ngmast- wms workshop17/09/2008, cardiff, wales, uk a simulation analysis of routing misbehaviour in...
Post on 18-Dec-2015
217 views
TRANSCRIPT
NGMAST- WMS workshop 17/09/2008, Cardiff, Wales, UK
A Simulation Analysis of Routing Misbehaviour in Mobile Ad hoc Networks
2nd International Conference and Exhibition on NEXT GENERATIONS MOBILE APPLICATIONS SERVICES
AND TECHNOLOGIES (NGMAST 2008)Workshop on Mobile and Wireless Security (WMS’08)
Abdelaziz Babakhouya CERIST Center of Research, Algiers, Algeria.
University of Béjaia, Algeria.Y. Challal and A. Bouabdallah (UTC, Heudiasyc lab.,
France )
2NGMAST- WMS workshop 17/09/2008, Cardiff, Wales, UK
Outline
Mobile Ad hoc Network (MANET) Dynamic Source Routing protocol (DSR)
Nodes misbehaviour
Simulation Results (NS-2)
Countermeasures
Conclusion
3NGMAST- WMS workshop 17/09/2008, Cardiff, Wales, UK
Mobile Ad hoc NETwork (MANET)
Definition MANET is a collection of wireless mobile nodes which may
form a temporary network, without the use of any fixed infrastructure or centralized administration
Features Multi-hop communication Dynamic topology Constrained resources No physical security
Applications Military and Rescue operations Civilian application
4NGMAST- WMS workshop 17/09/2008, Cardiff, Wales, UK
Routing in MANET
Network layer Routing: Route discovery and route maintenance Data forwarding
AS DB
Source node Destination nodeIntermediate nodes
Problem: In a malicious environment, misbehaving nodes may not cooperate.
How can they misbehave? What is the effect of nodes misbehaviour on network performance ?
5NGMAST- WMS workshop 17/09/2008, Cardiff, Wales, UK
Route discovery in DSR
11-2
11-3
1-3-4
1-3-4
1-3-4
1-2-5
1-3-4-6
1-3-4-7S
D52
1
3
4
6
7
8
Route Request (RREQ)
6NGMAST- WMS workshop 17/09/2008, Cardiff, Wales, UK
Route discovery in DSR
S
D52
1
3
4
6
7
8
Route Reply (RREP)
1-2-5-81-2-5-8 1-2-5-8
7NGMAST- WMS workshop 17/09/2008, Cardiff, Wales, UK
Packet forwarding in DSR
S
D52
1
3
4
6
7
8
8NGMAST- WMS workshop 17/09/2008, Cardiff, Wales, UK
Nodes misbehaviour
G
S1
M
S2
Cooperative node: cooperate in both route discovery and packet forwarding functions.
Selfish node : try to save their own resources (energy and bandwidth). Selfish node type 1: Disable packet forwarding
function. Selfish node type 2: Disable routing function.
Malicious node: Try to sabotage other nodes, example of Black hole attack
Other parameters: Time: start/stop time of the behaviour Target: source/destination of the behaviour Degree P: [0,1] the probability of the behaviour
9NGMAST- WMS workshop 17/09/2008, Cardiff, Wales, UK
Simulation
Objectives: What is the effect of selfish behaviour when varying the % of
misbehaving nodes? What is the effect of one malicious node when varying nodes
mobility and traffic load? Comparison between malicious behaviour and selfish
behaviour, according to the packet dropping attack strength.
Performances metrics Packet Delivery Fraction (PDF) : CBR packets received / CBR
packets sent Average End to End Delay (EED): the delay between the
sending of CBR packet by the source and its receipt by the destination.
10NGMAST- WMS workshop 17/09/2008, Cardiff, Wales, UK
Simulation in NS2
Fixed parameters Mobility: random waypoint
Pause time = 10s, max speed = 5m/s. CBR: 20 connections,
Packets size = 512 bits; packet rate = 2 packet/s Simulation time : 500 s Target of attack : all nodes Time of attack = simulation time = 500 s
Variables parameters Density number of nodes in an area of 1000m x
1000m Low density = 30 nodes High density = 60 nodes
Probability of packets dropping P:[1.0, 0.5, 0.1]
11NGMAST- WMS workshop 17/09/2008, Cardiff, Wales, UK
Selfish type 1
AS DB
RREQ packets from S to D
RREP packets from D to S
CBR packets from S to D
What is the effect on PDF when varying % of misbehaving nodes? We consider two scenarios:
Low density = 30 nodes, and high density = 60 nodes Probability of packets dropping: [ 1.0, 0.5, 0.1]
12NGMAST- WMS workshop 17/09/2008, Cardiff, Wales, UK
Simulation results of selfish type 1
Degradation of PDF when the % of misbehaving nodes increases.
Node density has a negligible influence on the PDF Reduction of the attack strength when Pi decreases.
13NGMAST- WMS workshop 17/09/2008, Cardiff, Wales, UK
Selfish type 2
AS DB
RREQ packets from S to D
RREP packets from D to S
CBR packets from S to D
Misbehaving nodes do not drop data packet What is the effect on Average EED ?
Low and high node density scenarios
14NGMAST- WMS workshop 17/09/2008, Cardiff, Wales, UK
Simulation results of selfish type 2
Negligible influence on the PDF there exists alternative routes Degradation of EED when the percentage of misbehaving nodes
increases, especially in low density (30 nodes).
15NGMAST- WMS workshop 17/09/2008, Cardiff, Wales, UK
Malicious node (black hole attack)
BA D
Forged RREP packets <S,A,M,D>
What is the impact on PDF, by varying mobility and number of CBR connections?
M
S C
Correct route
Forged route
16NGMAST- WMS workshop 17/09/2008, Cardiff, Wales, UK
Simulation results of Malicious behaviour
PDF falls to 55% when only one malicious node performs the black hole attack.
Nodes Mobility and CBR connection don’t affect the metric PDF.
17NGMAST- WMS workshop 17/09/2008, Cardiff, Wales, UK
Countermeasures
Secure routing S-AODV, SRP, ARAN, Adriane. Achieve authentication integrity and non repudiation
of the discovered route Prevent malicious nodes from being included in the discovered route.
Limitations: Do not prevent from with selfish nodes. Need of a Public Key Infrastructure (PKI) New security follows.
Detection and isolation of misbehaving nodes Watch-dog, CORE, CONFIDANT, OCEAN, SORI. Neighbours monitoring, node’s reputations and exchange
of Alarms and recommendations. False detection, need of nodes authentication
18NGMAST- WMS workshop 17/09/2008, Cardiff, Wales, UK
Conclusion
Misbehaving node is one of the major security issues of MANET
To retain from simulation results :
RREQ dropping do not affects the PDF. However, it can really affect the average EED and lead to congestion in a low density network.
One malicious node carrying a black hole attack can have the same effect as 20% to 30% of selfish nodes type 1.
Both of data and routing packets need to be secured from selfish and malicious nodes.
NGMAST- WMS workshop 17/09/2008, Cardiff, Wales, UK
Thanks