Introduction and Statement of the Problem

Similar documents
Security in Mobile Ad-hoc Networks. Wormhole Attacks

Analysis of Black-Hole Attack in MANET using AODV Routing Protocol

Firewalls Network Security: Firewalls and Virtual Private Networks CS 239 Computer Software March 3, 2003

CND Exam Blueprint v2.0

Malicious Node Detection in MANET

Wireless Network Security Fundamentals and Technologies

Chapter 5 Ad Hoc Wireless Network. Jang Ping Sheu

Cross Layer Detection of Wormhole In MANET Using FIS

Firewalls, Tunnels, and Network Intrusion Detection

AN ANTENNA SELECTION FOR MANET NODES AND CLUSTER HEAD GATEWAY IN INTEGRATED MOBILE ADHOC NETWORK

DDoS PREVENTION TECHNIQUE

Effective Cluster Based Certificate Revocation with Vindication Capability in MANETS Project Report

IJRIM Volume 1, Issue 4 (August, 2011) (ISSN ) A SURVEY ON BEHAVIOUR OF BLACKHOLE IN MANETS ABSTRACT

Mobile ad hoc networks Various problems and some solutions

Potential Mitigation Strategies for the Common Vulnerabilities of Control Systems Identified by the NERC Control Systems Security Working Group

SUMMERY, CONCLUSIONS AND FUTURE WORK

A METHOD TO DETECT PACKET DROP ATTACK IN MANET

UNIT 1 Questions & Solutions

Detection and Removal of Black Hole Attack in Mobile Ad hoc Network

DETECTING, DETERMINING AND LOCALIZING MULTIPLE ATTACKS IN WIRELESS SENSOR NETWORK - MALICIOUS NODE DETECTION AND FAULT NODE RECOVERY SYSTEM

Subject: Adhoc Networks

Security Enhancements for Mobile Ad Hoc Networks with Trust Management Using Uncertain Reasoning

A Robust Trust Aware Secure Intrusion Detection for MANETs

Ad Hoc & Sensor Networks

ComparisonofPacketDeliveryforblackholeattackinadhocnetwork. Comparison of Packet Delivery for Black Hole Attack in ad hoc Network

A SURVEY OF VARIOUS ROUTING PROBLEMS TO VARIOUS ATTACKS IN MOBILE AD HOC NETWORKS IN THE TRANSACTIONS

Define information security Define security as process, not point product.

Simulation of Intrusion Prevention System

International Journal of Advance Engineering and Research Development

Special Action Plan on Countermeasures to Cyber-terrorism of Critical Infrastructure (Provisional Translation)

ISSN: [Preet* et al., 6(5): May, 2017] Impact Factor: 4.116

Eradication of Vulnerable host from N2N communication Networks using probabilistic models on historical data

International Journal of Advance Engineering and Research Development

Overview Intrusion Detection Systems and Practices

Network Defenses 21 JANUARY KAMI VANIEA 1

EXPERIMENTAL EVALUATION TO MITIGATE BYZANTINE ATTACK IN WIRELESS MESH NETWORKS

AN ANALYSIS FOR RECOGNITION AND CONFISCATION OF BLACK HOLE IN MANETS

On the State of the Inter-domain and Intra-domain Routing Security

Completing your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT

An Improvement to Mobile Network using Data Mining Approach

Detection of Attacks on Application and Routing Layer in Tactical MANETs

Security Issues & Challenging Attributes in Mobile Ad-Hoc Networks (MANET)

SYLLABUS. DIVISION: Business and Engineering Technology REVISED: FALL 2015 CREDIT HOURS: 4 HOURS/WK LEC: 4 HOURS/WK LAB: 0 LEC/LAB COMB: 4

IP Mobility vs. Session Mobility

An Efficient Scheme for Detecting Malicious Nodes in Mobile ad Hoc Networks

ECE 586 Advanced Topics: Wireless Networking

Clustering Based Certificate Revocation Scheme for Malicious Nodes in MANET

Sybil Attack Detection in Mobile Adhoc Network

Performance Analysis of Mobile Ad Hoc Network in the Presence of Wormhole Attack

n Learn about the Security+ exam n Learn basic terminology and the basic approaches n Implement security configuration parameters on network

BOR3307: Intro to Cybersecurity

Sleep/Wake Aware Local Monitoring (SLAM)

CIS 5373 Systems Security

firewalls perimeter firewall systems firewalls security gateways secure Internet gateways

Keys to a more secure data environment

Figure 1. Clustering in MANET.

Top considerations for implementing secure backup and recovery. A best practice whitepaper by Zmanda

Virtual Dispersive Networking Spread Spectrum IP

PROPOSAL THESIS RESEACH IP MULTIMEDIA PACKET DELAY AND TRAFFIC ANALYSIS

Multi-Layered Security Framework for Metro-Scale Wi-Fi Networks

Trust in Ad hoc Networks A Novel Approach based on Clustering

Mitigating Malicious Activities by Providing New Acknowledgment Approach

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Network Security: Firewall, VPN, IDS/IPS, SIEM

A Review on Black Hole Attack in MANET

RID IETF Draft Update

WHITE PAPER Cloud FastPath: A Highly Secure Data Transfer Solution

Quadratic Route Factor Estimation Technique for Routing Attack Detection in Wireless Adhoc Networks

SYN Flood Attack Protection Technology White Paper

Quadratic Route Factor Estimation Technique for Routing Attack Detection in Wireless Adhoc Networks

Network Security Terms. Based on slides from gursimrandhillon.files.wordpress.com

Blackhole Attack Detection in Wireless Sensor Networks Using Support Vector Machine

A Pigeon Agents based Analytical Model to Optimize Communication in Delay Tolerant Network

A Comparative study of On-Demand Data Delivery with Tables Driven and On-Demand Protocols for Mobile Ad-Hoc Network

Intrusion Detection System in Wireless Sensor Networks

Why Firewalls? Firewall Characteristics

Guide to Network Defense and Countermeasures Second Edition. Chapter 2 Security Policy Design: Risk Analysis

Analysis of TCP Segment Header Based Attack Using Proposed Model

International Journal of Scientific & Engineering Research, Volume 6, Issue 3, March ISSN

Security+ SY0-501 Study Guide Table of Contents

Characterizing the Impact of Black-Hole Attacks on Elastic and Inelastic applications in MANETs

Agent vs Agentless Log Collection

SECURED KEY MANAGEMENT ALGORITHM FOR DATA TRANSMISSION IN MOBILE ADHOC NETWORKS

Towards Securing MintRoute in Wireless Sensor Networks

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

E±cient Detection Of Compromised Nodes In A Wireless Sensor Network

TOWARD PRIVACY PRESERVING AND COLLUSION RESISTANCE IN A LOCATION PROOF UPDATING SYSTEM

Optimizing Performance of Routing against Black Hole Attack in MANET using AODV Protocol Prerana A. Chaudhari 1 Vanaraj B.

PrecisionAccess Trusted Access Control

Network Defenses KAMI VANIEA 1

Master of Science in Computer Science

Webpage: Volume 4, Issue VI, June 2016 ISSN

CSE 565 Computer Security Fall 2018

Denial of Service, Traceback and Anonymity

2. INTRUDER DETECTION SYSTEMS

CS 356 Operating System Security. Fall 2013

EFFICIENT CLUSTER HEAD ELECTION FOR DETECTION AND PREVENTION OF MISDIRECTION ATTACK IN WIRELESS SENSOR NETWORK

An Enhanced Algorithm to Find Dominating Set Nodes in Ad Hoc Wireless Networks

RID IETF Draft Update

Security improvement in IOT based on Software

Transcription:

Chapter 1 Introduction and Statement of the Problem 1.1 Introduction Unlike conventional cellular wireless mobile networks that rely on centralized infrastructure to support mobility. An Adhoc network is a collection of nodes that are capable of forming dynamically a temporary network without the support of any centralized fixed infrastructure. Two important properties of an Adhoc network are that it is self organized and adaptive. The absence of a fixed infrastructure requires mobile hosts in a mobile Adhoc network (MANET) to cooperate with each other for the message transmissions. To form such a cooperative self configurable environment, every mobile node is supposed to be a friendly node and is willing to relay messages for others to their ultimate destinations. Global trustworthiness in all network nodes is the main fundamental security assumption in MANETs. Mobile Adhoc network [1] is a future technology and various challenges are imposed by this technology. MANET is used where no infrastructure is available for communication; such like a disaster area, military tactical application, environmental monitoring, and application of sensor network. One primary application of MANET is in the military tactical operations. 1

Infrastructure based cellular and mobile networks are still limited by the need of infrastructure such like base station, allocation of frequencies to fulfill the demand of users various approaches have been introduced like frequency reuse concepts, clustering technique, sectoring technique, and assignment of conflict free channels. This infrastructure based communication fulfills the desire of users, but we still lag behind to use the full potential of wireless communication. Think about the area where the war is going on, a natural disaster area or a defense application, where there is no infrastructure available. To serve such kind of applications, mobile Adhoc network based communication is introduced. Adhoc networks are key to the evolution of wireless networks [2], [3]. The Adhoc wireless network inherited the traditional problem of wireless and mobile communication, such as bandwidth optimization, power control and transmission quality enhancement [4]. In addition the topology is highly dynamic, random and very hard to predict. Physical security is limited. Detecting malicious nodes in an Adhoc network in which no previous security association is present among the participating nodes. A number of challenges not faced by traditional wired and wireless networks are introduced in Adhoc network. The major issues irrespective of traditional wireless system, are given as : Highly Dynamic Topology Routing in Mobile Adhoc Network Security in Mobile Adhoc Network IP Configuration in Mobile Adhoc Network Battery Backup Problem The security of a network system can be provided with the help of intrusion prevention system and intrusion detection system. Both techniques need to be complement each other to guarantee a highly secure environment. They play different roles in different states of the network. Security mechanism (X.800) is provided by intrusion prevention system, and more useful in preventing outside attacks. When a node of a system is compromised, the attacker owns all its cryptographic information, so encryption and authentication cannot defend against a trusted but malicious user. Therefore, the role of intrusion detection is more important. Intrusion detection system is a security technology which attempts to identify individuals who are trying to break into and misuse a system without authorization and 2

those who have legitimate access to the system but are abusing their privileges [28]. A protected system is used to denote an information system being monitored by an intrusion detection system. It can be a host or network equipment, such as a server, a firewall, a router, or a corporate network, etc. [29]. An intrusion detection system (IDS) is a system that dynamically monitors the system and user actions in the network in order to detect intrusions. Because an information system can suffer from various kinds of security vulnerabilities, it is both technically difficult and economically costly to build and maintain a system which is not susceptible to attack. Experience has taught us to never rely on a single defensive line or technique. IDSs have been widely regarded as being a part of the solution to protect today s network systems. Research on IDSs began with a report by Anderson [30] followed by Denning s seminal paper [31], which lays the foundation for most of the current intrusion detection prototypes. Since then, many research efforts have been devoted to wired network IDSs. Numerous detection techniques and architecture for host machines and wired networks have been proposed. A good taxonomy of wired IDSs is presented in [29]. With the proliferation of wireless network and mobile computing applications, new vulnerabilities that do not exist in the wired network have appeared. Security poses a serious challenge in deploying wireless network in reality. However, the vast difference between wired and wireless network make traditional intrusion detection techniques inapplicable. Wireless IDSs, emerging as a new research topic, aim at developing new architecture and mechanisms to protect the wireless network. However, most of today s intrusion detection systems (IDSs) focus on the wired network. The dramatic differences between MANETs and wired network make it inapplicable to apply traditional wired IDS technologies directly to the mobile Adhoc network. Most of today s wired IDSs, which rely on real-time traffic parse, filter, format and analysis, usually monitor the traffic at switches, routers, and gateways. The lack of such traffic monitoring points make traditional wired IDSs inadequate for MANET platforms. There are also some characteristics in MANET such as highly dynamic topology, disconnected operations, which seldom exist in the wired network. What s more, each mobile node has limited resources (such as limited bandwidth, computation ability and energy supply, etc.). Which means MANET IDSs should have the property to be light 3

weighted, accurate and able to respond faster. Furthermore, in the mobile Adhoc environment, the rate of false alarm raised by the detection system is very high because it is very difficult for IDS to tell the validity of some operations. For example, the reason that one node sends out falsified routing information could be because this node is compromised, or the link is broken due to the physical movement of the node or due to the battery backup problem. All these suggest that an IDS of a different architecture needs to be developed to be applicable on Adhoc network platform. 1.2 Statement of the Problem It is very challenging to design an intrusion detection system for mobile Adhoc networks. The lack of fixed infrastructures and monitoring points make it difficult to collect audit data for the entire network. MANET s scared resources should be considered while designing the IDS framework. In MANET it is more difficult to differentiate between false alarms and true positives. The main objective of the research is to propose an efficient framework for intrusion detection system in the mobile Adhoc environment. This problem can be divided into following sub problems. To design light weighted intrusion detection framework for the mobile Adhoc environment. To construct the detection engines based on the statistical security features. To evaluate the performance of the MANET intrusion detection system and validate the work. 1.2 Organization of the Thesis It is very difficult to design a once for all intrusion detection system. Instead an incremental enhancement strategy may be more feasible. In addition, it should provide a scheme to add new security features in the future. The general methodology is to identify the possible attacks on Adhoc environment. Then develop a framework to facilitate the cooperation of IDS and design of detection engines using statistics collected for known attack types. The entire work has been organized as follows. 4

In Chapter II, the contribution made by previous researchers have been critically reviewed and research gaps are identified. On the basis of literature review rules of thumb are identified to design IDS for Adhoc network environment. In this thesis focus is given only on the detection part, although the intrusion response component is necessary in the system. Chapter III, proposes the prototype model which we will use for further investigation of intrusion detection system; In this prototype model is divided into two modules Local IDS and Global IDS, local ids will work on the data collected from the network and identify the friend list for the first phase, these friend lists are again tested in Global IDS module for rigorous checking, before declaring a node as a trusted or an intruder node. In Chapter IV, attacks applied to the network using TCP segment header based attack. Results are collected to design the detection engine for Transport layer. Training and testing data sets are used to design the detection engine and to check the accuracy of the detection system. However, attacks based on TCP segment header are not necessary in this thesis but it will provide the future directions in the field of security for mobile Adhoc networks. In Chapter V, Denial of Service attack applied to the network layer of MANET nodes in the Adhoc environment. Evidences are collected to design an intrusion detection engine specifically to defend against Denial of Service attacks. Feature extraction and induction of rule sets from the statistics collected, and rules are applied to design detection engine, support vector machine is used to check the accuracy of the detection engine. In Chapter VI, Blackhole and Wormhole attacks are applied to the Adhoc network. Evidences are collected, features are extracted and rules are inducted to design an intrusion detection engine specifically to defend against Blackhole and Wormhole attacks for MANET intrusion detection system (IDS). Support vector machine is used for training and testing the data set and checking the accuracy of the model file generated which will be used to deploy for detection engine. Chapter VII concluded this thesis and lists important future work. Because not many research efforts have been devoted to MANET IDSs. This work only provides the initial effort in constructing a viable and statistical based MANET IDS. Based on the work done in this thesis suggestions/scope for future work are also presented. 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback