Packet Estimation with CBDS Approach to secure MANET

Transcription

1 Packet Estimation with CBDS Approach to secure MANET Mr. Virendra P. Patil 1 and Mr. Rajendra V. Patil 2 1 PG Student, SSVPS COE, Dhule, Maharashtra, India 2 Assistance Professor, SSVPS COE, Dhule, Maharashtra, India Abstract The proliferation of mobile technology, now a days the wireless communication is becoming more popular than ever before. Due to the mobility of nodes in a wireless network, Mobile Ad hoc Network (MANET) is widely used in various applications and in emergency operations. MANETs makes vulnerable to various security threats due to dynamic topology of the network and absence of central base station in which tampering the contents of the packets, dropping packets, impersonating another node etc. So, providing secure communication is one of the important aspects in MANETs. In this paper, we proposed a packet estimation technique to prevent and detect malicious node attack in MANETs using CBDS approach to make the system more secure against blackhole grayhole and replay attacks. Keywords Cooperative Bait Detection Scheme (CBDS), collaborative black hole, grey hole, replay attacks, Packet Estimation. I. INTRODUCTION MANET is a collection of independent mobile nodes that can communicate to each other via radio magnetic waves without any fixed infrastructures. In MANET, individual node not only acting as a host but can also works as a router and forwarding a packet from one node to another node. Nodes in a MANET is free to move independently in any direction, and therefore there will be a change in the links frequently. Nodes are free to join and left the network at any moment due to the infrastructure less nature of MANET. Coordination between every node become is important, if any of the node misbehave or do not coordinate, it can lead to destruct in MANET working. Communication take place between two nodes which are within in radio range. Source is always finding a path to destination node before the data transmission take place. Due to characteristics of MANET, network is much exposed to various threats. In MANET various attacks are exposed, held at different layers. So security and privacy becomes big concern for such networks. The attacks in MANET are mainly because of misbehaviour of the malicious nodes among the Network nodes and that disrupt the routing process. Many attacks are performed during routing like a malicious node can change various fields of route discovery packet which can result in a path formation in which malicious node fall, after that a malicious node can perform various attacks like black hole and gray hole attack which result in rapid degradation of network as malicious node starts dropping of data packet for all connection in black hole attack and for a particular connection in grayhole attack. a) Characteristics of MANET Dynamic Topology: In MANET the nodes are free to move with different speed, due to which the topology changes frequently. Security: MANET is an open network no authentication of nodes. So they are more prone to attacks like black hole, grayhole, replay and other attacks. Multi hop routing: When a node tries to send information to other nodes which is out of its scope, the packet forwarded via one or more intermediate nodes. Distributed operation: There is no central control or authority in MANET which controls the movement of nodes in MANET. The nodes collaborate and broadcast among All rights Reserved 257

2 b) Challenges in MANET and Security Limited bandwidth: The narrow radio band results in decreased data rates compared to the wireless networks. Hence minimum use of bandwidth is necessary by keeping low overhead as possible. Routing Overhead: In MANET, nodes often change their location within network, which leads to unnecessary routing overhead. Packet Loss: There is higher packet loss because of increased collisions by the presence of hidden terminals, presence of interference, unidirectional links, frequent path breaks due to mobility of nodes. Hidden terminal problem: The hidden terminal problem refers to the strike of packets at a accepting node due to the simultaneous transmission of those nodes that are not within the direct communication range of the sender, although are in the transmission range of the receiver. Security threats: As the MANET is liable to eavesdropping and wireless system functionality is established through node cooperation, mobile ad hoc networks are exposed to numerous security attack like blackhole, grayhole, Replay attacks etc. II. ROUTING PROTOCOLS Ad-Hoc network routing protocols are commonly divided into three main classes; Proactive, Reactive and Hybrid protocols as shown in figure. 1) Proactive Protocols: Proactive, or table-driven routing protocols. In proactive routing, each node has to maintain one or more tables to store routing information, and any changes in network topology need to be reflected by propagating updates throughout the network in order to maintain a consistent network view. Example of such schemes are the conventional routing schemes: Destination sequenced distance vector (DSDV). They attempt to maintain consistent, up-to-date routing information of the whole network. It minimizes the delay in communication and allow nodes to quickly determine which nodes are present or reachable in the network. 2) Reactive Protocols: Reactive routing is also known as on-demand routing protocol since they do not maintain routing information or routing activity at the network nodes if there is no communication. If a node wants to send a packet to another node then this protocol searches for the route in an on-demand manner and establishes the connection in order to transmit and receive the packet. The route discovery occurs by flooding the route request packets throughout the network. Examples of reactive routing protocols are the Ad-hoc On-demand Distance Vector routing (AODV) and Dynamic Source Routing (DSR). Figure 1 Routing Protocol in MANET. 3) Hybrid Protocols: They introduces a hybrid model that combines reactive and proactive routing protocols. The Zone Routing Protocol (ZRP) is a hybrid routing protocol that divides the All rights Reserved 258

3 into zones. ZRP provides a hierarchical architecture where each node has to maintain additional topological information requiring extra memory. III. RELATED WORK Liu et al. proposed a 2ACK scheme for the detection of routing misbehaviour in MANETs [2]. In this scheme, two-hop acknowledgement packets are sent in the opposite direction of the routing path to indicate that the data packets have been successfully received. Rack is used to control the ratio of the received data packets for which the acknowledgment is required. This scheme belongs to the class of proactive schemes and, hence, produces additional routing overhead regardless of the existence of malicious nodes. Xue and Nahrstedt proposed a prevention mechanism called best-effort fault-tolerant routing (BFTR) [3]. Their BFTR scheme uses end-to-end acknowledgements to monitor the quality of the routing path (measured in terms of packet delivery ratio and delay) to be chosen by the destination node. If the behavior of the path deviates from a predefined behavior set for determining good routes, the source node uses a new route. One of the drawbacks of BFTR is that malicious nodes may still exist in the new chosen route, and this scheme is prone to repeated route discovery processes, which may lead to significant routing overhead. William Kozma Jr. et al. propose a reactive misbehaviour detection scheme called REAct scheme [4]. When the performance is descended between source and destination node, the REAct is triggered automatically. REAct constitutes of three phases: (a) the audit phase, (b) the search phase and (c) the identification phase. To simply describe the REAct scheme, the target node sends a feedback to the sender when a biggish packet drop ratio is recognized. Then the source node chooses an audit node, and utilizes the bloom filter to produce a behavioural proof. Finally, the segment location of malicious node can be distinguished from comparing the source node s behavioural proof. In [1], Jian-Ming Chang et. al. proposed Cooperative Bait Detection Scheme (CBDS) which is able to detect and prevent malicious nodes launching cooperative black hole attacks. It integrates with the proactive and reactive defence architectures and the source node randomly cooperates with a stochastic adjacent node. When source node initializes Route Discovery, it sends out the bait RREQ and then source node receives RREP. If RREP is from not existed destination node or intermediate node then trace which node sends back the RREP according to RREP packet s Record address field. The location of black hole is recognized and detected by source node when receiving the fake RREP. Then the detected black hole node is listed in the black hole list and noticed all other nodes to revoke the certificates of black hole by propagating Alarm packets through the network. Ignore any responses from black hole are discarded. IV. PROPOSED APPROACH There are two approach for security in all network one is Preventive approach and Reactive approach. For the protecting the network Preventive approach in which different cryptography processes are used and intrusion detection systems is used in reactive approach to track attacks like replay, blackhole, grayhole, replay etc. In this paper we discuss a detection scheme called the CBDS with the Packet Estimation that are used so far for security with minimum overhead and maximum security. Which identified malicious nodes launching grayhole, blackhole along with replay attack in MANET. CBDS in which integrated the proactive as well as reactive defence architecture. In this scheme have tree steps: 1. Initial Bait. 2. Reverse Tracing 3. Packet Estimation (Reactive Defence Phase.) Initial Bait Step: In which the source node is stochastically selects adjacent neighbor node as a bait node (bait destination node) and broadcast BRREQ packet. Malicious node replay on that bait request packet with fake route information, that it has shorted path for destination. All rights Reserved 259

4 If n r intentionally gave no replay RREP, it would be directly listed on the blackhole list by the source node. If only the n r node had sent a replay RREP, it would mean that there was no other malicious node in the network, except the route that n r had provided; in this case, the route discovery phase will be started. The route that n r provides will not be listed in the choices provided to the route discovery phase. Reverse Tracing step: In this step detecting the behaviour of malicious node through route replay to the BRREQ message. Goal on this step to deduce the dubious path information and temporarily trusted zone in the route [1]. Malicious node replay RREP with address list Addr = {n 1, n 2, n k, n m, n r }. When first replay received from malicious node it will separate the Addr list by the destination address n1 of the RREP in the IP field and get the address list K k = {n 1,... n k },where K k represents the route information from source node n 1 to intermediate node whose received first RREP replay. Then it will also determine the difference between addr list and K k. Consequently, we get K k' = Addr K k = {n k+1, n m, n r } (1) Where K k' represents the route information to the destination node (recorded after node n k ). Check sender node of RREP replay is in K k' using hop count from source of RREP. If this is not same then path in which malicious node is present. Then send this info to the source node. Then source node will broadcast the malicious node info to other nodes. Packet Estimation: Packet estimation of this process finding the RREQ source can transfer from data to destination. In periodic interval rate, every hop count we can determine how much transmits or receives the data or information. We have to monitor the estimated value, if any node values below threshold value. The node will be noticed by malicious node. The malicious node details it will be updated to all other neighbour nodes. Once again we can generate another RREQ without the malicious node, we can transfer the information. Packet Estimation Algorithm: If packet is data type a. Data transfer to the shortest path b. Initialize Trust=1.000 for every nodes in a find path c. Check per every hop count (Trust=Rx/(Tx*100)) d. Calculated value update to Rtable ( Trust U Rtable) 1. If Trust<0.75 &&<0.25 Update node detail into malicious list Break link Generate RREQ to find new route without hacker Once again data transfer in another route 2. Else transfer regular data V. PERFORMANCE EVALUATION Packet Delivery Ratio: It is defined as the ratio of the number of the number of packets sent by the source to the packets received at the destination. A graph is All rights Reserved 260

5 Figure 2 Packet Delivery Ration. Average Delay: It is well-defined as the average time taken for a packet to be transmitted from the source to the destination. Figure 3 Dalay. Throughput: It is defined as the total amount of data, that the destination receives them from the source which is divided by the time it takes for the destination to get the final packet. Figure 4 All rights Reserved 261

6 VI. CONCLUSIONS This paper attempts to resolve the problem of presence of malicious node which leads to black hole/ gray hole and Replay attack in MANET which is referred to as the cooperative bait detection scheme (CBDS) with Packet Estimation. In this project, we have proposed a new mechanism for detecting malicious nodes in MANET s under replay/blackhole attacks. The Packet estimation scheme is used to detect the grayhole node present in the network. Our simulation results revealed that the CBDS with packet estimation scheme outperforms than the existing CBDS based Replay detection scheme in terms of routing overhead, delay and packet delivery ratio. REFERENCES [1] Po-Chun Tsou, Isaac Woungang, Han-Chieh Chao, and Chin-Feng Lai Jian-Ming Chang, "Defending against collaborative attacks by malicious nodes in MANETs: A Cooperative Bait Detection Approach," IEEE Systems Journal, vol. 9, pp , March [2] D. Pramod, K. Varshney, and K. Balakrishnan K. Liu, "An acknowledgement based approach for the detection of routing misbehavior in MANET's," IEEE Trans. Mobile Comput., vol. 6, pp , May [3] Y. Xue and K. Nahrstedt, "Providing fault-tolerant ad hoc routing service in adversarial environments," Wireless Pers.Commun., vol. 29, pp , [4] W. Kozma and L. Lazos, "REAct: Resource-efficient accountability for node misbehavior in ad hoc networks based on random audits," Proc. WiSec., pp , All rights Reserved 262