Presentation is loading. Please wait.

Presentation is loading. Please wait.

Selective Forwarding Attack: Detecting Colluding Nodes in Wireless Mesh Networks Shankar Karuppayah National Advanced IPv6 Centre (NAv6) Universiti Sains.

Published byKatherine Barton Modified over 8 years ago

Similar presentations

Presentation on theme: "Selective Forwarding Attack: Detecting Colluding Nodes in Wireless Mesh Networks Shankar Karuppayah National Advanced IPv6 Centre (NAv6) Universiti Sains."— Presentation transcript:

1 Selective Forwarding Attack: Detecting Colluding Nodes in Wireless Mesh Networks
Shankar Karuppayah National Advanced IPv6 Centre (NAv6) Universiti Sains Malaysia Network Security Workshop, February 14, 2012

2 Contents Introduction Problem Statement Related Work Our Proposed Mechanism Result and Analysis Conclusion and Future Work

3 Wireless mesh networks (WMNs)
Introduction Wireless mesh networks (WMNs) Self-organized Self-configured Self-healing Low up front costs Scalable

4 Overcome last-mile Internet access problems Advantages:
Introduction (cont.) Overcome last-mile Internet access problems Advantages: Adapts to dynamic topology changes Distributed cooperation routing WMN applications: Community networking Disaster relief Surveillance and monitoring Vulnerabilities exist in WMNs Shared wireless medium Distributed architecture Rational : Selfish and Greedy bandwidth, QoS, resource Malicious : Deprive

5 Network Performance Deteriorates!!!
Problem Statement Two type of attacks Passive attack Active attack Denial of service (DoS) attacks Preventing legitimate users from accessing information, services or resources Gray Hole attack Also known as selective forwarding attack A variation from Black Hole attack Motivation of the attacks: Rational intentions Malicious intentions Rational : Selfish and Greedy bandwidth, QoS, resource Malicious : Deprive Network Performance Deteriorates!!!

6 Problem Statement (cont.)
Existing security solutions Cryptographic mechanisms Public/private key exchange Not entirely applicable in WMNs Decentralized network architecture Routers physically tampered or software vulnerabilities exploited The need for non-cryptographic security mechanism arises Rational : Selfish and Greedy bandwidth, QoS, resource Malicious : Deprive

7 Marti et al. introduce watchdog
Related Work Marti et al. introduce watchdog Monitoring principle in “promiscuous” mode S. Banerjee propose an algorithm to detect and remove Black/Gray Hole attackers Splits transmission data into several blocks Introduction of prelude and postlude message Shila et al. introduce Channel Aware Detection (CAD) algorithm to detect Gray Hole attackers Consider normal losses medium access collisions bad channel quality

8 CAD (Channel Aware Detection) Algorithm
Methodology: Channel estimation (Dynamic detection threshold) Hop-by-hop packet loss monitoring Data transmission: Split into several blocks (Ws) S|2|0 0|V0|2|0 0|V1|2|1 0|V2|2|0 1|V3|1 1 2 2 1 2 1 1 1 However… CAD algorithm will not be able to detect an attack in the event of colluding nodes WMN router nodes: Maintain packets count history with corresponding packet sequence number New packet types : PROBE Packet marking with opinion and behavior parameter PROBE-ACK PROBE replies When node forwards a packet: Buffer link layer acknowledgement (MAC-ACK) Overhears downstream traffic Since WMN-R is statically deployed, normal losses cn be estimated Channel Qlty : historical data medm accss colision) : channel busyness ratio Explain colluding situations here!

9 Routers have no energy constraints and have buffer of infinite size
Assumptions Routers have no energy constraints and have buffer of infinite size Packet drop due to: Bad channel quality Medium access collision Presence of attackers Free from general wireless attacks: Sybil attacks Jamming (signal) attacks Colluding nodes are located next to each other Route caching to mitigate overhead Nodes have authentication methods implemented

10 CAD+ Algorithm Source compares the filtered irregularities with the list of sent packets Source refers the verified irregularities list to conduct final confirmation Packet Seq. No. Hash Value 1 2 … … 14 24 43 … … 46 15 33 16 … … 69 … … Hashed Received Packets Packet Seq. No. Hash Value … 14 … 46 15 50 34 47 35 … … … 33 … … … 45 null 46 … … 38 … … 60 17 61 35 Hashed Received Packets Introduction of three new packet types: Prelude Prelude-Notify Prelude-Ack MN monitors data packets received and forwarded by the node being monitored based on the monitoring parameters MN maintains irregularities history Retains existing features of CAD Source and Destination perform hashing on sent and received data packets respectively Destination compares the reported irregularities with the list of received packets and then replies to Source with a modified PROBE-ACK(including filtered irregularities) Destination keeps a list of monitoring nodes (MN) vs monitored nodes When MN overhears a PROBE packet sent to Destination, it forwards the list of irregularities (if applicable) towards Destination. Monitored Node Packet Seq. No. Hash Value Irregularity Type Timestamp v2 15 50 Alteration 14.9 34 47 Injection 22.8 55 35 Dropping 35.6 Irregularities which are monitored by MN2 Packet Seq. No. Hash Value … 14 … 46 15 33 34 24 35 … … … 33 … … ... 45 31 46 … … 38 … … 60 17 Hashed Sent Packets Count > COUNT_THRESH ? Interval > INTERVAL_THRESH? Intermediate Node Count Interval Irregularity Type v0 3 2 Alteration 6 1 Injection v2 Dropping v3 4 Verified Irregularities List Packet Seq. No. Hash Value 1 2 … … 14 24 43 … … 46 15 33 16 … … 69 … … Hashed Sent Packets Monitored Node Packet Seq. No. Hash Value Timestamp Irregularity Type v2 15 50 14.9 Alteration 34 47 22.8 45 31 35.0 Dropping 61 35 44.2 Injection Irregularities which are monitored by MN2 MNID Monitored Node MN0 v0 MN1 v1 MN2 v2 MN3 v3 Monitoring Node Vs Monitored Node Pair Source Monitored Node Next Hop Incoming Counter Outgoing Counter Next Monitoring (time) S v2 v3 5 10 34.30 Monitoring Parameters *MNx is not colluding but may not be reliable

11 Stealthy attacks by colluding nodes!!!
Detection of Threats Threats detected (colluding nodes): Gray Hole attack Selectively drops packet Packet Injection Fabricates packet towards Destination node Packet Alteration Node alters a received packet (bit or data manipulation) Bad Mouthing Attack Framing an innocent node Stealthy attacks by colluding nodes!!!

12 Result and Analysis Packet delivery ratio comparison with colluding selective dropping rate. (no channel loss) Parameters Value Simulator Ns Nodes 60 Simulation Time (seconds) 500 Warm Up Period (seconds) 50 Attacker Nodes (random) 30% Source Pairs 2

13 Result and Analysis (cont.)
Packet delivery ratio comparison with channel loss rate. Colluding selective dropping attacks present. Parameters Value Simulator Ns Nodes 60 Simulation Time (seconds) 500 Warm Up Period (seconds) 50 Channel Error Nodes (random) 30% Attacker Nodes (random) Source Pairs 2

14 Result and Analysis (cont.)
Average detection rate of Gray Hole attackers with respect to simulation time. Parameters Value Simulator Ns Nodes 60 Simulation Time (seconds) 500 Warm Up Period (seconds) 50 Normal Channel Loss Rate 10% Channel Error Nodes (random) 30% Source Pairs 2

15 Conclusion and Future Work
Developed a detection algorithm CAD+ which: Integrates CAD with neighborhood monitoring feature Enables detection and isolation of colluding Gray Hole attackers Detects other variation of colluding attacks: Packet alteration Packet injection Packet dropping Future Work: Investigate possibilities of mobile MN Incentives for MN to encourage cooperation Extend CAD+ to detect other network layer attacks

16 References Sergio Marti, T. J. Giuli, Kevin Lai, and Mary Baker. Mitigating routing misbehavior in mobile ad hoc networks. In Proceedings of the 6th annual international conference on Mobile computing and networking, MobiCom ’00, pages 255–265, New York, NY, USA, 2000. Sukla Banerjee. Detection/Removal of Cooperative Black and Gray Hole Attack in Mobile Ad-Hoc Networks. In Proceedings of the World Congress on Engineering and Computer Science 2008, WCECS ’08, October , 2008, San Francisco, USA, Lecture Notes in Engineering and Computer Science, pages 337–342. Newswood Limited, 2008. D.M. Shila, Yu Cheng, and T. Anjali. Mitigating selective forwarding attacks with a channel-aware approach in WMNS. Wireless Communications, IEEE Transactions on, 9(5):1661 –1675, May 2010.

Download ppt "Selective Forwarding Attack: Detecting Colluding Nodes in Wireless Mesh Networks Shankar Karuppayah National Advanced IPv6 Centre (NAv6) Universiti Sains."

Similar presentations

Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,

Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,
Collaborative Attacks on Routing Protocols in Ad hoc Networks Neelima Gupta University of Delhi India.

Collaborative Attacks on Routing Protocols in Ad hoc Networks Neelima Gupta University of Delhi India.
Denial of Service in Sensor Networks Anthony D. Wood and John A. Stankovic.

Denial of Service in Sensor Networks Anthony D. Wood and John A. Stankovic.
DARWIN: Distributed and Adaptive Reputation Mechanism for Wireless Ad- hoc Networks CHEN Xiao Wei, Cheung Siu Ming CSE, CUHK May 15, 2008 This talk is.

DARWIN: Distributed and Adaptive Reputation Mechanism for Wireless Ad- hoc Networks CHEN Xiao Wei, Cheung Siu Ming CSE, CUHK May 15, 2008 This talk is.
21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Smartening the Environment using Wireless Sensor Networks in a Developing Country Presented By Al-Sakib.

21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Smartening the Environment using Wireless Sensor Networks in a Developing Country Presented By Al-Sakib.
DENIAL OF SERVICE IN SENSOR NETWORKS Pratik Zirpe Instructor – Dr. T. Andrew Yang.

DENIAL OF SERVICE IN SENSOR NETWORKS Pratik Zirpe Instructor – Dr. T. Andrew Yang.
CSE 6590 Department of Computer Science & Engineering York University 1 Introduction to Wireless Ad-hoc Networking 5/4/2015 2:17 PM.

CSE 6590 Department of Computer Science & Engineering York University 1 Introduction to Wireless Ad-hoc Networking 5/4/2015 2:17 PM.
DSR The Dynamic Source Routing Protocol Students: Mirko Gilioli Mohammed El Allali.

DSR The Dynamic Source Routing Protocol Students: Mirko Gilioli Mohammed El Allali.
Mitigating Routing Misbehavior in Mobile Ad Hoc Networks By Sergio Marti, T.J. Giuli, Kevin Lai, & Mary Baker Department of Computer Science Stanford University.

Mitigating Routing Misbehavior in Mobile Ad Hoc Networks By Sergio Marti, T.J. Giuli, Kevin Lai, & Mary Baker Department of Computer Science Stanford University.
Improving TCP Performance over Mobile Ad Hoc Networks by Exploiting Cross- Layer Information Awareness Xin Yu Department Of Computer Science New York University,

Improving TCP Performance over Mobile Ad Hoc Networks by Exploiting Cross- Layer Information Awareness Xin Yu Department Of Computer Science New York University,
Ranveer Chandra , Kenneth P. Birman Department of Computer Science

Ranveer Chandra , Kenneth P. Birman Department of Computer Science
A Probabilistic Misbehavior Detection Scheme towards Efficient Trust Establishment in Delay-tolerant Networks Haojin Zhu, Suguo Du, Zhaoyu Gao, Mianxiong.

A Probabilistic Misbehavior Detection Scheme towards Efficient Trust Establishment in Delay-tolerant Networks Haojin Zhu, Suguo Du, Zhaoyu Gao, Mianxiong.
Monday, June 01, 2015 ARRIVE: Algorithm for Robust Routing in Volatile Environments 1 NEST Retreat, Lake Tahoe, June 17-19 2002.

Monday, June 01, 2015 ARRIVE: Algorithm for Robust Routing in Volatile Environments 1 NEST Retreat, Lake Tahoe, June
NGMAST- WMS workshop17/09/2008, Cardiff, Wales, UK A Simulation Analysis of Routing Misbehaviour in Mobile Ad hoc Networks 2 nd International Conference.

NGMAST- WMS workshop17/09/2008, Cardiff, Wales, UK A Simulation Analysis of Routing Misbehaviour in Mobile Ad hoc Networks 2 nd International Conference.
Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.

Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.
Multicasting in Mobile Ad-Hoc Networks (MANET)

Multicasting in Mobile Ad-Hoc Networks (MANET)
Jorge Hortelano, Juan Carlos Ruiz, Pietro Manzoni

Jorge Hortelano, Juan Carlos Ruiz, Pietro Manzoni
Arsitektur Jaringan Terkini

Arsitektur Jaringan Terkini
Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.

Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.
Secure communication in cellular and ad hoc environments Bharat Bhargava Department of Computer Sciences, Purdue University This is supported.

Secure communication in cellular and ad hoc environments Bharat Bhargava Department of Computer Sciences, Purdue University This is supported.

Similar presentations

Ads by Google