DETECTION OF WORMHOLE ATTACK IN MANET GUIDED BY MR.N.SHIVA KUMAR PRESENTED BY T.ANANDA SELVI (08C07) C.BINDU PRASAD(08C19)
INTRODUCTION
PROTOCOL MOBILE ADHOC NETWORK ATTACKS FLOODING ATTACK BLACK HOLE ATTACK WORMHOLE ATTACK LINK SPOOFING ATTACK COLLUDING MISRELAY ATTACK RESOURCE CONSUMPTION ATTACK BYZANTINE ATTACK ROUTE TABLE POISONING
WORMHOLE ATTACK Wormhole refers to an attack on MANET routing protocols in which colluding nodes create an illusion that two remote regions of a MANET are directly connected through nodes that appear to be neighbors but are actually distant from one another.
PROBLEM DESCRIPTION Our objective is to detect the wormhole nodes in the networks and prevent the wormhole effect in the network by using ids and compare the performances with and without wormhole attack using X graph. MODULES OF PROJECT: Creation of nodes and transmission of packets through AODV protocol. Cloning of AODV protocol to inject the wormhole behavior. Cloning of AODV protocol to prevent wormhole attack. Calculation of performance metrics for AODV, wormhole AODV and ids AODV. Comparing the performance metrics for AODV, wormhole AODV and ids AODV
BLOCK DIAGRAM OF THE PROPOSED SOLUTION
MODULE 1:IMPLEMENTATION CREATION OF NODES AND TRANSMISSION OF PACKETS THROUGH AODV PROTOCOL The channel type, propagation model, routing protocol is set create the nodes and attach it to the channel. The routing protocol used is AODV . creation of 50 nodes is done in manet ( Initial node position, cbr rate and the start of simulation is set)
SIMULATIONRESULTS OF MODULE 1:CREATION OF 50 NODES
FIGURE SHOWING 50 NODES AFTER ATTAINING MOBILITY
MODULE 2: Cloning of AODV protocol to inject the wormhole behavior To inject the wormhole behaviour Add the drop function in receive function of wormholeaodv.cc. The AODV protocol is cloned and named as wormholeAODV . By doing this, these two protocols will send the same AODV packets. To integrate the wormholeAODV protocol to NS2, two common files has to be modified. The first file to be modified is ns-lib.tcl. Here the protocol agent for wormholeAODV protocol is added. The next file is ns-agent.tcl. In this the source port and the destination port is set for the cloned protocol.
SCREEN SHOT SHOWING THE PACKET LOSS IS AT 373 WHEN AODV PROTOCOL IS USED (WITHOUT WORMHOLE)
SCREEN SHOT SHOWING THE PACKET RECEIVED IS AT 296 WHEN AODV PROTOCOL IS USED (WITHOUT WORMHOLE)
SCREEN SHOT SHOWING THE WORMHOLE NODE BEING INDUCED INTO ATTACK AND THE PACKETS BEING DROPPED FROM IT
SCREEN SHOT SHOWING THE PACKET LOSS IS AT 1736 AFTER WORMHOLE BEHAVIOUR IS INDUCED
SCREEN SHOT SHOWING THE PACKET RECEIVED IS AT 177 AFTER WORMHOLE BEHAVIOUR IS INDUCED
MODULE 3-CLONING OF AODV PROTOCOL TO PREVENT WORMHOLE ATTACK. To prevent the wormhole attack, Modify AODV protocol to IDSAODV by changing the receive RREP function and by creating RREP caching mechanism. In RREP mechanism the following functions are added, RREP_Insertfunction - adding RREP messages. RREP_lookup function- For looking any RREP message up if it is exit. RREP_Remove function - For removing any record for RREP message that arrived from defined node and RREP_Purge function – To delete periodically from the list if it has expired.
SCREEN SHOT SHOWING THE PACKET LOSS IS GREATLY REDUCED TO 200 AFTER IDS FUNCTION IS ADDED
SCREEN SHOT SHOWING THE PACKET RECEIVED IS GREATLY INCREASED TO ABOVE300 AFTER IDS FUNCTION IS ADDED
MODULE 4 Calculation of performance metrics for AODV, wormhole AODV ids AODV In module 4 we have calculated the performance metrics like packet loss ratio, packet delivery ratio and throughput using awk (scripting language in FOSS) script. Packets dropped is some of the packets generated by the source will get dropped in the network Packet delivery ratio: packets delivered to the destination packet generated by the cbr sources. Throughput = The number of packets delivered to the receiver provides the throughput of the network.
MODULE 5 Comparing performance metrics for AODV, wormhole AODV, ids AODV In this module we compared the performance metrics with and without wormhole attack and also for ids aodv .The results are Packet loss: wormholeaodv > aodv (prevented by idsaodv) Packet delivery ratio : ids aodv > wormhole aodv. Throughput: ids aodv > wormhole aodv. We compare these three metrics and simulate it in xgraph.
X-graph comparison for packet loss
X-graph comparison for packet received
X-graph comparison for throughput
conclusion The following results are observed from the project done The performance of network with and without wormhole attack are simulated Packet loss is in greater numbers when the network is under wormhole attack To prevent its effect ids AODV is added and the performance has increased significantly All the results have successfully simulated in ns2 and compared in X graph
References Shalini Jain and Dr. Satbir Jain, “Detection and prevention of wormhole attack in Mobile adhoc networks”,International Journal of computer Theory engineering , vol.2, No.1 February, 2010 Majid Khabbazian, et-al,"Severity Analysis and Countermeasure for the Wormhole Attack in Wireless Ad Hoc Networks", IEEE transactions on wireless communications, vol. 8, no. 2, 2009 Khin Sandar Win, "Analysis of Detecting Wormhole Attack in Wireless etworks", Proceedings of world academy of science, engineering and technology. vol 36, SSN 2070-3740, Dec 2008. L. Qian, N. Song, and X. Li, “Detecting and Locating Wormhole Attacks in Wireless Ad Hoc Networks through Statistical Analysis of Multi-path,” In Proc. IEEE Wireless Communications & Netwoking Conference (IEEE WCNC), New Orleans, USA, Mar. 2005. L. Lazos, R. Poovendan, C. Meadows, P. Syverson, and L.W. Chang, “Preventing Wormhole Attacks on Wireless Ad Hoc Networks: A Graph Theoretic Approach,” In Proc. IEEE Wireless Communications & Netwoking Conference (IEEE WCNC), New Orleans, USA, Mar. 2005.