DETECTING MALICIOUS PACKET DROPPING AND SECURE TRACE OUT IN WIRELESS AD-HOC NETWORK

Transcription

1 DETECTING MALICIOUS PACKET DROPPING AND SECURE TRACE OUT IN WIRELESS AD-HOC NETWORK Karthick P N 1, Mrs. R.Bamalakshmi 2 1 PG Scholar, 2 Assistant Professor/M.E Department of ECE, GRT Institute of Engineering and Technology, Tiruttani, India ABSTRACT: In multi hop wireless adhoc networks the packet loss can be occurred by two sources they are link errors and malicious packet dropping. It is important to find whether the losses are due to link errors only or is due to both link error and malicious packet drop. The malicious nodes present in insider attacker case selectively drop packets to degrade the network performance. The packet dropping in this case is nearly equal to the normal link error because of which existing algorithm that are based on detecting the packet loss rate cannot find the exact cause of packet loss. Hence to improve the detection accuracy, the correlations between lost packets is identified. The technique called Homomorphism Linear Authenticator (HLA) based public auditing architecture is developed that allows the detector to verify the truthfulness of packet loss information reported by nodes. This architecture is privacy preserving, collusion proof and incurs low communication and storage overheads. KEYWORDS: Packet Drop, Energy Gain I. INTRODUCTION Mobile computing is the discipline for creating an information management platform, which is free from spatial and temporal constraints. The freedom from these constraints allows its users to access and process desired information from anywhere in the space. The state of the user, static or mobile, does not affect the information management capability of the mobile platform. A user can continue to access and manipulate desired data while traveling on plane, in car, on ship, etc. Thus, the discipline creates an illusion that the desired data and sufficient processing power are available on the spot, where as in reality they may be located far away. Wireless ad hoc networks are collections of wireless nodes, that communicate directly over common wireless channel. The nodes are equipped with wireless transceiver. They don t need any additional infrastructure, such as base station or wired access point, etc. Therefore, each node doesn t only plays the role of an end system, but also acts as a router, that sends packets to desired nodes. The ad hoc are expected to do assignments, which the infrastructure can t do. Ad hoc networks are mostly used by military, rescue mission team, taxi driver. Figure 1 Structure of mobile computing II. EXISTING METHODOLOGY The most of the related works preclude the ambiguity of the environment by assuming that malicious dropping is the only source of packet loss, so that there is no need to account for the impact of link errors. On the other hand, for the small number of works that differentiate between link errors and malicious packet drops, their detection algorithms usually require the number of maliciously-dropped packets to be significantly higher than link errors, in order to achieve acceptable detection accuracy. Existing algorithm takes into account the cross-statistics between lost packets to make a more informative decision, and thus is in sharp contrast to the conventional methods that rely only on the distribution of the number of lost packets. Depending on how much weight a detection algorithm gives to link errors relative to malicious packet drops, the related work can be classified into the following two categories. DRAWBACKS: For the credit-system-based method, a malicious node may still receive enough credits by forwarding most of the packets it receives from upstream nodes. In the reputation-based approach, the malicious node can maintain a reasonably good reputation by forwarding most of the packets to the next hop. While the Bloom-filter scheme is able to provide a packet forwarding proof, the correctness of the proof is probabilistic and it may contain errors. III. HLA TECHNIQUE To develop an accurate algorithm for detecting selective packet drops made by insider attackers. This algorithm also provides a truthful and publicly verifiable decision statistics as a proof to support the detection decision. The high detection accuracy is achieved by exploiting the correlations Copyright 2015.All rights reserved. 753

2 between the positions of lost packets, as calculated from the auto-correlation function (ACF) of the packet-loss bitmap a bitmap describing the lost/received status of each packet in a sequence of consecutive packet transmissions. The basic idea behind this method is that even though malicious dropping may result in a packet loss rate that is comparable to normal channel losses, the stochastic processes that characterize the two phenomena exhibit different correlation structures (equivalently, different patterns of packet losses).therefore, by detecting the correlations between lost packets, one can decide whether the packet loss is purely due to regular link errors, or is a combined effect of link error and malicious drop. Figure 2 Adhoc Wireless System Architecture Figure 3 Architecture Diagram MODULES Network Configuration Adversarial Model HLA Based Public Auditing Architecture NETWORK CONFIGURATION In this project we are using Wireless Adhoc Network. Here we mainly focus on static or quasi-static network. In wireless network we need to send the packet through the node. System is represented as a node. Here every node has communication range. By using this range only we can transmit over packet. If source and destination node exists within the communication range, source can directly transmit the packet. Otherwise, we need to select the intermediate nodebased on the transmission range for transmit the packets. Consider an arbitrary path PSD in a multi-hop wireless ad-hoc network. The source node S continuously sends packets to the destination node D through intermediate nodes, where ni is the upstream node. We assume that S is aware of the route PSD, as in Dynamic SourceRouting (DSR). We model the wireless channel of each hop along PSD as a random process that alternates between good and bad states. Packets transmitted during the good state are successful, and packets transmitted during the bad state are lost. ADVERSARIAL MODEL The goal of the someone is to degrade the network s performance by maliciously dropping packets whereas remaining unseen. We tend to assume that the malicious node has information of the wireless channel, and is alert to the formulaused for misconduct detection. It s the liberty to decide on what packets to drop. For instance, within the random-drop mode, the malicious node might drop any packet with a tiny low chance Pd. within the selective-mode; the malicious node solely drops packets of sure varieties. A mix of the 2 modes is also used. We tend to assume that any node on PSD will be a malicious node, except the supply and therefore the destination. HLA BASED PUBLIC AUDITINGARCHITECTURE The proposed mechanism is based on detecting the correlations between the lost packets over each hop of the path. The basic idea is to model the packet loss process of a hop as a random process alternating between 0 (loss) and 1 (no loss). Setup Phase In this phase, Source decides on a symmetric-key cryptosystem and K symmetric keys. Key distribution may be based on the public-key crypto-system such as RSA. Besides symmetric key distribution, S also needs to set up its HLA keys. Figure 4 Proposed block diagram Packet Transmission Phase After completing the setup phase, Source enters the packet transmission phase. The special structure of the one-way chained encryption construction in dictates thatan upstream Copyright 2015.All rights reserved. 754

3 node on the route cannot get a copy of the HLA signature intended for adown stream node. Source nodes 2 send packets to Destination node 15 by Neighbor nodes Audit Phase This phase is triggered when the public auditor receives an ADR message from Source. This mechanism only guarantees that a node cannot understate its packet loss this mechanism cannot prevent a node from overly stating its packet loss by claiming that it did not receive a packet that it actually received. Detection Phase The public auditor enters the detection phase after receiving and auditing the reply to its challenge from all nodes. The main tasks of auditor in this phase include the following: detecting any overstatement of packet loss at each node, constructing a packet-loss bitmap for each hop, calculating the autocorrelation function for the packet loss on each hop, and deciding whether malicious behavior is present IV. RESULTS AND DISCUSSIONS Figure 6 Link Error Detection During the transmission the packets are dropped by link error Figure 5 Node Selection The source and the destination nodes are selected for the data packet transmission Figure 7 ADR Message The Auditor node audits the packets send and receive Figure 6 Packet Transmission Figure 8 Detection of Malicious Nodes The malicious nodes are detected by auditor nodes and packet transmission is stopped Copyright 2015.All rights reserved. 755

4 Figure 9 Packet Delivery Ratios. Packet delivery ratio is the ratio of the number of packet received at destination and number of packet sent by the source. The greater value of packet delivery ratio means the better performance of network. Figure 12 End To End Delay. End-to-End delay is the average time taken for a packet to be transmitted from the source to destination. The lower value of end to end delay means the better performance of network. Figure 10 Packet Loss Ratio Between Good Nodes. The above figure shows that the packet loss ratio to zero because of packets transfer between the two good nodes without link errors. The below figure shows that the ratio of packets loss occurred due to the malicious node or link error appears in the packet transmission between the nodes. Figure 13 Routing Overhead. Routing Overhead is the number of routing packets required by the routing protocol to construct and maintain the routes. V. CONCLUSION Therefore, by detecting the correlations between lost packets, one can decide whether the packet loss is purely due to regular link errors, or is a combined effect of link error and malicious drop. The algorithm takes into account the cross statistics between lost packets to make a more informative decision, and thus is in sharp contrast to the conventional methods that rely only on the distribution of the number of lost packets. It is compared with conventional detection algorithms that utilize only the distribution of the number of lost packets, exploiting the correlation between lost packets significantly improves the accuracy in detecting malicious packet drops. Figure 11 Packet Loss Ratio Malicious Nodes. Copyright 2015.All rights reserved. 756

5 REFERENCES [1] C. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z.Peterson, and D.Song, Provable data possession at untrusted stores, in Proc. ACM Conf. Comput. and Commun. Secur., Oct. 2007, pp [2] G. Ateniese, S. Kamara, and J. Katz, Proofs of storage from homomorphic identification protocols, in Proc. Int. Conf. Theory Appl.Cryptol. Inf. Security,2009, pp [3] Amutha. S, Balasubramanian. K, Secure Implementation of Routing Protocols for Wireless Ad hoc Networks pp , Feb [4] Shu.T, Krunz.M, and Liu.S, Secure data collection in wireless sensor networksusing randomized dispersive routes. Vol. 9, no. 7, pp , Mar [5] Proano.A and Lazos.L Packet-hiding methods for preventing selective jammingattacks Dependable and Secure Computing., vol. 9, no. 1, pp , Aug [6] Awerbuch. B, Curtmola. R, Holmer. D, Nita-Rotaru. C, and Rubens. H. ODSBR: an on-demand secure byzantine resilient routing protocol for wireless ad hocnet works, Vol. 10, no. 4, [7] Hayajneh. T, Krishnamurthy. P, Tipper. D, and Kim. T, Detecting malicious packet dropping in the presence of collisions and channel errors in wireless ad hoc networks (2009). [8] Kozma Jr. W and Lazos.L REAct: resourceefficient accountability for node misbehavior in ad hoc networks based on random audits. Wireless Network Security, (2009) Copyright 2015.All rights reserved. 757