Académique Documents
Professionnel Documents
Culture Documents
Submitted by
NAGARANI.M (950712104058)
SUMAYA FATHIMA.M (950712104095)
BACHELOR OF ENGINEERING
in
COMPUTER SCIENCE AND ENGINEERING
WIRELESS
AD
HOC
ARCHITECTURE is
NETWORKS
the
bonafide
BY
work
PUBLIC
of
AUDITING
NAGARANI.M
SIGNATURE
SIGNATURE
SUPERVISOR
Professor
Professor
Department of CSE
Department of CSE
INTERNAL EXAMINER
EXTERNAL EXAMINER
ACKNOWLEDGEMENT
First and foremost we praise and thank The Almighty, the Lord of all
creations, who by His abundant grace has sustained and helped us to complete this
project successfully.
We really find unique and immense pleasure in thanking our respected
Chairman of our college Dr. S.Cletus Babu. A deep bouquet of thanks to respected
Principal Dr. V.Ilangovan B.E., M. Tech., Ph.D., F.I.E., for having provided the
facilities required for pursuing my project. We sincerely thank
Dr. D.C.Joy
Winnie Wise M.E., Ph.D., Professor and Head, Department of Computer Science
and Engineering, Francis Xavier Engineering College and also we thank our
project coordinator Mr. C.Gopala Krishnan M.E., (Ph.D.,) and Mrs. V.Perathu
Selvi M.E., Department of Computer Science and Engineering, who inspired us
and gave us time to make this project to work grand success.
We also thank our guide Professor Dr. D.C.Joy Winnie Wise M.E., Ph.D.,
Department of Computer Science and Engineering, for her valuable guidance
throughout and it is our great privilege to express our gratitude to her. We extend
out hearty thanks and profound gratitude to all the faculty members of Computer
Science and Engineering Department for their kind help during our project work.
Finally, we express our sincere thanks to our parents, who have constantly
encouraged us throughout our course.
ABSTRACT
Link error and malicious packet dropping are two sources for packet
losses in multi-hop wireless ad hoc network. While observing a sequence of packet
losses in the network, determine whether the losses are caused by link errors only,
or by the combined effect of link errors and malicious drop, whereby malicious
nodes are part of the route that exploit their knowledge of the communication
context to selectively drop a small amount of packets critical to the network
performance. To improve the detection accuracy, exploit the correlations between
lost packets. Furthermore, to ensure truthful calculation of these correlations, a
homomorphic linear authenticator (HLA) based public auditing architecture has
been developed that allows the detector to verify the truthfulness of the packet loss
information reported by nodes.
TABLE OF CONTENTS
CHAPTER
NO
TITLE
ABSTRACT
LIST OF FIGURES
LIST OF ABBREVIATIONS
INTRODUCTION
1.1
Dropping of Packets
1.2
Insider attack
1.3
Link error
1.4
Auto-Correlation Function
1.5
1.6
Privacy Preserving
LITERATURE SURVEY
SYSTEM ANALYSIS
3.1
Existing System
3.2
Proposed System
SYSTEM DESIGN
4.1
System Architecture
4.2
System Requirements
4.2.1 Hardware
4.2.2 Software
4.3
System Environment
4.3.1 NS2
PAGE NO
SYSTEM IMPLEMENTATION
5.1
System Maintenance
5.1.1 Corrective Maintenance
5.1.2 Adaptive Maintenance
5.1.3 Perceptive Maintenance
5.1.4 Preventive Maintenance
5.2
System Module
5.2.1 Network Function
5.2.2 Link Error
5.2.3 Malicious Drop
5.2.4 Evaluation
SCREENSHOTS
CONCLUSIONS
APPENDIX
REFERENCES
LIST OF FIGURES
FIG NO
TITLE
Fig.3.1
System Design
Fig.5.1
Creation of Network
Fig.5.2
Fig.5.3
Malicious Drop
Fig.5.4
Analyzing performance
Fig.6.1
Fig.6.2
Fig.6.3
Fig.6.4
Fig.6.5
LIST OF ABBREVIATIONS
PAGE NO
DOS
Denial Of Service
ACF
HLA
LAN
TCP
DSR
FTP
MANET
SAODV
TCL
NAM
Network Animator
CHAPTER 1
INTRODUCTION
1.1 DROPPING OF PACKETS
frequency
hopping
sequences
for
network-wide
frequency-hopping
CHAPTER 2
LITERATURE SURVEY
1. 802.11 Markov channel modeling
larger missions, such as those of tactical sensor networks, require secure data
transmission among wireless devices. Security remains a major challenge for such
networks. Current protocols employ encryption and authentication techniques for
secure message exchange, but given the limitations and innately insecure nature of
ad-hoc networks, such mechanisms may not suffice. A security breach can, for
example,
be
network-level
denial-of-service
(DOS)
attack,
passive
The two sources for packet losses in multi-hop wireless ad hoc networks
are link error and malicious packet dropping. This demonstrates that determining
whether the losses are caused by link errors only, or by the combined effect of link
errors and malicious drop. It is achieved through the implementation of
homomorphic linear authenticator (HLA) based architecture that allows the
detector to verify the truthfulness of the packet loss information reported by nodes.
This architecture is privacy preserving, collusion proof, and incurs low
communication and storage overheads.
Ad hoc networks, which are also called, mesh networks, defined by the
manner in which the network nodes are organized to provide path ways for data to
be routed from the user to and from the desired destination. The term mesh
network accurately describes the structure of the network: All available nodes are
aware of all other nodes within range. The entire collection of nodes is
interconnected in many different ways, just as a physical mesh is made of many
small connections to create a larger fabric. It provides a simple diagram illustrating
these concepts. This is modeled after a wireless hot spot, where an ad hoc
network links users to a router with access to the Internet. In this example, two
users are highlighted, showing two paths through several nodes to the router.
The malicious node pretends to be one of the nodes in the routing path
and cause the attack. Conventional algorithm does not provide the efficient
detection of packet loss so, In order to improve the detection accurately we
propose correlation function and also for the correct calculation of correlation we
implement BLS based Homomorphism Linear Authenticator to check the
information provided by the node are true. The HLA architecture provides privacy
preserving, collusion proof and allows low communication and storage overheads.
An absolute algorithm has been developed for identifying the most significant
packet discard made by the inside intruder. The algorithm provides truthful and
publicly verifiable decision by the auditor. The accurate detection is obtained by
the correlations between the lost packets. HLA is a signature scheme and is based
on algorithm that provides privacy, collusion avoidance and low storage overheads.
The distinguishing between causes for dropped packets considered only collisions
and channel errors and ignored malicious packet drops. On the other hand,
protocols that detect malicious packet dropping ignored collisions and channel
errors. It considers two possibilities for a malicious node. First, it aims to disrupt
network operation by not relaying a packet to the next hop. In this case the node
will acknowledge the packet to the sender.
communication and to protect their anonymity and location privacy. The approach
is based on frequently changing node pseudonyms and cryptographic keys, which
enable users to avoid being identified by the locations they visit, or by the type of
traffic they generate. It can be effectively used for secure and private routing in
hybrid ad hoc networks. The robustness of the proposed solution with respect to
various attacks was studied. Further show that the proposed solution introduces a
very moderate overhead to the network operation.
This approach seems to be promising, as it combines the best of both
worlds: the extended reach and scalability of classical, large-scale wired networks
with the flexibility of ad hoc networks; a network resulting from this combination
is called as a hybrid ad hoc network. A possible in-carnation of such a network is
a multi-hop Wi-Fi network. In this case; the network operator would typically be a
Wireless Internet Service Provider. Other examples of hybrid ad hoc networks
include multi-hop cellular networks. In order to gain acceptance from the users,
hybrid ad hoc networks must provide an appropriate level of security. In-deed in
general, a user trusts his network operator, but he does not trust the other users; he
may also distrust the operators of the networks in which he roams. This approach
addresses both routing security and privacy preservation; the two mechanisms can
be embedded in the same protocols.
10. Detection of Malicious Packet Dropping in Wireless Ad Hoc Networks
Based on Privacy-Preserving Public.
Bhagyashree.S (2015)
In a multi-hop wireless ad hoc network, packet losses are attributed to
harsh channel conditions and intentional packet discard by malicious nodes, while
observing a sequence of packet losses the interest is in determining whether losses
are due to link errors only, or due to the combined effect of link errors and
malicious drop. The packet dropping rate in this case is comparable to the channel
error rate; conventional algorithms that are based on detecting the packet loss rate
cannot achieve satisfactory detection accuracy.
To improve the detection accuracy, to exploit the correlations between
lost packets ensure truthful calculation of these correlations, the proposed
mechanism achieves significantly better detection accuracy than conventional
methods such as a maximum-likelihood based detection. In a multi-hop wireless
network, nodes cooperate in relaying/routing traffic. An adversary can exploit this
cooperative nature to launch denial-of-service (DOS) attacks.
CHAPTER 3
SYSTEM ANALYSIS
3.1 EXISTING SYSTEM
The malicious node may understate its packet-loss bitmap, i.e., some
packets may have been dropped by the node but the node reports that these packets
have been forwarded. Therefore, some auditing mechanism is needed to verify the
truthfulness of the reported information. Considering that a typical wireless device
the packet-loss bitmapa bitmap describing the lost/received status of each packet
in a sequence of consecutive packet transmissions. The basic idea behind this
method is that even though malicious dropping may result in a packet loss rate that
is comparable to normal channel losses, the stochastic processes that characterize
the two phenomena exhibit different correlation structures (equivalently, different
patterns of packet losses). Therefore, by detecting the correlations between lost
packets, one can decide whether the packet loss is purely due to regular link errors,
or is a combined effect of link error and malicious drop. The algorithm takes into
account the cross-statistics between lost packets to make a more informative
decision, and thus is in sharp contrast to the conventional methods that rely only on
the distribution of the number of lost packets.
The main challenge in the mechanism lies in how to guarantee that
the packet-loss bitmaps reported by individual nodes along the route are truthful,
i.e., reflects the actual status of each packet transmission. Such truthfulness is
essential for correct calculation of the correlation between lost packets. This
challenge is not trivial, because it is natural for an attacker to report false
information to the detection algorithm to avoid being detected.
Advantages
The solution to the problem is constructed based on the homomorphic
linear authenticator (HLA) cryptographic primitive, which is basically
a signature scheme widely used in cloud computing and storage server
systems to provide a proof of storage from the server to entrusting
clients.
To reduce the computation overhead of the baseline scheme, a packetblock-based mechanism is also proposed, which allows one to trade
detection accuracy for lower computation complexity.
CHAPTER 4
SYSTEM DESIGN
4.1 SYSTEM ARCHITECTURE
Network Formation
Link Error
Performance Evaluation
Result
4.2.1 SOFTWARE:
Operating System - Linux(VMware)
Simulator
- NS 2
Language
- TCL/TK
Node Creation
Graph
- GNUPLOT
4.2.2 HARDWARE:
Processor Type
- core i3
Processor Speed
- 2.4 GHz
RAM
- 2 GB
(also called the interpreted hierarchy). The two hierarchies are closely related to
each other; from the users perspective, there is a one-to-one correspondence
between classes in the interpreted.
NS2 uses two languages because simulator has two different kinds of
things it needs to do. On one hand, detailed simulations of protocols require a
systems programming language which can efficiently manipulate bytes, packet
headers, and implement algorithms that run over large data sets. For these tasks
run-time speed is important and turn-around time (run simulation, find bug, fix
bug, recompile, re-run) is less important.
On the other hand, a large part of network research involves slightly
varying parameters or configurations, or quickly exploring a number of scenarios.
In these cases, iteration time (change the model and re-run) is more important.
Since configuration runs once (at the beginning of the simulation), run-time of this
part of the task is less important. NS meets both of these needs with two languages,
C++ and OTCL. C++ is fast to run but slower to change, making it suitable for
detailed protocol implementation. OTCL runs much slower but can be changed
very quickly (and interactively), making it ideal for simulation configuration. NS
(via TCL) provides glue to make objects and variables appear on both languages.
NS (from network simulator) is a name for series of discrete event
network simulators, specifically NS-1, NS-2 and NS-3. All of them are discreteevent network simulator, primarily used in research and teaching. NS-3 is free
software, publicly available under the GNU GPLv2 license for research,
development, and use. NS (version 2) is an object-oriented, discrete event driven
network simulator developed at UC Barkley written in C++ and OTCL. NS is
primarily useful for simulating local and wide area networks. Although NS is fairly
easy to use once you get to know the simulator, it is quite difficult for a first time
user, because there are few user-friendly manuals. Even though there is a lot of
documentation written by the developers which has in depth explanation of the
simulator, it is written with the depth of a skilled NS user. The purpose of this
project is to give a new user some basic idea of how the simulator works, how to
setup simulation networks, where to look for further information about network
components in simulator codes, how to create new network components, etc.,
mainly by giving simple examples and brief explanations based on our
experiences. Although all the usage of the simulator or possible network simulation
setups may not be covered in this project, the project should help a new user to get
started quickly.
The goal of the NS-3 project is to create an open simulation
environment for networking research that will be preferred inside the research
community:
It should be aligned with the simulation needs of modern networking
research.
It should encourage community contribution, peer review, and
validation of the software.
Since the process of creation of a network simulator that contains a
sufficient number of high-quality validated, tested and actively maintained models
requires a lot of work, NS-3 project spreads this workload over a large community
of users and developers. The core of NS-2 is also written in C++, but the C++
simulation objects are linked to shadow objects in OTCL and variables can be
linked between both language realms. Simulation scripts are written in the OTCL
language, an extension of the TCL scripting language.
Presently, NS-2 consists of over 300,000 lines of source code, and
there is probably a comparable amount of contributed code that is not integrated
directly into the main distribution (many forks of NS-2 exist, both maintained and
unmaintained). It runs on GNU/Linux, FreeBSD, Solaris, Mac OS X and Windows
95/98/NT/2000/XP. It is licensed for use under version 2 of the GNU General
Public License.
The NS-2 modules included within are nodes, links, Simple Link
objects, packets, agents, and applications. Further, the book covers three helper
modules: timers, random number generators, and error models. Also included are
chapters on summary of debugging, variable and packet tracing, result compilation,
and examples for extending NS2. Two appendices provide the details of scripting
language TCL, OTCL and AWK, as well object oriented programming used
extensively in NS2.
CHAPTER 5
SYSTEM IMPLEMENTATION
Implementation of software refers to the final installation of the
package in its real environment, to the satisfaction of the intended users and the
operation of the system. The people are not sure that the software is meant to
make their job easier.
The active user must be aware of the benefits of using the system
Their confidence in the software built up
Proper guidance is impaired to the user so that he is comfortable in
using the application
Before going ahead and viewing the system, the user must know that
for viewing the result, the server program should be running in the server. If the
server object is not running on the server, the actual processes will not take place.
User Training
To achieve the objectives and benefits expected from the proposed
system it is essential for the people who will be involved to be confident of their
role in the new system. As system becomes more complex, the need for education
and training is more and more important. Education is complementary to training.
It brings life to formal training by explaining the background to the resources for
them. Education involves creating the right atmosphere and motivating user staff.
Education information can make training more interesting and more
understandable.
Operational Documentation
Once the implementation plan is decided, it is essential that the user
of the system is made familiar and comfortable with the environment. A
documentation providing the whole operations of the system is being developed.
Useful tips and guidance is given inside the application itself to the user. The
system is developed user friendly so that the user can work the system from the
tips given in the application itself.
Network formation
Link error
Malicious drop
Evaluation
Network
Creation
Create Node
Send Data
Packets
Use TCP
Link Error
Packet
Creation
Link Error
Packet
Dropped
5.2.4 EVALUATION
The performance was analyzed using the overall-detection, missdetection and false-alarm probability.
The malicious packet dropped also measured for the overalldetection, miss-detection and false-alarm probability.
The graph shown the variation of the output.
CHAPTER 6
SCREEN SHOTS
The packets are sending from client 1 and client 2 to the server
through router. If more number of packets are sending at the same time, they
should wait in the router .
If any of the packet is lost then all the packets will be dropped
based on the link error and also by the malicious drop. If one packet is loss in the
network all the packet is loss because there is a problem in the path. The path for
sending the packet is damaged because of it.
Link error will occur when the distance between the client and
server is longer, there may be a chance for packet loss because of the large
distance and the malicious drop will occur when the packet was hacked by the
hacker, there is a hacker between the client and server that hacker will hack the
data packets due to this hacking there is a loss in data packets .
CHAPTER 7
CONCLUSION
APPENDIX
Drop.tcl
set ns [new Simulator]
set nf [open tcp1.nam w]
$ns namtrace-all $nf
#open the trace file
set nt [open tcp1.tr w]
$ns trace-all $nt
set proto rlm
$ns color 1 blue
$ns color 2 yellow
$ns color 3 red
set Client1 [$ns node]
set Router1 [$ns node]
set Endserver1 [$ns node]
$ns duplex-link $Client1 $Router1 2Mb 100ms DropTail
$ns duplex-link $Router1 $Endserver1 200Kb 100ms DropTail
$ns duplex-link-op $Client1 $Router1 orient right
$ns duplex-link-op $Router1 $Endserver1 orient right
$ns at 0.0 "$Client1 label Client1"
$ns at 0.0 "$Router1 label Router1"
$ns at 0.0 "$Endserver1 label Endserver1"
$Endserver1 shape hexagon
$Router1 shape square
#$ns duplex-link-op $Client1 $Router1 queuePos 0.1
#$ns duplex-link-op $Router1 $Endserver1 queuePos 0.5
proc finish {}
{
global ns nf nt
$ns flush-trace
close $nf
close $nt
puts "running nam..."
exec nam tcp1.nam &
exit 0
}
#Calling finish procedure
$ns at 6.0 "finish"
$ns
Awk script
set ns [new Simulator]
set nt [open test10.tr w]
$ns trace-all $nt
set nf [open test10.nam w]
$ns namtrace-all $nf
set totalNodes 3
for {set i 0} {$i < $totalNodes} {incr i}
set node_($i) [$ns node]
set server 0
set router 1
set client 2
$ns duplex-link $node_($server) $node_($router) 2Mb 50ms DropTail
-macTrace OFF \
-movementTrace ON
for {set i 0} {$i < $val(nn) } { incr i }
set node_($i) [$ns node]
for {set i 0} {$i < $val(nn) } {incr i }
{
$node_($i) color black
$ns at 0.0 "$node_($i) color black"
}
$node_(0) set X_ 50.0
$node_(0) set Y_ 50.0
$node_(0) set Z_ 0.0
$node_(1) set X_ 200.0
$node_(1) set Y_ 250.0
$node_(1) set Z_ 0.0
$node_(2) set X_ 300.0
$node_(2) set Y_ 300.0
$node_(2) set Z_ 0.0
for {set i 0} {$i < $val(nn)} { incr i }
{
# 30 defines the node size for nam
$ns initial_node_pos $node_($i) 30
}
for {set i 0} {$i < $val(nn) } { incr i }
REFERENCES
1. Arauz, J.N. Julio Nicolas (2004) 802. 11 Markov channel modeling, Ph.D.
dissertation, School Inform. Sci., Univ. Pittsburgh, Pittsburgh, PA, USA.
2. Ateniese, C. Burns, R. Curtmola, R. Herring, J. Kissner, L. Peterson, Z. and
Song, D. (2007 ) Provable data possession at untrusted stores, in Proc. ACM
Conf. Computand Commun. Secur., pp. 598610.
3. Ateniese, G. Kamara, S. and Katz, J. (2009) Proofs of storage from homomorphic
identification protocols, in Proc. Int. Conf. Theory Appl. Cryptol. Inf. Security,
pp. 319333.
4. Awerbuch, B. Curtmola, R. Holmer, D. Nita-Rotaru, C. and Rubens, H. (2008)
ODSBR: An on-demand secure byzantine resilient routing protocol for wireless ad
hoc networks, ACM Trans. Inform. Syst. Security, vol. 10, no. 4, pp. 135.
5. Balakrishnan, K. Deng, J. and Varshney, P.K. (2005 ) TWOACK: Preventing
selfishness in mobile ad hoc networks, in Proc. IEEE Wireless Commun. Netw.
Conf., pp. 21372142.
6. Boneh, D. Lynn, B. and Shacham, H. (2004 ) Short signatures from the weil
pairing, J. Cryptol., vol. 17, no. 4, pp. 297319.
7. Buchegger, S. and Boudec, J.Y.L. (2002) Performance analysis of the confidant
protocol (cooperation of nodes: Fairness in dynamic ad hoc networks), in Proc.
3rd ACM Int. Symp. Mobile Ad Hoc Netw. Comput. Conf., pp. 226236.
19.Noubir, G. and Lin, G. (2003) Low-power DOS attacks in data wireless LANs and
countermeasures, ACM SIGMOBILE Mobile Comput. Commun. Rev., vol. 7, no.
3, pp. 2930.
20.Padmanabhan V.N. and Simon, D.R. (2003) Secure trace route to detect faulty or
malicious routing, in Proc. ACM SIGCOMM Conf., pp. 7782.
21.Papadimitratos, P. and Haas, Z. (2003) Secure message transmission in mobile ad
hoc networks, Ad Hoc Netw., vol. 1, no. 1, pp. 193209.
22.Proano and Lazos, L. (2012) Packet-hiding methods for preventing selective
jamming attacks, IEEE Trans. Depend. Secure Comput, vol. 9, no. 1, pp. 101114.