“Reducing Packet Loss in MANET”

Dynamic topology and infrastructure less behaviour provide a great facility for adhoc network. Such facility generates easy connection of adhoc network and provides node mobility without loss of connection. In such ability packet dropping is a serious challenge for quality performance of adhoc network. The adhoc network suffered some serious security therats such attacks are black hole attack, malicious attack and worm hole attack that attack occurred a packet dropping problem in adhoc network. For the minimization of attack and packet dropping various authors built various method such method is node authentication, passive feedback scheme, ack-based scheme,reputation based scheme and incentive based scheme, ack-based scheme suffered a problem of massive overhead due to extra acknowledgment  packet and it also suffered decision ambiguity if the requested node refuse to send back Acknowledgment. In this dissertation we uses modified ack-based scheme using secure channel for overcoming the problem of decision ambiguity for requested node, improved node authentication and minimize packet dropping in adhoc network. Keywords- mobile ad-hoc network, routing misbehaviour, AODV routing protocol, ACK based approach, network security

Migrating Packet Dropping in Mobile Ad-hoc Network Based on Modified ACK-Based Scheme

Dynamic topology and infrastructure less behavior provide a great facility for adhoc network. Such facility generates easy connection of adhoc network and provides node mobility without loss of connection. In such ability packet dropping is a serious challenge for quality performance of adhoc network. The adhoc network suffered some serious security threats such attacks are black hole attack, malicious attack and worm hole attack that attack occurred a packet dropping problem in adhoc network. For the minimization of attack and packet dropping various authors built various method such method is node authentication, passive feedback scheme, ack-based scheme, reputation based scheme and incentive based scheme, ack-based scheme suffered a problem of massive overhead due to extra acknowledgment  packet and it also suffered decision ambiguity if the requested node refuse to send back Acknowledgment. In this dissertation we uses modified ack-based scheme using secure channel for overcoming the problem of decision ambiguity for requested node, improved node authentication and minimize packet dropping in adhoc network. Keywords mobile ad-hoc network, routing misbehaviour, AODV routing protocol, ACK based approach, network security

Intrusion Detection in Mobile Ad Hoc Networks Using Classification Algorithms

In this paper we present the design and evaluation of intrusion detection models for MANETs using supervised classification algorithms. Specifically, we evaluate the performance of the MultiLayer Perceptron (MLP), the Linear classifier, the Gaussian Mixture Model (GMM), the Naive Bayes classifier and the Support Vector Machine (SVM). The performance of the classification algorithms is evaluated under different traffic conditions and mobility patterns for the Black Hole, Forging, Packet Dropping, and Flooding attacks. The results indicate that Support Vector Machines exhibit high accuracy for almost all simulated attacks and that Packet Dropping is the hardest attack to detect.Comment: 12 pages, 7 figures, presented at MedHocNet 200

Scattered Dropping Attack on TCP-Based Mobile Ad-Hoc Networks

Scattered Dropping Attack (SDA) is a simple yet very powerful denial of service (DoS) attack that is effective on both TCP and UDP based MANETs. The simulation results clearly show the impact of proposed attack on the network throughput, bandwidth wastage and received data quality. It has also been observed that even though the TCP congestion control is adaptable to the packet losses but in case of the dropping attack it is fully unable to detect whether the packet drop is the result of the attacker misbehaving or it is due to the congestion or other wireless environmental problem

Control over adversarial packet-dropping communication networks revisited

We revisit a one-step control problem over an adversarial packet-dropping link. The link is modeled as a set of binary channels controlled by a strategic jammer whose intention is to wage a `denial of service' attack on the plant by choosing a most damaging channel-switching strategy. The paper introduces a class of zero-sum games between the jammer and controller as a scenario for such attack, and derives necessary and sufficient conditions for these games to have a nontrivial saddle-point equilibrium. At this equilibrium, the jammer's optimal policy is to randomize in a region of the plant's state space, thus requiring the controller to undertake a nontrivial response which is different from what one would expect in a standard stochastic control problem over a packet dropping channel.Comment: This paper has been accepted for presentation at the 2014 American Control Conference, Portland, Orego

Identifying packet droppers in sensor networks via report analysis

In an unattended sensor network, sensor nodes can be compromised. Based on compromised nodes, the adversary can launch various attacks and packet dropping is one of the easiest attacks. Many schemes have been proposed to mitigate the packet dropping attack, but few can effectively and efficiently identify the droppers. In this thesis, we propose a simple yet effective scheme to identify packet droppers. This scheme only requires sending and forwarding nodes to report their observations to the base station, and the base station can analyze the reports, identify inconsistencies in the reports, and then locate the droppers. All nodes are organized into a tree rooted at the base station and each node is required to report the number of packets it has received as well as the number and the composition of packets forwarded by its parent node on the tree, which it has overheard. Using rules we propose, the base station can analyze the received reports to check if there is inconsistency among the reports; if some inconsistencies are found, the base station can further infer the identities of packet droppers. The scheme can also tolerate erroneous reports, natural packet dropping and so on. A mark-based scheme is also proposed to identify packet dropper or modifier. Extensive simulations have been conducted to demonstrate the effectiveness of the scheme

A Novel IDS Security Scheme for Multicast Communication in DTN

This DTN routing should naturally support unicast and multicast routing strategies. A network node can register itself to any receiver group by setting the corresponding destination. In this research we proposed a new security algorithm with multi cast routing against malicious packet dropping attack in DTN. The proposed security method of finding attacker is based on the link detection method for data forwarding in between sender to receiver. The packet dropping on link through node is detected and prevented by IDS security system. This method not only identified the black hole and grey hole but also prevent from routing misbehavior of malicious nodes. The attacker is identified by data dropping of packets in excessive quantity and their prevention is possible by selecting the next possible route where attacker does not exist in connected link between senders to receivers. The intermediate nodes are identified the attacker through confirm positive reply of malicious node or nodes in dynamic network. The proposed secure IDS (Intrusion Detection and prevention) is securing the DTN and improves the network performance after blocking black hole and grey hole in network. The network performance in presence of attack and secure IDS is measures through performance metrics like throughput, routing packets flooding and proposed secures routing is improves data receiving and minimizes dropping data network

A new sinkhole attack detection algorithm for RPL in wireless sensor networks (WSN)

With the continuous improvement of science and technology, wireless sensor network technology has gradually been widely used, and provides great convenience for people's living, but with the continuous improvement of the degree of application, wireless sensor network security issues also enter people's field of vision. Sensor nodes can be used for continuous sensing, event recognition and event identification. 6LoWPAN plays an important role in this convergence of heterogeneous technologies, which allows sensors to transmit information using IPv6 stack. Sensors perform critical tasks and become targets of attacks. Sinkhole attack is one of the most common attacks to sensor networks, threatening the network availability by dropping data or disturbing routing paths. RPL is a standard routing protocol commonly used in sensor networks. Therefore, this research presents the works in designing and developing Secured-RPL using the eave-listening concept (overhearing) to treating sinkhole attack. The suggested mechanism method could determine transmitted packages then overhear to the received packet, meaning that the node can overhearing to the neighbor node. Furthermore, three different simulation scenarios were applied, which are the scenario without attacker nodes, scenario with attacker nodes and the scenario with attacker and security by using Cooja simulator to Measurement and analysis performance of RPL in terms of packet delivery ratio (PDR) and power consumption over different packet transmission rate. The experimental results show that the proposed recognition method can identify sinkholes attack effectively and with less storage cost under various wireless sensor networks. Where the optimization ratio of the PDR in scenario with attacker node with the security was close to the scenario with a normal node

Realtime In-Network Cyberattack Detection in Power Grid Systems using a Programmable Network

Power grid communication networks are important systems to detect intrusions from an attacker due to them being necessary to maintain critical infrastructure. This thesis applies recent advancements in P4 technology to detect cyberattacks in SCADA systems. In previous work, a list has been compiled of potential attacks that exploit one of the most common protocols in SCADA systems, DNP3. Solutions for detecting these attacks can be categorized by the broad methods that they use. The two methods that are focused on are single-packet inspection and multiple-packet inspection. For each of these, a specific attack is chosen and a detection algorithm is developed. These attacks are the length overflow attack and the outstation write attack. The detection algorithm for these attacks can act as an example of the methods that they were chosen for. For one of these attacks, the outstation write attack, the effectiveness of the algorithm is evaluated. This is done in a simulated network using a network simulation tool called Mininet, and a virtual attack scenario is created. When the detection algorithm detects a malicious packet, it is simply dropped. This algorithm is compared to a simple forwarding program to determine its effectiveness in preventing the attacker’s desired effect on the network. The results show that the attack is effective at dropping malicious traffic in the network, making the attack unsuccessful