A novel approach for mitigating gray hole attack in MANET

Mobile ad hoc network (MANET) is defined as the category of wireless network that is capable of operating without any fixed infrastructure. The main assumption considered in this network is that all nodes are trusted nodes but in real scenario, some nodes can be malicious node and therefore can perform selective dropping of data packets instead of forwarding the data packets to the destination node. These malicious nodes behave normally during route discovery phase and afterwards drop fractions of the data packets routed through them. Such type of attack is known as smart gray hole attack which is variation of sequence number based gray hole attack. In this paper, we have launched smart gray hole attack and proposed a new mechanism for mitigating the impact of smart gray hole attack. Mitigating Gray hole Attack Mechanism (MGAM) uses several special nodes called as G-IDS (gray hole-intrusion detection system) nodes which are deployed in MANETs for detecting and preventing smart gray hole attack. G-IDS nodes overhear the transmission of its neighbouring nodes and when it detects that the node is dropping the data packets which are greater than threshold value then it broadcast the ALERT message in the network notifying about the identity of malicious node. The identified malicious is then blocked from further its participation by dropping the request and reply packet. In order to validate the effectiveness of our proposed mechanism, NS-2.35 simulator is used. The simulation results show that the proposed mechanism performs slightly well as compared with the existing scheme under smart gray hole attack.     

A dynamic threshold based approach for mitigating black-hole attack in MANET

Mobile ad-hoc network is an infrastructure less type of network which does not require any kind of fixed infrastructure. It provides multi-hop communication between the source and destination nodes which are not within the direct range of each other through the intermediate nodes. These intermediate nodes cooperate with other nodes in finding an optimum and shortest route toward the destination. However, in holistic environments, some nodes do not cooperate with other nodes in finding the optimal route towards the destination and intentionally give the false route information of having the shortest path toward the destination with a high destination sequence number in order to attract the traffic toward itself and start dropping of the data packets instead of forwarding it. This type of routing misbehaviour is generally called as black hole attack or full packet dropping attack which is one of the most severe destructive attacks that lead to the network degradation. In this paper, we have proposed a protocol called as Mitigating Black Hole effects through Detection and Prevention (MBDP-AODV) based on a dynamic threshold value of the destination sequence number. In order to validate the efficiency of proposed protocol, the NS-2.35 simulator is used. The simulation results show that proposed protocol performs better as compared with existing one under black hole attack.     

一种面向移动Ad Hoc网络DSR协议的改进泛洪算法

在移动自组织网络中,基于移动节点地理位置辅助信息,提出了一种新的泛洪算法——位置辅助泛洪改进算法（ILFA）,ILFA通过节点位置信息重传广播分组并有效控制网络流量。此外,将ILFA应用于经典MANET源路由（dynamic source routing,DSR）协议中,通过限定请求区域和期望区域等限制路由发现的有效范围,进而通过设置提名广播重传邻居列表限定路由请求分组重传范围,有效减小DSR路由寻路分组的传播次数。仿真结果证明,和传统泛洪方案相比,ILFA能够有效减小DSR路由协议的路由开销并提升MANET吞吐量。     

PANDA: A novel mechanism for flooding based route discovery in ad hoc networks

Flooding technique is often used for route discovery in on-demand routing protocols in mobile ad hoc networks (MANETs) such as Dynamic Source Routing (DSR) and Ad hoc On-demand Distance Vector (AODV) routing. In this paper we present a Positional Attribute based Next-hop Determination Approach (PANDA) to improve the performance of flooding-based route discovery in MANETs using positional attributes of the nodes. These attributes may be geographical, power-aware, or based on any other quality of service (QoS) measure. We identify the “next-hop racing” phenomena due to the random rebroadcast delay (RRD) approach during the route discovery process in DSR and AODV, and show how the PANDA approach can resolve this problem. We assume that each node knows its positional attributes, and an intermediate node can learn the positional attributes of its previous-hop node via the received route-request message. Based on the attributes such as the relative distance, estimated link lifetime, transmission power consumption, residual battery capacity, an intermediate node will identify itself as good or bad candidate for the next-hop node and use different rebroadcast delay accordingly. By allowing good candidates to always go first, our approach will lead to the discovery of better end-to-end routes in terms of the desired quality of service metrics. Through simulations we evaluate the performance of PANDA using path optimality, end-to-end delay, delivery ratio, transmission power consumption, and network lifetime. Simulation results show that PANDA can: (a) improve path optimality, and end-to-end delay, (b) help find data paths with only 15%–40% energy consumption compared to the RRD approach at a moderate cost of increased routing messages, (c) balance individual node’s battery power utilization and hence prolong the entire network’s lifetime. Jian Li is a Ph.D. candidate in the Department of Computer Science at the University of California, Davis. His research interests include wireless networking and mobile computing. Li received an MS in computer science from UC Davis in 2002, an M.Eng. in intelligent system and a B.Eng. in automatic control, both from Tsinghua University, Beijing,China, in 2000 and 1997, respectively. Dr. Prasant Mohapatra is currently a Professor in the Department of Computer Science at the University of California, Davis. He has also held various positions at Iowa State University, Michigan State University, Intel Corporation, Panasonic Technologies, Institute of Infocomm Research, Singapore, and the National ICT, Australia. Dr. Mohapatra received his Ph.D. in Computer Engineering from the Pennsylvania State University in 1993. He was/is on the editorial boards of the IEEE Transactions on Computers, ACM/Springer WINET, and Ad hoc Networks Journal. He has served on numerous technical program committees for international conferences, and served on several panels. He was the Program Vice-Chair of INFOCOM 2004, and the Program Co-Chair of the First IEEE International Conference on Sensor and Ad Hoc Communications and Networks (SECON-2004). Dr. Mohapatra’s research interests are in the areas of wireless networks, sensor networks, Internet protocols and QoS.     

A novel and efficient address configuration for MANET

At present, one technical challenge of MANET is the address configuration, and another technical challenge is to deal with the network merging in order to ensure the address uniqueness in the merging network. This paper proposes a scheme to address these two issues. In the scheme, the MANET architecture is presented, and based on the architecture the address configuration algorithm is proposed. This algorithm employs an allocation variable to achieve the address configuration, and a node can ensure the address uniqueness without any interactions with other nodes. In order to effectively detect the network merging, this scheme proposes the generation algorithm of the MANET ID which uniquely identifies MANET. Based on this generation algorithm, the network merging algorithm is proposed. In this algorithm, only the nodes with the duplicate address perform the address reconfiguration, so the network merging cost and delay are reduced. This scheme is evaluated, and the results show that this scheme effectively improves the address configuration performance and the network merging performance.     

A novel weight based clustering algorithm for routing in MANET

Cluster based routing in Mobile AdHoc Networks are considered one of the convenient method of routing. Existence of Cluster Head (CH) in a group of nodes for data forwarding improves the performance of routing in terms of routing overhead and power consumption. However, due to the movement of CH and frequent change in cluster members, cluster reformation is required and increases cluster formation overhead. The stability of the cluster highly dependent of stability of the CH and hence during CH selection special care should be taken so that the cluster head survives for longer time. In this paper a method of cluster formation is proposed which will take into account two most vital factor node degree and bandwidth requirement for construction of the cluster and selection of the cluster head. Further, when two clusters come closer to each other they merge and form a single cluster. In such case out of two CHs one has to withdraw the role and other will take over. A new mechanism of merging two clusters is also proposed in the paper. We call this method as an Improved Cluster Maintenance Scheme and primarily focused on minimizing CH changing process in order to enhance the performance. The stated method makes cluster more stable, and minimizes packet loss. The proposed algorithm is simulated in ns-2 and compared with Least Cluster head Change (LCC) and CBRP. Our algorithm shows better behavior in terms of number of clusterhead changes or number of cluster member changes.     

面向MANET报文丢弃攻击的模糊入侵检测系统

为了检测MANET报文丢弃攻击行为,提出一种异常模糊入侵检测系统（FIADS）。FIADS基于Sugeno型模糊推理,通过分布式方式检测每个节点可能遭受的攻击行为,并通过移除所有可能实施攻击的恶意节点提高MANET频谱资源。最后,构建模糊规则库仿真分析了FIADS,并和传统IDES进行了性能比较。仿真结果证明,相比IDES,FIADS能够有效检测报文丢弃攻击,具有更高的识别效率。     

Biologically inspired artificial intrusion detection system for detecting wormhole attack in MANET

A mobile ad hoc network (MANET) does not have traffic concentration points such as gateway or access points which perform behaviour monitoring of individual nodes. Therefore, maintaining the network function for the normal nodes when other nodes do not forward and route properly is a big challenge. One of the significant attacks in ad hoc network is wormhole attack. In this wormhole attack, the adversary disrupts ad hoc routing protocols using higher bandwidth and lower-latency links. Wormhole attack is more hidden in character and tougher to detect. So, it is necessary to use mechanisms to avoid attacking nodes which can disclose communication among unauthorized nodes in ad hoc networks. Mechanisms to detect and punish such attacking nodes are the only solution to solve this problem. Those mechanisms are known as intrusion detection systems (IDS). In this paper, the suggested biological based artificial intrusion detection system (BAIDS) include hybrid negative selection algorithm (HNSA) detectors in the local and broad detection subsection to detect anomalies in ad hoc network. In addition to that, response will be issued to take action over the misbehaving nodes. These detectors employed in BAIDS are capable of discriminating well behaving nodes from attacking nodes with a good level of accuracy in a MANET environment. The performance of BAIDS in detecting wormhole attacks in the background of DSR, AODV and DSDV routing protocols is also evaluated using Qualnet v 5.2 network simulator. Detection rate, false alarm rate, packet delivery ratio, routing overhead are used as metrics to compare the performance of HNSA and the BAIDS technique.     

A dynamic threshold based algorithm for improving security and performance of AODV under black-hole attack in MANET

Wireless Networks - Mobile Ad hoc network (MANET) is a wireless network which is characterized by dynamic network topology, open medium, multi-hop communication etc. in which each device not only...     

基于距离预测的移动自组网路由发现算法

提出了一种基于距离预测的扩展环路由发现方法,该方法通过提取历史记录中的长程信息和瞬时信息,通过加权修正之后,预测到目标节点的距离跳数,在此基础上,计算扩展环搜索的3个参数:起始TTL值、广播阈值和扩展步长,减少了路由发现的盲目性.仿真结果表明,与洪泛和传统扩展环搜索相比,该方法节省了路由开销,降低了分组的端到端时延,提高了网络性能.     

Performance analysis of black-hole attack mitigation protocols under gray-hole attacks in MANET

Wireless Networks - The recent development in wireless communication technology and portable devices has led to the development of Mobile Ad-Hoc Network which has unique features such as dynamic...     

Energy efficient reputation mechanism for defending different types of flooding attack

Wireless Networks - Delay tolerant network solves technical challenges in the heterogeneous network that may lack end-to-end connectivity. However, due to the disconnected paths, message delivery...     

On remote exploitation of TCP sender for low-rate flooding denial-of-service attack

This letter shows a potentially harmful scenario named Induced-shrew attack in which a malicious TCP receiver remotely controls the transmission rate and pattern of a TCP sender to exploit it as a flood source for launching low-rate denial-of-service (DoS) attacks. Through simulation, proof-of concept implementation and experimentation in testbed and realworld Internet paths, we demonstrate that standard implementation of TCP senders can be exploited as flood sources for low-rate DoS attacks without compromising them. We describe the nature of the underlying vulnerability and discuss possible countermeasures against the induced-shrew.     

Direct trust-based security scheme for RREQ flooding attack in mobile ad hoc networks

The routing algorithms in MANETs exhibit distributed and cooperative behaviour which makes them easy target for denial of service (DoS) attacks. RREQ flooding attack is a flooding-type DoS attack in context to Ad hoc On Demand Distance Vector (AODV) routing protocol, where the attacker broadcasts massive amount of bogus Route Request (RREQ) packets to set up the route with the non-existent or existent destination in the network. This paper presents direct trust-based security scheme to detect and mitigate the impact of RREQ flooding attack on the network, in which, every node evaluates the trust degree value of its neighbours through analysing the frequency of RREQ packets originated by them over a short period of time. Taking the node’s trust degree value as the input, the proposed scheme is smoothly extended for suppressing the surplus RREQ and bogus RREQ flooding packets at one-hop neighbours during the route discovery process. This scheme distinguishes itself from existing techniques by not directly blocking the service of a normal node due to increased amount of RREQ packets in some unusual conditions. The results obtained throughout the simulation experiments clearly show the feasibility and effectiveness of the proposed defensive scheme.     

A new distributed route selection approach for channelestablishment in real-time networks

We propose a new distributed route selection approach, called parallel probing, for real-time channel establishment in a point-to-point network. The existing distributed routing algorithms fall into two major categories: preferred neighbor based or flooding based. The preferred neighbor approach offers a better call acceptance rate, whereas the flooding approach is better in terms of call setup time and routing distance. The proposed approach attempts to combine the benefits of both preferred neighbor and flooding approaches in a way to improve all the three performance metrics simultaneously. This is achieved by probing k different paths in parallel, for a channel, by employing different heuristics on each path. Also, the proposed approach uses a notion called intermediate destinations (IDs), which are subset of nodes along the least-cost path between source and destination of a call, in order to reduce the excessive resource reservations while probing for a channel by releasing unused resources between IDs and initiating parallel probes at every ID. Further, it has the flexibility of adapting to different load conditions by its nature of using different heuristics in parallel, and hence, a path found for a channel would have different segments (a segment is a path between two successive IDs), and each of these segments would very well be selected by different heuristics. The effectiveness of the proposed approach has been studied through simulation for well-known network topologies for a wide range of quality-of-service and traffic parameters. The simulation results reveal that the average call acceptance rate offered by the proposed route-selection approach is better than that of both the flooding and preferred neighbor approaches, and the average call setup time and routing distance offered by it are very close to that of the flooding approach     

Smart-blacklisting:P2P文件共享系统假块污染攻击对抗方法

在当前十分流行的P2P文件共享网络中,假块污染攻击严重地干扰了正常的文件下载过程。提出了基于概率统计及多轮筛选的对抗假块污染攻击策略——Smart-blacklisting,从理论上证明了该策略的有效性。仿真实验结果表明,该策略可以保证目标文件成功下载并降低假块污染攻击对下载时间及带宽消耗的影响。当攻击强度为0.2时,下载时间仅为eMule系统黑名单方法的13%,在带宽消耗方面也仅为其50%。     

人脸识别中视频回放假冒攻击的实时检测方法

利用合法用户的脸部视频进行回放假冒攻击,是目前人脸认证系统的重要安全威胁。针对此问题,本文提出了一种仅用单个普通摄像头来抵抗人脸视频假冒攻击的方法。不同于以往从人脸区域中获取假冒线索进行活体检测的方法,本文通过人脸输入图像与场景参考图像之间的背景对比,从人脸周围背景区域中寻求视频假冒攻击线索。首先,本文在尺度空间里构建人脸周围区域图像的背景特征点集合;然后,利用背景特征点集合建立识别场地背景和人脸背景的Gabor背景描述子,并用融合相位补差的相似度来进行背景比对。实验表明该方法能有效地识别视频回放假冒攻击。     

Novel approach of distributed & adaptive trust metrics for MANET

It is known to all that mobile ad hoc network (MANET) is more vulnerable to all sorts of malicious attacks which affects the reliability of data transmission because the network has the characteristics of wireless, multi-hop, etc. We put forward novel approach of distributed & adaptive trust metrics for MANET in this paper. Firstly, the method calculates the communication trust by using the number of data packets between nodes, and predicts the trust based on the trend of this value, and calculates the comprehensive trust by considering the history trust with the predict value; then calculates the energy trust based on the residual energy of nodes and the direct trust based on the communication trust and energy trust. Secondly, the method calculates the recommendation trust based on the recommendation reliability and the recommendation familiarity; adopts the adaptive weighting, and calculates the integrate direct trust by considering the direct trust with recommendation trust. Thirdly, according to the integrate direct trust, considering the factor of trust propagation distance, the indirect trust between nodes is calculated. The feature of the proposed method is its ability to discover malicious nodes which can partition the network by falsely reporting other nodes as misbehaving and then proceeds to protect the network. Simulation experiments and tests of the practical applications of MANET show that the proposed approach can effectively avoid the attacks of malicious nodes, besides, the calculated direct trust and indirect trust about normal nodes are more conformable to the actual situation.

     

An EDRI-based approach for detecting and eliminating cooperative black hole nodes in MANET

Mobile Ad hoc Network (MANET) is a self-configurable, self-maintenance network with wireless, mobile nodes. Special features of MANET like dynamic topology, hop-by-hop communications and open network boundary, made security highly challengeable in this network. From security aspect, routing protocols are highly vulnerable against a wide range of attacks like black hole. In black hole attack malicious node injects fault routing information to the network and leads all data packets toward it-self. In this paper, we proposed an approach to detect and eliminate cooperative malicious nodes in MANET with AODV routing protocol. A data control packet is used in order to check the nodes in selected path; also, by using an Extended Data Routing Information table, all malicious nodes in selected path are detected, then, eliminated from network. For evaluation, our approach and a previous work have been implemented using Opnet 14 in different scenarios. Referring to simulation results, the proposed approach decreases packet overhead and delay of security mechanism with no false positive detection. In addition, network throughput is improved by using the proposed approach.     

MANET主机安全自配置协议研究

提出一种基于IPv6的安全地址自配置方案SMAAC(Security MANET Address Auto-Configuration),新节点以口令方式通过节点验证服务器的验证后,由该服务器发放节点授权票据,由邻居节点进行授权票据检验并根据相关硬件信息产生IPv6地址,并完成地址冲突检测,保证网络内节点身份合法性.最后对该方案进行了安全及性能分析与仿真.