Analysis of Secure Routing Scheme Against Vampire Attack for MANET by IJIRST

IJIRST –International Journal for Innovative Research in Science & Technology| Volume 3 | Issue 07 | December 2016 ISSN (online): 2349-6010

Analysis of Secure Routing Scheme against Vampire Attack for MANET Pratibha Rathore M. Tech. Student Department of Computer Engineering Vindhya Group of Technology and Science Khandwa Road, Indore, India

Ashish Tiwari Assistant Professor Department of Computer Engineering Vindhya Group of Technology and Science Khandwa Road, Indore, India

Himangni Rathore Employee Samarth Consultancy, Surat, India

Abstract Wireless networks are gaining popularity to its peak today, as the users want wireless connectivity irrespective of their geographic position. There is an increasing threat of attacks on the Mobile Ad-hoc Networks (MANET). Vampire attack is one of the security threat in which the traffic is redirected to such a node that actually does not exist in the network. It’s an analogy to the Vampire in the universe in which things disappear. The node presents itself in such a way to the node that it can attack other nodes and networks knowing that it has the shortest path. MANETs must have a secure way for transmission and communication which is quite challenging and vital issue. In order to provide secure communication and transmission, researcher worked specifically on the security issues in MANETs, and many secure routing protocols and security measures within the networks were proposed. Previously the works done on security issues in MANET were based on reactive routing protocol like dynamic source routing (DSR). Different kinds of attacks were studied, and their effects were elaborated by stating how these attacks disrupt the performance of MANET. The general purpose of this project is to study the effects of Vampire attack in MANET using Reactive routing protocol Ad-Hoc on Demand Distance Vector (AODV). Comparative analysis of Vampire attack for both protocols is taken into account. The impact of Vampire attack on the performance of MANET is evaluated finding out which protocol is more vulnerable to the attack and how much is the impact of the attack on both protocols. The measurements were taken in the light of throughput, end-to-end delay and network load. Simulation is done in Network Simulator. (NS-2). Keywords: AODV, MANET, Vampire, NS-2 _______________________________________________________________________________________________________ I.

INTRODUCTION

A malicious node in the network receiving an RREQ message replies to source nodes by sending a false RREP message that contains desirable parameters to be chosen for packet delivery to destination nodes. After promising (by sending a fake RREP to confirm it has a path to a destination node) to source nodes that has actual path to forward data, a malicious node starts to lose all the network traffic it receives from source nodes. Some active attacks that can be easily performed against MANETs are vampire attack [3]. We develop a methodology to identify vampire node. The technique works with slightly modified AODV protocol give the method of Preventing Vampire attack by using IDS algorithm. We propose a solution that is an enhancement of the basic AODV routing protocol, which will be capable to avoid vampire attack. To reduce the probability of vampire attack, it is proposed IDS based methodology for prevent Vampire and find safe route to reach the neighboring nodes. A wireless IDS monitor’s wireless network traffic and analyzes its wireless networking Protocol to identify suspicious activity. This work uses normal Secure-AODV in which a node receives the Route reply (RREP) packet which first checks the value of sequence number in its routing table. The RREP is accepted if its sequence is higher than that in the routing table. In this thesis algorithm also check whether the sequence number is higher than the threshold value, if it is higher than threshold value than it is considered as the malicious node. The value of the threshold value is not dynamically updated in the time interval and value of threshold is assumed and fix for entire mobile Ad-Hoc Network. The node that is detected as the anomaly is listed and ICMP packet is sent so that the RREP packet from that malicious node is discarded. The routing table for that node is not updated nor is the packet forwarded to others. The main advantage of this protocol is that the source node announces the vampire to its neighboring nodes in order to be ignored and eliminated. Their solution increases the Packet Delivery Ratio and throughput. II. OBJECTIVE The main aim of this research is to develop secure on-demand routing protocols for data transmission under Vampire attack in MANET. The proposed protocols must be efficient in terms of Packet Delivery Ratio, End-to-End Delay and Throughput. Based

113

Analysis of Secure Routing Scheme against Vampire Attack for MANET (IJIRST/ Volume 3 / Issue 07/ 019)

on the motivations to provide new security features to be incorporated in popular routing protocols AODV, the aim has been further segregated down into a number of objectives: 1) Implement secure on-demand routing (TAODV) protocols for data transmission in MANET. 2) Detect vampire node in MANET scenario using TAODV protocol. 3) Prevent the network from vampire attack and improve the packet delivery fraction, throughput and end-to-end delay, even with the presence of Vampire attacks. 4) The results of both AODV and TAODV compare to analyze which of these two types of protocols gives better performance. III. METHODOLOGY Mobile Ad-hoc Network consists of some nodes that are standing randomly in operational environment without any predefined infrastructure and mobility which are vulnerable for intrusion and attack. Security is an important field in this type of network. Use IDS (intrusion detection system) based approach to detect and prevent Vampire in MANET. IDS detect and report the malicious activity in ad hoc network. Intrusion detection systems (IDSs) do just that: monitor audit data, look for intrusions to the system, and initiate a proper response IV. FLOW CHART

Fig. 1: Flow chart of TAODV protocol

114

Analysis of Secure Routing Scheme against Vampire Attack for MANET (IJIRST/ Volume 3 / Issue 07/ 019)

This work proposes a solution based on trust detection to detect attacks on AODV. This approach specifies the correct AODV routing behavior and distributed in the network. Trust Mechanism monitors network for detecting run-time violation of the specifications. Aim of Trust Mechanism is to secure the AODV protocol. Dynamic topologies make it difficult to obtain a global view of the network. Traffic monitoring in wired networks is usually performed at switches, routers and gateways, but an Ad Hoc network does not have these types of network elements so here Trust Mechanism can collect audit data for the entire network. Trust Value is defined as a sequence of related actions performed by a malicious adversary that results in the compromise of a target network. The existence of a security policy that states which actions are considered malicious should be prevented is a key requisite for an intrusion detection system to work. Trust detection is the process of identifying and responding to malicious activities target at computing and network resources. Figure shows the Flow Chart of proposed algorithm. At the initial point assign a fix threshold value (assumed) to the Ad-hoc network and start Route discovery process by following STEP-I where source node wait for route reply. If Route is establish so then call Trust Detection step and check the Sequence number of Reply node, if sequence number lie within the threshold value, node is trustworthy and send data packet to the destination ELSE If sequence number is greater than assigned value, detect the Node as a malicious node and now call Trust Value for informing neighbours node about the malicious node. Source send ICMP packet along the route path for deleting malicious node entry from routing table and then again initialize route discovery process in the Network. Now going to the else part of step-I, If route reply is not come then call STEP-II LREPAIR (local repair). If route is repair with in time to leave period, Route is established and calls STEP-III Trust Detect otherwise node increment sequence number and again start Route discovery. To follow this algorithm TAODV protocol detect malicious node and prevent the network from vampire attack. V. ALGORITHM STUDY The proposed algorithm is based on the trust values of individual nodes. All the nodes of wireless ad-hoc network have a specific trust value. The algorithm encompasses the following steps: Initialization   

Trust values of all the participating nodes are set to be initialized by specific previously assigned trust value. Initialize the trust value of every node with 100. Assumption: 1 trust value = 10 packets dropped. Updating of trust values

If the packets are correctly transmitted from one node to another node If the correctly transmitted no of packets is between 1 and 10, then trust values of the respective nodes will be incremented by one time. Updated trust value = old trust value + 1;  If the correctly transmitted number of packets is greater than 10, then the updated trust value will be: Updated trust value = old trust value + (correctly transmitted packets / 10); If the packets are dropped/delayed  The number of dropped or delayed packets is between 1 and 10, and then trust value of that particular node is decremented by one. Updated trust value = old trust value – 1;  The numbers of dropped or delayed packets are greater than 10, then trust value of that particular node will be, Updated trust value = old trust value – (Packet dropped or delayed / 10); If the trust value of particular node is negative, then print “Invalid node”. 

Isolating the Packet drop node from the network If (Updated trust value < Threshold trust value) Then the particular node is treated as malicious node (vampire node) If (Updated trust value > Threshold trust value)  Then the particular node is treated as legitimate node.  Stop comparing the trust values of nodes with threshold 

VI. RESULTS Simulation Results for Packet Delivery Ratio This is the fraction of the data packets received by the destination to those sent by the source. This classifies the ability of the protocol to discover routes. Figure and table shows the Packet delivery ratio under Vampire attack detection and its prevention through Trust based mechanism i.e. Attack, Without and Prevention for the various node density.

115

Analysis of Secure Routing Scheme against Vampire Attack for MANET (IJIRST/ Volume 3 / Issue 07/ 019)

Table - 1 Packet Delivery Ratios comparisons No of Nodes Attack Without Pre 20 0.990 0 0.617 40 0.995 0 0.434 60 0.982 0 0.351

Fig. 2: Packet Delivery Ratios comparisons

Simulation Results for Throughput This is the fraction of the data packets received by the destination to those sent by the source. This classifies the ability of the protocol to discover routes. Figure and table shows the Throughput under Vampire attack detection and its prevention through Trust based mechanism i.e. Attack, Without and Prevention for the various node densities. Table - 2 Throughputs comparisons No. of Nodes Without Attack Pre 20 38.42 0 38.50 40 38.53 0 38.51 60 38.53 0 38.50

Fig. 3: Throughputs comparisons

Simulation Results for End To End Delay This is the average delay between the sending of the data packet by the source and its receipt at the corresponding receiver. This includes all the delays caused during route acquisition, buffering and processing at intermediate nodes. Figure and table shows the End to End Delay under Vampire attack detection and its prevention through Trust based mechanism i.e. Attack, Without and Prevention for the various node density.

116

Analysis of Secure Routing Scheme against Vampire Attack for MANET (IJIRST/ Volume 3 / Issue 07/ 019)

Table â&#x20AC;&#x201C; 3 End to End Delays comparisons No of Nodes Without Attack Pre 20 19.281 0.979 16.805 40 11.191 0.979 14.964 60 24.567 1.515 11.440

Fig. 4: End to End Delays comparisons

Simulation Results for Residual Energy It is the total amount of remaining energy by the nodes after the completion of Communication or simulation. If a node is having 100% energy initially and having 70% energy after the simulation than the energy consumption by that node is 30%.The unit of it will be in Joules. Figure and table shows the Residual Energy under Vampire attack detection and its prevention through Trust based mechanism i.e. Attack, Without and Prevention for the various node density. Table â&#x20AC;&#x201C; 4 Residual Energy comparisons No of Nodes Without Attack Pre 20 60.655 56.075 10.461 40 60.614 56.067 23.138 60 70.410 56.516 21.140

Fig. 5: Residual Energy comparisons VII. CONCLUSION In this work, we simulated AODV protocol with different density, where each one has 20 nodes, 40 nodes, 60 nodes and also simulated the same scenarios after introducing single vampire Node into the network. Moreover, we simulated Secure AODV as

117

Analysis of Secure Routing Scheme against Vampire Attack for MANET (IJIRST/ Volume 3 / Issue 07/ 019)

per algorithm for detection of vampire attack. Finally compare the results of solution with High without Attack under attack by varying different network parameters using same scenarios in NS-2.Our simulation results are analyzed below: Analyzing the results of PDR v/s Node Density shows the Packet Delivery Ratio of High Without Attack, Prevention are Moderate under vampire attack, poor Attack under vampire attack; we found that there is 60-65%increase in PDR for Secure AODV. This clearly shows that there is a significant benefit when the solution against vampire attacks is applied. Analyzing the results of Throughput v/s Node Density shows the Throughput of Normal AODV, AODV under vampire attack, TAODV under vampire attack, where vampire were fixed but number of nodes varied, there was significant rise of 60%-80% in Secure AODV against normal AODV under vampire Attack, which indicates solution work better even though number of nodes increases. Analyzing the results of End-to-End Delay v/s Node Density shows the End-to-End Delay of Normal AODV, AODV under vampire attack, TAODV under vampire attack; we found that there is a 2-5% decrease in End-to-End Delay for Secure AODV compared to normal AODV. From the above cases, we can conclude that Secure AODV give significant improvement in End-toEnd Delay compared to that of normal AODV during vampire attack. ACKNOWLEDGEMENT This research paper is made possible through the help and support from everyone, including: parents, teachers, family, friends, and in essence, all sentient beings. I would like to express my deep gratitude to Mr. Ashish Tiwari, my research supervisors, for their patient guidance, enthusiastic encourage-ment and useful critiques of this research work. Finally, I offer my deep gratitude to my parents who have appreciated, encouraged and assisted in our endeavour. REFERENCES [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18] [19] [20] [21]

S. jayashree, T.Mohanraj “vampire attack detection in wireless sensor networks”, international journal of innovative research in computer and communication engineering, February: 2015, ISSN no: 2320-9801, vol.3, issue 2, copyright to IJIRCCE. Eugene Y. Vasserman, Nicholas Hopper “vampire attacks: draining life from wireless ad-hoc sensor networks”, IEEE transactions on mobile computing, 2013, vol.12, No.2 C. E. Perkins and E. M. Royer, “Ad Hoc On-Demand Distance Vector Routing”, Proc. 2nd IEEE Wksp. Mobile comp. Sys. and Apps. Feb, 1999, pp. 90100 P.Ning, K. Sun, “How to misuse AODV: A Case Study of Insider Attacks Against Mobile Adhoc Routing Protocols”; Info Assurance Wksp, IEEE sys, Man and Cybernetics Soc, june 2003, pp. 60-67 Davide Cerri, Alessandro Ghioni, “Securing AODV: The A-SAODV Secure Routing Prototype”, IEEE Communication Magazine; Volume 46, Issue 2, February 2008 pp.120 - 125 Ms. Raisa l. Mulla, Prof. Rahul N. Patil, “Efficient prevention of Vampire attack in ad-hoc Wireless sensor network”, International journal of engineering research and general science; September-October, 2015 ; volume 3, issue 5, ISSN no: 2091-2730 Tawswwf ahmad naqishbandi , Imthyaz sheriff C, “ A resilient strategy against energy attacks in ad-hoc WSN and future IoT”, International journal of advanced research in computer science and software engineering; February 2014, volume 4, issue 2; ISSN no- 2277128X P. Papadimitratos, Z. Haas, “Secure Routing for Mobile Ad Hoc Network”, In Proceedings of the SCS Communication Networks and Distributed Systems Modeling and Simulation Conference (CNDS), 2002 pp. 1-13 Liu Jinghua, Geng Peng, Qiu Yingqiang, Feng Gui, “A Secure Routing Mechanism in AODV for Ad Hoc Networks”, Proceedings of International Symposium on Intelligent Signal Prcessing and Communiction System, 2007 pp. 435-438 Mohammad Ilyas, “The Hand Book of Ad Hoc Wireless Networks”, CRC Press Yuxia Lin, A. Hamed Mohsenian Rad, Vincent W.S. Wong, Joo-Han Song, “Experimental Comparisons between SAODV and AODV Routing Protocols”, Proceedings of the 1st ACM workshop on Wireless multimedia networking and performance modeling, 2005, pp. 113 – 122. Thomas H. Clausen and Philippe Jacquet, Optimized link state routing protocol (OLSR), 2003. Jing Deng, Richard Han, and Shivakant Mishra, Defending against path based DoS attacks in wireless sensor networks, ACM workshop on security of ad hoc and sensor networks, 2005. INSENS: Intrusion-tolerant routing for wireless sensor networks,Computer Communications 29 (2006), no. 2. Sheetalkumar Doshi, Shweta Bhandare, and Timothy X. Brown, An ondemand minimum energy routing protocol for a wireless ad hoc network, ACM SIGMOBILE Mobile Computing and Communications Review 6 (2002), no. 3. John R. Douceur, The Sybil attack, International workshop on peer-topeer systems, 2002. Hans Eberle, Arvinderpal Wander, Nils Gura, Sheueling Chang-Shantz, and Vipul Gupta, Architectural extensions for elliptic curve cryptography over GF(2m) on 8-bit microprocessors, ASAP, 2005. T. English, M. Keller, Ka Lok Man, E. Popovici, M. Schellekens, and W. Marnane, A low-power pairing-based cryptographic accelerator for embedded security applications, SOCC, 2009. Laura M. Feeney, An energy consumption model for performance analysis of routing protocols for mobile ad hoc networks, Mobile Networks and Applications 6 (2001), no. 3. Martin Feldhofer, Sandra Dominikus, and Johannes Wolkerstorfer, Strong authentication for RFID systems using the AES algorithm, CHES, 2004. Rodrigo Fonseca, Sylvia Ratnasamy, Jerry Zhao, Cheng T. Ee, David Culler, Scott Shenker, and Ion Stoica, Beacon vector routing: Scalable point-to-point routing in wireless sensornets, NSDI, 2005.

118