Monday, January 27, 2020

Securing MANET From Routing Attacks

Securing MANET From Routing Attacks CHAPTER 3 RESEARCH METHODOLOGY 3.1 RESEARCH PROBLEM The increasing demand and utilization of wireless technology is making the need for more secure wireless networks. From the security viewpoint MANET is one of the most interesting research fields. A MANET is generally exposed to vulnerabilities due to its open medium, rapidly varying network topology, lack of centralized control and lack of clear line protection and it suffers from a wide range of security threats and attacks. Attacks can be introduced into all the layers of protocol stack however the attacks on the routing layer are most detrimental. The attacks on the routing layer can be either from the outside the network or can take place within the network. The attacks from outside of the network contain no authentication information and can be avoided by employing authentication techniques and cryptographic schemes. The most common insider attacks include blackhole, wormhole, selective forwarding, RREQ and hello flooding, Sybil, sink hole and so on. Insider attackers are more critical compared to the outsider attack as the insider knows the valuable information and holds the access rights. To solve this issue, security solutions have to be proposed in order to secure MANET. The goal of this thesis is to analyse the impact of blackhole, wormhole and flooding attack under on-demand routing protocols such as AODV and DSR and to propose possible countermeasures to thwart these attacks. 3.2 AIM AND OBJECTIVES The aim of this research work is to secure the MANET from various routing attacks in order to improve the performance of the network. To achieve this aim, the following objectives are formulated: To analyse the impact of blackhole, wormhole and flooding attack under AODV and DSR routing protocol To analyse packet delivery ratio and end-to-end delay in case of black hole, wormhole and flooding attack using AODV and DSR protocol and the results of AODV and DSR are compared to evaluate which of these protocols are more susceptible to these kind of attacks. To develop defence mechanisms against blackhole, worm hole and flooding attack under AODV and DSR protocol. 3.3 SCOPE OF THE THESIS There exists various routing attacks in MANET such as blackhole, wormhole, Sybil, selective forwarding and flooding attack and so on. This research work considers only blackhole, wormhole and flooding attack and its impact on on-demand routing protocols such as AODV and DSR is analysed. Efficient detection techniques have been developed to mitigate the effect of these attacks against AODV and DSR routing protocol. The performance of these routing protocols using the detection techniques are evaluated in terms of packet delivery ratio and end-to-end delay. 3.4 SYSTEM ARCHITECTURE This research focuses on blackhole, wormhole and flooding attacks on AODV and DSR protocol. The architecture of the proposed system is given in Figure 3.1. Efficient techniques such as MSBD and ABM, MCHOP and CDCF, MCLUT and TSPS has been developed to detect blackhole, wormhole and flooding attacks under AODV protocol and techniques such as ABM, CDCF and TSPS have been developed to mitigate against blackhole, wormhole and flooding attacks under DSR protocol. The proposed techniques detect these attacks effectively and provide a secure path. Figure 3.1 An Overview Of Attacks On MANET Routing Protocol And Their Detection Techniques 3.5 DETECTION TECHNIQUES AGAINST BLACKHOLE, WORMHOLE AND FLOODING ATTACKS 3.5.1 MultiShared Bandwidth Approach for Blackhole Attack Detection The AODV protocol is vulnerable to the well-known black hole attack. In this thesis, the multishared approach is designed to prevent any alterations in the default operation of either the intermediate nodes or the destination nodes. Here, watchdog mechanism is incorporated with MultiShared Bandwidth (MSBD) approach to detect misbehaviour or abnormal activity of a node, once an abnormal activity is observed MSBD is initiated. The MSBD converts the data into 16 bit and further splits the 16 bit data into multiple shares. When multishared data is received by a node it checks the bandwidth of neighbouring nodes to transmit the data. Then it chooses the nodes with highest bandwidth along the path and sends the data through these selected paths. 3.5.2 MCHOP-A Cluster based Approach for Wormhole Attack Detection In AODV routing protocol, the intruder will attack the network using the attack like wormhole during the route discovery stage. A cluster based algorithm has been proposed to detect a wormhole attack on AODV routing protocol. In this approach, the network is partitioned into several clusters based on density based clustering algorithm. Here, AODV protocol is modified in such manner that it detects the wormhole attack based on the hop count comparison and time taken to receive RREP packets. The cluster head is responsible for adding certain fields such as hop count, destination address to the RREQ packet and it broadcasts it to the other cluster head in the network. Whenever the intermediate node receives the RREQ packets, it sends an ACK to the source node with hop count information and broadcasts it to the destination node. The destination node then unicasts the RREP to the source node utilizing the reverse path. The RREP is then validated by source node using the hop count informat ion and time taken for receiving the packet. 3.5.3 MCLUT- Clustering Approach for Flooding Attack Detection The proposed MCLUT approach is used to detect the flooding attack node by enabling the clustering approach and calculating the threshold value of each node in the cluster. Here dynamic threshold value is used. The threshold value is estimated based on the queue length of a node and its neighbour in the cluster. If a node does not satisfy the threshold value then it is considered as an intruder. Once the cluster head confirms that the node is intruder it then broadcast the message to other nodes to isolate the node from the cluster and the suspicious node is kept in observation. 3.5.4 Anomaly based Behaviour Monitoring Algorithm for Black hole Attack Detection under AODV and DSR protocol The proposed Anomaly based Behaviour Monitoring (ABM) algorithm detects blackhole attack on AODV and DSR protocol. This technique periodically checks and verifies whether the number of packets disseminated between source and destination are equal. Through this comparison, the source node could detect the presence of black hole node. 3.5.5 Channel Detection and Cut Defalconin algorithm for Wormhole Attack Detection on AODV and DSR Channel Detection and Cut Defalconin (CDCF) algorithm is proposed to detect wormhole attack on DSR and AODV protocol. This method detects a wormhole attack in the network based on the threshold limit and then provides a new route to forward the packet from source to destination. The threshold value is determined based on Round Trip Time (RTT) and a delay per hop (DPH) is calculated based on the RTT, while forwarding packet from source to destination with the malicious nodes, its take less Round Trip Time (RTT) to forward the packets to the destination, when forwarding packet from source to the destination without any malicious node attack, it takes more RRT to forward the packets to the destination. If the DPH of a node is smaller than all other nodes, then it indicates the wormhole attack presence. 3.5.6Transmission Sequence Based Packet Scanner Algorithm for Flooding Attack Detection on DSR and AODV. Flooding is a Denial of Service (Dos) that is designed to bring down the service of the network by flooding it with huge volume of traffic. Transmission Sequence based Packet Scanner (TSPS) technique has been proposed to detect flooding attack on DSR and AODV. The TSPS identifies the presence of flooding attack based on source id, empty packet, number of hops and transmission sequence number.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.