solution of blackhole attack good ppt
TRANSCRIPT
Cooperative and Reliable Packet-Forwarding on Top of AODVBracha Hod March 2006
Outline
Background
Mobile ad hoc network Ad-hoc On Demand Distance Vector Trust and reputation
Problem statement Solution
Misbehaving detection Reputation system Misbehavior reaction
Simulation results Conclusions
Mobile Ad hoc Network
An autonomous, self-configuring system of mobile devices (laptops, smart phones, sensors, etc.) connected by wireless links Each node operates as both an end-system and a router MANET characteristics:
Mobility and dynamic topology Bandwidth-constrained Energy-constrained Prone to security threats
Mobile Ad hoc Network
MANET Routing Protocols
Proactive/Table-driven
Periodically broadcast information across the network in a controlled flood
Waste bandwidth and power consumptionInitiate a route only when it is required Delay when building new routes
Reactive/On-demand
Ad-hoc On-demand Distance Vector
RFC 3561 (2003)One of the leading protocols for MANET Uses sequence numbers to avoid loops Quick adaptation to dynamic networks Low processing and memory overhead Scalable
AODV Route DiscoveryRoute Request Reverse Route Route ReplyA B
C
G E F
D
AODV Route MaintenanceHello Message Route Error
A
B
C
G E F
D
Trust and Reputation
Trust
A subjective expectation a node has about another nodes future behavior, based on the history of their encounters A perception that a node creates through past actions about its intentions and norms A system in which the nodes who participate in it compute rating values and then advertise these values among the other nodes
Reputation
Reputation System
Problem Statement
MANET is vulnerable to many attacks
Packet dropping is the most common attackSelfish nodes are interested in saving their battery life Malicious nodes aim to damage other nodes Black hole node advertises itself as part of a path and then drop the packets Gray hole node adversary selectively drops some packets but not other
Motivation to misbehave
Misbehavior patterns we handle
Solution
Misbehavior Detection
Watch the neighbors and record their behavior
Reputation System
Maintain direct rating according to the observations Exchange rating among nodes Incorporate direct and indirect rating Use trust informationClassify nodes Select reliable paths Punish misbehaving nodes
Misbehavior Reaction
First-Hand Observations
Overhear neighbors
Direct mode getting packets explicitly Promiscuous mode
Examine the overheard packets Update the positive and negative actions
k
i j h
Direct Rating
Calculation and management of the rating using the Beta distribution function Direct rating of a node j by its neighbor i
Rating Exchange
Local model as a result of MANET constrains
Reputation distribution is performed continuously Neighbors direct rating and a black list of misbehaving nodes are exchanged among 1hop neighbors Limited detection and punishment in large and mobile networks
Trust
Misbehaving nodes might spread false rating informationThe trust estimates the reliability of the reports
Second-Hand Observations
Accept indirect rating DRk,j if the node is trusted or if it passes the deviation test Estimate of the indirect positive and negative actions based on the indirect rating Combine the direct and indirect rating to a total rating
Misbehavior Reaction
Nodes classification
Total rating value with total positive and negative actions Two nodes with the same total rating, but with different history are classified differently Greedy selection of the next hop Path maintenance for partial dropping Second chance when the rating is faded
Path selection
Punishment of misbehaving nodes
Simulation Model
Simulation in GloMoSim Standard parameters of the channel and radio model IEEE 802.11 as the medium access protocol Nodes are places randomly in the area Movement by random waypoint model
Speed range of 5-20 m/s Pause time range of 0-500s
Data packets transmission at constant bit rate (CBR) on routes above 1-hop length
Throughput of Well-behaving Nodes50 Nodes 100 Nodes
15 Sources, 15 Black-holes
20 Sources, 30 Black-holes
Punishment of Misbehaving NodesData Packets Transmitted by Misbehaving Nodes Data Packets for Misbehaving Nodes That were not Transmitted
50 Nodes, 15 Sources, 15 Black-holes
Partial Dropping (Gray holes)Data Packets DroppedDropping percentage of 50% (32% of the total rating) Different Dropping Percentages
50 Nodes, 15 Sources, 15 Gray-holes
Robustness against Advanced LiarsData Packets Received False Positives
50 Nodes, 15 Sources, 10 Black-holes
Scalability over AODVThroughput Data Packets Dropped
500 Nodes, 250 static and the remainder walk on speed of 5-10 m/s. 30 Sources, 50 black holes
Conclusions
A reputation system on top of AODV is effective for both partial and complete dropping The reputation system remained robust against advanced liars, when a majority of the nodes are trustworthy In large and unstable networks, it is better to rely on self-observations because the network conditions have greater effect than the reputation system benefits
Thank you!