Resistance of Denial-of-Service Attack in Network Coding using Node Authenticity

Transcription

1 Resistance of Denial-of-Service Attack in Network Coding using Node Authenticity P. ANITHA PG Scholar Dept. of Computer Science Velalar College of Engineering and Technology ANNA UNIVERSITY, CHENNAI Dr. V.K. MANAVALASUNDHARAM, M.E., Ph.D., Assistant Professor Dept. of Computer Science Velalar College of Engineering and Technology ANNA UNIVERSITY, CHENNAI Abstract Denial of Service (DOS) attacks are strictly disgrace the availability of an internet services and resources to the Internet users. A novel authentication system known as, Supportive Bit- Compacted Authentication (SBA) is centered on random graph typical of node deployment and a cooperative bit-compressed authentication state with probability of neighboring nodes providing the obligatory condition for SBA authentication. This used to provide a whole protection against DOS attacks: (i) it can detect malicious packets at intermediate nodes, and (ii) it can verify the perfect location of all attackers, and eradicate the malicious packets. Node Identity Verification structure is used to distinguish the duplicate nodes. The outcome shows that the system outperforms two other formerly proposed high-tech approaches in terms of detection accuracy. Index Terms: Denial-of-Service attack, Node Identity, Node Verification and Authentication, Supportive Bit-Compacted Authentication (SBA). I. INTRODUCTION DENIAL-OF-SERVICE (DOS) attacks are one form of most vulnerable intrusive behavior to online servers. Denial of Service (DOS) attacks is strictly disgrace the availability of a Internet services to the Internet users. They inflict exhaustive computation tasks to the object by abusing its system vulnerability or flooding it with vast amount of unusable packets. The object can be mandatory out of service from a few minutes to even several days. The DOS attack detection essentially emphases on the development of network-based detection skills. Detection systems based on these technologies monitor traffic conveying above the sheltered networks. These technologies freedom the protected online servers from monitoring attacks and confirm that the servers can devote themselves to deliver quality services with lowest delay in response. In addition, network-based detection systems are lightly coupled with operating systems running on the host equipment which they are protecting. Generally, network-based discovery systems can be considered into two main categories, namely misuse based discovery systems and anomaly-based discovery systems. Misuse-based discovery systems detect attacks by monitoring network happenings and regarding for equals with the existing attack signatures. Even though of consuming high detection based discovery systems are certainly eluded by any new attacks and even alternatives of the existing attacks. In addition, it is a challenging and struggles complete task to preserve signature database updated for signature compeers is a physical process and deeply implicates network security proficiency. Latest effort focused on attack detection and its location using Node identity confirmation system. In the course of the initialization and positioning of enormous number of nodes are arbitrarily organized at a certain interest region (CIR) controlled by a region. Destination is an impressive and trustable data collecting node, which has amazing computation and storage abilities and is held responsible for producing nodes and collecting the data. Communication is bi-directional restricted by their transmission range (R). Intermediate nodes can interconnect with each other within R. Intermediate node immediate to destination, cooperatively dealings the destination and which is extreme away from the destination surrounded by the transmission range recourse to additional nodes to form route and interconnect with destination. For the duration of nontransmission stages later deployment the intermediate nodes uses Decisional Welzl's Algorithm to discover the shortest path and this can speed up the broadcasting. II. RELATED WORK Zhiyuan tan [1] introduces the DOS attack detection system services the moralities of MCA and anomaly-based detection. It advises the detection system with abilities of perfect characterization for traffic activities and detection of recognized and anonymous attacks respectively. A triangle area technique is established to enrich and to speed up the process of MCA. A statistical regulation technique is used to eradicate the bias from the raw data. An approach based on triangle area was obtainable to produce enhanced discriminative features. Mahalanobis distance was used to extract the relationships between the nominated packet payload features. Priyadharshini V [2] proposed the new cracking 32

2 algorithm for detection and prevention of the DOS attacks. DOS attack desires to attack the service of website. It hang onto on logon to a precise web site more times, and then service delivered by the web server performance keeps violated. To avoid this it continues a status table. In that it preserves the IP addresses of contemporary users and their status. If the specific IP address has been sign up on for a first time, it marks the status as authentic user. For second, third and fourth times it marks as ordinary user. For the fifth time it marks the specific IP address status as Attacker. In the time scheming only consider five times. After that, the user cannot permit get the service of that particular web site. The service is repudiated to that specific IP address. The objective of this solicitation is to make best use of a system effectiveness function. D.Muruganandam [10] presents the promising approach to prevent DOS attack by using HAWK technique. HAWK technique covers to assigning a threshold value for all the arriving packets and the packets which spectacle an enormous deviation from the ordinary threshold value is checked. If packet is initiate to be malicious, then that packet is directly congested and the information of that packet is sent across to all IPS. DDOS avoiding algorithms offers an additional layer of security that perceives and avoids Low Rate DDOS attack. Firecol places Intrusion Prevention Systems (IPS) all over the place to the Internet Service Provider (ISP) in a sphere like construction that contributes the network multiple layers of security. When it ascends to detecting LDDOS attacks, uses a HAWK technique that equals the threshold values of the arriving packets and HAWK is the greatest well-organized technique amongst all other LDDOS detecting techniques as it uses a lesser amount of memory. Both the High Rate and Low Rate identifying techniques are well-organized in terms of security and resource usage. III. DESIGN GOAL node. B. Achieving Bit-Compacted Authentication A Message Authentication Code (MAC) is produced so as to authenticate the communicated data through the intermediary nodes. MAC is one bit, thus making bitcompacted authentication possible.node Identity Verification Node Identity Authentication system is used to recognize the duplicate nodes. It can verify the perfect location of all attackers, and exterminate the malicious packets. Node identity confirmation is done by checking each node to its core of original id. Detect duplicate node ids on the course of data forwarding. Node id history log maintenance is done on the network. Duplicate node id is identified with the same node id in other location of the network. Fig 1: Configuration of the proposed denial-of-service attack detection system IV. METHODOLOGY The framework for the proposed scheme for SBA authentication is shown in Figure 2. The design goal is to develop a supportive bit-compacted authentication system against malicious node attacks in a protected and well-organized way. A. Increase the detection rate by early detection of malicious packets The authentication task in SBA scheme has the capability of increase the detection rate by early detection of malicious packets. This can greatly rise the detection proportion at the intermediate nodes. If the entire authentication task is achieved by the destination, this significantly increases the affliction of the destination and can restricted access the destination. The authentication by intermediate node helps in early detection of malicious packets and thus can increase the detection rate adding a minor overhead at the intermediate 33

3 Fig 2: Steps in SBA authentication Nodes are initialized and deployed. Followed by the detection of optimal and safest path using Welzl's Algorithm, then using the authentication scheme data is authenticated and verified which is discussed in the following section and finally the performance is analyzed. V. AUTHENTICATION SCHEME A Supportive Bit-Compacted Authentication (SBA) system for filtering malicious node in networks has been proposed. The two notable stages are: A. Optimal and Safest path selection. B. Authentication and verification of node. A. Node Generation All nodes are equivalently and arbitrarily organized at CIR. When the nodes are not difficult in reporting task, they cooperatively establish optimal path by Welzl's Algorithm. 1. Choose the number of nodes. 2. Store the position of each node. 3. Preload each node with public key. 4. Choose the optimal path using Welzl's Algorithm. B. Optimal Path Generation Using Welzl's Algorithm The Welzl s algorithm computes the smallest enclosing disk of a finite set of points on the plane in a linear expected time, and returns the radius and center of the disk. Adopt the Welzl s algorithm in a different way, which refer to as the decisional Welzl s algorithm, to identify a collection site to cover as many nodes as possible within a radius of d. The decisional Welzl s algorithm is shown in Algorithm 1, which returns the smallest enclosing disk of a given subset of nodes if its radius is no larger than d, or false otherwise. Algorithm 1. Decisional Welzl s Algorithm (S0: a subset of nodes; d: communication range). 1. radius <- ; center <- ϕ ; 2. (radius, center) = Welzl (S0) // Welzl s algorithm on S0 3. if radius > d then 4. return false; 5. else 6. return radius and center. 7. end if C. Detected Data Reporting The report R generated by node to node identification of any parameters are send to the destination via, established optimized and safest path selected. 1. Source node achieves time stamp T, indicates m neighboring nodes and send the report R to the destination via intermediate nodes. 2. Each intermediate node on receiving R generate mac. 3. mac generated by intermediate neighboring nodes generate authentication vector. 4. All the vectors are aggregated to form the MAC authentication information. D. Intermediate Node Filtering Each intermediate node checks the honesty of the report, R and the time stamp T. If T is invalid, the report R is prohibited or else supportive neighbor based mac verification is done. 1. Checks the timestamp T. 2. Every single intermediate node uses non-interactive key pair establishment to compute shared keys with each node. 3. If R is cooperatively authenticated by k neighbor nodes the report is MAC verified. E. Destination Verification Destination on getting the report checks the honesty of R and timestamp T. If T is invalid R is prohibited or else R submits to the destination verification. VI. RESULTS AND DISCUSSION A SBA system for clarifying injected wrong data and preventing malicious node attacks had been examined. By speculative investigation and imitation calculation, the SBA system has been validated to realize not only high intermediate node filtering possibility but also great scalability. 34

4 PARAMETER VALUE Simulation area Number of nodes 100 Transmission range 15m, 20m Neighboring nodes 4,6 Routing nodes 5,,12 Table 1. Parameter setting Intermediate Node Filtering Probability (FPR): The intermediate node filtering probability FPR in terms of different number of intermediate routing nodes. As the number of routing nodes increases, FPR increases. Throughput: SBA scheme establishes to have high throughput. ]VII. CONCLUSION AND FUTURE SCOPE The proposed SBA scheme is a novel scheme for filtering the malicious packets and to prevent malicious node attacks. This scheme is established to have high intermediate node clarifying possibility. Node identity verification system is used to recognize the duplicate nodes. It can authenticate the accurate location of all attackers. SBA system increases the detection rate by early detection of malicious node at the intermediate node and also provide authentication to legitimate data. Optimal path selection also supports to fast reporting of data and detection accuracy. SBA scheme can be applied to applications, where security of data is of high concern. To be part of the upcoming work, supplementary testing the DOS attack detection system exhausting actual world data and hire more refined classification techniques to promote assuage the false positive rate. IEEE Transactions On Parallel And Distributed Systems Vol:25 No:2 Year [2] Priyadharshini V, Kuppusamy k, Prevention of DOS Attacks using New Cracking Algorithm, International Journal of Engineering Research and Applications, [3] P.Garca-Teodoro, J.Daz-Verdejo, G.aci-Fernndez, and E.Vzquez, Anomaly-based Network Intrusion Detection: Techniques, Systems and Challenges, Computers & Security, vol. 28,pp , [4] R. Lu, X. Lin, C. Zhang, H. Zhu, P. Ho, and X. Shen, AICN: An Efficient Algorithm to Identify Compromised Nodes in Wireless Sensor Network, Proc. IEEE Int l Conf. Comm. (ICC 08), May [5] C. F. Tsai and C. Y. Lin, A Triangle Area Based Nearest Neighbors Approach to Intrusion Detection, Pattern Recognition, vol. 43, pp , [6] R. Ahlswede, N. Cai, S.-y. R. Li, and R. W. Yeung, Network Information Flow, IEEE Trans. Inf. Theory, vol. 46, no. 4, pp , Jul [7] Daojing He and Sammy Chan, DiCode: DoS Resistant and Distributed Code Dissemination in Wireless Sensor Networks, IEEE transaction on wireless communication, vol. 11, No. 5, May [8] Teenu Liza Thomas and P. Vijayalakshmi, Cooperative Bit- Compressed Authentication Scheme against Compromised Node Attacks in Wireless Sensor Networks, International Journal of Computer Applications ( ), Volume 71 No.19, June [9] D.Muruganandam and Martin LeoManickam, Detection and prevention of low and high Rate flooding DDOS attacks, Issue 3 Vol 3,May-June REFERENCES [1] Zhiyuan tan, aruna jamdagni, priyadarsi nanda, A system for denial-ofservice attack detection based on multivariate correlation analysis, [10] S. Panichpapiboon, G. Ferrari, and O. Tonguz, Optimal Transmit Power in Wireless Sensor Networks, IEEE Trans. Mobile Computing, vol. 5, no. 10, pp , Oct

5 36