Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks

Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek***

MIPRO 2012, May 21-25,2012, Opatija, Croatia

102062517 資工所碩一 陸家鈞1/31

outline

– Abstract– Introduction– Routing Protocols– Security Attacks On Routing Protocols– Classification Of DOS Attack Detection Scheme– Conclusion

2/31

Abstract The mobile ad-hoc networks (MANET) are multi-hop

wireless network. It is dynamically formed amongst groups of

mobile users having wireless network.

3/31

Abstract

In MANET, nodes are limited resources like

bandwidth, battery power and storage space. MANET is

vulnerable of different types of DoS attack in which packets

are not transfer to the next node.

4/31

Introduction

The mobile ad-hoc networks (MANET) It has different

characteristics such as lack of centralized administration,

distributed cooperation, changing topology and requires no

existing infrastructure. Without router or access point

wireless clients connect directly together.

5/31

Routing ProtocolsGeneral categories of routing protocols:• Proactive Routing Protocol:• Reactive Routing Protocol:• Hybrid Routing Protocol:

6/31

1. Proactive (table-driven) Routing Protocol

a)Mobile nodes periodically broadcast their routing information to the next node.

b)Each node needs to maintain the records of the adjacent and reachable nodes

c) Nodes have to evaluate their neighborhood as per the network topology change.

7/31

2. Reactive (On-demand) Routing Protocol

If a node wants to send packet to another node then the protocol searches for the route in on demand and establish the connection in order to transmit and receive the packet.

8/31

3. Hybrid Routing Protocol:

combines the advantages of proactive routing and reactive routing

gathering unfamiliar routing information maintain the routing information when

network topology changes.

9/31

Security Attacks On Routing Protocols

General attack types are threats against network layers that function for the routing mechanism of the mobile ad hoc networks.

There are two basic types of attacks in mobile ad hoc networks:

• Passive attacks• Active attacks

10/31

Passive attacks: This type of attack does not disrupt the normal operation of the network. Detection of passive attacks is difficult to identify because the network operation is normal.

Passive attacks are eavesdropping, traffic analysis and monitoring.

Active attacks:an attacker actively participates and disrupts the

normal operation of the network services. It degrades the network performance.

Forms of active attacks are jamming, spoofing, modification, replaying and Denial of Service (DoS).

11/31

Attacks on MANET:1. Denial of Service Attacks

2. Black hole attack

3. Cooperative Black hole attack

4. Gray hole attack

5. Flooding Attack

6. Worm hole Attack

7. Jamming attack

8. DDoS attack

9. Rushing attack

10. JellyFish attack12/31

1. Denial of Service Attacks:

• The goal of Denial of Service (DoS) attacks is to prevent availability of networks services from their legitimate users

• DoS attack has different scenarios.1. Attack memory, storage, CPU of the service provider

Sends an executable flooding packet

2. Attack energy resources Sends a bogus packet to a node with the intension

3. Attack bandwidth Located between multiple communicating nodes and waste the

bandwidths and disrupt the connectivity

13/31

2.Black hole attack:

The malicious node can attract all packets by

pretending shortest route to the destination. It drops all

traffic destined for that node when traffic is received by it.

The effect of this attack completely degrades the

performance of the network

14/31

3. Cooperative Black hole attack:

It is a type of black hole attack when multiple black

hole nodes are acting in a coordinated manner with each

other: e.g.black hole node B1 cooperates with another black

hole node B2 in the next hop.

15/31

4. Gray hole attack:

• Gray hole attack is a variation of black hole attack,

where some nodes switch their states from black hole to

honest intermittently and vice versa.

• Detection of gray hole attack is harder because nodes

can drop packets partially not only due to its malicious nature

but also due to congestion.

DS

Attacker 16/31

5. Flooding Attack:

Attacker selects

many IP addresses

which are from

outside of the

networks . Attacker

sends Route Request

(RREQ) message with

such IP address.

17/31

6. Worm hole Attack:

Worm hole link attack records the wireless data,

forward this data and replays the packet through worm hole

link.

It will not show the true picture of the network and

there is effect on the decisions.

18/31

7. Jamming attack:

The objective of jammer is to interfere with legitimate

wireless communication and to degrade the overall network

performance.

Constant jammer

Deceptive jammer

Radom jammer

Reactive jammer

19/31

8. DDoS attack:

DDoS attack consists of two phases Deployment phase:

an attacker installs a tool in the vulnerable nodes. Attack phase:

an attacker coordinates a attack against a victim by flooding the unwanted data

20/31

9. Rushing attack:

• The attack consists, for the adversary, in quickly forwarding its

Route Request messages when a route discovery is initiated.

If the Route Requests that first reach the target’s neighbors

are those of the attacker, then any discovered route includes

the attacker.S

D

Attacker

21/31

10. JellyFish attack:

JellyFish attack is following the routing and forwarding

protocol specification. This is passive type of attack which is

difficult to detect. It is responsive to the network conditions

like delay and packet drop rate.

DS

Attacker22/31

10. JellyFish attack:• Behavior of JellyFish attacks are

JellyFish Recorder Attack:

reorder packets

JellyFish Periodic Dropping Attack:

drop all packets

JellyFish Delay Variance Attack:

randomly delays packets

23/31

Classification Of DOS Attack Detection Scheme

24/31

Black hole attack• Solution / Security Mechanism

25/31

Cooperative Black hole attack • Solution / Security Mechanism

26/31

Gray hole attack

Flooding attack

• Solution / Security Mechanism

• Solution / Security Mechanism

27/31

Jamming attack• Solution / Security Mechanism

Worm hole attack• Solution / Security Mechanism

28/31

Distributed Dos attack• Solution / Security Mechanism

JellyFish attack• Solution / Security Mechanism

Rushing attack• Solution / Security Mechanism

29/31

Contribution&Improvement

• Contribution– Explain the routing protocols on MANET – Explain attacks on MANET– List the solutions and reference resources of

attacks.

• Improvement– More graphical example– Detail about solution

30/31

Conclusion

This type of attack may lead to degrade the

performance of the network. There is need to develop

efficient security mechanism and secure routing protocols for

avoiding different types of attacks. And we must encrypt the

data what we sent over the network to reduce the chance of

packet eavesdropping

31/31