations of the system.
One of the major challenges in Wireless Networks is the security concerns. Attacks affecting these types
of systems are increasing. One of the major resource consumption attacks called vampire attacks. It
includes Stretch attack and Carousal attack which affects node and even bring down the entire system by
draining the Battery power. In Stretch Attack, attackers construct wrong long routes which leads to
traversing almost every node in the network. Stretch attack, increases packet route length, and packets get
processed by a number of nodes. Carousel attackers introduce some packet within a route tranquil as a
sequence of loops, and so the same node appears in the route many times. The proposed system overcomes
this challenge by using the techniques which include the Energy weight detection algorithm and Route
Tracking algorithm, so energy consumption is reduced to a great extent. EWDA and Route Tracking
algorithm is used to detect and prevent the above problems.
Black Hole Attack:
A malicious node advertises the wrong paths as good paths to the source node during the pathfinding process.
When the source selects the path including the attacker node, the traffic starts passing through the adversary node and this node starts dropping the packets selectively or in whole.
Black hole region is the entry point to a large number of harmful attacks.
Vampire attacks draining life from wireless ad hoc sensor networksIEEEFINALYEARPROJECTS
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09849539085, 09966235788 or mail us - ieeefinalsemprojects@gmail.co¬m-Visit Our Website: www.finalyearprojects.org
Review on Grey- Hole Attack Detection and PreventionIJARIIT
These Grey Hole attacks poses a serious security threat to the routing services by attacking the reactive routing protocols resulting in drastic drop of data packets. AODV (Ad hoc on demand Distance Vector) routing being one of the many protocols often becomes an easy victim to such attacks. The survey also gives up-to-date information of all the works that have been done in this area. Besides the security issues they also described the layered architecture of MANET, their applications and a brief summary of the proposed works that have been done in this area to secure the network from Grey Hole attacks
A Comparison of Routing Protocol for WSNs: Redundancy Based Approach A Compar...ijeei-iaes
Wireless Sensor Networks (WSNs) with their dynamic applications gained a tremendous attention of researchers. Constant monitoring of critical situations attracted researchers to utilize WSNs at vast platforms. The main focus in WSNs is to enhance network localization as much as one could, for efficient and optimal utilization of resources. Different approaches based upon redundancy are proposed for optimum functionality. Localization is always related with redundancy of sensor nodes deployed at remote areas for constant and fault tolerant monitoring. In this work, we propose a comparison of classic flooding and the gossip protocol for homogenous networks which enhances stability and throughput quiet significantly.
Wireless Sensor Networks (WSNs) are used nowadays, and therefore have broad range of
interesting applications. WSN can be of hypersensitive nature and therefore might require enhanced
secured environment. In today's world WSNs are the basic means of communication. The resources like
battery power, processing capabilities, communication and transmitting range are limitations of the system.
One of the major challenges in Wireless Networks is the security concerns. Attacks affecting these types
of systems are increasing. One of the major resource consumption attacks called vampire attacks. It
includes Stretch attack and Carousal attack which affects node and even bring down the entire system by
draining the Battery power. In Stretch Attack, attackers construct wrong long routes which leads to
traversing almost every node in the network. Stretch attack, increases packet route length, and packets get
processed by a number of nodes. Carousel attackers introduce some packet within a route tranquil as a
sequence of loops, and so the same node appears in the route many times. The proposed system overcomes
this challenge by using the techniques which include the Energy weight detection algorithm and Route
Tracking algorithm, so energy consumption is reduced to a great extent. EWDA and Route Tracking
algorithm is used to detect and prevent the above problems.
Black Hole Attack:
A malicious node advertises the wrong paths as good paths to the source node during the pathfinding process.
When the source selects the path including the attacker node, the traffic starts passing through the adversary node and this node starts dropping the packets selectively or in whole.
Black hole region is the entry point to a large number of harmful attacks.
Black hole Attack Avoidance Protocol for wireless Ad-Hoc networksijsrd.com
A Mobile Ad-Hoc Network is a collection of mobile nodes or a temporary network set up by wireless mobile nodes moving arbitrary in the places that have no network infrastructure in such a manner that the interconnections between nodes are capable of changing on continual basis. Thus the nodes find a path to the destination node using routing protocols. However, due to security vulnerabilities of the routing protocols, wireless ad-hoc networks are unprotected to attacks of the malicious nodes. Various attacks and one of those attacks is the Black Hole Attack against network integrity absorbing all data packets in the network. Since the data packets do not reach the destination node on account of this attack, data loss will occur. Therefore, it is a severe attack that can be easily employed against routing in mobile ad hoc networks. There are lots of detection and defense mechanisms to eliminate the intruder that carry out the black hole attack. . Virtual Infrastructure achieves reliable transmission in Mobile Ad Hoc Network. Black Hole Attack is the major problem to affect the Virtual Infrastructure. In this paper, approach on analyzing and improving the security of AODV, which is one of the popular routing protocols for MANET. Our aim is to ensuring the avoidance against Black hole attack.
Mobile Ad-Hoc Networks are most usefully in current environments. It’s required high performance, networks load and Throughput. In Mobile Ad-hoc Networks Routing is the hot topic for research. Basically two types routing protocols are work in the mobile Ad-hoc Networks: 1) Proactive and 2) Reactive. Researchers have projected different routing algorithm. Important work has been done on routing in ad hoc networks, some of the important works so far were the destination-sequence distance vector (DSDV) protocol, the temporally ordered routing protocol (TORA), dynamic source routing protocol (DSR) and ad hoc on demand routing protocol (AODV). These algorithms use Open Shortest Path First (OSPF) for find optimum route source to destination.ThesisScientist.com
Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...Editor IJCATR
One of the most effective way to prevent unauthorized and corrupted message from being forward in wireless sensor
network. So to restrict these problems many authentication schemes have been developed based on symmetric key cryptosystem. But
there is high computational and communication overhead in addition to lack of scalability and resilience to node compromise attacks.
So to address these isuues polynomial based scheme[1] was introduced. But in these methods it having the threshold problem that
means to send the limited message only because to send larger number of message means the attacker can fully recover. So in my
existing system a scalable message authentication scheme based on elliptic curve cryptography. This scheme allows any node to
transmit an unlimited number of messages without suffering the threshold problem. But these method only detect the black hole and
grey hole attacks are dected but does not detect the worm hole attack. In my proposed system to detect the worm hole attack. Worm
hole attack is one of the harmful attack to which degrade the network performance. So, in the proposed system, one innovative
technique is introduced which is called an efficient wormhole detection mechanism in the wireless sensor networks. In this method,
considers the RTT between two successive nodes and those nodes‟ neighbor number which is needed to compare those values of other
successive nodes. The identification of wormhole attacks is based on the two faces. The first consideration is that the transmission time
between two wormhole attack affected nodes is considerable higher than that between two normal neighbor nodes. The second
detection mechanism is based on the fact that by introducing new links into the network, the adversary increases the number of
neighbors of the nodes within its radius. An experimental result shows that the proposed method achieves high network performance..
Performance evaluation of rapid and spray and-wait dtn routing protocols unde...eSAT Journals
Abstract DTN (Delay Tolerant Network) is a new concept in the field of wireless networks. It enables communication in challenged environment where traditional network fails. Unlike other ad hoc wireless network it does not demand for end to end node connectivity. DTN is based on store carry and forward principle. This mechanism is implemented using bundle protocol. DTN nodes have capabilities such as radio interface, movement, persistent storage, message routing and energy consumption .Here a node might accumulate a message in its buffer and carry it for limited time, waiting till a suitable forwarding opportunity is acquired. Multiple message duplication into the network is done to increase delivery probability. The main objective of DTN Routing is to build a powerful network between various nodes (mobile devices, planetary vehicles etc) so that good delivery probability and less delay are obtained. This unique mechanism poses a security challenge. A sophisticated attack observed is black hole attack in which malicious intermediate node are present in network that can provide attacked forged metrics to another node. The aim of this work is to simulate and analyze routing protocol of DTN when nodes enter in environment with black hole attack. The work has been carried out with ONE (opportunistic network environment) simulator. The performance of routing protocols (RAPID and Spray and Wait) are tested for different number of attacking nodes. The analysis indicates there is decrease in delivery probability, hop count average and buffer time average. But latency average first increases and then start decreasing. The overhead ratio increases using Spray and Wait Protocol but with RAPID protocol, it decreases with increasing black hole attacking nodes. Index Terms: DTN, ONE, etc.
Performance evaluation of rapid and spray and-wait dtn routing protocols unde...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
International Journal of Engineering and Science Invention (IJESI) inventionjournals
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Performance investigation of re shuffling packet attack on transport layer pr...eSAT Journals
Abstract Over the past decade, the wireless world has experienced significant developments. The emergence and proliferation of radio frequency networking products, wireless devices like handheld, wearable and portable computers, Personal Digital Assistants (PDA)s, cellular phone have given rise to a kind of wireless revolution. A mobile ad hoc network is much more assailable to attacks than a wired network due to its limited physical security, high mobility and lack of centralized administration. In this paper, we present and analyze the effects of re-shuffling attack on TCP based mobile ad-hoc networks named as Packet Re-Shuffling. In the packet reshuffling attack the malicious node will reorder the packets in its FIFO buffer before forwarding them towards their destination. Due to the out of order delivery the retransmission time out of the packet is triggered and the source TCP and UDP has to retransmit the packet. In this way it also stops the TCP to perform the congestion avoidance technique. A malicious node will always participate in route setup operations. For example, if source routing is employed, malicious nodes always relay Route Request packets in order to have as many routes as possible flowing through themselves; if distance vector routing is employed, malicious nodes will also obey all control-plane protocol specifications. However, once a route is established, attacking nodes will thwart the end-to-end throughput of the flow via above mentioned attacks. The effect of the proposed attack is analyzed with the simulation results generated using the trial version of the simulator known as Exata Cyber 2.0. The simulation results are given in terms of metrics such as data flow throughput, Packet Retransmission, average end-to-end delay and packet delivery ratio. In this paper, we are giving The study on UDP and TCP. Keywords: MANETs; Multimedia Streaming; Routing protocols; QoS; Topology; Node Mobility; Network Scalability;
GEOGRAPHIC INFORMATION-BASED ROUTING OPTIMIZATION USING GA FOR CLUSTER-BASED ...ijwmn
Wireless sensor networks are used for data collection and event detection in various fields such as homenetworks, military systems, and forest fire monitoring, and are composed of many sensor nodes and a basestation. Sensor nodes have limited computing power, limited energy, are randomly distributed in an open environment that operates independently, and have difficulties in individual management. Taking advantage of those weaknesses, attackers can compromise sensor nodes for various kinds of network attacks. Several security protocols have been proposed to prevent these attacks. Most of the security protocols form routings with cluster head nodes. In the case of routing using only cluster head nodes, it is difficult to re-route when the size of the cluster is increased or the number of the surviving nodes is reduced. To prevent these attacks, the proposed scheme maintains security in a cluster-based security protocol and shows energy efficient routing using genetic algorithm by selecting the appropriate cluster head nodes and
utilizing the characteristics of the sensor node with different transmission outputs based on the distance between each node. In this paper, we use a probabilistic voting-based filtering scheme, one of the clusterbased security protocols, and the shortest path, which is a hierarchical routing protocol that the original probabilistic voting-based filtering scheme is using, to test the proposed scheme. This experiment shows the performance comparison of the routing success rate and routing cost according to the number of nodes on the field, as well as the performance comparison according to the cluster size per number of nodes.
Black hole Attack Avoidance Protocol for wireless Ad-Hoc networksijsrd.com
A Mobile Ad-Hoc Network is a collection of mobile nodes or a temporary network set up by wireless mobile nodes moving arbitrary in the places that have no network infrastructure in such a manner that the interconnections between nodes are capable of changing on continual basis. Thus the nodes find a path to the destination node using routing protocols. However, due to security vulnerabilities of the routing protocols, wireless ad-hoc networks are unprotected to attacks of the malicious nodes. Various attacks and one of those attacks is the Black Hole Attack against network integrity absorbing all data packets in the network. Since the data packets do not reach the destination node on account of this attack, data loss will occur. Therefore, it is a severe attack that can be easily employed against routing in mobile ad hoc networks. There are lots of detection and defense mechanisms to eliminate the intruder that carry out the black hole attack. . Virtual Infrastructure achieves reliable transmission in Mobile Ad Hoc Network. Black Hole Attack is the major problem to affect the Virtual Infrastructure. In this paper, approach on analyzing and improving the security of AODV, which is one of the popular routing protocols for MANET. Our aim is to ensuring the avoidance against Black hole attack.
Mobile Ad-Hoc Networks are most usefully in current environments. It’s required high performance, networks load and Throughput. In Mobile Ad-hoc Networks Routing is the hot topic for research. Basically two types routing protocols are work in the mobile Ad-hoc Networks: 1) Proactive and 2) Reactive. Researchers have projected different routing algorithm. Important work has been done on routing in ad hoc networks, some of the important works so far were the destination-sequence distance vector (DSDV) protocol, the temporally ordered routing protocol (TORA), dynamic source routing protocol (DSR) and ad hoc on demand routing protocol (AODV). These algorithms use Open Shortest Path First (OSPF) for find optimum route source to destination.ThesisScientist.com
Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...Editor IJCATR
One of the most effective way to prevent unauthorized and corrupted message from being forward in wireless sensor
network. So to restrict these problems many authentication schemes have been developed based on symmetric key cryptosystem. But
there is high computational and communication overhead in addition to lack of scalability and resilience to node compromise attacks.
So to address these isuues polynomial based scheme[1] was introduced. But in these methods it having the threshold problem that
means to send the limited message only because to send larger number of message means the attacker can fully recover. So in my
existing system a scalable message authentication scheme based on elliptic curve cryptography. This scheme allows any node to
transmit an unlimited number of messages without suffering the threshold problem. But these method only detect the black hole and
grey hole attacks are dected but does not detect the worm hole attack. In my proposed system to detect the worm hole attack. Worm
hole attack is one of the harmful attack to which degrade the network performance. So, in the proposed system, one innovative
technique is introduced which is called an efficient wormhole detection mechanism in the wireless sensor networks. In this method,
considers the RTT between two successive nodes and those nodes‟ neighbor number which is needed to compare those values of other
successive nodes. The identification of wormhole attacks is based on the two faces. The first consideration is that the transmission time
between two wormhole attack affected nodes is considerable higher than that between two normal neighbor nodes. The second
detection mechanism is based on the fact that by introducing new links into the network, the adversary increases the number of
neighbors of the nodes within its radius. An experimental result shows that the proposed method achieves high network performance..
Performance evaluation of rapid and spray and-wait dtn routing protocols unde...eSAT Journals
Abstract DTN (Delay Tolerant Network) is a new concept in the field of wireless networks. It enables communication in challenged environment where traditional network fails. Unlike other ad hoc wireless network it does not demand for end to end node connectivity. DTN is based on store carry and forward principle. This mechanism is implemented using bundle protocol. DTN nodes have capabilities such as radio interface, movement, persistent storage, message routing and energy consumption .Here a node might accumulate a message in its buffer and carry it for limited time, waiting till a suitable forwarding opportunity is acquired. Multiple message duplication into the network is done to increase delivery probability. The main objective of DTN Routing is to build a powerful network between various nodes (mobile devices, planetary vehicles etc) so that good delivery probability and less delay are obtained. This unique mechanism poses a security challenge. A sophisticated attack observed is black hole attack in which malicious intermediate node are present in network that can provide attacked forged metrics to another node. The aim of this work is to simulate and analyze routing protocol of DTN when nodes enter in environment with black hole attack. The work has been carried out with ONE (opportunistic network environment) simulator. The performance of routing protocols (RAPID and Spray and Wait) are tested for different number of attacking nodes. The analysis indicates there is decrease in delivery probability, hop count average and buffer time average. But latency average first increases and then start decreasing. The overhead ratio increases using Spray and Wait Protocol but with RAPID protocol, it decreases with increasing black hole attacking nodes. Index Terms: DTN, ONE, etc.
Performance evaluation of rapid and spray and-wait dtn routing protocols unde...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
International Journal of Engineering and Science Invention (IJESI) inventionjournals
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Performance investigation of re shuffling packet attack on transport layer pr...eSAT Journals
Abstract Over the past decade, the wireless world has experienced significant developments. The emergence and proliferation of radio frequency networking products, wireless devices like handheld, wearable and portable computers, Personal Digital Assistants (PDA)s, cellular phone have given rise to a kind of wireless revolution. A mobile ad hoc network is much more assailable to attacks than a wired network due to its limited physical security, high mobility and lack of centralized administration. In this paper, we present and analyze the effects of re-shuffling attack on TCP based mobile ad-hoc networks named as Packet Re-Shuffling. In the packet reshuffling attack the malicious node will reorder the packets in its FIFO buffer before forwarding them towards their destination. Due to the out of order delivery the retransmission time out of the packet is triggered and the source TCP and UDP has to retransmit the packet. In this way it also stops the TCP to perform the congestion avoidance technique. A malicious node will always participate in route setup operations. For example, if source routing is employed, malicious nodes always relay Route Request packets in order to have as many routes as possible flowing through themselves; if distance vector routing is employed, malicious nodes will also obey all control-plane protocol specifications. However, once a route is established, attacking nodes will thwart the end-to-end throughput of the flow via above mentioned attacks. The effect of the proposed attack is analyzed with the simulation results generated using the trial version of the simulator known as Exata Cyber 2.0. The simulation results are given in terms of metrics such as data flow throughput, Packet Retransmission, average end-to-end delay and packet delivery ratio. In this paper, we are giving The study on UDP and TCP. Keywords: MANETs; Multimedia Streaming; Routing protocols; QoS; Topology; Node Mobility; Network Scalability;
GEOGRAPHIC INFORMATION-BASED ROUTING OPTIMIZATION USING GA FOR CLUSTER-BASED ...ijwmn
Wireless sensor networks are used for data collection and event detection in various fields such as homenetworks, military systems, and forest fire monitoring, and are composed of many sensor nodes and a basestation. Sensor nodes have limited computing power, limited energy, are randomly distributed in an open environment that operates independently, and have difficulties in individual management. Taking advantage of those weaknesses, attackers can compromise sensor nodes for various kinds of network attacks. Several security protocols have been proposed to prevent these attacks. Most of the security protocols form routings with cluster head nodes. In the case of routing using only cluster head nodes, it is difficult to re-route when the size of the cluster is increased or the number of the surviving nodes is reduced. To prevent these attacks, the proposed scheme maintains security in a cluster-based security protocol and shows energy efficient routing using genetic algorithm by selecting the appropriate cluster head nodes and
utilizing the characteristics of the sensor node with different transmission outputs based on the distance between each node. In this paper, we use a probabilistic voting-based filtering scheme, one of the clusterbased security protocols, and the shortest path, which is a hierarchical routing protocol that the original probabilistic voting-based filtering scheme is using, to test the proposed scheme. This experiment shows the performance comparison of the routing success rate and routing cost according to the number of nodes on the field, as well as the performance comparison according to the cluster size per number of nodes.
Vampire attack a novel method for detecting vampire attacks in wireless ad –h...IJLT EMAS
Ad-hoc wireless networks are dynamic in nature. Adhoc
networks are not depends on any predefined infrastructure.
Whenever there is need of communication at that point these
network can be deployed. In this paper we discuss Vampire
attacks. All protocols susceptible for vampire attack. Vampire
attacks are very easy to carry out throughout the network and
difficult to detect. Wireless sensor networks (WSNs) are the
foremost promising research direction in sensing and pervasive
computing. Previous security work has focused totally on denial
of service at the routing or medium access management levels.
Earlier, the resource depletion attacks are thought about solely
as a routing drawback, very recently these are classified into new
category as “vampire attacks”. Planned work examines the
resource depletion attacks at the routing protocol layer that
disable networks permanently by quickly debilitating node’s
battery power.
Malicious attack detection and prevention in ad hoc network based on real tim...eSAT Journals
Abstract This paper deals with Real Time Operating System (RTOS) based secure wormhole detection and prevention in ad hoc networks. The wormhole attack can form a serious threat to wireless networks, especially against many ad hoc network routing protocols and location based wireless security systems. A wormhole is created in the ad hoc network by introducing two malicious nodes. These two nodes form a worm hole link and message is transmitted through this link. The next part of the work is to detect the wormhole link by defining worm hole detection and prevention algorithm. After detecting suspicious links, one node performs a verification procedure for each suspicious link. The detection procedure and verifying procedure of suspicious worm link are used for further prevention of wormhole attack in the ad hoc network.
Malicious attack detection and prevention in ad hoc network based on real tim...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Prevention of Malicious Nodes and Attacks in Manets Using Trust worthy MethodIJTET Journal
In Manet the first demand is co-operative communication among nodes. The malicious nodes might cause security issues like grey hole and cooperative attacks. To resolve these attack issue planning Dynamic supply routing mechanism, that is referred as cooperative bait detection theme (CBDS) that integrate the advantage of each proactive and reactive defence design is used. In region attacks, a node transmits a malicious broadcast informing that it's the shortest path to the destination, with the goal of intercepting messages. During this case, a malicious node (so-called region node) will attract all packets by victimisation solid Route Reply (RREP) packet to incorrectly claim that “fake” shortest route to the destination then discard these packets while not forwarding them to the destination. In grey hole attacks, the malicious node isn't abs initio recognized in and of itself since it turns malicious solely at a later time, preventing a trust-based security resolution from detective work its presence within the network. It then by selection discards/forwards the info packets once packets undergo it. During this we have a tendency to focus is on detective work grey hole/collaborative region attacks employing a dynamic supply routing (DSR)-based routing technique.
A adaptive neighbor analysis approach to detect cooperative selfish node in m...Jyoti Parashar
A mobile network is a dynamic reconfigurable network with heavy traffic over the network. As the network is available widely, there are more chances of inclusion of external nodes that behave as the attack node. One of the problems in mobile network is the cooperative selfish node attack. In which more than one node cooperatively perform the attack. In such attack, the malicious nodes communicate effectively between them but as they get the packet from some other node, they do not forward the packets. The presented work is about the table driven cross check performed over each node to identify the trustfulness of a node.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
PACKET DROP ATTACK DETECTION TECHNIQUES IN WIRELESS AD HOC NETWORKS: A REVIEWIJNSA Journal
Wireless ad hoc networks have gained lots of attention due to their ease and low cost of deployment. This
has made ad hoc networks of great importance in numerous military and civilian applications. But, the lack
of centralized management of these networks makes them vulnerable to a number of security attacks. One
of the attacks is packet drop attack, where a compromised node drops packets maliciously. Several
techniques have been proposed to detect the packet drop attack in wireless ad hoc networks. Therefore, in
this paper we review some of the packet drop attack detection techniques and comparatively analyze them
basing on; their ability to detect the attack under different attack strategies (partial and or cooperate
attacks), environments and the computational and communication overheads caused in the process of
detection.
Enhance the Throughput of Wireless Network Using Multicast RoutingIOSR Journals
Abstract: Wireless Mesh Network is designed static or limited mobility environment .In multicast routing for wireless mesh networks has focused on metrics that estimate link quality to maximize throughput andtoprovide secure communication. Nodes must collaborate in order to compute the path metric and forward data.Node identify the novel attacks against high- throughput multicast protocols in wireless mesh network.. The attacks exploit the local estimation and global aggregation of the metric to allow attackers to attract a large amount of traffic These attacks are very effective based on high throughput metrics. The aggressive path selection is a double-edged sword: It is maximizes throughput, it also increases attack effectiveness. so Rate guard mechanism will be used.Rate guard mechanism means combines Measurement-based detection and accusation-based reaction techniques.The attacks and the defense using ODMRP, a representative multicast protocol for wireless mesh networks, and SPP, an adaptation of the well-known ETX unicast metric to the multicast setting. Keywords— Wireless mesh network,high throughput metrics, secure multicast routing,metric manipulation attacks, Byzantine attacks
Enhance the Throughput of Wireless Network Using Multicast RoutingIOSR Journals
Wireless Mesh Network is designed static or limited mobility environment .In multicast routing for
wireless mesh networks has focused on metrics that estimate link quality to maximize throughput
andtoprovide secure communication. Nodes must collaborate in order to compute the path metric and
forward data.Node identify the novel attacks against high- throughput multicast protocols in wireless
mesh network.. The attacks exploit the local estimation and global aggregation of the metric to allow
attackers to attract a large amount of traffic These attacks are very effective b a s e d on high
throughput metrics. The aggressive path selection is a double-edged sword: It is maximizes throughput,
it also increases attack effectiveness. so Rate guard mechanism will be used.Rate guard mechanism
means combines Measurement-based detection and accusation-based reaction techniques.The attacks
and the defense using ODMRP, a representative multicast protocol for wireless mesh networks, and
SPP, an adaptation of the well-known ETX unicast metric to the multicast setting
MANET is a dynamic network with large number of mobile nodes .As the traffic increases over the manet it will leads to number of problems i.e congestion and packet loss .This congestion and packet loss problems occurs due to the attack in manet .one of attack is black hole attack .As a result some packet loss over the network and slows the communication process.In this paper we are providing the solution against black hole attack which is based on fuzzy rule .fuzzy rule based solution identify the infected node as well as provide the solution to reduce data loss over network.
Privacy-Preserving and Truthful Detection of Packet Dropping Attacks in Wirel...Baddam Akhil Reddy
Link error and malicious packet dropping are two sources for packet losses in multi-hop wireless ad hoc network. In this project, while observing a sequence of packet losses in the network, we are interested in determining whether the losses are caused by link errors only, or by the combined effect of link errors and malicious drop. We are especially interested in the insider-attack case, where by malicious nodes that are part of the route exploit their knowledge of the communication context to selectively drop a small amount of packets critical to the network performance.
Responsive Parameter based an AntiWorm Approach to Prevent Wormhole Attack in...IDES Editor
The recent advancements in the wireless technology
and their wide-spread deployment have made remarkable
enhancements in efficiency in the corporate and industrial
and Military sectors The increasing popularity and usage of
wireless technology is creating a need for more secure wireless
Ad hoc networks. This paper aims researched and developed
a new protocol that prevents wormhole attacks on a ad hoc
network. A few existing protocols detect wormhole attacks but
they require highly specialized equipment not found on most
wireless devices. This paper aims to develop a defense against
wormhole attacks as an Anti-worm protocol which is based on
responsive parameters, that does not require as a significant
amount of specialized equipment, trick clock synchronization,
no GPS dependencies.
Analysis of Cluster Based Anycast Routing Protocol for Wireless Sensor NetworkIJMER
A wireless sensor network is a collection of nodes organized into a cooperative network.
Each node consists of processing capability, may contain multiple types of memory, have a RF
transceiver, have a power source, and accommodate various sensors and actuators. The nodes
communicate wirelessly and often self-organize after being deployed in an ad hoc fashion.
Routing protocols for wireless sensor networks are responsible for maintaining the routes in the
network and have to ensure reliable multi-hop communication .The performance of the network is
greatly influenced by the routing techniques. Routing is to find out the path to route the sensed data to
the base station. In this paper the features of WSNs are introduced and routing protocols are reviewed
for Wireless Sensor Network.
A Low Overhead Reachability Guaranteed Dynamic Route Discovery Mechanism for ...ijasuc
A crucial issue for a mobile ad hoc network is the handling of a large number of nodes. As more nodes join
the mobile ad hoc network, contention and congestion are more likely. The on demand routing protocols
which broadcasts control packets to discover routes to the destination nodes, generate a high number of
broadcast packets in a larger networks causing contention and collision. We propose an efficient route
discovery protocol, which reduces the number of broadcast packet, using controlled flooding technique.
The simulation results show that the proposed probabilistic flooding decreases the number of control
packets floating in the network during route discovery phase, without lowering the success ratio of path
discoveries. Furthermore, the proposed method adapts to the normal network conditions. The results show
that up to 70% of control packet traffic is saved in route discovery phase when the network is denser.
WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...ijsrd.com
The recent advancements in the wireless arena and their wide-spread utilization have introduced new security vulnerabilities. The wireless media being shared is exposed to outside world, so it is susceptible to various attacks at different layers of OSI network stack. For example, jamming and device tampering at the physical layer; disruption of the medium access control (MAC) layer; routing attacks like Blackhole, rushing, wormhole; targeted attacks on the transport protocol like session hijacking, SYN flooding or even attacks intended to disrupt specific applications through viruses, worms and Trojan Horses. Wormhole attack is one of the serious routing attacks amongst all the network layer attacks launched on MANET. Wormhole attack is launched by creation of tunnels and it leads to total disruption of the routing paths on MANET. In this paper, Wormhole detection algorithm (WDA) is proposed based on modifying the forwarding packet process that detects and isolates wormhole nodes in ad hoc on demand distance vector (AODV) routing protocol.
Similar to Vampireattacks 131109081959-phpapp02 (20)
WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...
Vampireattacks 131109081959-phpapp02
1.
2. Introduction
Ad hoc Wireless Sensor Network :
decentralized type of wireless network
Ad hoc : It does not rely on pre existing infrastructure such as routers in
wired networks and access points in managed wireless networks.
Each node participates in routing by forwarding packets.
all devices have equal status in the network
Applications:
Ubiquitous on demand computing power
Continuous connectivity
Instantly deployable communication for military and first responders
Monitor environmental conditions , factory performance and troop
deployment.
3. Vampire attack:
Definition: : Vampire attack means creating and sending messages by
malicious node which causes more energy consumption by the
network leading to slow depletion of node’s battery life.
Features:
Vampire attacks are not protocol specific
They don’t disrupt immediate availability
Vampires use protocol compliant messages
Transmit little data with largest energy drain
Vampires do not disrupt or alter discovered paths
4. Areas of Seminar & Technology
Area related to seminar: PROTECTION FROM VAMPIRE ATTACK ON
ROUTING PROTOCOL
Areas of seminar includes:
Evaluates vulnerabilities of existing protocols to battery depletion
attacks
Show Simulation results quantifying the performance of several
protocols in the presence of a single Vampire
Modification of an existing sensor network routing protocol to bound
the damage from Vampire attacks
5. Literature Survey
ATTACK FEATURES DISADVANTAGES
OF DEFENSES
REFERENCES
Sleep
Deprivation
Torture
Prevents nodes
from entering sleep
cycle and depletes
batteries faster
It considers attacks
only at the Medium
Access Control(MAC)
David R
Raymond and
Randy C
Marchany ,2009
Resource
Exhaustion
Mentions resource
exhaustion at MAC
and transport
layers
Only offers rate
limiting and
elimination of insider
adversaries
Anthony D
Wood and John
A.Stankovic,2002
Flood Attack Multiple request
connections to
server ,run out of
resources
Punishes nodes that
produce bursty traffic
but may not send
much data
Daniel J.
Bernstein,1996
6. ATTACKS FEATURES DISADVANTAGES REFERENCES
Reduction of
Quality
Attacks
Produce long term
degradation in
networks
Focus is only on
transport layer and not
on routing protocols.
Sharon Goldberg
and David
Xiao,2008
DoS Attacks Malefactor
overwhelms honest
nodes with large
amounts of data
Applicable only to
traditional DoS,
Doesn’t work with
intelligent adversaries
i.e. protocol compliant
Jing Deng and
Richard
Han,2005
Wormhole
attack &
Directional
Antenna
attack
Allows connection
b/w two non
neighbouring
malicious nodes :
disrupt route
discovery
Packet Leashes:
Solution comes at high
cost and is not always
applicable
INFOCOM,2003
7. TECHNOLOGY FEATURES DISADVANTAGES REFERENCES
Minimal Energy
Routing
Increase the
lifetime of power
constrained
networks using less
energy to transmit
and receive packets
Vampire attacks
increase energy usage
even in minimal
energy routing
Jae-Hwan Chang
and Leandros
Tassiulas,2004
8. Vampire attack
Definition: Vampire attack [1] means creating and sending messages by
malicious node which causes more energy consumption by the
network leading to slow depletion of node’s battery life.
Two types:
Attack on Stateless Protocols
Attack on Stateful Protocols
Stateless Protocols:
Same as source routing protocol
Source node specifies entire route to destination within packet header.
Intermediaries don’t make independent forwarding decisions.
Stateful Protocols:
Nodes are aware of their topology, state, forwarding decisions.
Nodes make local forwarding decisions on that stored state.
Two important classes are : link state and distance –vector
9. Attacks on Stateless Protocols
Types of attacks :
Carousel attack
Stretch attack
Carousel Attack:
Adversary sends packets with
routes composed of a series of
loops.
Exploits limited verification of
message headers at forwarding
nodes
Used to increase the route
length beyond no of nodes in
network
Theoretical limit: energy usage
increase by a factor of O(λ),
where λ is the maximum route
length.
10. •Stretch Attack
adversary constructs artificially
long routes traversing every node
in the network.
Causes packets to traverse larger
than optimal no of nodes
Causes nodes that doesn’t lie on
optimal path to process packets
Theoretical limit: energy usage
increase of factor O(min(N, λ)),
where N is the number of nodes
in the network and λ is the
maximum path length allowed.
Potentially less damaging per
packet than the carousel attack, as
the no of hops per packet is
bounded by the number of
network nodes.
11. Attack on Stateful Protocols
Types of attacks:
Directional antenna attack
Malicious Discovery attack
Directional Antenna attack:
Energy can be wasted by restarting packet in various parts of network
Using a directional antenna adversaries can deposit packets in arbitrary parts of
the network.
Consumes energy of nodes that would not have had to process the original
packet.
Half Wormhole attack – as a directional antenna constitutes a private
communication channel.
Packet leashes cannot prevent this attack as they are not to protect against
malicious message sources only intermediaries.
12. Malicious Discovery Attack:
Also known as Spurious route discovery.
Falsely claims that a link is down or claim a new link to non existent
node
More serious when nodes claim a long distance route has changed.
Trivial in open networks
In closed networks : repeatedly announce and withdraw routes
Theoretical energy usage increase of a factor of O(N) per packet.
Packet leashes cannot prevent: originators are malicious
13. Existing System & Disadvantages
Clean Slate Sensor Network Routing
Developed By Parno,Luk, Gaustad and Perrig (PLGP).
Original version is vulnerable to vampire attacks
Can be Modified to resist vampire attacks
Two phases:
Topology Discovery Phase
Packet Forwarding phase
Discovery organizes nodes to trees
Initially : each node knows only itself
At end of discovery each node should compute the same
address tree as other nodes.
All leaf nodes are physical nodes in network and virtual
addresses corresponds to their position in the network.
14. Clean Slate Sensor Network Routing (Contd..)
Topology Discovery Phase:
Every node broadcast certificate
of identity including public key.
Each node starts as its own
group size one ,with virtual
address zero
Groups merge with smallest
neighbouring group
Each group chooses 0 or 1 when
merge with another group.
Each member prepends group
address to their own address
Gateway nodes
By end each node knows every
nodes virtual address ,public key
and certificate.
Network converges to a single
group
15. Packet forwarding phase:
All decisions are made
independently by each node
A node when receives a packet
determines next hop by finding the
most significant bit of its address
that differs from the message
originators address.
Every forwarding event shortens
the logical distance to destination
16. PLGP in presence of vampires:
forwarding nodes don’t know the path of a packet and allowing adversaries to
divert packet to any part of the network.
Honest node may be farther away from the destination than malicious nodes.
But honest node knows only its address and destination address.
Vampire moves packet away from the destination
Theoretical energy increase of O(d) where d is the network diameter and N the
number of network nodes.
Worse if packet returns to vampire as it can reroute
17. Provable Security against vampire
attacks
•No-backtracking property:
Satisfied for a given packet if and only if it consistently makes progress
toward its destination in the logical network address space.
More formally:
No-backtracking is satisfied if every packet p traverses the same number of
hops whether or not an adversary is present in the network.
Case 1: L is honest
Case 2: L is Malicious
L
L
…(hops) …
…(hops) …
D
D
•Same no of Hops
•Same network wide energy utilization
•is independent of the actions of malicious nodes
No-backtracking implies Vampire resistance
Nodes keep track of route cost
18. Provable Security against vampire
attacks (contd..)
PLGP does not satisfy No-backtracking property:
In PLGP packets are forwarded along the shortest route through the tree
that is allowed by the physical topology.
Since the tree implicitly mirrors the topology and since every node holds
an identical copy of the address tree, every node can verify the optimal next
logical hop.
However, this is not sufficient for no-backtracking to hold, since nodes cannot be
certain of the path previously traversed by a packet.
Adversaries can always lie about their local metric cost
PLGP is still vulnerable
19. Proposed System:
Propose PLGP with attestations (PLGPa):
Add a verifiable path history to every PLGP packet
PLGPa uses this packet history together with PLGP’s tree routing
structure so every node can securely verify progress, preventing any
significant adversarial influence on the path taken by any packet which
traverses at least one honest node.
These signatures form a chain attached to every packet, allowing any node
receiving it to validate its path. Every forwarding node verifies the
attestation chain to ensure that the packet has never traveled away from its
destination in the logical address space.
packet forwarding for PLGPa
20. PLGPa satisfies no-backtracking
•All messages are signed by their originator .
•adversary can only alter packet fields that are changed en route, so only the route
attestation field can be altered, shortened, or removed entirely.
•To prevent truncation, use one-way signature chain construction
•The hop count of a packet is defined as follows:
Definition. The hop count of packet p, received or forwarded by an honest node, is no
greater than the number of entries in p’s route attestation field, plus 1.
•When any node receives a message, it checks that every node in the path attestation 1) has
a corresponding entry in the signature chain, and 2) is logically closer to the destination
than the previous hop in the chain. This way, forwarding nodes can enforce the forward
progress of a message, preserving no-backtracking.
Theorem 1. A PLGPa packet p satisfies no-backtracking in the presence of an adversary
controlling m < N - 3 nodes if p passes through at least one honest node.
21. Proof:
…Since each possible adversarial action
which results in backtracking violates
an assumption , The proof is complete
22. Comparison of Existing Vs Proposed System
PLGP PLGPa
PLGP does not have attestation It is PLGP with attestation
Forwarding nodes doesn’t know the
path of the packet
Each packet has a verifiable path history
Does not hold Backtracking Holds Backtracking
Vulnerable to Vampire attacks Resistant to vampire attacks
23. Advantages of Proposed System
PLGPa never floods
Packet forwarding overhead is favourable
Demonstrates more equitable routing load
distribution and path diversity
Even without dedicated hardware, the cryptographic
computation required for PLGPa is tractable even on
8-bit processors.
24. Future Scope
Ad hoc wireless sensor networks promise exciting new
applications in the near future.
As WSN’s become more and more crucial to everyday
life availability faults become less tolerable
Thus high availability of these nodes is critical and
must hold even under malicious conditions.
25. References
[1] Frank Stajano and Ross Anderson, The resurrecting duckling: security
issues for ad-hoc wireless networks, International workshop on security
protocols, 1999.
[2] Haowen Chan and Adrian Perrig, Security and privacy in sensor
networks,
Computer 36 (2003)
[3] Denial of service attacks(Timothy J. McNevin, Jung-Min Park), 2004
[4] Path-quality monitoring in the presence of adversaries(] Sharon
Goldberg, David Xiao),2008.
[5] Packet leashes: A defence against wormhole attacks in wireless
ad hoc networks, INFOCOM, 2003.
[6] Securing ad hoc routing protocols,(Manel Guerrero Zapata and N.
Asokan), 2002