eaack-a secure ids for manet
DESCRIPTION
TRANSCRIPT
04/09/23 1Dept. of ECE
EAACKEAACK—A Secure —A Secure Intrusion-DetectionIntrusion-DetectionSystem for MANETsSystem for MANETs
04/09/23 2Dept. of ECE
ContentsContents Introduction What is MANET???? Need For IDS???? IDS
1. Watch dog2. TWOACK3. AACK
EAACK Performance Evaluation Simulation configuration Advantages Future enhancement Conclusion Reference
04/09/23 3Dept. of ECE
IntroductionIntroduction
MANET -Mobile Ad hoc NETworks
IDS -Intrusion Detection Systems
EAACK-Enhanced Adaptive ACKnowledgement
04/09/23 4Dept. of ECE
Mobile Ad hoc NETworksWireless networkAd hoc = “for this PURPOSE”Used to exchange informationNODES = transmitter + receiver
Nodes may be mobileEach node is willing to forward data to other nodesCommuncation can be direct or indirectNodes communicates directly within their rangesOtherwise rely on neighbours (indirectly)
04/09/23 5Dept. of ECE
Continuation.....Continuation.....
Properties of MANETsNo fixed infrastructureSelf configuring abilityDynamic topologyDecentralized network
04/09/23 6Dept. of ECE
Continuation….Continuation….
Routes between nodes may contain multiple hopsNodes act as routers to forward packets for each otherNode mobility may cause the routes change
AB
C
D
AB
C D
04/09/23 7Dept. of ECE
Continuation….Continuation….
Application of MANETSMilitary application◦ Combat regiment in the field ◦ Perhaps 4000-8000 objects in constant unpredictable motion.◦ Intercommunication of forces ◦ Proximity, plan of battle
Sensor networksAutomotive networksIndustrial application
04/09/23 8Dept. of ECE
MANET vulnerable to malicious attackersoOpen mediumoWide distribution of nodes
Routing protocols assumes nodes are always cooperative
Nodes are not physically protected
04/09/23 9Dept. of ECE
IDSIDS Intrusion Detection SystemDetect and report the malicious activity in ad hoc
networksResearchers have proposed a number of
collaborative IDS system
1. Watch dog
2. TWOACK
3. AACK
04/09/23 10Dept. of ECE
Watch dogWatch dog
04/09/23 11Dept. of ECE
Ambiguous collisionAmbiguous collision
04/09/23 12Dept. of ECE
Receiver collisionReceiver collision
04/09/23 13Dept. of ECE
Limited transmission powerLimited transmission power
04/09/23 14Dept. of ECE
False misbehaviour reportFalse misbehaviour report
04/09/23 15Dept. of ECE
TWOACKTWOACK
04/09/23 16Dept. of ECE
Continuation....Continuation.... Acknowledgment-based network layer scheme
Neither an enhancement or watch dog based scheme
Acknowledge every data packet transmitted over every
three consecutive nodes
On receiving a packet , each node is required to send
back an acknowledgment packet to the node that is two
hops away from it.
Solves receiver collision and limited transmission power
problem
Network overhead is present
04/09/23 17Dept. of ECE
AACKAACKAdaptive ACKnowledgementAcknowledgment-based network
layer schemeReduce network overheadCombination of TACK (similar to
TWOACK) and ACKACK-End to end acknowledgment
scheme
04/09/23 18Dept. of ECE
•ACKACK
•S will switch to TACK scheme if it doesn’t get any ACK packet within predefined time
04/09/23 19Dept. of ECE
The need of new IDS???The need of new IDS???Both TWOACK and AACK fails in
1. False misbehaviour report2. Forged acknowledgement packet
04/09/23 20Dept. of ECE
EAACKEAACKEnhanced Adaptive ACKnowledgementEfficient and secure intrusion detection
system for MANETsHigher malicious behaviour detection rates
with minimal effect on network performanceEAACK mechanism can be divided to three
schemes1. ACK(end to end acknowledgement scheme)2. S-ACK(Secure ACK)
3. MRA(Misbehaviour Report Authentication)
04/09/23 21Dept. of ECE
1.1. ACKACKEnd-to-end acknowledgment
schemeBrings extremely low network
overheadTo preserve the life cycle of
battery Low network overhead Lom memory consumption
04/09/23 22Dept. of ECE
ACK schemeACK scheme
04/09/23 23Dept. of ECE
2.S-ACK2.S-ACKSecure ACKExtension of TWOACK with digital
signatureSwitch from ACK if S does not
receive any acknowledgement packet Detect misbehaving nodes by
sending S-ACK packetEvery three consecutive nodes work
in a group to detect misbehaving nodes
04/09/23 24Dept. of ECE
S-ACK schemeS-ACK scheme
Who is malicious?? F1,F2 OR F3???
04/09/23 25Dept. of ECE
NONE IS NONE IS MALICIOUS ..............MALICIOUS ..............Route is F1 F2 F3F1 sends S-ACK data packet to F3
via the route F2 F3Before sending F1 store # value of
data packet and sending timeF2 receives packet from F1 and
forward to F3F3 receives the data packet and
send S-ACK acknowledgement ◦Contain # value and digital signature of
F3
04/09/23 26Dept. of ECE
This S-ACKnowledgement is send back to the reverse route
F1 receives it and verify digital signature by computing with F3 public key.
If there is no malicious nodes ,then the received hash value ==original hash value
04/09/23 27Dept. of ECE
F1 IS MALICIOUSF1 IS MALICIOUS
•False misbehaviour attack •In EAACK,it initiates MRA scheme.
04/09/23 28Dept. of ECE
F2 IS MALICIOUSF2 IS MALICIOUS
•Digital signature of F3 is needed•Prevent forged acknowledgement
04/09/23 29Dept. of ECE
F3 IS MALICIOUSF3 IS MALICIOUS
•If F3 refuses to send back acknowledgementpackets, it will be marked as malicious
04/09/23 30Dept. of ECE
3.MRA 3.MRA Misbehaviour Report AuthenticationDesigned to resolve the false misbehaviour report
attackSuch attack can break the entire networkBasic idea - Authenticate whether the
destination node has received the reported missing packet
Alternate route is neededMRA packet is send via this alternate routeMRA packet contains the ID of the packet that
has been reported droppedDestination node search if there is a match
04/09/23 31Dept. of ECE
Continuation...Continuation...If there is match,the report is
fake and node ,whoever sends it, is marked as malicious
If there is no match,the report is trusted.
04/09/23 32Dept. of ECE
EAACK SCHEMEEAACK SCHEME
04/09/23 33Dept. of ECE
Performance EvaluationPerformance EvaluationPacket delivery ratio (PDR): Ratio of
the number of packets received by the destination node to the number of packets sent by the source node.
Routing overhead (RO): RO defines the ratio of the amount of routing-related transmissions.
04/09/23 34Dept. of ECE
Simulation configurationSimulation configurationScenario 1: Malicious nodes drop all
the packets that pass through it.Scenario 2: Set all malicious nodes to
send out false misbehavior report to the source node whenever it is possible
Scenario 3: Provide the malicious nodes the ability to forge acknowledgment packets.
04/09/23 35Dept. of ECE
04/09/2336Dept. of ECE
ADVANTAGESADVANTAGESSolves limited transmission power and
receiver collision problem.Capable of detecting misbehaviour attackEnsure authentication and packet integrityDigital signatures prevents the attack of
forge acknowledgement packets
04/09/23 37Dept. of ECE
FUTURE ENHANCEMENTFUTURE ENHANCEMENT Possibilities of adopting hybrid
cryptography techniques to further reduce the network overhead caused by digital signature.
Examine the possibilities of adopting a key exchange mechanism to eliminate the requirement of predistributed keys.
Testing the performance of EAACK in real network environment.
04/09/23 38Dept. of ECE
Conclusion Conclusion
EAACK makes MANETs more secure The major threats like false mis
behaviour report and forge acknowledgement can be detected by using this scheme.
04/09/23 39Dept. of ECE
REFERENCEREFERENCE
EAACK—A Secure Intrusion-Detection System for MANETs by Elhadi M. Shakshuki, Senior Member, IEEE, Nan Kang, and Tarek R. Sheltami, Member, IEEE
Detecting Misbehaving Nodes in Mobile Ad hoc Networks by Nan Kang
04/09/23 40Dept. of ECE
04/09/23 41Dept. of ECE
04/09/23 42Dept. of ECE