Professional Documents
Culture Documents
On
DEFENDING AGAINST COLLABORATIVE ATTACKS BY MALICIOUS NODES IN
MOBILE AD-HOC NETWORKS
Submitted for partial fulfillment for the award of the degree
BACHELOR OF TECHNOLOGY
in
ELECTRONICS AND COMMUNICATION ENGINEERING
by
VENKATESH PYDE
(1041110200)
(1041110215)
PAVAN NALLAGORLA
(1041110219)
Project guide
(Mr. S. Bashyam)
(Dr. S. Malarvizhi)
Date:
Submitted for University Examination held in April 2015 at SRM UNIVERSITY, S.R.M.
Nagar, Kattankulathur, Kancheepuram District -603 203.
Date:
Internal Examiner
External Examiner
ACKNOWLEDGEMENT
We express our sincere gratitude and thanks to our Management for giving us a wonderful
chance to show our attitude towards our career and gain knowledge.
We extend our humble and sincere thanks to our Head of the Department, Dr. S
Malarvizhi, Department of Electronics and communication for her moral support
encouragement throughout the development of our project work.
We express our heartful gratitude and thanks to our project coordinator, Mrs. R.
Bhakkiyalakshmi, Assistant professor (O.G), Electronics and Communication Department
for providing moral support and motivation.
We are indebted to our guide Mr. S. Bashyam, Assistant Professor (O.G), Department of
Electronics and Communication for his valuable guidance, encouragement and timely
help throughout our project work.
We extend our sincere thanks to all other faculty of our department for their kind cooperation and help in completing our project.
Finally we would like to thank our parents and our friends whose kind encouragement,
affection and moral support have helped us to complete the project successfully.
ABSTRACT
CHAPTER 1
INTRODUCTION
Due to the widespread availability of mobile devices, mobile ad-hoc networks have been
widely used for various operations such as military crisis operations and emergency
preparedness and response operations. This is primarily due to their infrastructureless
property. In a MANET, each node not only works as a host but can also act as a router. While
receiving data, nodes also need cooperation with each other to forward the data packets,
thereby forming a wireless local area network [3]. These great features also come with
serious drawbacks from a security point of view. Indeed, the aforementioned applications
impose some stringent constraints on the security of the network topology, routing, and data
traffic. For instance, the presence and collaboration of malicious nodes in the network may
disrupt the routing process, leading to a malfunctioning of the network operations.
Many research works have focused on the security of MANETs. Most of them deal with
prevention and detection approaches to combat individual misbehaving nodes. In this regard,
the effectiveness of these approaches becomes weak when multiple malicious nodes collude
together to initiate a collaborative attack, which may result to more devastating damages to
the network.
The lack of any infrastructure added with the dynamic topol-ogy feature of MANETs make
these networks highly vulnera-ble to routing attacks such as blackhole and grayhole (known
as variants of blackhole attacks). In blackhole attacks (see Fig. 1), a node transmits a
malicious broadcast informing that it has the shortest path to the destination, with the goal of
intercepting messages. In this case, a malicious node (so-called blackhole node) can attract all
packets by using forged Route Reply (RREP) packet to falsely claim that fake shortest
route to the destination and then discard these packets without forwarding them to the
destination. In grayhole attacks, the malicious node is not initially recognized as such since it
turns malicious only at a later time, preventing a trust-based security solution from detecting
its presence in the network. It then selectively discards/forwards the data packets when
packets go through it. In this paper, our focus is on detecting grayhole/collaborative blackhole
attacks using a dynamic source routing (DSR)-based routing technique.
DSR [4] involves two main processes: route discovery and route maintenance. To execute
the route discovery phase, the source node broadcasts a Route Request (RREQ) packet
through the network. If an intermediate node has routing in-formation to the destination in its
route cache, it will reply with a RREP to the source node. When the RREQ is forwarded to a
node, the node adds its address information into the route record in the RREQ packet. When
destination receives the RREQ, it can know each intermediary nodes address among the
route. The destination node relies on the collected routing information among the packets in
order to send a reply RREP message to the source node along with the whole routing
information of the established route. DSR does not have any detection mechanism, but the
source node can get all route information concerning the nodes on the route. In our approach,
we make use of this feature.
In this paper, a mechanism [so-called cooperative bait detec-tion scheme (CBDS)] is
presented that effectively detects the malicious nodes that attempt to launch
grayhole/collaborative blackhole attacks. In our scheme, the address of an adjacent node is
5
used as bait destination address to bait malicious nodes to send a reply RREP message, and
malicious nodes are detected using a reverse tracing technique. Any detected malicious node
is kept in a blackhole list so that all other nodes that participate to the routing of the message
are alerted to stop communicating with any node in that list. Unlike previous works, the merit
of CBDS lies in the fact that it integrates the proactive and reactive defense architectures to
achieve the aforementioned goal.
CHAPTER 2
SYSTEM DESIGN
Neighbor node
Detection
Network creation
Network Activity
Attack
detection
TDMA
Choose
another Route
Data
Transmission
success
Reduce delay
time
CBDS
Approach
Network
Misbehave
Identification
Reverse
Tracing
Technique
Attack Detection
7
Data Transfer
Message Security
Source
Intermediate Nodes
Neighbor Nodes
Level 1:
Source
Neighbor node
Level 2:
Source
Route
identification
Intermediates node
Receiver node
Level 3:
Source
Intermediate nodes
Normal Mode
9
ACK-Mode
Malicious Node
Detect malicious
node
Receiver
CBDS
Detect Exact
malicious node
UML DIAGRAMS
UML stands for Unified Modeling Language. UML is a standardized general-purpose
modeling language in the field of object-oriented software engineering. The standard is
managed, and was created by, the Object Management Group.
The goal is for UML to become a common language for creating models of object
oriented computer software. In its current form UML is comprised of two major components:
a Meta-model and a notation. In the future, some form of method or process may also be
10
11
CLASS DIAGRAM:
In software engineering, a class diagram in the Unified Modeling Language (UML) is a type
of static structure diagram that describes the structure of a system by showing the system's
classes, their attributes, operations (or methods), and the relationships among the classes. It
explains which class contains information.
12
SEQUENCE DIAGRAM:
A sequence diagram in Unified Modeling Language (UML) is a kind of interaction diagram
that shows how processes operate with one another and in what order. It is a construct of a
Message Sequence Chart. Sequence diagrams are sometimes called event diagrams, event
scenarios, and timing diagrams.
13
CHAPTER 3
SYSTEM SPECIFICATIONS
14
SYSTEM REQUIREMENTS:
HARDWARE REQUIREMENTS:
System
Hard Disk
40 GB.
Floppy Drive
1.44 Mb.
Monitor
15 VGA Colour.
Mouse
Logitech.
Ram
512 Mb.
SOFTWARE REQUIREMENTS:
Operating system
Windows XP/7/LINUX.
Implementation
NS2
NS2 Version
NS2.2.28
Front End
OTCL
(Object
Oriented
Tool
Language
Tool
15
Command
Chapter 4
SOFTWARE DESCRIPTION
THE NETWORK SIMULATOR 2.33 (NS2)
Network Simulator (NS2) is a discrete event driven simulator developed at UC
Berkeley. It is part of the VINT project. The goal of NS2 is to support networking research
and education. It is suitable for designing new protocols, comparing different protocols and
traffic evaluations. NS2 is developed as a collaborative environment. It is distributed freely
and open source. A large amount of institutes and people in development and research use,
maintain and develop NS2. This increases the confidence in it. Versions are available for
FreeBSD, Linux, Solaris, Windows and Mac OS X.
STRUCTURE OF NS2
NS2 is built using object oriented methods in C++ and OTcl (object oriented variant
of Tcl.
interpreter through an OTcl linkage (tclcl) which maps methods and member variables of the
C++ object to methods and variables of the linked OTcl object. The C++ objects are
controlled by OTcl objects. It is possible to add methods and member variables to a C++
linked OTcl object.
FUNCTIONALITIES OF NS2.33
Functionalities for wired, wireless networks, tracing, and visualization are available in
NS2.
Support for the wired world include
Routing DV, LS, and PIM-SM.
Transport protocols: TCP and UDP for unicast and SRM for multicast.
Traffic sources: web, ftp, telnet, cbr (constant bit rate), stochastic, real audio.
Different types of Queues: drop-tail, RED, FQ, SFQ, DRR.
Quality of Service: Integrated Services and Differentiated Services.
Emulation.
Support for the wireless world include
Ad hoc routing with different protocols, e.g. AODV, DSR, DSDV, TORA
Wired-cum-wireless networks
Mobile IP
Directed diffusion
Satellite
Senso-MAC
Multiple propagation models (Free space, two-ray ground, shadowing)
Energy models
Tracing
Visualization
Network Animator (NAM)
Trace Graph
17
transmit signals to and from a wireless channel etc. A major difference between them, though,
is that a MobileNode is not connected by means of Links to other nodes or mobilenodes. In
this section we shall describe the internals of MobileNode, its routing mechanisms, the
routing protocols dsdv, aodv, tora and dsr, creation of network stack allowing channel access
in MobileNode, brief description of each stack component, trace support and
movement/traffic scenario generation for wireless simulations.
MOBILE NODE: CREATING WIRELESS TOPOLOGY
MobileNode is the basic nsNode object with added functionalities like movement,
ability to transmit and receive on a channel that allows it to be used to create mobile, wireless
simulation environments. The class MobileNode is derived from the base class Node.
MobileNode is a split object. The mobility features including node movement, periodic
position updates, maintaining topology boundary etc are implemented in C++ while
plumbing of network components within MobileNode itself (like classifiers, dmux , LL, Mac,
Channel etc) have been implemented in Otcl.
Table 5.1: Available Options For Node Configuration
Option
Available Values
D
efault
General
Address type
Flat, Hierarchical
Fl
at
MPLS
ON,OFF
O
FF
O
FF
II Type
LL,LL/sat
O
FF
Mac Type
ifq Type
Mac/802_11,Mac/Csma/Ca,
Mac/Sat/Unslotted/Aloha,Mac/Tdma
Queue/DropTail,Queue/Droptail/PriQuee
O
FF
O
FF
Phy Type
Phy/wirelessPhy,Physat
O
FF
Option
Available Values
D
efault
Satellite Oriented
19
satNodeTy
Polar,Geo,Terminal,Geo-repeater
downlinkB
pe
O
FF
O
FF
Wireless Oriented
Adhoc
DIFFUSION/RATE,DIFFUSION/PROB,DSDV,
Routing
propType
FLOODING,OMNICAST,AODV,TORA
Propagation/2RayGround,Propagation Shadowing
O
FF
O
FF
propInstanc
Propagation/2RayGround,Propagation Shadowing
O
FF
antType
Antenna/Omni Antenna
O
FF
Channel
Channel/Wireless Channel,Channel/sat
topoInstanc
<toplogy file>
MobileIP
ON,OFF
O
FF
O
FF
O
FF
Energy
Energy model
model
FF
Initial
<value in joules>
Energy
O
FF
rxPower
<value in W>
O
FF
txPower
<value in W>
O
FF
Idle Power
<value in W>
O
FF
AgentTrace
ON,OFF
routerTrace
ON,OFF
macTrace
ON,OFF
O
FF
O
FF
O
FF
movement
ON,OFF
Trace
FF
Errproc
UniformErrorProc
O
FF
20
FECProc
toraDebug
?
ON,OFF
?
O
FF
CHAPTER 5
IMPLEMENTATION ENVIRONMENT
Network simulator 2 is used as the simulation tool in this project. NS was chosen as
the simulator partly because of the range of features it provides and partly because it has an
open source code that can be modified and extended.
NETWORK SIMULATOR (NS)
Network simulator (NS) is an objectoriented, discrete event simulator for networking
research. NS provides substantial support for simulation of TCP, routing and multicast
protocols over wired and wireless networks. The simulator is a result of an ongoing effort of
research and developed. Even though there is a considerable confidence in NS, it is not a
polished product yet and bugs are being discovered and corrected continuously.
21
OTcl Interpreter
Simulation Results
C++ Libraries
Figure 5.1 Block diagram of Architecture of NS-2
NETWORK COMPONENTS
This section talks about the NS components, mostly compound network components.
Figure 1.1 shows a partial OTcl class hierarchy of NS, which will help understanding the
22
CHAPTER 6
IMPLEMENTATION
MODULES:
CBDS
26
27
28
29
CHAPTER 7
CODING
# ======================================================================
# Define options
# ======================================================================
set val(chan) Channel/WirelessChannel ;# channel type
set val(prop) Propagation/TwoRayGround ;# radio-propagation model
set val(netif) Phy/WirelessPhy ;# network interface type
set val(mac) Mac/802_11 ;# MAC type
set val(ifq) Queue/DropTail/PriQueue ;# interface queue type
set val(ll) LL ;# link layer type
set val(ant) Antenna/OmniAntenna ;# antenna model
set val(ifqlen) 200 ;# max packet in ifq
set val(nn) 50 ;# number of mobilenodes
set val(rp) DSDV ;# routing protocol
set val(x) 5000;# X dimension of topography
set val(y) 5000 ;# Ydimension of topography
set val(stop) 130 ;# time of simulation end
set ns [new Simulator]
set tracefd [open changevoip.tr w]
set namtrace [open changevoip.nam w]
$ns trace-all $tracefd
$ns namtrace-all-wireless $namtrace $val(x) $val(y)
# set up topography object
set topo [new Topography]
$topo load_flatgrid $val(x) $val(y)
create-god $val(nn)
-routerTrace ON \
-macTrace OFF \
-movementTrace ON
for {set i 0} {$i < $val(nn) } { incr i } {
set n($i) [$ns node]
}
# Provide initial location of mobilenodes
$n(0) set X_ 587.0
$n(0) set Y_ 3.0
$n(0) set Z_ 0.0
$n(1) set X_ 445.0
$n(1) set Y_ 36.0 #36.0
$n(1) set Z_ 0.0
35
CHAPTER 8
SIMULATION SCREENSHOTS
36
37
OUTPUT GRAPH
40
CHAPTER 9
REALISTIC CONSTRAINTS AND STANDARDS
REALISTIC CONSTRAINTS:
1. The coding/programming that is written should be executed in NETWORK
SIMULATOR(NS2).
2. Reducing the end to end delay of data transmission than that of the existing routing
protocols.
3. The scheme should defend against Collaborative black hole attacks and Collaborative
Packet Drop attacks in mobile ad hoc networks without interrupting data transmission.
4. The scheme should work accurately even in case of mobile ad hoc networks having
5. large number of nodes.
STANDARDS REFERRED:
1. IEEE 802.11 MAC (Media Access Control)
2. RFC 2501(Routing Protocol Performance Issues and Evaluation Considerations)
3. REAct (resource-efcient accountability for node misbehavior in ad hoc networks
based on random audits)
CHAPTER 10
41
CONCLUSION
In this paper, we have proposed a new mechanism (improvement to the CBDS) for
detecting malicious nodes in MANETs under gray/collaborative blackhole attacks. Our
simulation results revealed that this method outperforms the DSR, 2ACK, and BFTR
schemes, chosen as benchmark schemes, in terms of routing overhead and packet delivery
ratio.
CHAPTER 11
42
REFERENCES
P.-C. Tsou, J.-M. Chang, H.-C. Chao, and J.-L. Chen, CBDS: A cooperative bait
detection scheme to prevent malicious node for MANET based on hybrid defense
architecture, in Proc. 2nd Intl. Conf. Wireless Commun., VITAE, Chenai, India, Feb.
28Mar., 03, 2011, pp. 15.
S. Corson and J. Macker, RFC 2501, Mobile Ad hoc Networking (MANET): Routing
Protocol Performance Issues and Evaluation Considerations, Jan. 1999. (Last
retrieved
March
18,
2013).
[Online].
Available:
http://www.elook.org/computing/rfc/rfc2501.html
C. Chang, Y.Wang, and H. Chao, An efficient Mesh-based core multicast routing
protocol on MANETs, J. Internet Technol., vol. 8, no. 2, pp. 229239, Apr. 2007.
D. Johnson and D. Maltz, Dynamic source routing in ad hoc wireless networks,
Mobile Comput., pp. 153181, 1996.
Rubin, A. Behzad, R. Zhang, H. Luo, and E. Caballero, TBONE: A mobile-backbone
protocol for ad hoc wireless networks, in Proc. IEEE Aerosp. Conf., 2002, vol. 6, pp.
27272740.
Baadache and A. Belmehdi, Avoiding blackhole and cooperative blackhole attacks in
wireless ad hoc networks, Intl. J. Comput. Sci. Inf. Security, vol. 7, no. 1, 2010.
S. Marti, T. J. Giuli, K. Lai, and M. Baker, Mitigating routing misbehavior in mobile
ad hoc networks, in Proc. 6th Annu. Intl. Conf. MobiCom, 2000, pp. 255265.
K. Vishnu and A. J Paul, Detection and removal of cooperative black/gray hole
attack in mobile ad hoc networks, Int. J. Comput. Appl., vol. 1, no. 22, pp. 2832,
2010.
43
44