Prevention and Detection of Packet Dropping and Message Tampering Attack on MANET using EAMD

Transcription

1 Prevention and Detection of Packet Dropping and Message Tampering Attack on MANET using EAMD Miss. Priti G. Mesare PG. Student SGBAU, Amravati India Dr. S. S. Sherekar Assistant professor SGBAU, Amravati India Dr. V. M. Thakare HOD SGBAU, Amravati India ABSTRACT A packet dropping and message tampering attack contains data which routed between source and destination. Packet dropping attack happens accidently or deliberately on network or packet switching network. Message tampering attack causes measure problem in message transmission activity, due to unauthorized party tampered message and can change message contains so it hard to detect that tampered message or genuine message. In this paper prevention methods of packet dropping attack and message tampering attack are analysed and provides a unique and specific solution to prevent both attacks. By modifying AMD audit base misbehaving detection method as EAMD (Energy based audit misbehaving detection) adding the concept of energy based detection of nodes this help to detect low energy nodes then based on the reputation and energy score of the node malicious low energy node can remove from network. It helps to prevent and detect packet dropping attack, improve network performance and use multichannel communication protocol. Keywords Packet dropping; message tampering attack; attack prevention; AMD; misbehaviour detection; INTRODUCTION MANET is mobile ad hoc network in which one or more devices are connected to each other wirelessly. It is self configuring network contains path from source to destination and with the help of intermediate node packets are send from source to destination. This packet transmission activity cause packet dropping attack or message tampering attack to prevent this various techniques are used and discussed in this paper. The packet dropping attack occurs due to link error or malicious drop and in which packet may loss accidently or deliberately and in message tampering attack unauthorized third party can read or change data. To prevent this various methods are analyzed such as EHSAM and advanced EHSAM (Highly secured approach against attack on MANET). PACKET DROPPING ATTACK IN MOBILE AD HOC NETWORK Mobile ad hoc network is developed network applicable in enormous areas, each device in manet free to move independently and make connection or link with other devices in any direction frequently. Very basically Packet is composed of header and payload. Information in header is used by networking hardware to direct packets to its destination where the payload is extracted and used by application software. Packets are drop from network owing various reasons like network congestion, link congestion. To detect this side channel monitoring, audit based misbehaviour detection, truthful detection techniques are used, this paper analysed packet dropping attack prevention techniques such as EHSAM, ADEHSAM. In Message tampering attack alter the message or delivery of message intentionally. Adversary may alternatively copy messages and retransmit it as a reply attack. There are various packet dropping attack prevention and detection techniques to avoid packet loss problems. 35 Miss. Priti G. Mesare, Dr. S. S. Sherekar, Dr. V. M. Thakare

2 Few of this analysed in this paper that are as follow The idea of the HSAM protocol is to prevent the data packets to be altered as they traverse through an insecure MANET. The method includes using some counters to keep track of the number of packets transferred and the number of dropped packets. The ratio of these two counters is then used to determine whether nodes are misbehaving and therefore can be deleted from the routing table or added to a blacklist.advanced highly secured approach against attack on MANET, in this scheme each node maintains next hop node id and count value and source node or any intermediate node starts timer If overhearing message does not come within timer then increase the count while improving performance of ADEHSAM scheme.the E-STAR for establishing stable and reliable routes in heterogeneous multihop wireless networks. E-STAR combines payment and trust systems with a trust-based and energy-aware routing protocol. The payment system rewards the nodes that relay others packets and charges those that send packets. Link error and malicious packet dropping are two sources of packet losses in multi hop wireless ad hoc network. In this sequence of packet are losses to detect whether the packet losses due to link error or malicious drop truthful detection technique is used. Fig: Packet dropping system. Packet dropping attack is type of DOS attack, an attacker injects network traffic, which consumes bandwidth on the path to the base station and causes the DoS. BACKGROUND Mobile ad hoc network poses variety of problems related to security, an important is to make safe and secure source node. Highly secured approach against attack for preventing packets which travels through unsecured network. AODV based detection and prevention scheme against black hole attack in MANETs. In this approach alarm packet were used as mean for identifying the malicious nodes [1]. To prevent packet dropping and message tampering attacks in which EHSAM scheme to secure routes, where mock packets are send between sender and destination node lieu of actual data chunks, but not maintaining communication in intermediate nodes [2]. The payment scheme uses a communication protocol that can transfer message from the source node to the destination node with limited use of the public key cryptography is used for only on packet and the efficient hashing operation are used in next packets. Unlike ESIP that aims to transfer message efficiently, ESTAR aims to establish stable and reliable route [3]. In wireless ad hoc network, node cooperate in relaying or routing traffic An adversary may exploit this nature to launch attacks and the adversary starts dropping packets. In the most severe form, malicious nodes simply stop forwarding every packet, the various 36 Miss. Priti G. Mesare, Dr. S. S. Sherekar, Dr. V. M. Thakare

3 techniques are used to detect the behaviour of nodes, link error and malicious dropping are two sources of packet losses, in this to detect whether the losses caused by link error or malicious drop, homomorphic linear authenticator (HLA) based public auditing allows the detector to verify truthfulness of packet drop information [4]. The rest of this paper organized as follow: Introduction gives packet dropping attack and message tampering attack prevention in mobile ad hoc network wireless sensor network in Section I. Background gives a premise of the proposed research problem is pointed out, and then the proposed problem is formalized in detail in Section II. Previous Work done gives related work of the current approaches improving prevention methods of packet dropping and message tampering attack securing mobile ad hoc network will be introduced briefly in Section III. Section IV. Existing methodology discussed in Section V Analysis and Discussion discuss In Section VI, Proposed methodology givesthe design and implementation process of the proposed algorithm are introduced in detail and Possible Result in discussed. Finally, Conclusion of the paper discussed in Section VII. PREVIOUS WORK DONE M. S. Obaidat et al. (2012) [1], have proposed the EHASAM approach to secure the routes, where mock packets are sent between sender and destination nodes in lieu of actual data chunks. Li et al. (2011) [2], introduced a method that employed ALARM packets to detect the nodes in wireless ad hoc networks that maliciously drop the packets during the routing operation. A subset of neighbors of each node was selected as observer to monitor the node's message forwarding behaviour. M. Mahmoud et al. (2011) [3], the payment scheme uses a communication protocol that can transfer messages from the source node to the destination with limited use of the public key cryptography operations. Public key cryptography is used for only one packet and the efficient hashing operations are used in next packets. Unlike ESIP that aims to transfer messages efficiently, E-STAR aims to establish stable and reliable routes. S.Zong, et al. (2003) [4], In this case, the impact of link errors is ignored. Most related work falls into this category. Based on the methodology used to identify the attacking nodes, these works can be further classified into four subcategories. As a result, a maliciously node that continuous to drop packets will eventually deplete its credit, and will not be able to send its own traffic. EXISTING METHODOLOGY Packets dropping attack and packet securing, detecting and preventing techniques are highly secure approach against attack on MANET, Advance and enhance highly secure approach against attack on MANET, truthful detection of packet dropping attack. Advanced highly secured approach against attack on MANETs ( ADEHSAM): The proposed ESHAM protocol improper due to not maintaining track of intermediate node i.e. EHSAM evaluated experimentally using a network simulator showing considerable increase in end to end delays in less network density. A more efficient approach to secure the routes where mock packets are sent between sender and destination nodes in lieu of actual data chunks is used [1]. EHSAM: the proposed solution to this problem by proposing two enhancements those are. 1) Highly Secured Approach against Attacks on MANETs (HSAM )was only evaluated experimentally using a custom algorithm and few Wi-Fi-enabled laptops, thus leading to various limitations such as the unavailability to increase the node density. 2) we use a more efficient approach to secure the routes, where mock packets are sent between the sender and destination nodes in place of the actual data chunks, which themselves are made of a filler content that is not part of the original data packets. In doing so enhanced HSAM scheme (socalled E-HSAM) can enforce the data integrity check, E-HSAM scheme is to eliminate the chances of malicious nodes to compromise the original data packets [2]. 37 Miss. Priti G. Mesare, Dr. S. S. Sherekar, Dr. V. M. Thakare

4 Secure and reliable routing protocol: E-star for establishing stable and reliable routers in heterogeneous multihop wireless network. E-STAR combines payment and trust systems with a trust-based and energyaware routing protocol.in this two routing protocols are (secure and reliable)developed to direct traffic through those highly trusted node having sufficient energy to minimize the probability of breaking the route, by this way E-star can simulate node not only to relay packet but also maintain route stability and report correct battery energy capability[3]. Audit based misbehaviour detection: The system ADM identify and isolate the misbehaving nodes that refuse to forward the packets. AMD system integrates reputation management, trustworthy route discovery and can detect selective dropping attack even if end-to-end traffic is encrypted and can be applied to multichannel networks or networks consisting of nodes with directional antennas [4]. Audit based misbehaviour detection and monitoring: AMDMM provide the paths consist of highly reputed nodes, subject to a desired path. When paths contain misbehaving nodes, the proposed monitoring system effectively audits and enhances the nodes reputation for the proper communication. The identification strategy obtains through knowledge of nodes reputation. Also, this monitoring method performs the reputation using storage-efficient membership structures. It results The AMDMM recovers the network operation even if a large fraction of nodes misbehaving at a significantly lower communication cost [5]. ANALYSIS AND DISCUSSION The ESHAM protocol improper due to not maintaining track of intermediate node i.e. EHSAM evaluated experimentally using a network simulator showing considerable increase in end to end delays in less network density. A more efficient approach to secure the routes where mock packets are sent between sender and destination nodes in lieu of actual data chunks is used. In EHSAM the source node only sends RREQ packet and after receiving RREQ, it replies RREP and records sent and receive time but not maintaining each nodes next hop node id and count value. The enhanced ADEHSAM scheme each node maintains next hop node id and count value and source node or any intermediate node starts timer while forwarding the frame, Source node or any intermediate node overhears to next hop whether frame is forwarded or not. If overhearing message does not come within timer then increase the count while improving performance of ADEHSAM scheme [1]. The E-HSAM protocol follows the same steps as the HSAM protocol. Some major difference lies in the way that E-HSAM sends the packets from the source to destination nodes. In the HSAM algorithm, at the source node, the data packets are split into 48 byte chunks and sent to the destination node. In the routing process, data chunks may still contain, in part, sensitive and private information, which can be tampered by intermediate malicious nodes before the route is actually discarded. In an attempt to eliminate the possibility of unwanted data copy, we propose that mock packets be sent in lieu of the actual data chunks. The data chunks contain a filler content that is not part of the original data packet. Therefore, if an attack occurred, the actual data packet will not be compromised. In our simulation, the number of mock packets sent is obtained by dividing the payload size of the actual packet by 48. In order to obtain a reliable limit of tolerance, there needs to be sufficient number of cpktand cmiss. For smaller data packet sizes, the packet should be split accordingly in order to gather enough cpktand cmiss(rather than just a few cpktand cmiss) that would yield a more reliable ratio. Another difference between the HSAM and EHSAM schemes lies in the manner in which the routes that contain malicious nodes can avoided [2]. Truthful detection in which homomorphic linear authentication technique is used for detection of packet dropping attack is best suited for condition to verify the truthfulness of packet loss information reported by node due to which the detection accuracy increases. The high detection accuracy is achieved by exploiting the correlations between the positions of lost packets, as calculated from the auto-correlation function (ACF) of the packet-loss bitmap a bitmap describing the lost/received status of each packet in a sequence of consecutive packet transmissions [3]. Audit based misbehaviour detection system for detecting and isolating misbehaving nodes. AMD can operate in multi-channel networks and in networks with directional antennas. Current packet Overhearing techniques are only applicable when transmissions can be overhead by peers operating on the same frequency band. AMD detects selective dropping behaviours by allowing the source to 38 Miss. Priti G. Mesare, Dr. S. S. Sherekar, Dr. V. M. Thakare

5 perform matching against any desired selective dropping patterns. This is particularly important when end-toend traffic is encrypted. [4]. Advantage and disadvantages Method/ Algorithm Used Advantages Disadvantages Advanced highly secured approach against attack on manets ( ADEHSAM) 1. Significant improvement in throughput as compare to EHSAM.(average rate of successful message delivery increases ). 2. ADHSAM generates more received packet at destination than HSAM. 3. In ADHSAM normalized routing load (NRL) performance better than ESHAM. The mobility rate increases indicating higher chance of lost connection. Highly secured approach against attack 1. EHSAM performance better than HSAM in term of packet delivery ratio. 2. E-HSAM yields a greater number of broken links. 3. EHSAM generate more receive packets at destination than HSAM scheme does. Secure and Reliable Routing Protocols E-STAR Audit based misbehaviour detection 1. Reduce the probability of breaking the routes. 2. E-STAR integration can deliver messages through reliable routes and allow the source nodes to prescribe their required level at trust. 3. Data is fully secured and cannot be hack by hacker. 1. AMD successfully avoid misbehaving nodes, even when large portion of network refused to forward packet. 2. AMD can operate in multi-channel networks and in network with Directional antennas. Table 1. Advantages and disadvantage 1.Nodes do not have sufficient energy. 2.High energy cost.. Sometimes the large portion of network refuses to forward packet. Performance Attributes for packet dropping attack. Various performance attributes and proporties considered in existing packet dropping techniques in wireless ad hoc network are discussed below: Throughput: The throughput is the ratio of packet received to the packet sent at the given time interval. As defined in the usual way, the time average of the number of bits that can be transmitted by each node to its destination is called the per-node throughput. The sum of per-node throughput over all the nodes in a network is called the throughput of the network. For the packet dropping detection technique throughput decides detection accuracy so that it should be high. 39 Miss. Priti G. Mesare, Dr. S. S. Sherekar, Dr. V. M. Thakare

6 Acknowledgement: the node has actually forward the packet to next hope and the acknowledgement from hop shows successful packet transmission so that this parameter should be increased. Timeliness: Routing updates need to be delivered in a timely fashion. Update messages that arrive late may not reflect the true state of the links or routers on the network. They can cause incorrect forwarding or even propagate false information and weaken the credibility of the update information. If a node that relays information between two large connected components is advertised as "down" by malicious neighbors, large parts of the network become unreachable. Most ad hoc routing protocols have timestamps and timeout mechanisms to guarantee the freshness of the routes they provide. PROPOSED METHODOLOGY The AMD Audit base misbehaviour detection, it provides a comprehensive misbehaviour identification and node isolation system for eliminating misbehaviour from a given network. In the AMD method by adding concept of low energy node detection and checking nodes with low energy by giving score as per energy level such as the low energy nodes given low score and nodes with high energy given high scores. The reputation module manages reputation information based on recommendation of audit module. Based on reputation and the energy score of the node find out the node which might be dropping packets, and then remove them from system. The proposed system helps to improve performance of network with utilizing node with high energy and perform multichannel communication. Example: when packets are sending from source to destination through node. It contains time and energy here calculate packet delivery ratio PDA. packets Time Energy Sender sec 100mJ Receiver sec 90mJ Table 2: Energy after sending packets The energy remains after sending packets is 90J. The following diagram shows the EAMD method to detect low energy node. 1. S=0 (s is trust score of node) 2. If E > 20 Then (E, energy) 3. S = S S > Trusted node (Packet drop =0) 6. Else 7. non trusted node (Number of packets drops) Algo1: Trust based energy detection 40 Miss. Priti G. Mesare, Dr. S. S. Sherekar, Dr. V. M. Thakare

7 Fig 2: EAMD (checking nodes energy with AMD) POSSIBLE OUTCOME AND RESAULTS The goal of this research was to determine the detection and prevention of packet dropping attack in MANET.The existing method audit base misbehaving detection was detecting trust worthy path using route discovery module and find misbehaving nodes using AMD module. In proposed work by adding the concept of energy based detection of nodes, in which checking of low energy node and give them score as per low or high energy. This method helps to find node which might be dropping packets, and remove them from system. This method prevents packets from malicious node. And helps to check or detect energy and reputation of node. Due to this network traffic decrease, time delay decrease because nodes having high energy they might send packet rapidly. Extensive analysis, simulations, and implementation have been conducted and verified the effectiveness of the proposed scheme. Parameter: number of nodes in network 30, traffic type CBR, packet size 512byte, network traffic volume 60 packets/ sec. CONCLUSION In Mobile ad hoc network the proposed effective scheme to identify misbehaving forwarders that drop or modify packets and it contains AMD method with reputation and route discovery module and adding concept of energy based node checking effectively find node that drop packets. EAMD method effectively work for finding trustworthy route, manage reputation information, Audit base misbehaviour detection and checking nodes energy and finding nodes which drop packets. FUTURE SCOPE The proposed work contains EAMD method for detecting node having low energy, in future the EAMD can detect path energy for multichannel communication protocol. 41 Miss. Priti G. Mesare, Dr. S. S. Sherekar, Dr. V. M. Thakare

8 REFERENCES [1]Tao Shu and Marwan Krunz, Fellow,IEEE Privacy-Preserving and Truthful Detection of Packet Dropping Attacks in WirelessAd Hoc Networks,IEEE TRANSACTIONS ON MOBILE COMPUTING.VOL. 14, Issue NO. 4, pp APRIL [2] Xu Li, Rongxing Lu, Xiaohui Liang, and Xuemin (Sherman) Shen, Side Channel Monitoring: Packet Drop Attack Detection in Wireless Ad Hoc Networks,IEEE ICC international conference on communication,11year [3] Yu Zhang, LoukasLazos, Member, IEEE, and William Jr. Kozma. "AMD:Audit-Based Misbehavior Detection in Wireless Ad Hoc Networks", IEEE TRANSACTIONS ON MOBILE COMPUTING, VOL. 15, NO. 8, pp august [4] Vijayakumar.Aa*, Selvamani Kb*, Pradeep kumararyac, Reputed Packet Delivery using Efficient Audit Misbehaviour Detection and Monitoring Method in Mobile Ad Hoc Networks,. ELSEVIER procedia computer science. VOL. 48, pp [5] Mohammad TaqiSoleimani, MahboubehKahvand, Defending Packet Dropping Attacks Based on Dynamic Trust Model in Wireless Ad Hoc Networks,Mediterranean electrotechnical conference. Vol. 13, pp April [6] Yu Zhang, LoukasLazos, Member, IEEE, and William Jr. Kozma. "AMD:Audit-BasedMisbehaviour Detection in Wireless Ad Hoc Networks", IEEE TRANSACTIONS ON MOBILE COMPUTING, VOL. 15, NO. 8, pp august Miss. Priti G. Mesare, Dr. S. S. Sherekar, Dr. V. M. Thakare