Routing security against flooding attacks

Routing security against data flooding attack in wireless mobile Ad Hoc networks
`1. Abstract:
Over the past decade, wireless technology has improved at a dramatic rate. The ubiquity, low cost, and high functionality of the newest wireless devices have opened the door for researchers to conduct new ways of using this technology. The main difficulty in designing routing algorithms for such a network is the large number of topology changes that the network undergoes due to device movement. Ad hoc networking allows wireless mobile devices to form networks without the need for any fixed centralized management .An ad hoc network is a collection of mobile wireless devices that cooperate with each other to route packets amongst themselves. The main difficulty in designing routing algorithms for such a network is the large number of topology changes that the network undergoes due to device movement. To access multimedia data mobile users like to use their own consumer electronic devices anywhere and at anytime. Communication in Manet functions properly only if the participating nodes cooperate in routing without any malicious intention. However, some of the nodes may be malicious in their behavior, by indulging in flooding attacks on their neighbors. Some others may act malicious by launching active security attacks like denial of service. The lack of any centralized infrastructure in mobile ad hoc networks (MANET) is one of the greatest security concerns in the deployment of wireless networks. Thus Consumer electronic devices generally operate on limited battery power means every wireless device may have little computing power. At some instant of time these mobile devices may not communicate with each other directly. Therefore are vulnerable to security threats like data flooding attacks. The existing schemes may not guarantee the Quality of Service (QoS) of burst traffic since multimedia data are usually burst. Therefore, we propose a novel defense mechanism against data flooding attacks with the aim of enhancing the throughput. The simulation results show that the proposed scheme enhances the throughput of burst.
2. INTRODUCTION
2.1 Objective
Ad Hoc Networks represent complex distributed systems that comprise wireless mobile nodes that can freely and dynamically self-organize into arbitrary and temporary, ad-hoc network topologies, allowing people and devices to seamlessly inter-network in areas with no pre-existing communication infrastructure, e.g., disaster recovery environments. Here a brief overview of what is Ad Hoc Networks and how they work is provided. Then a look at the advantages of Ad Hoc Networks and also the issues faced by Ad Hoc Networks is provided. The last part of this paper is dedicated to identifying the areas of improvement in the field of Ad Hoc Networks.
2.2 Overview
Ad Hoc Networks is defined as a collection of mobile hosts forming a temporary network without the aid of any centralized administration or standard support services. In Latin, ad hoc literally means "for this," further meaning "for this purpose only," and thus usually temporary. Ad hoc networks represent complex distributed systems that comprise wireless mobile nodes that can freely and dynamically self-organize into arbitrary and temporary, ad-hoc network topologies, allowing people and devices to seamlessly inter-network in areas with no pre-existing communication infrastructure. The concept of Ad Hoc Networking has been around for nearly 20 years but has received renewed interest in the last 18 to 24 months. In Ad Hoc Networks the individual mobile hosts (nodes) act at the same time as both the router and the host. An ad-hoc (or "spontaneous") network is a local area network or any other small network, especially one with wireless or temporary plug-in connections, in which some of the network devices are part of the network only for the duration of a communication session, whereas in the case of mobile or portable devices it is part of the network when in some close proximity to the rest of the network. In Latin, ad hoc literally means "for this," further meaning "for this purpose only," and thus usually temporary. Ad Hoc Networks are future alternative to the current trend of connections among wireless devices via fixed infrastructure-based service.
2.3 Problem statement:

In wireless ad hoc network all nodes follows mobility model behavior. Mobile nodes can wish to download or upload multimedia data anywhere and at any time using their mobile or electronic devices such as laptopsetc. when any malicious node try to intrude in the normal traffic flow intentionally by introducing more number of useless data packets then the flooding will be occurred which effects the normal traffic flow and also consumes more time for processing. Basically most of the consumer electronic devices are vulnerable limited battery power due to that sometimes may get out of from service completely (Denial of service). So Data Flooding Attack can become issue for those who like to download burst amount of data. Through put obviously decreases due to Flooding Attack. So by implementing periodic based Defense Mechanism user can observe enhanced a through put by which quality of service will be increased.
Existing system:
The flooding attack prevention (FAP) suggested a defense system against either RREQ or data flooding attacks. The path cut off mechanism is used as defense against data flooding attacks. However, FAP cannot distinguish burst traffic from Attack traffic since FAP distinguishes an attack by comparing the incoming packets with a threshold. Hence, the throughput of burst traffic may degrade if a simple threshold-based defense system in used in FAP
2.4 Limitations of Existing System:

Ranging and positioning techniques are highly vulnerable to attacks from dishonest nodes and external attackers; dishonest nodes can report false position and distance information in order to cheat on their locations; external attackers can spoof measured positions of honest nodes. An attacker can generally Influence all these measurements by jamming and delaying signals, and by modifying their signal strengths.
2.5 SOFTWARE HARDWARE REQUIREMENTS

HARDWARE REQUIREMENT
Processor type Clock speed Ram size Hard disk capacity Keyboard type
SOFTWARE REQUIREMENT
: : : : : : :
Intel Pentium 4 2.4GHz 128 MB 20 GB internet keyboard Windows Xp java : Eclipse, My Sql : JDK1.5
Operating System Programming package Tools SDK
3.1 Literature Survey

Ad Hoc Networks are useful in areas that have no fixed infrastructure and hence need alternative ways to deliver services. Ad Hoc Networks work by having mobile devices connect to each other in the transmission range through automatic configuration, i.e., setting up an ad hoc network that is very flexible. In other words there is no intervention of any controller that goes ahead and gathers data from all nodes and 2organizes it. All data gathering and cross-node data transfer is taken care of by the nodes themselves. Ad Hoc Networks are a major goal towards the evolution of 4G (Fourth generation) devices. In the nodes of the Ad Hoc Networks, computing power and network connectivity are embedded in virtually every device to bring computation to users, no matter where they are, or under what circumstances they work. These devices personalize themselves to find the information or software they need. The strife is to make use of all technologies available without making any major change to the users behavior. There is also work going on to make the seamless integration of various networks possible, i.e., integration of LAN, WAN, PAN and Ad Hoc Networks. But there is still a lot of work to be done to make this completely possible. Node mobility in an ad hoc network causes frequent changes of the network topology. Spread Spectrum Techniques are used in the implementation of Ad Hoc Networks because spread spectrum helps to reduce interference from other sources. Also it helps in bandwidth reuse. The boundaries of Ad Hoc Networks are not absolute and hence it is possible that when certain nodes stray into the area of influence of certain transmitters these may get affected by their signals. The use of Spread Spectrum (SS) makes sure that this does not happen as the spreading code and the de-spreading code should ideally be the same. This same technique provides the method for frequency reuse. Figure shows such an example: initially, nodes A and D have a direct link between them. When D moves out of As radio range, the link is broken. However, the network is still connected, because A can reach D through C, E, and F.
Fig 1: Topology change in Ad Hoc network
3.2 DIFFERENCES BETWEEN CELLULAR NETWORKS AND AD HOC NETWORKS
Cellular network Fixed, pre-located cell sites and base stations.
Ad Hoc Network No fixed base stations, very rapid deployment.
Static backbone network topology.
Highly dynamic network topologies with multihop.
Relatively benign environment and stable connectivity.
Hostile environment (losses, noise) and sporadic connectivity.
Detailed planning before base stations can be installed.
Ad hoc network automatically forms and adapts to changes.
Table 1: differentiating Ad hoc networks with respect to cellular network s.
3.3 PHYSICAL LAYER IN AD HOC NETWORKS

Data rates: 1 Mbps, 2 Mbps Transmission bands Transmission in license-fee 2.4 GHz band (in US, Europe 2.40002.4835 GHz) and in 5 GHz band Use of spread spectrum technique for 1 Mbps or 2 Mbps DSSS (direct sequence spread spectrum) FHSS (frequency hopping spread spectrum)
The major advantage of the Ad Hoc Networks is that it does not need any base station as is required in regular mobile networks. They can form a network in any place as required immediately which make them indispensable in battlefield and disaster relief situations. They are useful in areas that have no fixed network for internet coverage. Here they can be used to provide coverage. They can be used in areas where the available network has been destroyed. Security is a very major concern in the development of Ad Hoc Networks. The boundaries of the network are not well defined and hence it is possible for any node to go out of the network. It is also possible for an Ad Hoc Network having a large number of nodes to split into two networks. It is less reliable than wired media due to the inherent problem faced by any wireless network. Due to the formation of Ad Hoc Networks by various devices that need not be having the same capacity it is possible that each device may have different capacity, functionality and protocols. Hence it is necessary to find a solution where all there varied devices can operate together. They also have asymmetric propagation metrics. Capacity constraints faced by these networks in the form of transmission range, wireless bandwidth is another concern. This is taken care of to an extent by the use of Spread Spectrum techniques. Errors and breakdown could also happen in these networks and it is imperative to have a solution or a backup plan for these exigencies. Ad Hoc Networks also face a problem called the Hidden-terminal and exposed-terminal phenomena.
In Hidden terminal situation is when two devices A and C are outside the transmission range of each other and cannot detect each others transmissions, but B is in the transmission range of both. As shown below a collision may occur, for example, when the station A and station C start transmitting towards the same receiver, station B. This should be avoided. A transmission range covers B and C. Hence when A transmits to B, C thinks that it cannot transmit when actually it could transmit to D. This is a waste of resource which should also be avoided. Route changes will occur due to router mobility, i.e., as the node themselves act as routers and certain nodes can leave the network in between. Energy consumption and saving is a major area of interest. Advances in battery technology have not been at par with the development of Ad Hoc technology. Most existing solutions for saving energy in ad hoc networks revolve around the reduction of power used by the device. At the MAC level and above, this is often done by selectively sending the device into a sleep mode, or by using a transmitter with variable output power (and proportionate input power draw) and selecting routes that require many short hops, instead of a few longer hops. Beaconing is used by the nodes to let the other nodes know of its presence. The beaconing interval has to be short enough to let the other nodes know that the node is in the network yet long enough so as to save.
4. SECURITY ISSUES IN MANETS

Security is the major issue in wireless Ad Hoc Networks and actually ought to receive a complete analysis of it than being presented as a part of the study on Ad Hoc Networks. The use of wireless links renders an ad hoc network susceptible to link attacks ranging from denial of service, passive eavesdropping to active impersonation, message replay, and message distortion. Eavesdropping might give an adversary access to secret information, violating confidentiality. Active attacks might allow the adversary to delete messages, to inject erroneous messages, to modify messages, and to impersonate a node, thus violating availability, integrity, authentication, and non-repudiation. Nodes, roaming in a hostile environment (e.g., a battlefield) with relatively poor physical protection, have non-negligible probability of being compromised. Therefore, we should not only consider malicious attacks from outside a network, but also take into account the attacks launched from within the network by compromised nodes. Therefore, to achieve high survivability, ad hoc networks should have a distributed architecture with no central entities. Introducing any central entity into our security solution could lead to significant vulnerability; that is, if this centralized entity is compromised, then the entire network is subverted. Unlike other wireless mobile networks, such as mobile IP, nodes in an ad hoc network may dynamically become affiliated with administrative domains. Any security solution with a static configuration would not suffice. It is desirable for our security mechanisms to adapt on-the-fly to these changes. Finally, an ad hoc network may consist of hundreds or even thousands of nodes. Security mechanisms should be scalable to handle such a large network. The denial of a service can be caused by such legitimate ways as a radio jamming or battery exhaustion. An attacker can cause a radio jamming by jamming a wider frequency band and in that way using more power. The latter can be of real threat, because once a battery runs out the attacker can walk away and leave the victim disabled. This kind of technique is called the sleep deprivation torture attack. Symmetric key cryptography is used to provide authenticity and integrity. Integrity means that no node has been maliciously changed.
An Ad-hoc network is an infrastructure less network.
Unlike traditional
networks there is no pre-deployed infrastructure such as centrally administered routers or strict policy for supporting end-to-end routing. The nodes themselves are
responsible for routing packets. Each node relies on the other nodes to route packets for them. Mobile nodes in direct radio range of one another can communicate directly, but nodes that are too far apart to communicate directly must depend on the intermediate nodes to route messages for them.
Direct Radio Reach Thread
Fig 2: Routing in Ad-hoc networks
Fig 3: Routing in traditional networks
4.2 FREQUENT CHANGES IN NETWORK TOPOLOGY

Ad-hoc networks contain nodes that may frequently change their locations. Hence the topology in these networks is highly dynamic. This results in frequently changing neighbors on whom a node relies for routing. As a result traditional routing protocols can no longer be used in such an environment. This mandates new routing protocols that can handle the dynamic topology by facilitating fresh route discoveries. 4.3 PROBLEMS ASSOCIATED WITH WIRELESS COMMUNICATION As the communication is through wireless medium, it is possible for any intruder to tap the communication easily. Wireless channels offer poor protection and routing related control messages can be tampered. The wireless medium is susceptible to signal interference, jamming, eavesdropping and distortion. An intruder can easily eavesdrop to know sensitive routing information or jam the signals to prevent propagation of routing information or worse interrupt messages and distort them to manipulate routes. problems. Routing protocols should be well adopted to handle such
10
4. 4 PROBLEMS WITH EXISTING AD-HOC ROUTING PROTOCOLS Implicit Trust Relationship between Neighbors Current Ad-hoc routing protocols inherently trust all participants. Most Ad-hoc routing protocols are cooperative by nature and depend on neighboring nodes to route packets. This naive trust model allows malicious nodes to paralyze an Ad-hoc network by inserting erroneous routing updates, replaying old messages, changing routing updates or advertising incorrect routing information. While these attacks are possible in fixed network as well, the Ad-hoc environment magnifies this makes detection difficult.
Throughput
Ad-hoc networks maximize total network throughput by using all available nodes for routing and forwarding. However a node may misbehave by agreeing to forward packets and then failing to do so, because it is overloaded, selfish, malicious or broken. Misbehaving nodes can be a significant problem. Although the average loss in throughput due to misbehaving nodes is not too high, in the worst case it is very high.
Attacks Using Modification of Protocol Fields of Messages

Current routing protocols assume that nodes do not alter the protocol fields of messages passed among nodes. Routing protocol packets carry important control information that governs the behavior of data transmission in Ad-hoc networks. Since the level of trust in a traditional Ad-hoc network cannot be measured or enforced, enemy nodes or compromised nodes may participate directly in the route discovery and may intercept and filter routing protocol packets to disrupt communication. Malicious nodes can easily cause redirection of network traffic and DOS attacks by simply altering these fields. For example, in the network illustrated in Figure 4.3, a malicious node M could keep traffic from reaching X by consistently advertising to B a shorter route to X than the route to X, which C is advertising. The attacks can be classified as remote redirection attacks and denial of service attacks. Let us look at them now.
Remote Redirection with Modified Route Sequence Number (AODV)
11
Remote redirection attacks are also called black hole attacks. In the attacks, a malicious node uses routing protocol to advertise itself as the shortest path to nodes whose packets it wants to intercept. Protocols such as AODV instantiate and maintain routes by assigning monotonically increasing sequence numbers to routes towards a specific destination. In AODV, any node may divert traffic through itself by advertising a route to a node with a destination sequence number greater than the authentic value. Suppose a malicious node, M, receives the RREQ that originated from S for destination X after it is re-broadcast by B during route discovery. M redirects traffic towards itself by unicasting to B a RREP containing a significantly higher destination sequence num for X than the authentic value last advertised by X.
Redirection with modified hop count (AODV)

A redirection attack is also possible in certain protocols, such as AODV, by modification of the hop count field in route discovery messages. When routing decisions cannot be made by other metrics, AODV uses the hop count field to determine a shortest path. In AODV, malicious nodes can attract route towards themselves by resetting the hop count field of the RREP to zero. Similarly, by setting the hop count field of the RREP to infinity, routes will tend to be created that do not include the malicious node. Once the malicious node has been able to insert itself between two communicating nodes it is able to do anything with the packets passing between them. It can choose to drop packets to perform a denial of service attack, or alternatively use its place on the route as a first step in man-in-the-middle attack.
Denial of Service with Modified Source Routes

DSR is a routing protocol, which explicitly states routes in data packets. These routes lack any integrity checks and a simple denial-of-service attack can be launched in DSR by altering the source routes in packet headers. Modification to source routes in DSR may also include the introduction of loops in the specified path. Although DSR prevents looping during the route discovery process, there are insufficient safeguards to prevent the insertion of loops into a source route after a route has been salvaged.
Ad Hoc Network:
12
The need to exchange digital information outside the typical wired office environment is growing. For example, a class of students may need to interact during a lecture; business associates serendipitously meeting in an airport may wish to share files; or disaster recovery personnel may need to coordinate relief information after a hurricane or flood. Each of the devices used by these information producers and consumers can be considered a node in an ad hoc network. In a typical ad hoc network, mobile nodes come together for a period of time to exchange information. While exchanging information, the nodes may continue to move, and so the network must be prepared to adapt continually. In the applications we are interested in, networking infrastructure such as repeaters or base stations will frequently be either undesirable or not directly reachable, so the nodes must be prepared to organize themselves into a network and establish routes among themselves without any outside support. The idea of ad hoc networking is sometimes also called infrastructure less networking [4], since the mobile Nodes in the network dynamically establish routing among themselves to form their own network on the fly. A mobile ad hoc network (MANET) is a collection of mobile nodes that can instantly establish a network, whenever they coexist in the same neighborhood without the need of any fixed infrastructure or centralized administration. The role of routing protocols in an ad hoc network is to allow the source to find routes to destination with the cooperation of other nodes. Due to the arbitrary movement of the nodes, the network topology changes rapidly and randomly. Hence the routing protocol must also be able to react to these changes and must enable the nodes to identify new routes to maintain connectivity. A node is malicious if it is an attacker that cannot authenticate itself as a legitimate node due to the lack of valid cryptographic information. The attack on MANET can be classified as the active and passive attacks: A Mobile Ad hoc Network (MANET) [1] is a dynamic wireless network that is established by a group of mobile stations without necessarily using pre-existing infrastructure or centralized
administration. Such networks can be useful in disaster recovery where there is not enough time or resources to configure a wired network.
Denial of service attack:

As the name suggests, a Denial-of-Service (DoS) attack aims to prevent legitimate users from accessing a particular service. In general, there are two types of DoS attacks in the Internet: application-level attacks, and network-level attacks. An application-level DoS
13
attack aims to exhaust the resources at a particular service so that legitimate users cannot enjoy the service. For instance, a service may need to perform complicated and expensive database operations in order to answer a query from a user; let us suppose it can at most answer x user queries per second. Then in an application-level DoS attack against this service, attackers may submit 10x queries per second. If the service chooses to temporarily hold the unprocessed queries, it may eventually run out of memory and crash, preventing legitimate users from further accessing the service; or if the service discards queries it cannot process in time, the query drop rate for both attackers and legitimate users will be at least 90%, meaning the majority of the users still cannot enjoy the service.
Attacks on MANET
Passive attacks: A passive routing attack does not disrupt the operation of a routing protocol, but only attempts to discover valuable information by listening to the routing traffic. Hence such attacks are difficult to detect. Active attacks An active attack attempts to improperly modify data, gain authentication, or procure authorization by inserting false packets into the data steam or modifying packets transition through the network. Active attack is of two types: external and internal. An external attack is one caused by nodes that do not belong to the network. An internal attack is one from compromised or hijacked nodes that belong to the network. As malicious nodes already belong to the network as authorized parties, and hence are protected with network security mechanisms and services, therefore, internal attacks are more severe. Black hole: An attacker can project itself as having shortest route to a destination, whose data packets it wants to intercept, thereby causing the source to send data packets via this node. A malicious node receiving the RREQ may claim to have route to the desired destination by sending RREP back to the originator. If the source receives this RREP first then it sends all data packets via this malicious node and thereby leaving the fate of those data packets on the malicious node. The malicious node now discards or consumes all the data packets, leading to the complete loss of all data packets. Gray hole: An attacker forwards all RREQs and RREPs but forwards only a few data packets, dropping all other data packets. Clearly it points out a lapse in the routing protocol. This type of attack is known as gray hole problem. By nature, it belongs to the set of internal active attacks.
14
Wormhole: Wormhole is a collection of two or more malicious nodes belonging to the ad hoc network that are connected by a private network connection. Suppose two nodes A and B make a wormhole. Then a forwards all packets that it receives to B through the worm hole to be forwarded by B normally, similarly, B forwards all packets to A, that it receives, through the wormhole. It clearly disrupts routing by short circuiting the normal flow of routing packets. Denial of service (DoS): The attack results when the network bandwidth is hijacked by a malicious node. It can be done in several ways. One way is to flood any centralized resource so that the network crashes or no longer operates correctly. For example, a malicious node by generating frequent route requests can make the network resources unavailable to other nodes. The flooding attack prevention (FAP) suggested a defense system against either RREQ or data flooding attacks. The path cut off mechanism is used as defense against data flooding attacks. When the victim node realizes that it has been subjected to the data flooding attack, it may cut off the path. At the physical layer the capacity of ad hoc wireless networks is constrained by the mutual interference of concurrent transmissions between nodes. We study an ad hoc network model where n nodes communicate in random source {destination pairs. Gupta and Kumar showed that for static random ad hoc networks using a general routing algorithm the capacity available for each node decays as p1 n. Other works delve into the problem of optimizing various parameters of the transmission (e.g., power consumption or medium access control), and try to devise routing protocols that for particular user profiles or scenarios on the same network. Our present study focuses on the general properties of the per node throughput available for ad hoc wireless networks (capacity) using an ideal routing process. The nodes in our model do not move, which modes the customary definition of an ad hoc network to a backbone- less network of wireless nodes occupying a flat topology. Our network model includes ideal collision avoidance and transmission through shortest paths as explained in the following Section. We introduce an alternative description of network throughput approximation that varies the claims of [3] and extends the results by providing the relations of the various network parameters that can change with topology or trace generation algorithm. We have investigated the throughput of various non-planar network topologies, and the results generalize the p n dependence of the average call length parameter. We also check the validity of our model by
15
simulation. A novel framework for ns2 to facilitate the simulation and, in general, the design of beyond 3G networks. The set of libraries we wrote for this purpose is called Multi Interface Cross Layer Extension for ns2 (MIRACLE). They enhance the functionalities offered by the Network Simulator ns2 by providing an efficient and embedded engine for handling cross-layer messages and, at the same time, enabling the coexistence of multiple modules within each layer of the protocol stack. For instance, multiple network, link, MAC or physical layers can be specified and used within the same node. The implications of this are manifold. First of all, the framework facilitates the implementation and the simulation of modern communication systems in ns2. Secondly, due to its modularity, the code will be portable, re-usable and extensible. As an example of the advantages offered by our architecture, we show how the MIRACLE framework can be used to quickly set up protocol architectures for Ambient Networks [1] and evaluate their performance in wireless and multi-technology environments. However, the procedure of the path cut off mechanism is not explained in detail, and FAP cuts off the path when many data packets are transmitted to the victim node. Current users like to download or access multimedia data using the consumer Electronic devices so that the packets may be transferred as burst traffic. However, FAP cannot distinguish burst traffic from attack traffic since FAP distinguishes an attack by comparing the incoming packets with a threshold. Hence, the throughput of burst traffic may degrade if a simple threshold-based defense System is used in FAP. Therefore, this paper proposes a novel period-based defense mechanism (PDM) against data flooding attacks taking enhancing the throughput of burst traffic into account. The proposed PDM scheme is based on periods and uses a blacklist to efficiently prevent the data flooding attack. Wireless ad hoc networks can be victimized to various kinds of attacks. Among them, the ad hoc flooding attack can easily cause Denial-of-Service (DoS) attacks by flooding many Route Request (RREQ) or data packets .Since a mobile node has limited resource capacities such as memory space, computational ability, battery power, bandwidth capacity, and so on, it cannot provide services when it receives a lot of packets. Hence, the whole network as well as the victim node can get easily paralyzed. This project proposes a novel period-based defense mechanism (PDM) against data flooding attacks taking enhancing the throughput of burst traffic into account. The proposed PDM scheme is based on periods and uses a blacklist to efficiently prevent the data flooding attack.
16
The main objective of this is to develop a period based defense mechanism against data flooding attacks in wireless Ad Hoc networks. PDM scheme is based on periods and uses a blacklist to efficiently prevent the data flooding attack, as a Result of which many data packets are forwarded at a high rate for the whole duration.
APPLICATIONS OF AD HOC NETWORKS

Personal area networking Cell phone, laptop, ear phone, wrist watch Military environments Soldiers, tanks, planes Civilian environments Taxi cab network Meeting rooms Sports stadiums Boats, small aircraft Emergency operations Search and rescue Policing and fire fighting Collaborative computing Communications within buildings, organizations, ad hoc conferences Communications in battlefields and disaster recovery areas Sensor networks
17
AD-HOC ON-DEMAND VECTOR

AODV is a relative of the Bellman-Ford distant vector algorithm, but is adapted to work in a mobile environment. AODV determines a route to a destination only when a node wants to send a packet to that destination. Routes are maintained as long as they are needed by the source. Sequence numbers ensure the freshness of routes and guarantee the loop-free routing. Routing tables Each routing table entry contains the following information [2] as destination, next hop, and number of hops, destination sequence number, and active neighbors for this route and expiration time for this route table entry. Expiration time, also called lifetime, is reset each time the route has been used. The new expiration time is the sum of the current time and a parameter called active route timeout. This parameter, also called route caching timeout, is the time after which the route is considered as invalid, and so the nodes not lying on the route determined by RREPs delete their reverse entries. If active route timeout is big enough route repairs will maintain routes. RFC 3561 defines it to 3 seconds. Control messages Routing request When a route is not available for the destination, a route request packet (RREQ) is flooded throughout the network. The RREQ contains the following fields,
Source address
Request Id
Source Sequence number
Hop count
Destination address
Destination sequence number
Table 2: RREQ packet Format
The request ID is incremented each time the source node sends a new RREQ, so the pair (source address, request ID) identifies a RREQ uniquely. On receiving a RREQ message each node checks the source address and the request ID. If the node has already received a RREQ with the same pair of parameters the new RREQ packet will be discarded. Otherwise the RREQ will be either forwarded (broadcast) or replied (unicast) with a RREP message: if the node has no route entry for the destination, or it has one but this is no more an up-to-date route, the RREQ will be rebroadcasted with incremented hop count and if the node has a route with a sequence number greater than or equal to that of RREQ, a RREP message will be generated and sent back to the source. The number of RREQ messages that a node can send per second is limited.
18
There is an optimization of AODV using an expanding ring (ESR) technique when flooding RREQ messages [5, 6]. Every RREQ carries a time to live (TTL) value that specifies the number of times this message should be re-broadcasted. This value is set to a predefined value at the first transmission and increased at retransmissions. Retransmissions occur if no replies are received. Historically such flooding used a TTL large enough - larger than the diameter of the network - to reach all nodes in the network, and so to guarantee successful route discovery in only one round of flooding. However, this low delay time approach causes high overhead and unnecessary broadcast messages. Later, it was shown [7, 8] that the minimal cost flooding search problem can be solved via a sequence of flooding with an optimally chosen set of TTLs. Routing reply If a node is the destination, or has a valid route to the destination, it unicasts a route reply message (RREP) back to the source. This message has the following,
Source address
Destination address
Destination Sequence number
Hop count
Life time
Table 3: Message Format The reason one can uncast RREP back is that every node forwarding a RREQ message caches a route back to the source node. Route error All nodes monitor their own neighborhood. When a node in an active route gets lost, a route error message (RERR) is generated to notify the other nodes on both sides of the link of the loss of this link. HELLO messages Each node can get to know its neighborhood by using local broadcasts, so-called HELLO messages. Nodes neighbors are all the nodes that it can directly communicate with. Al-though AODV is a reactive protocol it uses these periodic HELLO messages to inform the neighbors that the link is still alive. The HELLO messages will never be forwarded because they are broadcasted with TTL = 1. When a node receives a HELLO message it refreshes the corresponding lifetime of the neighbor information in the routing table. This local connectivity management should be distinguished from general topology management to optimize response time to local changes in the network
19
PROPOSED SYSTEM
5.1 Proposed system:
We are proposing a new mechanism called periodic based defense mechanism which works against data flooding attacks in wireless mobile Ad Hoc networks to enhance the throughput of burst traffic
5.2 Advantages over the existing system:

1. Proposed system can distinguish normal traffic from attack traffic 2. It can enhance the quality of service 3. Proposed defense mechanism can enhance the throughput of the burst traffic
20
6. SRS DOCUMENT 6.1 Purpose:

The main purpose of this is to develop a period based defense mechanism against data flooding attacks in wireless Ad Hoc networks to increase throughput and Quality of service of Burst Traffic which is being transferred.
6.2 Definitions, Acronyms, keywords:

Mobile Ad Hoc network: A mobile Ad Hoc Network is a self Configuring infrastructure less network of mobile devices connected by wireless. Ad hoc is Latin and means "for this purpose".[1] Each device in a MANET is free to move independently in any direction. Ad Hoc network: A wireless ad hoc network is a decentralized type of wireless network. The network is ad hoc because it does not rely on a preexisting infrastructure, such as routers in wired networks or access points in managed (infrastructure) wireless networks. Abbreviations: HTML (Hyper Text Markup Language): It is used to create static web pages. Java: It is used to create dynamic web content. JDK (Java Development kit): It is a programming platform, belonging to the Java platform, which is used for developing and running distributed java applications. HTTP (Hyper Text Transfer Protocol): It is a transaction oriented client/ server protocol between a web browser and a web server.
Keywords:
Wireless ad hoc Networks, Denial of Service attack, Data Flooding Attack, through put.
6.3 Technologies to be used

Java: create dynamic web content pages to meet User and System Requirements
21
Tools To be used: ECLIPSE: eclipse also provides the runtime in which eclipse components are loaded, integrated, and executed. The primary purpose of the platform project is to enable other developers to easily build and deliver integrated tools and applications.
6.4 Study of the system

Overall description:
The next session, the Overall Description section, of this document gives an overview of the functionality of the product. It describes the informal requirements and is used to establish a context for the technical requirements specification in the next session Basic Aim of this project is to forestall the Flooding Attack from being by implementing periodic based Defense mechanism (PDM) to enhance the throughput of the burst traffic. The flooding attack prevention (FAP) suggested a defense system against either RREQ or data flooding attacks. The path cut off mechanism is used as defense against data flooding attacks. However, FAP cannot distinguish burst traffic from Attack traffic since FAP distinguishes an attack by comparing the incoming packets with a threshold. Hence, the throughput of burst traffic may degrade if a simple threshold-based defense system is used in FAP. FAP cannot distinguish burst traffic from attack traffic hence the throughput of burst traffic may degrade if a simple threshold-based defense system is used in FAP. We are proposing a new mechanism called periodic based defense mechanism which works against data flooding attacks in wireless mobile Ad Hoc networks to enhance the throughput of burst traffic
22
7.1 Data flow diagram

A DFD shows what kinds of data will be input to and output from the system, where the data will come from and go to, and where the data will be stored.
User
Adaptive text
Attack encountered
Communication
Transfer data Delivered path
Fig 2: Data Flow diagram level 0 7.2 Level 2 DFD
Fig 3: DFD Level1 Context analysis Diagram:

User Routing Security against flooding attacks in wireless ad hoc networks
Fig 4: Context analysis diagram
23
8.1 Product perspective:

Add node
Add name
PDM
PDM
PDM
Node A
Node B
Node C
Node d
Attack
Attack
Fig 5 : system architecture
We can implement PDM mechanism at each and every node in a communication path where attack may suppose to happen.
8.2 Specific Requirements:

Functional Requirements:
This section outlines the use case for each of the activity
separately. The User can have only one use case apiece
Use Case: Add Node
Add node
User Fig 6: Use case Add Node
24
Brief Description:
1. User
will prompt for the node
2. When Node found in a path it will add the node in that transmission range.
Use Case: Add Address
Add Address
User Fig 7: Use Case Add Address
Brief Description:
1. After getting the node in the range it will add address of that particular node in to an account
Use case: Add name
Add Name
User
Fig 8: Use Case Add Name
Description: System will add the Name when user prompts to add
Use case: Fill parameter
Fill parameter
User Fig 9: Use Case Fill Parameter
25
Brief Description: User will count the connection range parameters named (x,y) of transmission range as an arguments which works as a transmission range parameters for which data will be transmitted
Use case: send attacker
Send attacker
User Fig 10 Use case Send Attacker
Brief Description: System will generate an anonymous node as an attacker and release (send) in to the node transmission range
Use case: send data
Send data
User Fig 11: Send data
Brief Description: User enters the data for to communication to transmit with in communication range
26
8.3 UML DIAGRAMS

8.3.1 Use case diagram
Add Nodes
Add address
Add name
User
Fill parameters
Send Attacker
Send Data
Search Node
Fig 12: Use case Diagram
8.3.2 Sequence Diagram

user node name Fill parameter Attack Transfer data Search Status
Add
Enter name
Fill connection parameters
Process attack
data transfered
Sent Acknowledgement Search node
Recieve Acknowledge view status
Fig 13: sequence Diagram
27
8.3.3 Activity Diagram
Start State
Add Name
Send Data Find Attack
Attack Found Not Found
Delever data
Send Acknowledgement
Stop state
Fig: 14 Activity Diagram
28
8.3.4 Collaboration diagram
Node Name
Fill connection parameters 1: Add 2: Enter name 3: User Fill connection parameters 4: process attack 5: show the attack Attack
6: transfer data 7: recieve acknowledge Transfer data
9: view status
8: search node
View status
Search node
Fig 15: Collaboration Diagram
29
8.3.5 Class diagram
Fig 15: Class Diagram
30
9.1 MODULES
9.1.1 Throughput of Burst Traffic under Data Flooding Attacks. 9.1.2 Period Based Defense Mechanism against Data Flooding Attacks 9.1.3 Performance Evaluations
Module Description:
9.1.1 Throughput of burst Traffic under Data Flooding attacks In wireless ad hoc networks, handheld-based consumer electronic devices are used as mobile nodes. The data flooding attack sends many data packets in order to clog not only a victim node but also the entire network since all packets are transmitted via multiple hops. Hence, data flooding attacks are extremely hazardous to wireless ad hoc networks. To conduct the data flooding attack, an attacker first sets up a path to the victim node since the attack can be performed only after a path is constructed. Then, the attacker forwards tremendous useless data packets along the path to make sure that the victim node cannot process packets in a normal fashion. Finally, the resources of the victim node are exhausted, so the node may get isolated from the network. In order to measure the effect of the data flooding attack on data traffic including burst traffic in wireless ad hoc networks, we calculate the throughput. The throughput is defined as the ratio between the amount of data packets sent by the source node and the amount of data packets received by the destination node during a time span from ts to td [4] The amount of packets sent by the source node (tr) can be classified into control packets (C) such as RREQ, Route Reply (RREP), Route Error (RERR) packets and data packets including traffic for conducting data flooding attacks. On the other hand, the amount of data packets received by the destination node (rc) can be classified into normal traffic excluding the traffic meant for data flooding attacks Therefore, we can represent the throughput using the following equation: Through put = ( ) (1)
9.1.2 The procedure of the PDM scheme is following as: Step 1) at the end of the period packets with the variance limit Step 2-1) If D ( period . compares the variance of received data ( )).
is in the black list.it is not transmitted until the next
31
Step 2-2) Else priority is determined by the inversion of the number of received data packets and process the data packets according to priority. Step 3) updates the black list by the greatest number of received packets in the period. Step 4) checks the period is the last period, the procedure of the PDM scheme is stopped. Step 4-2) Else go to step 1 11.3 PERFORMANCE EVOLUATION The performance of the proposed PDM scheme is measured by the throughput as given in (1). The PDM scheme sets up w periods for the data session from ts to td defend the data flooding attack. The PDM scheme guarantees the QoS of non-burst traffic as well as burst traffic.
[ ] [ ]
By reducing the received traffic for conducting the data flooding attack at the victim node, the received normal traffic regardless of burst traffic are increased. Hence, the victim node receives much larger number of received non-burst traffic and burst traffic than the case when the PDM scheme is not conducted [5]. We use the AODV as the basis routing protocol and compare its performance with that of our PDM scheme attacker first sets up a path to the victim node since the attack can be performed only after a path is constructed. Then, the attacker forwards tremendous useless data packets along the path to make sure that the victim node cannot process packets in a normal fashion. Finally, the resources of the victim node are exhausted, so the node may get isolated from the network.
32
10. SIMULATION: NS2 is an open-source event-driven simulator designed specifically for research in communication networks. Since its inception in 1989, NS2 has continuously gained tremendous interest from industry, academia, and government. Having been under constant investigation and enhancement for years, NS2 now contains modules for numerous network components such as routing, transport layer protocol, application, etc. To investigate network performance, researchers can simply use an easy-to-use scripting language to configure a network, and observe results generated by NS2. Undoubtedly, NS2 has become the most widely used open source network simulator, and one of the most widely used network simulators. The network designed consists of basic network entities with the simulation parameters presented in table
10.2 PARAMETERS OF SIMULATION

Description Simulation time Simulation area Number of nodes Application traffic File size Data rate (bps) Mobility algorithm Routing protocol Performance parameter Value 300 s 1000*1000 m 50, 120 FTP server 5000000 bytes 11 mbps Random waypoint Aodv Throughput, delay, Drop
Table 3: simulation Parameters
33
11. SAMPLE CODING AND SAMPLE SCREEN SHOTS

MYFORM.JAVA
package UI; import UI.myobjects.NodeButton; import UI.myobjects.NodeButton1; import UI.myobjects.draganddrop.DropTargetImp; import UI.myobjects.GraphicalNode; import UI.myobjects.PowerShower; import UI.actions.*; import javax.swing.*; import java.awt.*; import java.awt.event.ActionEvent; import java.awt.event.ActionListener; import java.awt.event.MouseEvent; import java.awt.event.MouseListener; import java.awt.event.MouseMotionListener; import java.awt.image.ImageConsumer; import java.awt.image.ImageProducer; import java.util.ArrayList; import java.util.List; import java.util.Observer;
import simulator.Node; import logger.StatusManager; public class Myform extends JFrame implements ActionListener,MouseListener { public final NumberKeyListener nkl = new NumberKeyListener(); JPanel content; public MyMap myMap; public static MapForm mapForm; int P = 20, Q = 20,p=0,q=0, dp = 3, dq = 3; private Image cup; // private Panel keyPad; public int top = 10; public int left = 10; private Node_Properties nodePanel; public int xScale = 10; public int yScale = 10; public final int mapWidth = 550;
34
public final int mapHeight = 550; public NodeButton newNodeBtn = new NodeButton(new ImageIcon("images/SendingNode0.png")); // public NodeButton1 newNodeBttn = new NodeButton1(new ImageIcon("images/virus.gif")); private final List<GraphicalNode> graphicalNodes = new ArrayList<GraphicalNode>(); private final JTextField minNumber = new JTextField("3",3); private final JCheckBox doubleDirection = new JCheckBox("DoubleDirection",true); private final JTextField searchText = new JTextField(8); JButton generateBtn ; JButton delGnodeBtn = new JButton(new ImageIcon("images/delete.png")); PowerShower powerShower; JToolBar toolBar; public JButton start =new JButton("Attacker"); JButton stop =new JButton("Stop"); private GraphicalNode selectedGNode; // JButton atkBtn=new JButton("Gen. Attacker"); public List<GraphicalNode> getGraphicalNodes() { return graphicalNodes; } /** * returns the {@link GraphicalNode} that currently selecteed */ public GraphicalNode getSelectedGNode() { return selectedGNode; }
public MyMap getMyMap() { return myMap; } public void refreshPowerShower(){ this.powerShower.setVisible(false); this.powerShower.setXYrXrY(selectedGNode.getLocation().x,selectedGNode.getLocation().y,
selectedGNode.getNode().getPower()/this.xScale,selectedGNode.getNode().getPower()/this.yScal e); this.powerShower.setVisible(true); this.powerShower.invalidate(); } public void setSelectedGNode(GraphicalNode selectedGNode) { this.selectedGNode = selectedGNode; if (selectedGNode!=null){
35
this.getNodePanel().nameText.setEnabled(selectedGNode.getName().trim().length()==0); selectedGNode.fillNodePanel(); this.refreshPowerShower(); }else{ this.powerShower.setVisible(false); } } public Myform(String title) { super(title); content = new JPanel(new BorderLayout()); content.setOpaque(true); myMap = new MyMap(); myMap.setPreferredSize(new Dimension(this.mapWidth,this.mapHeight)); myMap.setBorder(BorderFactory.createEtchedBorder()); // newNodeBttn.setToolTipText("Attacker"); newNodeBtn.setToolTipText("Base Station"); cup = Toolkit.getDefaultToolkit().getImage("images/virus.gif"); this.getContentPane().add(content) toolBar = new JToolBar(); // toolBar.add(newNodeBttn); // toolBar.add(atkBtn); toolBar.add(newNodeBtn); toolBar.add(delGnodeBtn); start.setIcon(new ImageIcon("images/virus.gif")); toolBar.add(start); // toolBar.add(stop); toolBar.add(Box.createHorizontalStrut(5)); toolBar.add(new JSeparator(SwingConstants.VERTICAL)); toolBar.add(Box.createHorizontalStrut(5)); toolBar.add(new JLabel("Min Neighbor: ")); toolBar.add(minNumber); toolBar.add(doubleDirection); generateBtn = new JButton("Fill Parameter"); toolBar.add(generateBtn); minNumber.addKeyListener(new NumberKeyListener()); toolBar.add(Box.createHorizontalStrut(5)); toolBar.add(new JSeparator(SwingConstants.VERTICAL)); toolBar.add(Box.createHorizontalStrut(5)); toolBar.add(new JLabel("Search: ")); toolBar.add(searchText); content.add(toolBar,BorderLayout.PAGE_START);
36
/ atkBtn.addActionListener(this); start.addActionListener(this); // stop.addActionListener(this); // newNodeBttn.addMouseListener(this); myMap.setDropTarget(new DropTargetImp(myMap)); myMap.setLayout(null); } public boolean isDoubleDirection(){ return this.doubleDirection.isSelected(); } public int getMinNumberForFillParameter(){ if (this.minNumber.getText().trim().length()>0){ return Integer.parseInt(this.minNumber.getText()); }else{ return 0; } }
/** * finds GraphicalNode in graphicalNode list * @param name * @return null: if it didn't find the gnode with name<br/> * */ public GraphicalNode getGNode(String name){ for (GraphicalNode graphicalNode : graphicalNodes) { if (graphicalNode.getName().equals(name)){ return graphicalNode; } } return selectedGNode; } public void putGNode (GraphicalNode gNode){ graphicalNodes.add(gNode); } reference to that node if it found
public Node_Properties getNodePanel() { return nodePanel; }
public void setNodePanel(Node_Properties nodePanel) {
37
this.nodePanel = nodePanel; }
public GraphicalNode getGnodebyNode(Node node){ for (GraphicalNode graphicalNode : graphicalNodes) { if (graphicalNode.getNode().equals(node)){ return graphicalNode; } } return selectedGNode; }
public JTextField getSearchText() { return searchText; }
public static void main(String[] args) { Myform frame = new Myform("Novel defense mechanism against data flooding attacks in wireless ad hoc networks"); frame.newNodeBtn.myForm = frame; // frame.newNodeBttn.myForm = frame;
frame.setNodePanel(new Node_Properties(frame)); JSplitPane splitPane = new JSplitPane(JSplitPane.HORIZONTAL_SPLIT,frame.myMap,frame.getNodePanel()); splitPane.setOneTouchExpandable(true); splitPane.setDividerLocation(550); frame.content.add(splitPane,BorderLayout.CENTER); frame.myMap.addMouseListener(new PanelAction(frame)); //frame.atkBtn.addActionListener(this); frame.generateBtn.addActionListener(new InitParameters(frame)); frame.powerShower = new PowerShower(frame); frame.delGnodeBtn.addActionListener(new DeleteBtnAction(frame)); frame.searchText.addActionListener(new SearchGNodeAction(frame)); frame.setGlassPane(frame.powerShower); frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); frame.pack(); mapForm = new MapForm(frame,"Initializing Map",true,frame); mapForm.pack(); mapForm.setVisible(true);
38
StatusManager.init(frame); }
Graph.java : package graph; import java.awt.BasicStroke; import java.awt.Color; import java.awt.Polygon; import java.awt.Shape; import java.awt.geom.Rectangle2D; import java.sql.Connection; import java.sql.DriverManager; import java.sql.ResultSet; import java.sql.Statement; import java.util.StringTokenizer; import java.util.Vector; import org.jfree.chart.ChartFactory; import org.jfree.chart.ChartPanel; import org.jfree.chart.JFreeChart; import org.jfree.chart.axis.NumberAxis; import org.jfree.chart.plot.CategoryPlot; import org.jfree.chart.plot.DefaultDrawingSupplier; import org.jfree.chart.plot.DrawingSupplier; import org.jfree.chart.plot.PlotOrientation; import org.jfree.chart.renderer.category.LineAndShapeRenderer; import org.jfree.data.category.CategoryDataset; import org.jfree.data.category.DefaultCategoryDataset; import org.jfree.ui.ApplicationFrame; import org.jfree.ui.RefineryUtilities; public class graph extends ApplicationFrame { public graph(final String title) { super(title); final CategoryDataset dataset = createDataset(); final JFreeChart chart = createChart(dataset); final ChartPanel chartPanel = new ChartPanel(chart); chartPanel.setPreferredSize(new java.awt.Dimension(500, 270)); setContentPane(chartPanel);
} private CategoryDataset createDataset() { // row keys...
39
final String series1 = "Position"; final String series2 = "Distance"; //final String series3 = "Failure Recovery Time"; Vector vec1=new Vector(); Vector vec2=new Vector(); // Vector vec3=new Vector(); // create the dataset... final DefaultCategoryDataset dataset = new DefaultCategoryDataset() try { Class.forName("com.mysql.jdbc.Driver"); String url="jdbc:mysql://localhost:3306/secure"; Connection con=DriverManager.getConnection(url,"root","root"); Statement st=con.createStatement(); //DBConnection connection2=new DBConnection(); //Util util=new Util(); ResultSet rs=null; String sql=null; sql="SELECT * FROM local"; rs=st.executeQuery(sql); Vector v1=new Vector(); Vector v2=new Vector(); Vector v3=new Vector(); while(rs.next()) { v1.addElement(rs.getString(1)); v2.addElement(rs.getString(2)); v3.addElement(rs.getString(3)); } System.out.println("v1============"+v1); System.out.println("v2============"+v2); //System.out.println("v3============"+v3); for (int i = 0; i < v1.size(); i++) { StringTokenizer tokenizer=new StringTokenizer(v1.elementAt(i).toString(),"T[pos ] ="); vec1.addElement(tokenizer.nextToken()) } for (int i = 0; i < v2.size(); i++) { StringTokenizer tokenizer=new StringTokenizer(v2.elementAt(i).toString(),"T[ Td ] ="); vec2.addElement(tokenizer.nextToken()); }
40
/*for (int i = 0; i < v3.size(); i++) { StringTokenizer tokenizer=new StringTokenizer(v3.elementAt(i).toString(),"T[ r ] =");
vec3.addElement(tokenizer.nextToken()); }*/ System.out.println("vecc==="+vec1); System.out.println("vecc==="+vec2); //System.out.println("vecc==="+vec3); for (int i = 0; i < vec1.size(); i++) { dataset.addValue(Float.parseFloat(vec1.elementAt(i).toString()), series1, String.valueOf(i)); } for (int i = 0; i < vec2.size(); i++) { dataset.addValue(Float.parseFloat(vec2.elementAt(i).toString()), series2, String.valueOf(i) } /*for (int i = 0; i < vec3.size(); i++) { dataset.addValue(Float.parseFloat(vec3.elementAt(i).toString()), series3, String.valueOf(i)); } }catch(Exception e){e.printStackTrace();}
return dataset;
} private JFreeChart createChart(final CategoryDataset dataset) {
final JFreeChart chart = ChartFactory.createLineChart( "Novel defense mechanism against data flooding attacks in wireless ad hoc networks", // chart title "Distance", "Execution Time", dataset, // data // domain axis label // range axis label
PlotOrientation.VERTICAL, // orientation true, true, false ); // include legend // tooltips // urls
41
// //
final StandardLegend legend = (StandardLegend) chart.getLegend(); legend.setDisplaySeriesShapes(true);
final Shape[] shapes = new Shape[3]; int[] xpoints; int[] ypoints;
// right-pointing triangle xpoints = new int[] {-3, 3, -3}; ypoints = new int[] {-3, 0, 3}; shapes[0] = new Polygon(xpoints, ypoints, 3);
// vertical rectangle shapes[1] = new Rectangle2D.Double(-2, -3, 3, 6);
// left-pointing triangle xpoints = new int[] {-3, 3, 3}; ypoints = new int[] {0, -3, 3}; shapes[2] = new Polygon(xpoints, ypoints, 3);
final DrawingSupplier supplier = new DefaultDrawingSupplier( DefaultDrawingSupplier.DEFAULT_PAINT_SEQUENCE, DefaultDrawingSupplier.DEFAULT_OUTLINE_PAINT_SEQUENCE, DefaultDrawingSupplier.DEFAULT_STROKE_SEQUENCE, DefaultDrawingSupplier.DEFAULT_OUTLINE_STROKE_SEQUENCE, shapes ); final CategoryPlot plot = chart.getCategoryPlot(); plot.setDrawingSupplier(supplier);
chart.setBackgroundPaint(Color.CYAN);
// set the stroke for each series... plot.getRenderer().setSeriesStroke( 0, new BasicStroke( 2.0f, BasicStroke.CAP_ROUND, BasicStroke.JOIN_ROUND, 1.0f, new float[] {10.0f, 6.0f}, 0.0f ) ); plot.getRenderer().setSeriesStroke(
42
1, new BasicStroke( 2.0f, BasicStroke.CAP_ROUND, BasicStroke.JOIN_ROUND, 1.0f, new float[] {6.0f, 6.0f}, 0.0f ) ); plot.getRenderer().setSeriesStroke( 2, new BasicStroke( 2.0f, BasicStroke.CAP_ROUND, BasicStroke.JOIN_ROUND, 1.0f, new float[] {2.0f, 6.0f}, 0.0f ) );
// customise the renderer... final LineAndShapeRenderer renderer = (LineAndShapeRenderer) plot.getRenderer(); // renderer.setDrawShapes(true); renderer.setItemLabelsVisible(true);
// customise the range axis... final NumberAxis rangeAxis = (NumberAxis) plot.getRangeAxis(); rangeAxis.setStandardTickUnits(NumberAxis.createIntegerTickUnits()); rangeAxis.setAutoRangeIncludesZero(false); rangeAxis.setUpperMargin(0.12);
return chart; } public static void main(final String[] args) { final graph local = new graph("Novel defense mechanism against data flooding attacks in wireless ad hoc networks"); local.pack(); RefineryUtilities.centerFrameOnScreen(local); local.setVisible(true);
43
11. Effect of flooding attack

Initially it suggest to adjust the map settings values but defaultly it takes some parameter
Fig: 16: Nodes Are participating in Ad Hoc Network
In wireless ad hoc networks all nodes are participating in a communication network range when they need. Each and every mobile will have distinct parametric values and their power ranges. At a particular instant of time every node can act as base station along their network. Before establishing communication between an nodes their need to build a route between nodes. After establishing a route communication may be done.
Fig 17: Effect of the flooding attack in MANET
44
Simulation Results:
Fig 18: Simulation Environment of the PDM scheme in MANET
Fig: 19 Evaluation of Random way point Model
45
Fig: 20 values stored in data base
Fig : 21 graphical analysis of periodic based defense mechanism
46
12. SYSTEM TESTING The purpose of testing is to discover errors. Testing is the process of trying to discover every conceivable fault or weakness in a work product. It provides a way to check the functionality of components, sub assemblies, assemblies and/or a finished product It is the process of exercising software with the intent of ensuring that the Software system meets its requirements and user expectations and does not fail in an unacceptable manner. There are various types of test. Each test type addresses a specific testing requirement. 12.2 TYPES OF TESTS Unit testing Unit testing involves the design of test cases that validate that the internal program logic is functioning properly, and that program inputs produce valid outputs. All decision branches and internal code flow should be validated. It is the testing of individual software units of the application .it is done after the completion of an individual unit before integration. This is a structural testing, that relies on knowledge of its construction and is invasive. Unit tests perform basic tests at component level and test a specific business process, application, and/or system configuration. Unit tests ensure that each unique path of a business process performs accurately to the documented specifications and contains clearly defined inputs and expected results. Integration testing Integration tests are designed to test integrated software components to determine if they actually run as one program. Testing is event driven and is more concerned with the basic outcome of screens or fields. Integration tests demonstrate that although the components were individually satisfaction, as shown by successfully unit testing, the combination of components is correct and consistent. Integration testing is specifically aimed at components. Functional test Functional tests provide systematic demonstrations that functions tested are available as specified by the business and technical requirements, system documentation, and user manuals. Functional testing is centered on the following items: exposing the problems that arise from the combination of
47
Valid Input Invalid Input Functions Output
: identified classes of valid input must be accepted. : identified classes of invalid input must be rejected. : identified functions must be exercised. : identified classes of application outputs must be exercised.
Systems/Procedures: interfacing systems or procedures must be invoked. Organization and preparation of functional tests is focused on requirements, key functions, or special test cases. In addition, systematic coverage pertaining to identify Business process flows; data fields, predefined processes, and successive processes must be considered for testing. Before functional testing is complete, additional tests are identified and the effective value of current tests is determined. System Test System testing ensures that the entire integrated software system meets requirements. It tests a configuration to ensure known and predictable results. An example of system testing is the configuration oriented system integration test. System testing is based on process descriptions and flows, emphasizing pre-driven process links and integration points. White Box Testing White Box Testing is a testing in which in which the software tester has knowledge of the inner workings, structure and language of the software, or at least its purpose. It is purpose. It is used to test areas that cannot be reached from a black box level. Black Box Testing Black Box Testing is testing the software without any knowledge of the inner workings, structure or language of the module being tested. Black box tests, as most other kinds of tests, must be written from a definitive source document, such as specification or requirements document, such as specification or requirements document. It is a testing in which the software under test is treated, as a black box .you cannot see into it. The test provides inputs and responds to outputs without considering how the software works.
48
Unit Testing: Unit testing is usually conducted as part of a combined code and unit test phase of the software lifecycle, although it is not uncommon for coding and unit testing to be conducted as two distinct phases. Test strategy and approach Field testing will be performed manually and functional tests will be written in detail. Test objectives All field entries must work properly. Pages must be activated from the identified link. The entry screen, messages and responses must not be delayed.
Features to be tested Verify that the entries are of the correct format No duplicate entries should be allowed All links should take the user to the correct page.
Integration Testing Software integration testing is the incremental integration testing of two or more integrated software components on a single platform to produce failures caused by interface defects. The task of the integration test is to check that components or software applications, e.g. components in a software system or one step up software applications at the company level interact without error. Test Results: All the test cases mentioned above passed successfully. No defects encountered. Acceptance Testing User Acceptance Testing is a critical phase of any project and requires significant participation by the end user. It also ensures that the system meets the functional requirements. Test Results: All the test cases mentioned above passed successfully. No defects encountered.
49
13. CONCLUSION
The proposed the period-based defense mechanism against data flooding attack paralyzes a victim node by consuming its resources. Hence, the throughput of the victim node is significantly reduced. However, the current defense systems focus on RREQ flooding attacks rather than the data flooding attack. They easily reduce the throughput of burst traffic by comparing with the simple threshold. Hence, we aim to enhance the throughput of burst traffic under the data flooding attack. The proposed scheme uses a blacklist, considers the data type, and processes packets according to the priority so as to defend against data flooding attacks; since the attacker forwards many data packets at a high rate for the whole session. Recently, many users like to download and share multimedia data, so we expect that the proposed scheme is useful to networks where burst traffic are transferred.
50
REFERENCES
[1]
A. Jamal pour, "Self-organizing networks [message from the editor-inchief],"IEEE Wireless Communications, vol. 15, no. 6, pp.2-3, Dec. 2008.
[2]
S.-J. Lee and M. Gerla, "Split multipath routing with maximally disjoint paths in ad hoc networks," IEEE International Conference on Communications (ICC2001), vol. 10, pp. 3201-3205, Jun. 2001.
[3]
L. Xia and J. Slay, "Securing wireless ad hoc networks: towards a mobile agent security architecture," the 2nd Australian Information Security Management Conference 2004 (InfoSec 2004), Nov. 2004.
[4]
M. Al-Shurman, S.-M. Yoo, and S. Park, "Black hole attack in mobile ad hoc networks," the 42nd annual Southeast regional conference ACM Southeast Regional Conference (ACMSE 2004), pp. 96-97, Apr. 2004.
[5]
Y.-C. Hu, A. Perrig, D. B. Johnson, "Wormhole attacks in wireless networks," IEEE Journal on Selected Areas in Communications, vol. 24, no. 2, pp. 370- 380, Feb. 2006.
[6]
Y.-C. Hu, A. Perrig, and D. B. Johnson, "Rushing attacks and defense in Wireless ad hoc network routing protocols," the 2nd ACM Workshop on Wireless Security, pp. 30-40, Sept. 2003.
51

Routing security against flooding attacks

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Routing security against flooding attacks

Uploaded by

Copyright:

Available Formats

Routing security against data flooding attack in wireless mobile Ad Hoc networks

2.3 Problem statement:

2.4 Limitations of Existing System:

2.5 SOFTWARE HARDWARE REQUIREMENTS

Operating System Programming package Tools SDK

3.1 Literature Survey

Fig 1: Topology change in Ad Hoc network

3.2 DIFFERENCES BETWEEN CELLULAR NETWORKS AND AD HOC NETWORKS

Cellular network Fixed, pre-located cell sites and base stations.

Ad Hoc Network No fixed base stations, very rapid deployment.

Static backbone network topology.

Highly dynamic network topologies with multihop.

Relatively benign environment and stable connectivity.

Hostile environment (losses, noise) and sporadic connectivity.

Detailed planning before base stations can be installed.

Ad hoc network automatically forms and adapts to changes.

Table 1: differentiating Ad hoc networks with respect to cellular network s.

3.3 PHYSICAL LAYER IN AD HOC NETWORKS

4. SECURITY ISSUES IN MANETS

An Ad-hoc network is an infrastructure less network.

Direct Radio Reach Thread

Fig 2: Routing in Ad-hoc networks

Fig 3: Routing in traditional networks

4.2 FREQUENT CHANGES IN NETWORK TOPOLOGY

Attacks Using Modification of Protocol Fields of Messages

Remote Redirection with Modified Route Sequence Number (AODV)

Redirection with modified hop count (AODV)

Denial of Service with Modified Source Routes

Denial of service attack:

APPLICATIONS OF AD HOC NETWORKS

AD-HOC ON-DEMAND VECTOR

Source Sequence number

Destination sequence number

Table 2: RREQ packet Format

Destination Sequence number

5.2 Advantages over the existing system:

6. SRS DOCUMENT 6.1 Purpose:

6.2 Definitions, Acronyms, keywords:

6.3 Technologies to be used

6.4 Study of the system

7.1 Data flow diagram

Transfer data Delivered path

Fig 2: Data Flow diagram level 0 7.2 Level 2 DFD

Fig 3: DFD Level1 Context analysis Diagram:

Fig 4: Context analysis diagram

8.1 Product perspective:

8.2 Specific Requirements:

Use Case: Add Node

will prompt for the node

Use Case: Add Address

Use case: Add name

Fig 8: Use Case Add Name

Use case: Fill parameter

User Fig 9: Use Case Fill Parameter

Use case: send attacker

User Fig 10 Use case Send Attacker

Use case: send data

User Fig 11: Send data

8.3 UML DIAGRAMS

Fig 12: Use case Diagram

8.3.2 Sequence Diagram

Fill connection parameters