A secure method to detect wormhole attack in mobile adhoc network

According to recent advances in wireless telecommunications, the performance and use of wireless technologies has increased extremely. In this study concerned on the Mobile Ad-hoc Network (MANET) is a collection of self-configuring mobile node without any infrastructure. There are different security flaws and attacks on the routing protocols in the MANET. One of the critical threats is the wormhole attacks, which have attracted a great deal of attention over the years. The wormhole attack can affect the performance of different routing protocols. During this attack, a malicious node captures packets from one location in the network, and “tunnels” them to another malicious node at a distant point, which replays them locally. This study presents a review of the most important solutions for counteracting wormhole attacks, as well as presents proposed method on DSR routing protocol for detecting them. The performance of the proposed method was examined through ns-2 simulations. Hence, the results show that proposed method can detect this serious attack in a Mobile Adhoc Network

A Comparison of AODV Routing Protocols to Prevent Black Hole Attack in Manet

Mobile ad hoc network (MANET) is a continuously self-configuring, infrastructure-less network of mobile devices connected wirelessly.Due to limited power supply, physical infrastructure and absence of central base station, malicious nodes can easily disguise themselves among the legitimate nodes. So MANET is vulnerable to many security threats, among which one is the blackhole attack. In this attack, the malicious node misuses the protocols to advertise the shortest path to destination node and drops the data packets subsequently. It deterioates the performance of the network, which is based on many factors including Packet Delivery Ratio and End-to-End Delay. Many effective techniques for detecting the blackhole attack have been devised. Among them are the solutions based on Ad-hoc On demand Distance Vector (AODV) Routing. In this review paper a comparison is done between three such solutions- CBDAODV, MOSAODV and DPRAODV based on two performance criteria mentioned above

Algorithms based on spider daddy long legs for finding the optimal route in securing mobile ad hoc networks

Mobile ad hoc networks (MANETs) are wireless networks that are subject to severe attacks, such as the black hole attack. One of the goals in the research is to find a method to prevent black hole attacks without decreasing network throughput or increasing routing overhead. The routing mechanism in define uses route requests (RREQs; for discovering routes) and route replies (RREPs; for receiving paths). However, this mechanism is vulnerable to attacks by malicious black hole nodes. The mechanism is developed to find the shortest secure path and to reduce overhead using the information that is available in the routing tables as an input to propose a more complex nature-inspired algorithm. The new method is called the Daddy Long-Legs Algorithm (PGO-DLLA), which modifies the standard AODV and optimizes the routing process. This method avoids dependency exclusively on the hop counts and destination sequence numbers (DSNs) that are exploited by malicious nodes in the standard AODV protocol. The experiment by performance metrics End-to-End delay and packet delivery ratio are compared in order to determine the best effort traffic. The results showed the PGO-DLLA improvement of the shortest and secure routing from black hole attack in MANET. In addition, the results indicate better performance than the related works algorithm with respect to all metrics excluding throughput which AntNet is best in routing when the pause time be more than 40 seconds. PGODLLA is able to improve the route discovery against the black hole attacks in AODV. Experiments in this thesis have shown that PGO-DLLA is able to reduce the normalized routing load, end-to-end delay, and packet loss and has a good throughput and packet delivery ratio when compared with the standard AODV protocol, BAODV protocol, and the current related protocols that enhance the routing security of the AODV protocols

A Novel Cooperative Intrusion Detection System for Mobile Ad Hoc Networks

Mobile ad hoc networks (MANETs) have experienced rapid growth in their use for various military, medical, and commercial scenarios. This is due to their dynamic nature that enables the deployment of such networks, in any target environment, without the need for a pre-existing infrastructure. On the other hand, the unique characteristics of MANETs, such as the lack of central networking points, limited wireless range, and constrained resources, have made the quest for securing such networks a challenging task. A large number of studies have focused on intrusion detection systems (IDSs) as a solid line of defense against various attacks targeting the vulnerable nature of MANETs. Since cooperation between nodes is mandatory to detect complex attacks in real time, various solutions have been proposed to provide cooperative IDSs (CIDSs) in efforts to improve detection efficiency. However, all of these solutions suffer from high rates of false alarms, and they violate the constrained-bandwidth nature of MANETs. To overcome these two problems, this research presented a novel CIDS utilizing the concept of social communities and the Dempster-Shafer theory (DST) of evidence. The concept of social communities was intended to establish reliable cooperative detection reporting while consuming minimal bandwidth. On the other hand, DST targeted decreasing false accusations through honoring partial/lack of evidence obtained solely from reliable sources. Experimental evaluation of the proposed CIDS resulted in consistently high detection rates, low false alarms rates, and low bandwidth consumption. The results of this research demonstrated the viability of applying the social communities concept combined with DST in achieving high detection accuracy and minimized bandwidth consumption throughout the detection process

Efficiency and Accuracy Enhancement of Intrusion Detection System Using Feature Selection and Cross-layer Mechanism

The dramatic increase in the number of connected devices and the significant growth of the network traffic data have led to many security vulnerabilities and cyber-attacks. Hence, developing new methods to secure the network infrastructure and protect data from malicious and unauthorized access becomes a vital aspect of communication network design. Intrusion Detection Systems (IDSs), as common widely used security techniques, are critical to detect network attacks and unauthorized network access and thus minimize further cyber-attack damages. However, there are a number of weaknesses that need to be addressed to make reliable IDS for real-world applications. One of the fundamental challenges is the large number of redundant and non-relevant data. Feature selection emerges as a necessary step in efficient IDS design to overcome high dimensionality problem and enhance the performance of IDS through the reduction of its complexity and the acceleration of the detection process. Moreover, detection algorithm has significant impact on the performance of IDS. Machine learning techniques are widely used in such systems which is studied in details in this dissertation. One of the most destructive activities in wireless networks such as MANET is packet dropping. The existence of the intrusive attackers in the network is not the only cause of packet loss. In fact, packet drop can occur because of faulty network. Hence, in order detect the packet dropping caused by a malicious activity of an attacker, information from various layers of the protocol is needed to detect malicious packet loss effectively. To this end, a novel cross-layer design for malicious packet loss detection in MANET is proposed using features from physical layer, network layer and MAC layer to make a better detection decision. Trust-based mechanism is adopted in this design and a packet loss free routing algorithm is presented accordingly

Traffic engineering multi-layer optimization for wireless mesh network transmission a campus network routing protocol transmission performance inhancement

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel UniversityThe wireless mesh network is a potential network for the future due to its excellent inherent characteristic for dynamic self-healing, self-configuration and self-organization. It also has the advantage of easy interoperability networking and the ability to form multi-linked ad-hoc networks. It has a decentralized topology, is cheap and highly scalable. Furthermore, its ease in deployment and easy maintenance are other inherent networking qualities. These aforementioned qualities of the wireless mesh network bring advantages to transmission capability of heterogeneous networks. However, transmissions in wireless mesh network create comparative performance based challenges such as congestion, load-balancing, scalability over increasing networks and coverage capacity. Consequently, these challenges and problems in the routing and switching of packets in the wireless mesh network routing protocols led to a proposal on the resolution of these failures with a combination algorithm and a management based security for the network and its transmitted packets. There are equally contentious services like reliability of the network and quality of service for real-time multimedia traffic flows with other challenges such as path computation and selection in the wireless mesh network. This thesis is therefore a cumulative proposal to the resolution of the outlined challenges and open research areas posed by using wireless mesh network routing protocol. It advances the resolution of these challenges in the mesh environment using a hybrid optimization – traffic engineering, to increase the effectiveness and the reliability of the network. It also proffers a cumulative resolution of the diverse contributions on wireless mesh network routing protocol and transmission. Adaptation and optimization are carried out on the wireless mesh network designed network using traffic engineering mechanism and technique. The research examines the patterns of mesh packet transmission and evaluates the challenges and failures in the mesh network packet transmission. It develops a solution based algorithm for resolutions and proposes the traffic engineering based solution.. These resultant performances and analysis are usually tested and compared over wireless mesh IEEE802.11n or other older proposed documented solution. This thesis used a carefully designed campus mesh network to show a comparative evaluation of an optimal performance of the mesh nodes and routers over a normal IEE802.11n based wireless domain network to show differentiation by optimization using the created algorithms. Furthermore, the indexes of performance being the metric are used to measure the utility and the reliability, including capacity and throughput at the destination during traffic engineered transmission. In addition, the security of these transmitted data and packets are optimized under a traffic engineered technique. Finally, this thesis offers an understanding to the security contribution using traffic engineering resolution to create a management algorithm for processing and computation of the wireless mesh networks security needs. The results of this thesis confirmed, completed and extended the existing predictions with real measurement

Security Improvements for Connected Vehicles Position-Based Routing

The constant growing on the number of vehicles is increasing the complexity of traffic in urban and highway environments. It is paramount to improve traffic management to guarantee better road usage and people’s safety. Through efficient communications, Vehicular Ad hoc Networks (VANETs) can provide enough information for traffic safety initiatives, daily traffic data processing, and entertainment information. However, VANETs are vulnerable to malicious nodes applying different types of net-work attacks, where an attacker can, for instance, forge its position to receive the data packet and drop the message. This can lead vehicles and authorities to make incorrect assumptions and decisions, which can result in dangerous situations. Therefore, any data dissemination protocol designed for VANET should consider security issues when selecting the next-hop forwarding node. In this paper, we propose a security scheme designed for position-based routing algorithms, which analyzes nodes position, transmission range, and hello packet interval. The scheme deals with malicious nodes performing network attacks, faking their positions forcing packets to be dropped. We used the Simulation of Urban MObility (SUMO) and Network Simulator-version 3 (NS-3) to compare our proposed scheme integrated with two well-known position-based algorithms. The results were collected in an urban Manhattan grid environment varying the number of nodes, the number of malicious nodes, as well as the number of source-destination pairs. The results show that the proposed security scheme can successfully improve the packet delivery ratio while maintaining low average end-to-end delay of the algorithms.