AN EFFECTIVE TRUST BASED INTRUSION DETECTION SYSTEM FOR MOBILE ADHOC NETWORK
A.Syed Musthafa.
Assistant Professor/Department of IT,
K.S.Rangasamy College of Technology
Namakkal, Tamil Nadu, India
syedmusthafait@gmail.com
D.Senthil Kumar.
PG Scholar,
K.S.Rangasamy College of Technology
Namakkal, Tamil Nadu, India
senthilkumardsk28@gmail.com
Abstract—In an effort to prevent the attackers from initiating forged acknowledgment attacks, we extended our research to incorporate digital signature in our proposed scheme. Although it generates more ROs (routing overhead) in some cases, as demonstrated in our experiment, it can vastly improve the network’s PDR when the attackers are smart enough to forge acknowledgment packets. The proposed system uses a hybrid key exchange mechanism to detect the malicious node anywhere in the network. In proposed, system, key server act as an authenticated server for ensuring securable and reliable routing.
Due to their natural mobility and scalability wireless networks are always preferred since the first day of their invention. Owing to the improved technology and reduced costs, wireless networks have gained much more preferences over wired networks in the past few decades By definition, Mobile Ad hoc Network (MANET) is a collection of mobile nodes equipped with both a wireless transmitter and a receiver that communicate with each other via bidirectional wireless links either directly or indirectly.
Communication is limited to the range of transmitters. This means that two nodes cannot communicate with each other when the distance between the two nodes is beyond the communication range of their own. MANET solves this problem by allowing intermediate parties to relay data transmissions. This is achieved by dividing MANET into two types of networks, namely, single-hop and multihop.
Keywords- Digital signature, digital signature algorithm (DSA), Enhanced Adaptive ACKnowledgment (AACK) (EAACK), Mobile Ad hoc NETWORK (MANET).
Introduction
Over the past decade, there has been a growing
interest in wireless networks, as the cost of mobile devices such as PDAs, laptops, cellular phones, etc have reduced drastically. The latest trend in wireless networks is towards pervasive and ubiquitous computing - catering to both nomadic and fixed users, anytime and anywhere. Several standards for wireless networks have emerged in order to address the needs of both industrial and individual users. One of the most prevalent forms of wireless networks in use today is the Wireless Local Area Network (WLAN). In such a network, a set of mobile nodes are connected to a fixed wired backbone. WLANs have a short range and are usually deployed in places such universities, companies, cafeterias, etc. However, there is still a need for communication in several scenarios of deployment where it is not feasible to deploy fixed wireless access points due to physical constraints of the medium. For example, consider communication amongst soldiers in a battlefield, involving troops spread out over a large area. In this case, it is not only feasible to deploy a fixed wireless access point, but also risky since an enemy attack would bring down the whole network. This problem has led to a growing interest among the research community in mobile ad hoc networks, wireless networks comprised of mobile computing devices communicating without any fixed infrastructure.
MOBILE Adhoc Wireless Network:
The Mobile Ad hoc Wireless Network is more vulnerable to be attacked than wired network. These vulnerabilities are nature of the MANET structure that cannot be removed. As a result, attacks with malicious intent have been and will be devised to exploit these vulnerabilities and to cripple the MANET operation. Attack prevention measures, such as authentication and encryption, can be used as the first line of defense for reducing the possibilities of attacks. However, these techniques have a limitation on the effects of prevention techniques in general and they are designed for a set of known attacks. They are unlikely to prevent newer attacks that are designed for circumventing the existing security measures. The rest of this chapter is organized as follows – initially a classification of wireless networks in use today is described followed by the background and origins of ad hoc wireless networks. The general issues in ad hoc wireless networks are then discussed, followed by a few interesting applications. The final section gives an outline of the chapters to follow.
TAXONOMY OF WIRELESS NETWORKS:
A wireless network in general consists of a set of mobile hosts which communicate to other mobile hosts either directly or via an access point (base station).The following is a broad classification of wireless networks.
WIRELESS LANS AND PANS:
A Wireless Local Area Network (WLAN) consists of aset of mobile users communicating via a fixed base station or an access point. The mobile node can be any device such as a palmtop, PDA, laptop etc. A Wireless Personal Area Network (WPAN) consists of personal devices which communicate without any established infrastructure. The IEEE 802.15.1 standard for Wireless Personal Area Networks, also called popularly as the Bluetooth is currently being used for short range communication such as in digital cameras, PDAs, laptops,etc.
WIRELESS WANS AND MANS:
Nowadays, the trend is towards a wireless internet consisting of mobile nodes accessing the internet without the help of any backbone network. This type of network is based on the cellular architecture in which a large area to be covered is divided in to several cells, each having a fixed base station. Each cell consists of several mobile terminals (MT) which communicate to other mobile terminals in a same cell through the base station.
MOBILE AD HOC AND SENSOR NETWORKS:
Mobile Ad hoc networks or MANETs are the category of wireless networks which do not require any fixed infrastructure or base stations. They can be easily deployed in places where it is difficult to setup any wired infrastructure.There are no base stations and every node must co-operate in forwarding packets in the network. Thus, each node acts as a router which makes routing complex when compared to Wireless LANs, where the central access point acts as the router between the nodes. A sensor network is a special category of ad hoc wireless networks which consists of several sensors deployed without any fixed infrastructure. The difference between sensor networks and ordinary ad hoc wireless is that the sensor nodes may not be necessarily mobile. Further, the number of nodes is much higher than in ordinary ad hoc networks. The nodes have more stringent power requirements since they operate in harsh environmental conditions. An example of a sensor network is a set of nodes monitoring the temperature of boilers in a thermal plant Other application domains include military, homeland security and medical care.
Related works
Mobile Ad hoc Networks (MANETs) are autonomously self-organized networks without infrastructure support. In a mobile ad hoc network, nodes move arbitrarily; therefore the network may experience rapid and unpredictable topology changes. Because nodes in a MANET normally have limited transmission ranges, some nodes cannot communicate directly with each other. Hence, routing paths in mobile ad hoc networks potentially
contain multiple hops, and every node in mobile ad hoc networks has the responsibility to act as a router. A survey of active research work on routing protocols for MANET.
Security is a major concern for protected communication between mobile nodes in a hostile environment. In hostile environments adversaries can bunch active and passive attacks against intercept able routing in embed in routing message and data packets. In this paper, it focuses on fundamental security attacks in Mobile ad hoc networks. MANET has no clear line of defense, so, it is accessible to both legitimate network users and malicious attackers. In the presence of malicious nodes, one of the main challenges in MANET is to design the robust security solution that can protect MANET from various routing attacks. However, these solution are not suitable for MANET resource constraints, i.e., limited bandwidth and battery power, because they introduce heavy traffic load to exchange and verifying keys. MANET can operate in isolation or in coordination with a wired infrastructure, often through a gateway node participating in both networks for traffic relay. This flexibility, along with their self-organizing capabilities, is some of MANET's biggest strengths, as well as their biggest security weaknesses. Different routing attacks, such as active (flooding, black hole, spoofing, and wormhole) and passive (eavesdropping, traffic monitoring, and traffic analysis) are described.
Use of mobile ad hoc networks (MANETs) has been widespread in many applications, including some mission critical applications, and as such security has become one of the major concerns in MANETs. Due to some unique characteristics of MANETs, prevention methods alone are not sufficient to make them secure; therefore, detection should be added as another defense before an attacker can breach the system. In general, the intrusion detection techniques for traditional wireless networks are not well suited for MANETs. In this paper, we classify the architectures for intrusion detection systems (IDS) that have been introduced for MANETs. Current IDS's corresponding to those architectures are also reviewed and compared and provide some directions for future research.
An ad hoc network is a collection of wireless computers (nodes), communicating among themselves over possibly multihop paths, without the help of any infrastructure such as base stations or access points. Although many previous ad hoc network routing protocols have been based in part on distance vector approaches, they have generally assumed a trusted environment. In this paper, we design and evaluate the Secure Efficient Ad hoc Distance vector routing protocol (SEAD), a secure ad-hoc network routing protocol based on the design of the Destination-Sequenced Distance-Vector routing protocol (DSDV). In order to support use with nodes of limited CPU processing capability, and to guard against Denial-of-Service (DoS) attacks in which an attacker attempts to cause other nodes to consume excess network bandwidth or processing time, use efficient one-way hash functions and do not use asymmetric cryptographic operations in the protocol. SEAD performs well over the range of scenarios we tested, and is robust against multiple uncoordinated attackers creating incorrect routing state in any other node, even in spite of any active attackers or compromised nodes in the network.
An ad hoc network is a group of wireless mobile computers (or nodes), in which individual nodes cooperate by forwarding packets for each other to allow nodes to communicate beyond direct wireless transmission range. Prior research in ad hoc networking has generally studied the routing problem in a non-adversarial setting, assuming a trusted environment. present attacks against routing in ad hoc networks, and we present the design and performance evaluation of a new secure on-demand ad hoc network routing protocol, called Ariadne. Ariadne prevents attackers or compromised nodes from tampering with uncompromised routes consisting of uncompromised nodes, and also prevents many types of Denial-of-Service attacks. In addition, Ariadne is efficient, using only highly efficient symmetric cryptographic primitives.
HYBRID KEY EXCHANGE ALGORITHM
HYBRID key exchange algorithm uses asymmetric key principles for the distribution of symmetric keys to both parties in a communication network. Key distribution is an important aspect of conventional algorithm and the entire safety is dependent on the distribution of key using secured channel. HYBRID utilizes the public& private key of asymmetric key cryptography to exchange the secret key.
Before going in depth of HYBRID Algorithm ,we define primitive root of a prime number 'p' as one whose powers generate all the integers from 1 to p-1, i.e. if 'a' is the primitive root of a prime no 'p', then,
a mod p , a2 mod p , a 3 mod p, .............. ap-1 mod p generate all distinct integers from 1 to (p-1) in some permutation.
The steps for HYBRID key exchange algorithm are:
Step 1 : GLOBAL PUBLIC ELEMENTS
Select any prime no : 'q'
Calculate the primitive root of q : 'a' such that aStep 2 : ASYMMETRIC KEY GENERATION BY USER 'A'
Select a random number as the private key XA where XA < q
Calculate the public key YA where YA = aXA mod q
Step 3 : KEY GENERATION BY USER 'B'
Select a random number as the private key XB where XB < q
Calculate the public key YB where YB = aXB mod q
Step 4 : Exchange the values of public key between A & B
Step 5 : SYMMETRIC KEY (K) GENERATION BY USER 'A'
K= YB XA mod q
Step 6 : SYMMETRIC KEY (K) GENERATION BY USER 'B'
K= YA XB mod q
It can be easily be proved that the key K generated by this algorithm by both parties are the same.
HYBRID was the first public key algorithm ever invented, in 1976. Alice and Bob want to be able to generate a key to use for subsequent message exchange. The key generating exchange can take place over an unsecure channel that allows eavesdropping. The ingredients to the protocol are: p, a large prime and g, a primitive element of Zn. This means that all numbers n=1, ... , p-1 can be represented as n = gi. These two numbers do not need to be kept secret. For example, Alice could send them to Bob in the open. The protocol runs as follows:
1. Alice choses a large random integer x and sends Bob
X=gx mod p
2. Bob choses a large random integer y and sends Alice
Y=gy mod p
3. Alice computes
k=Yx mod p
4. Bob computes
k=Xy mod p
existing system
Furthermore, in an effort to prevent the attackers from initiating forged acknowledgment attacks, we extended our research to incorporate digital signature in our proposed scheme. Although it generates more ROs in some cases, as demonstrated in our experiment, it can vastly improve the network’s PDR when the attackers are smart enough to forge acknowledgment packets.We think that this tradeoff is worthwhile when network security is the top priority. In order to seek the optimal DSAs in MANETs, we implemented both DSA and RSA schemes in our simulation. Eventually, we arrived to the conclusion that the DSA scheme is more suitable to be implemented in MANETs.
To increase the merits of our research work, we plan to investigate the following issues in our future research:
1)Possibilities of adopting hybrid cryptography technique Diffie Hellman
key exchange algorithm to further reduce the network overhead caused by digital signature;
2)examine the possibilities of adopting a key exchange mechanism to
ensure a secure data authentication;
3)Testing the performance of EAACK in real network environment instead
of software simulation.
Due to their natural mobility and scalability wireless networks are always preferred since the first day of their invention. Owing to the improved technology and reduced costs, wireless networks have gained much more preferences over wired networks in the past few decades By definition, Mobile Ad hoc Network (MANET) is a collection of mobile nodes equipped with both a wireless transmitter and a receiver that communicate with each other via bidirectional wireless links either directly or indirectly.
Communication is limited to the range of transmitters. This means that two nodes cannot communicate with each other when the distance between the two nodes is beyond the communication range of their own. MANET solves this problem by allowing intermediate parties to relay data transmissions. This is achieved by dividing MANET into two types of networks, namely, single-hop and multihop.
DIGITAL SIGNATURE:
EAACK is an acknowledgment-based IDS. All three parts of EAACK, namely, ACK, S-ACK, and MRA, are acknowledgment-based detection schemes. They all rely on acknowledgment packets to detect misbehaviors in the network. Thus, it is extremely important to ensure that all acknowledgment packets in EAACK are authentic and untainted. Otherwise, if the attackers are smart enough to forge acknowledgment packets, all of the three schemes will be vulnerable. With regard to this urgent concern, we incorporated digital signature in our proposed scheme. In order to ensure the integrity of the IDS, EAACK requires all acknowledgment packets to be digitally signed before they are sent out and verified until they are accepted. However, we fully understand the extra resources that are required with the introduction of digital signature in MANETs. To address this concern, we implemented both DSA [33] and RSA [23] digital signature schemes in our proposed approach. The goal is to find the most optimal solution for using digital signature in MANETs.
CONCLUSION
The experimental result of this paper is to identify the malicious attackers involved in the network. Due to the nodes’ lack of physical protection, malicious attackers can easily capture and compromise nodes to achieve attacks. In particular, considering the fact that most routing protocols in MANETs assume that every node in the network behaves cooperatively with other nodes and presumably not malicious, attackers can easily compromise MANETs by inserting malicious or non cooperative nodes into the network. Furthermore, because of MANET’s distributed architecture
and changing topology, a traditional centralized monitoring technique is no longer feasible in MANETs.
In such case, it is crucial to develop an intrusion-detection system (IDS) specially designed for MANETs. To propose and implement a new intrusion-detection system named Enhanced Adaptive Acknowledgment (EAACK) specially designed for MANETs. It demonstrates higher malicious- behavior-detection rates in certain circumstances while does not greatly affect the network performances. it is extremely important to ensure that all acknowledgment packets in EAACK are authentic and untainted. Otherwise, if the attackers are smart enough to forge acknowledgment packets, all of the three schemes will be vulnerable.
ACKNOWLEDGMENT
We would like to give special thanks to the authors who helped us to finish the project in an efficient manner.
References
-
K. Al Agha, M.-H. Bertin, T. Dang, A. Guitton, P. Minet, T. Val, and J.-B. Viollet, “Which wireless technology for industrial wireless sensor networks? The development of OCARI technol,” IEEE Trans. Ind. Electron., vol. 56, no. 10, pp. 4266–4278, Oct. 2009.
-
R. Akbani, T. Korkmaz, and G. V. S. Raju, “Mobile Ad hoc Network Security,” in Lecture Notes in Electrical Engineering, vol. 127. New York: Springer-Verlag, 2012, pp. 659–666.
-
R. H. Akbani, S. Patel, and D. C. Jinwala, “DoS attacks in mobile ad hoc networks: A survey,” in Proc. 2nd Int. Meeting ACCT, Rohtak, Haryana, India, 2012, pp. 535–541.
-
T. Anantvalee and J. Wu, “A Survey on Intrusion Detection in Mobile Ad hoc Networks,” in Wireless/Mobile Security. New York: Springer- Verlag, 2008.
-
L. Buttyan and J. P. Hubaux, Security and Cooperation in Wireless Networks. Cambridge, U.K.: Cambridge Univ. Press, Aug. 2007.
-
D. Dondi, A. Bertacchini, D. Brunelli, L. Larcher, and L. Benini, “Modeling and optimization of a solar energy harvester system for self-powered wireless sensor networks,” IEEE Trans. Ind. Electron., vol. 55, no. 7, pp. 2759–2766, Jul. 2008.
-
V. C. Gungor and G. P. Hancke, “Industrial wireless sensor networks: Challenges, design principles, and technical approach,” IEEE Trans. Ind. Electron., vol. 56, no. 10, pp. 4258–4265, Oct. 2009.
-
Y. Hu, D. Johnson, and A. Perrig, “SEAD: Secure efficient distance vector routing for mobile wireless ad hoc networks,” in Proc. 4th IEEEWorkshop Mobile Comput. Syst. Appl., 2002, pp. 3–13.
-
Y. Hu, A. Perrig, and D. Johnson, “ARIADNE: A secure on-demand routing protocol for ad hoc networks,” in Proc. 8th ACM Int. Conf. MobiCom, Atlanta, GA, 2002, pp. 12–23.
-
D. Johnson and D. Maltz, “Dynamic Source Routing in ad hoc wireless networks,” in Mobile
Computing. Norwell, MA: Kluwer, 1996, ch. 5, pp. 153–181.