Download presentation
Presentation is loading. Please wait.
Published byErick Stevenson Modified over 8 years ago
1
SWAN simulation A Simulation Study of Denial of Service Attacks on Wireless Ad-Hoc Networks Samuel C. Nelson, Class of 2006, Dept. of Computer Science, Bucknell University Faculty Mentor: Prof. L. Felipe Perrone, Dept. of Computer Science, Bucknell University Supported by the Accenture Discovery Undergraduate Research Fund Physical Process Terrain Model OS Model (DaSSF Runtime Kernel) Protocol Graph Host model time memory run thread RF Channel Model read terrain features read terrain features Architecture of the Simulator for Wireless Ad-Hoc Networks (SWAN) Networked nodes run on battery power. Network nodes communicate with radio devices (e.g. Wi-Fi, Bluetooth). Nodes can move around freely. Networks form spontaneously through neighbor discovery and automatic routing: no human intervention. No need for any infrastructure. Wireless Ad-Hoc Networks Graph-Theoretic Metrics Attack Scenario: JammingMetric Recording Infrastructure Fixed-Range vs. Variable-Range Networks Metric Data File Recorder Player We gave the SWAN user the capability to define at configuration time what metrics need to be recorded. Each metric can be periodically sampled (at its own interval) and recorded to a file on disk by a Recorder module. After the simulation is completed, an external Player program uses the recorded data to display it according to a chosen format. Player and Recorder use the Type File to determine the formatting of records in the Data File. Physical layout (with signal ranges) of the wireless nodes. Graph representation of the physical layout. Overlapping regions indicate a connection (or an edge in the graph). model [ arena [ mobility [ # nodes are stationary model "mobility.stationary" deployment "random" # uniform distribution xdim 1500 # width of virtual space ydim 1500 # length of virtual space ] network [ netid 1 # wireless network 1 model "network.fixed-range" cutoff 350 # signal cutoff distance ] propagation [ model "propagation.friis-free-space" carrier_frequency 2.4e9 system_loss 1.0 temperature 290 noise_figure 10.0 ambient_noise_factor 0 ] # network node: configuration example host [ id 1 graph [ session [ Connectivity metrics measure how “well-connected” a graph is at a given time. This knowledge is critical to security studies in order to measure the damage done by different attacks. Connectivity Index Connectivity Efficiency Randic’s Connectivity Index Description name "app" use "tstapp.sess-app-session" packet_size 512 iat 1.0 show_report true peer [ netid 1 hostid 2 iface 0 ] ] session [ name "aodv“ use "routing.aodv_sim.swan-aodv-session" netid 1 show_report true # show report at the end ] session [ name "net" use "net.ip-session"] session [ name "arp“ use "net.arp-session" show_report true ] interface [ id 0 # identification of network interface card netid 1 # identification of wireless network session [ name "mac" use "mac.mac-802-11-session" show_report true ] session [ name "phy" use "phy.phy-802-11-session" bandwidth 11e6 accumulative_noise true interference_threshold -111.0 ] ] ] ] ] Example Configuration File (DML) Wireless networks following 802.11 standards transmit on the 2.4Ghz band. When other destructive transmissions are present on the same band, all communications are jumbled and fail to be recognized. A malicious node can constantly emit signals and effectively “jam” an area. SWAN can simulate this type of attack, allowing us to obtain useful damage reports. Normal area and its connectivity graph. Jammed area and its connectivity graph. The lack of infrastructure and automatic configuration allow these networks to be easily deployed. They can be helpful in remote sensing, where nodes obtain and forward to monitoring points information from their environment, such as the presence of a chemical contaminant, video, or audio. Originally, SWAN only modeled fixed-range networks, that is, networks in which all nodes transmit with the same signal strength and thus all cover the same area. Although this model is adequate for many simulation studies, we introduced a more flexible model: variable-range network, in which each node can individually choose the strength of its transmissions and adjust it at any point in time. This feature enables us to experiment with attack models in which the jammer(s) can change their coverage periodically and interfere more strongly with packet routing algorithms. Fixed ranged network.Variable ranged network. Fixed ranged network with jammers of different ranges. The Next Step: Running and Analyzing Attacks With the infrastructure for security studies built, the next part of our research study will be to design different attack scenarios, simulate them, and analyze the results using the connectivity metrics implemented. Data representation will resemble the sample graph below: Time Attack This research study primarily concentrates on denial of service (DoS) attacks in which the goal of the attack is to disrupt accessibility to the network. Attack models we’ll study include: Jamming: The communication band is flooded with garbage disallowing transmissions. Reboot: Nodes are periodically rebooted, causing confusion in network routing. Range: Transmission power is varied periodically changing the number of neighbors seen by a node. 0.44 0.20 1.004.26 0.44 3.62 Metric Type File metric values Connectivity EPS JPG GIF
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.