Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

eaack-a secure ids for manet

8 734 vues

Publié le

Publié dans : Technologie

eaack-a secure ids for manet

  1. 1. 11/06/13 Dept. of ECE 1
  2. 2. EAACK—A Secure IntrusionDetection System for MANETs 11/06/13 Dept. of ECE 2
  3. 3. Contents     Introduction What is MANET???? Need For IDS???? IDS 1. 2. 3. Watch dog TWOACK AACK  EAACK  Performance Evaluation  Simulation configuration  Advantages  Future enhancement  Conclusion  Reference 11/06/13 Dept. of ECE 3
  4. 4. Introduction MANET -Mobile Ad hoc NETworks IDS -Intrusion Detection Systems EAACK-Enhanced Adaptive ACKnowledgement 11/06/13 Dept. of ECE 4
  5. 5. Mobile Ad hoc NETworks Wireless network Ad hoc = “for this PURPOSE” Used to exchange information NODES = transmitter + receiver  Nodes may be mobile Each node is willing to forward data to other nodes Communcation can be direct or indirect Nodes communicates directly within their ranges Otherwise rely on neighbours (indirectly) 11/06/13 Dept. of ECE 5
  6. 6. Continuation.....  Properties of MANETs No fixed infrastructure Self configuring ability Dynamic topology Decentralized network 11/06/13 Dept. of ECE 6
  7. 7. Continuation….  Routes between nodes may contain multiple hops Nodes act as routers to forward packets for each other Node mobility may cause the routes change B A A B C C D D 11/06/13 Dept. of ECE 7
  8. 8. Continuation…. Application of MANETS Military application ◦ Combat regiment in the field ◦ Perhaps 4000-8000 objects in constant unpredictable motion. ◦ Intercommunication of forces ◦ Proximity, plan of battle Sensor networks Automotive networks Industrial application 11/06/13 Dept. of ECE 8
  9. 9. MANET vulnerable to malicious attackers o Open medium o Wide distribution of nodes Routing protocols assumes nodes are always cooperative Nodes are not physically protected 11/06/13 Dept. of ECE 9
  10. 10. IDS  Intrusion Detection System  Detect and report the malicious activity in ad hoc networks  Researchers have proposed a number of collaborative IDS system 1. Watch dog 2. TWOACK 3. AACK 11/06/13 Dept. of ECE 10
  11. 11. Watch dog 11/06/13 Dept. of ECE 11
  12. 12. Ambiguous collision 11/06/13 Dept. of ECE 12
  13. 13. Receiver collision 11/06/13 Dept. of ECE 13
  14. 14. Limited transmission power 11/06/13 Dept. of ECE 14
  15. 15. False misbehaviour report 11/06/13 Dept. of ECE 15
  16. 16. TWOACK 11/06/13 Dept. of ECE 16
  17. 17. Continuation....  Acknowledgment-based  Neither network layer scheme an enhancement or watch dog based scheme  Acknowledge every data packet transmitted over every three consecutive nodes  On receiving a packet , each node is required to send back an acknowledgment packet to the node that is two hops away from it.  Solves receiver collision and limited transmission power problem  Network 11/06/13 overhead is present Dept. of ECE 17
  18. 18. AACK Adaptive ACKnowledgement Acknowledgment-based network layer scheme Reduce network overhead Combination of TACK (similar to TWOACK) and ACK ACK-End to end acknowledgment scheme 11/06/13 Dept. of ECE 18
  19. 19. •ACK •S will switch to TACK scheme if it doesn’t get any ACK packet within predefined time 11/06/13 Dept. of ECE 19
  20. 20. The need of new IDS??? Both TWOACK and AACK fails in 1. False misbehaviour report 2. Forged acknowledgement packet 11/06/13 Dept. of ECE 20
  21. 21. EAACK Enhanced Adaptive ACKnowledgement Efficient and secure intrusion detection system for MANETs Higher malicious behaviour detection rates with minimal effect on network performance EAACK mechanism can be divided to three schemes 1. ACK(end to end acknowledgement scheme) 2. S-ACK(Secure ACK) 3. MRA(Misbehaviour Report Authentication) 11/06/13 Dept. of ECE 21
  22. 22. 1. ACK End-to-end acknowledgment scheme Brings extremely low network overhead To preserve the life cycle of battery  Low network overhead  Lom memory consumption 11/06/13 Dept. of ECE 22
  23. 23. ACK scheme 11/06/13 Dept. of ECE 23
  24. 24. 2.S-ACK Secure ACK Extension of TWOACK with digital signature Switch from ACK if S does not receive any acknowledgement packet Detect misbehaving nodes by sending SACK packet Every three consecutive nodes work in a group to detect misbehaving nodes 11/06/13 Dept. of ECE 24
  25. 25. S-ACK scheme Who is malicious?? F1,F2 OR F3??? 11/06/13 Dept. of ECE 25
  26. 26. NONE IS MALICIOUS .............. Route is F1 F2 F3 F1 sends S-ACK data packet to F3 via the route F2 F3 Before sending F1 store # value of data packet and sending time F2 receives packet from F1 and forward to F3 F3 receives the data packet and send S-ACK acknowledgement ◦ Contain # value and digital signature of F3 11/06/13 Dept. of ECE 26
  27. 27. This S-ACKnowledgement is send back to the reverse route F1 receives it and verify digital signature by computing with F3 public key. If there is no malicious nodes ,then the received hash value ==original hash value 11/06/13 Dept. of ECE 27
  28. 28. F1 IS MALICIOUS •False misbehaviour attack •In EAACK,it initiates MRA scheme. 11/06/13 Dept. of ECE 28
  29. 29. F2 IS MALICIOUS •Digital signature of F3 is needed •Prevent forged acknowledgement 11/06/13 Dept. of ECE 29
  30. 30. F3 IS MALICIOUS •If F3 refuses to send back acknowledgement packets, it will be marked as malicious 11/06/13 Dept. of ECE 30
  31. 31. 3.MRA  Misbehaviour Report Authentication  Designed to resolve the false misbehaviour report attack  Such attack can break the entire network  Basic idea - Authenticate whether the destination node has received the reported missing packet  Alternate route is needed  MRA packet is send via this alternate route  MRA packet contains the ID of the packet that has been reported dropped  Destination node search if there is a match 11/06/13 Dept. of ECE 31
  32. 32. Continuation... If there is match,the report is fake and node ,whoever sends it, is marked as malicious If there is no match,the report is trusted. 11/06/13 Dept. of ECE 32
  33. 33. EAACK SCHEME 11/06/13 Dept. of ECE 33
  34. 34. Performance Evaluation Packet delivery ratio (PDR): Ratio of the number of packets received by the destination node to the number of packets sent by the source node. Routing overhead (RO): RO defines the ratio of the amount of routingrelated transmissions. 11/06/13 Dept. of ECE 34
  35. 35. Simulation configuration Scenario 1: Malicious nodes drop all the packets that pass through it. Scenario 2: Set all malicious nodes to send out false misbehavior report to the source node whenever it is possible Scenario 3: Provide the malicious nodes the ability to forge acknowledgment packets. 11/06/13 Dept. of ECE 35
  36. 36. 11/06/13 Dept. of ECE 36
  37. 37. ADVANTAGES Solves limited transmission power and receiver collision problem. Capable of detecting misbehaviour attack Ensure authentication and packet integrity Digital signatures prevents the attack of forge acknowledgement packets 11/06/13 Dept. of ECE 37
  38. 38. FUTURE ENHANCEMENT Possibilities of adopting hybrid cryptography techniques to further reduce the network overhead caused by digital signature. Examine the possibilities of adopting a key exchange mechanism to eliminate the requirement of predistributed keys. Testing the performance of EAACK in real network environment.  11/06/13 Dept. of ECE 38
  39. 39. Conclusion EAACK makes MANETs more secure The major threats like false mis behaviour report and forge acknowledgement can be detected by using this scheme. 11/06/13 Dept. of ECE 39
  40. 40. REFERENCE  EAACK—A Secure Intrusion-Detection System for MANETs by Elhadi M. Shakshuki, Senior Member, IEEE, Nan Kang, and Tarek R. Sheltami, Member, IEEE  Detecting Misbehaving Nodes in Mobile Ad hoc Networks by Nan Kang 11/06/13 Dept. of ECE 40
  41. 41. 11/06/13 Dept. of ECE 41
  42. 42. 11/06/13 Dept. of ECE 42