21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Smartening the Environment using Wireless Sensor Networks in a Developing Country Presented By Al-Sakib Khan Pathan Department of Computer Science International Islamic University Malaysia An Efficient Detection Model of Selective Forwarding Attacks in Wireless Mesh Networks Shapla Khanam, Habibullah Yusuf Saleem, and Al-Sakib Khan Pathan Department of Computer Science International Islamic University Malaysia (IIUM)

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Outline of This Presentation Introduction The problem formulation Proposed approach Analysis Conclusions Future directions of research 2

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Introduction A Wireless Mesh Network (WMN) consists of –Mesh routers –Mesh clients Mesh routers form the backbone of the network that provides network access to both the mesh and conventional clients. Mesh clients can either connect to a backbone or among each other. 3

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China WMN Infrastructure 4 Hybrid WMN?

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China The Problem Formulation Any malicious node can attack the network in the forms: –Blackhole attack –Grayhole attack –Sybil attack. In all of these attacks, the routing packets are deliberately misled towards wrong destinations or network entities. Once the malicious node or the attacker has control over the packet after getting it in its trap, the packet could be modified, fabricated, dropped, or forwarded (arbitrarily); all of which are considered as the major obstacles for secure and guaranteed routing in WMN. 5

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China The Problem Formulation (Contd.) Although, based on the precise operational methods, different attacks are given different names to clearly distinguish them (with slightly different operational methods), most of the routing attacks are related to selective forwarding (or, use it as an underlying method), which means that the received trapped packets are manipulated to forward selectively (or, drop). Our goal is to mitigate selective forwarding attack by detecting it using some meticulous approach. 6

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Our Proposed Approach There are mainly two phases in our proposed approach. –(i) Game theory based attack model –(ii) Detection of malicious behavior Game theory can be defined as the statistical model to analyze the interaction among a group of players, who act strategically. 7

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China The Game Theoretic Model 8 Player 1 is the source node S and Player 2 is the malicious/attacker intermediate node A. Let D be the destination node and N be the finite set of all players. We consider a zero-sum game model where if one player wins then, the other player must lose, equaling to sum of the gain and loss to be zero.

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China The Scenario The attacker tries to minimize the throughput of the network by dropping the packet. The attacker should spend more than the target to drop any packet and eventually the attacker has to pay heavily for its actions. We want to detect where the selective forwarder is. Each three-node in the network can be multiplied to cover the entire network! 9

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Mathematical Formulation Let P i be the probability to defend the ith node in the network. v i is an intermediate node and v i-1 and v i+1 are the upstream and downstream nodes respectively. The total probability of defending all N nodes is, The energy spent for utility cost (transmission cost) is:, because the amount of energy needed is as the same amount of probability for defending all nodes. Interaction of different players and their total probabilities are constructed based on their individual probability. 10

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Mathematical Formulation (Contd.) The remaining energy is: where,. Our objective is that the energy that needs to be spent by the attacker in order to compromise the nodes must be more than the energy spent by the target. The energy of the sender to send via the attacker could be noted by the equation:, where is a constant. The successful attack depends on the value of. If, the attack succeeds. If, the energy spent by the attacker equals to that of the target. When, the attacker cannot attack, and means that the attacker cannot drop any packet. 11

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Mathematical Formulation (Contd.) The state of the game is (m,n), where m is the sending buffer of Player 1 and n is the dropping buffer of Player 2. If one packet is present in the sending buffer of m of Player 1, then will take a value of 1 and n can take value 0 or d, depending on whether any packet is dropped or not. We also denote as the probability that a new packet arrives at the sending buffer of Player 1. There are four possible states of the game and they are: 12

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Basic Notations & Meanings 13

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China State Transition Diagram 14

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Transition Probabilities When (m=1), When (m=0), 15

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China A Bit Explanation … Assume that the current state of system is (1,0). Player 1 (i.e, S) has packet in its send buffer. It uses two strategies: transmit packet directly or transmit via A. If S transmits packet directly to D, then the states are (0,0) or (1,0) with probability p d. Otherwise, it transmits packets via Player 2 (i.e., A) with probability, p a. Node A either drops the packet or forwards it to D. If it drops, then the states become (0,d) or (1,d). If A forwards the packet, then the next states will be (0,0) or (1,0). 16

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Strategy Sets The strategy set for Player 1 is S 1 ={s 1,s 2 }, meaning that Player 1 forwards the packet either directly to destination D (s 1 ) or via A (s 2 ). Mixed strategies that correspond to S 1 are π s (s 1,s 2 )=(p d,p a ), where p d + p a =1. The strategy set of Player 2 is A 2 =(a 1,a 2 ). Mixed strategies corresponding to the action of A 2 are π a (a 1,a 2 )=(q f,q d ) where, q f +q d =1. Here, q d = probability of dropping the packet. Hence, x=(π s,π a )=(p d,p a,q f,q d ). 17

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China The Utilities of Sender and Attacker The utility can be calculated from the equations below based on the probability of dropping and forwarding the packets. 18 x is the joint strategy as defined previously

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Detection of Malicious Behavior In this algorithm, multiple nodes need to be selected as acknowledgement points in WMNs. This means that those mesh nodes are responsible for sending an ACK packet after receiving a packet from a source node or nearest intermediate source nodes. We are considering that the packet loss appears only due to malicious activity. When the source node S sends a route request, it receives several route replies. 19

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Multi-hop Ack.-Based Algorithm 20 Let us consider that S chooses the route SABCEFG→D, where E is the malicious node. We are considering two selected acknowledgement points (i.e., Y=2) namely B and F. B and F will acknowledge back after they receive the packets from the source mesh nodes.

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Various Cases and Scenarios Therefore, the following possibilities may occur if: –Case 1: One of the nodes is malicious in the forwarding path. –Case 2: One or more nodes are malicious in the forwarding path. –Case 3: Both the Acknowledgement points B and F are malicious –Case 4: Either B or F is malicious. Each of these cases is handled and we formulated the mathematical model of when to declare the node is malicious based on ACK, NACK, monitoring threshold, loss rate, and upstream or downstream nodes. The paper is referred to see the details. 21

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Performance Analysis We substititute the values for required energy to transmit packets from S to D either directly or via A and the points earned by source S and A as follows: E sd =0.6, E sa =E ad =0.05, Pt d =1, Pt sa =0.3. We assume that the packet arrival rate μ to send buffer is quite fast; μ=0.8, and β=0.2. However, the parameter settings are chosen based on probabilities. The closer the probability is to 1, the higher the utility will be for the sender. 22

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Performance Analysis (Contd.) 23 Fig. 4. Increasing the utilities of A and decreasing the utilities of S with respect to different drop probabilities of q d when p d =0.8 and p a =0.2.

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Performance Analysis (Contd.) 24 Fig. 5. Increasing the utilities of A and decreasing the utilities of S with respect to different drop probabilities of q d when p d =0.6 and p a =0.4.

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Performance Analysis (Contd.) 25 Fig. 6. Increasing the utilities of A and decreasing the utilities of S with respect to different drop probabilities of q d when p d =0.4 and p a =0.6.

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Performance Analysis (Contd.) 26 Fig. 7. Increasing the utilities of A and decreasing the utilities of S with respect to different drop probabilities of q d when p d =0.2 and p a =0.8

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Performance Analysis (Contd.) 27 Fig. 8. Increasing the utilities of A and decreasing the utilities of S with respect to different drop probabilities of q d When, p d =0 and p a =1.

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Performance Analysis (Contd.) 28 Fig. 9. The increase of utility S and A as a function of p a with respect to q f =1 and q d =0.

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Performance Analysis (Contd.) 29 Fig. 10. The increase of utilities S and A as a function of p a with respect to q f =0.75 and q d =0.25.

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Performance Analysis (Contd.) 30 Fig. 11. The increase of utility A and decrease of utility S as a function of p a with respect to q f =0.5 and q d =0.5.

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Performance Analysis (Contd.) 31 Fig. 12. The increase of utility A and decrease of utility S as a function of p a with respect to q f =0.25 and q d =.75.

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Performance Analysis (Contd.) 32 Fig. 13. The increase of utility A and decrease of S as a function of p a with respect to q f =0 and q d =1.

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Final Words In our work, we have formulated a zero-sum non- cooperative game based approach to detect the presence of such attacker(s) in WMNs and we introduced a multi-hop acknowledgment based algorithm to identify the malicious behavior during the transmission of packets. As our future work, we would like to investigate cooperative selective forward attacks in Wireless Mesh Networks. 33

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China THANK YOU 34

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Questions and Answers Any query should be directed to ??? 35