Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija, Croatia 資工所碩一 陸家鈞 1/31

outline – Abstract – Introduction – Routing Protocols – Security Attacks On Routing Protocols – Classification Of DOS Attack Detection Scheme – Conclusion 2/31

Abstract The mobile ad-hoc networks (MANET) are multi-hop wireless network. It is dynamically formed amongst groups of mobile users having wireless network. 3/31

Abstract In MANET, nodes are limited resources like bandwidth, battery power and storage space. MANET is vulnerable of different types of DoS attack in which packets are not transfer to the next node. 4/31

Introduction The mobile ad-hoc networks (MANET) It has different characteristics such as lack of centralized administration, distributed cooperation, changing topology and requires no existing infrastructure. Without router or access point wireless clients connect directly together. 5/31

Routing Protocols General categories of routing protocols: Proactive Routing Protocol: Reactive Routing Protocol: Hybrid Routing Protocol: 6/31

1. Proactive (table-driven) Routing Protocol a)Mobile nodes periodically broadcast their routing information to the next node. b)Each node needs to maintain the records of the adjacent and reachable nodes c)Nodes have to evaluate their neighborhood as per the network topology change. 7/31

2. Reactive (On-demand) Routing Protocol If a node wants to send packet to another node then the protocol searches for the route in on demand and establish the connection in order to transmit and receive the packet. 8/31

3. Hybrid Routing Protocol: combines the advantages of proactive routing and reactive routing  gathering unfamiliar routing information  maintain the routing information when network topology changes. 9/31

Security Attacks On Routing Protocols General attack types are threats against network layers that function for the routing mechanism of the mobile ad hoc networks. There are two basic types of attacks in mobile ad hoc networks: Passive attacks Active attacks 10/31

Passive attacks: This type of attack does not disrupt the normal operation of the network. Detection of passive attacks is difficult to identify because the network operation is normal. Passive attacks are eavesdropping, traffic analysis and monitoring. Active attacks: an attacker actively participates and disrupts the normal operation of the network services. It degrades the network performance. Forms of active attacks are jamming, spoofing, modification, replaying and Denial of Service (DoS). 11/31

Attacks on MANET: 1.Denial of Service Attacks 2.Black hole attack 3.Cooperative Black hole attack 4.Gray hole attack 5.Flooding Attack 6.Worm hole Attack 7.Jamming attack 8.DDoS attack 9.Rushing attack 10.JellyFish attack 12/31

1. Denial of Service Attacks: The goal of Denial of Service (DoS) attacks is to prevent availability of networks services from their legitimate users DoS attack has different scenarios. 1.Attack memory, storage, CPU of the service provider  Sends an executable flooding packet 2.Attack energy resources  Sends a bogus packet to a node with the intension 3.Attack bandwidth  Located between multiple communicating nodes and waste the bandwidths and disrupt the connectivity 13/31

2.Black hole attack: The malicious node can attract all packets by pretending shortest route to the destination. It drops all traffic destined for that node when traffic is received by it. The effect of this attack completely degrades the performance of the network 14/31

3. Cooperative Black hole attack: It is a type of black hole attack when multiple black hole nodes are acting in a coordinated manner with each other: e.g.black hole node B1 cooperates with another black hole node B2 in the next hop. 15/31

4. Gray hole attack: Gray hole attack is a variation of black hole attack, where some nodes switch their states from black hole to honest intermittently and vice versa. Detection of gray hole attack is harder because nodes can drop packets partially not only due to its malicious nature but also due to congestion. DS Attacker 16/31

5. Flooding Attack: Attacker selects many IP addresses which are from outside of the networks. Attacker sends Route Request (RREQ) message with such IP address. 17/31

6. Worm hole Attack: Worm hole link attack records the wireless data, forward this data and replays the packet through worm hole link. It will not show the true picture of the network and there is effect on the decisions. 18/31

7. Jamming attack: The objective of jammer is to interfere with legitimate wireless communication and to degrade the overall network performance.  Constant jammer  Deceptive jammer  Radom jammer  Reactive jammer 19/31

8. DDoS attack: DDoS attack consists of two phases  Deployment phase: an attacker installs a tool in the vulnerable nodes.  Attack phase: an attacker coordinates a attack against a victim by flooding the unwanted data 20/31

9. Rushing attack: The attack consists, for the adversary, in quickly forwarding its Route Request messages when a route discovery is initiated. If the Route Requests that first reach the target’s neighbors are those of the attacker, then any discovered route includes the attacker. S D Attacker 21/31

10. JellyFish attack: JellyFish attack is following the routing and forwarding protocol specification. This is passive type of attack which is difficult to detect. It is responsive to the network conditions like delay and packet drop rate. DS Attacker 22/31

10. JellyFish attack: Behavior of JellyFish attacks are JellyFish Recorder Attack:  reorder packets JellyFish Periodic Dropping Attack:  drop all packets JellyFish Delay Variance Attack:  randomly delays packets 23/31

Classification Of DOS Attack Detection Scheme 24/31

Black hole attack Solution / Security Mechanism 25/31

Cooperative Black hole attack Solution / Security Mechanism 26/31

Gray hole attack Flooding attack Solution / Security Mechanism 27/31

Jamming attack Solution / Security Mechanism Worm hole attack Solution / Security Mechanism 28/31

Distributed Dos attack Solution / Security Mechanism JellyFish attack Solution / Security Mechanism Rushing attack Solution / Security Mechanism 29/31

Contribution&Improvement Contribution – Explain the routing protocols on MANET – Explain attacks on MANET – List the solutions and reference resources of attacks. Improvement – More graphical example – Detail about solution 30/31

Conclusion This type of attack may lead to degrade the performance of the network. There is need to develop efficient security mechanism and secure routing protocols for avoiding different types of attacks. And we must encrypt the data what we sent over the network to reduce the chance of packet eavesdropping 31/31