Intrusion Detection in Mobile Ad hoc Netwrok

Download Free projects with Source Code

ABSTRACT

Although anonymizing Peer-to-Peer (P2P) systems often incurs extra traffic costs, many systems try to mask the identities of their users for privacy considerations. Existing anonymity approaches are mainly path-based: peers have to pre-construct an anonymous path before transmission. The overhead of maintaining and updating such paths is significantly high. We propose Rumor Riding (RR), a lightweight and non-path-based mutual anonymity protocol for decentralized P2P systems. Employing a random walk mechanism, RR takes advantage of lower overhead by mainly using the symmetric cryptographic algorithm. We conduct comprehensive trace-driven simulations to evaluate the effectiveness and efficiency of this design, and compare it with previous approaches. We also introduce some early experiences on RR implementations. 

INTRODUCTION

Network nodes in MANET.s are free to move randomly. Therefore, the network topology may change rapidly. Routing protocol for MANET.s are used for delivery of data packets from source to the desired destination, Routing protocols are also designed based on the assumption that all the participating nodes are fully cooperative. However, due to the scarcely available battery based energy, node behaviours may exist. One such routing misbehaviours is that some nodes may be selfish by participating in route discovery and maintenance process, but refuse to forward the packet in order to save its energy. To solve this problem we propose a reputation based scheme where the watch dog uses a passive overhearing of nodes and assign a value to it as an appreciation or add nuggets to them. In this proposal, nodes with highest value are highly recommended for data forwarding and allow nodes to avoid the use of misbehaving nodes in future route selection. AdHoc On Demand Distance vector routing (AODV) protocol may be used to get the recommendation details of the node intended to forward the packet from the neighboring nodes. This paper proposes a novel method to mitigate the route with misbehaving nodes and also suggests a way to find if any intruder is present in the cluster of participating nodes using security aware AODV protocol.

           Mobile Ad Hoc Network (MANET) is a collection of mobile nodes (hosts) which communicate with each other via wireless links either directly or relying on other nodes as routers. The operation of MANETs does not depend on preexisting infrastructure or base stations .Network nodes in MANETs are free to move randomly. Therefore, the network topology of a MANET may change rapidly and unpredictably. All network activities, such as discovering the topology and delivering data packets, have to be executed by the nodes themselves, either individually or collectively. The Structure may vary from small, static to a large, mobile network. There are two types of MANETs: closed and open. In A closed MANET, all mobile nodes cooperate with each other toward a common goal. In an open MANET, different mobile nodes with different goals share their resources in order to ensure global connectivity. However, some resources are consumed quickly as the nodes participate in the network functions. For instance, battery power is considered to be most important in a mobile environment. An individual mobile node may at- tempt to benefit from other nodes, but refuse to share its own resources.

  Selfish or Misbehaving

An individual mobile node may attempt to benefit from other nodes, but refuse to share its own resources. Such nodes are called selfish or misbehaving nodes and their behavior is termed selfishness or misbehavior. A selfish node may refuse to forward data packets for other nodes in order to conserve its own energy.

 WatchDog and PathRater

The watchdog technique identifies the misbehaving nodes by overhearing on the wireless medium. The watchdog technique is based on passive overhearing. Un- fortunately, it can only determine whether or not the next- hop node sends out the data packet. The pathrater technique allows nodes to avoid the use of the misbehaving nodes in any future route selections.

 Security Attacks

 The intruder attacks are minimized and removed by using Security Attack AODV. Which rechecks the presence of the node which sends the shortest path by getting the routing table details of the intermediate node present adjacent to the node with the shortest distance. Hence the intruder nodes are removed from the Infrastructure we have done a detailed literature survey in this above mentioned work. Based on this we have studied that several techniques have been proposed / ongoing to detect and al- leviate the effects of selfishness in MANET. 

OBJECTIVE

Anonymous nature of peer-to-peer (P2P) systems exposes them to malicious activity Establishing trust among peers can mitigate attacks from malicious peers. This paper presents distributed algorithms used by a peer to reason about trustw0l1hiness of others based on the available local information which includes past interactions and recommendations received from others. Peers collaborated to establish trust among each other without using a priori information. Trust decisions are adaptive to changes in trust among peers. A peer's trustworthiness in providing services and giving recommendations is evaluated in service and recommendation contexts. Defining trust metrics in separate contexts makes possible to measure trustworthiness of peers more precisely. A peer may be a good service provider and a bad recommender at the same time. Interactions among peers have varying importance. An interaction loses its importance with time. These effects are considered along with the satisfaction of peers while evaluating an interaction. A recommendation contains the recommender's confidence in the information provided. This factor is considered with. Trustworthiness of the recommender when evaluating recommendations. A file sharing application is simulated to understand advantages of the proposed algorithms in mitigating attacks related with services and recommendations. The results of several empirical studies are used to simulate peer, resource, and network parameters. This enables us to study the effects of external parameters on the algorithms and the evolution of trust relationships among peers. Individual, collaborative and pseudonym changing attack scenarios simulate nine different malicious behaviors. In most experiments, we find that malicious peers are isolated from other peers and their attacks are litigated. There are cases where they obtain a high reputation but their attacks are still contained.

Service Trust Metric:

When evaluating an acquaintance’s trustworthiness in the service context, a peer first calculates competence and integrity belief values using the information in its service history. Competence belief represents how well an acquaintance satisfied the needs of past interactions .Let friend request denote the competence belief of pi about pj in the service context. Average behavior in the past interactions is a measure of the competence belief. A peer can be competent but may present erratic behavior. Consistency is as important as competence. Level of confidence in predictability of future interactions is called integrity belief.Let I bij denote the integrity belief of pi about pj in the service context. Deviation from average behavior (cbij) is a measure of the integrity belief.

Reputation Metric

The reputation metric measures a stranger’s trust worthiness based on recommendations. In the following two sections, we assume that pj is a stranger to pi and pk is an acquaintance of pi. If pi wants to calculate rij value, it starts a reputation query to collect recommendations from its acquaintances. Trustworthy acquaintances and requests their recommendations. Let _max denote the maximum number of recommendations that can be collected in a reputation query and jSj denote the size of a set S. In the algorithm, pi sets a high threshold for recommendation trust values and requests recommendations from highly trusted acquaintances first. Then, it decreases the threshold and repeats the same operations.

Recommendation Trust Metric:

Facebook has an incredible audience, 950 million strong and counting. This audience is immensely attractive to Brands and Marketers around the world. We've seen explosive growth in brand pages, types of advertising and other fun ways to monetize this audience. Don't invent new metrics, use online versions of Reach and GRPs to measure success. The value of Facebook in "spreading word of mouth," "getting your brand in front of friends of fans," and "engaging fans with five to seven posts a week on your fan page. “They closed with the Facebook Insights tool (which is quite nice). This blog post is about the above recommendations, and their merit. But first let's punch up the value you'll get from this post.Assume that pi wants to get a particular service. pj is a stranger to pi and a probable service provider. To learn pj’s reputation, pi requests recommendations from its acquaintances. Assume that pk sends back a recommendation to pi. After collecting all recommendations, pi calculates rij. Then, pi evaluatespk’s recommendation, stores results in RH ik, and updatesrtik. Assuming pj is trustworthy enough, pi gets the service from pj. Then, pi evaluates this interaction and stores the results in SHij, and updates stij.

Selecting Service Providers:

When pi searches for a particular service, it gets a list of service providers. Considering a Facebook application, either post share the links to other peer .Connecting the all people with recommendation multiple peers, checking integrity is a problem since any file part downloaded from an uploaded might be inauthentic. Service provider selection is done based on service trust metric, service history size, competence belief, and integrity belief values. When pi wants to download a file, its elects an up loader with the highest service trust value.

PROBLEM STATEMENT

Existing System 

Existing anonymity approaches are mainly path-based: peers have to pre-construct an anonymous path before transmission. The overhead of maintaining and updating such paths is significantly high. Users often expect to establish a long anonymous path and update the path periodically to defend against the analysis from attackers. In highly dynamic P2P systems, when a chosen peer leaves, the whole path fails. Unfortunately, such a failure is often difficult to be known by the initiator. Therefore, a “blindly-assigned” path is very unreliable, and users have to frequently probe the path and retransmit messages.

Disadvantages 

  1. Path-based approaches
  2. Non-traceable path
  3. High cost
  4. RSA based algorithm 

Proposed System

We propose Rumor Riding (RR), a lightweight and non-path-based mutual anonymity protocol for decentralized P2P systems. Employing a random walk mechanism, RR takes advantage of lower overhead by mainly using the symmetric cryptographic algorithm. We propose a non-path-based anonymous P2P protocol called Rumor Riding (RR). In RR, we first let an initiator encrypt the query message with a symmetric key, and then send the key and the cipher text to different neighbors. The key and the cipher texts take random walks separately in the system, where each walk is called a rumor. Once a key rumor and a cipher rumor meet at some peer, the peer is able to recover the original query message and act as an agent to issue the query for the initiator. We call the agent peer as a sower in this paper. The similar idea is also employed during the query response, confirm, and file delivery processes.

Advantages 

  1. Non-path based approach(Rumor Riding)
  2. Used AES cryptographic algorithm
  3. Reduce cryptographic overhead for the Initiator, Responder and Middle nodes
  4. Improve system performance
  5. Random chosen Neighbor
  6. Avoid blind-flooding

 FEASIBILITY STUDY

                   The feasibility study is an evaluation of proposed system regarding its workability, organizational ability to meet user needs and effective use of resources. When a new application is proposed, it should go through the feasibility study before it is approved for the development.

There are three aspects of feasibility study.

  1. Technical Feasibility
  2. Economical Feasibility
  3. Operational Feasibility

 TECHNICAL FEASIBILITY

            The consideration that is normally associated with the technical feasibility includes where the project is to be developed and implemented. The proposed software should have the security for data and should be very fast in processing the data efficiently. A basic knowledge to operate a computer is sufficient to handle the system, Since the system is designed to provide user-friendly access.

ECONOMICAL FEASIBILITY

             Economical justification is generally the “Bottom Line” consideration for most systems. It includes a broad range of concerns that include the Cost-benefit analysis. The cost-benefit analysis delineates costs for project development and weights then against tangible and development of the system. Hence, there are tangible and intangible benefits the project development.

OPERATIONAL FEASIBILITY

            The new system must be accepted by the user. In this system, the administrator is one of the users. As users are responsible for initiating the development of a new system, this is rooted out.

Modules

 

  1. Rumor Riding

A non-path-based anonymous P2P protocol called Rumor Riding (RR). In RR, we first let an initiator encrypt the query message with a symmetric key, and then send the key and the cipher text to different neighbors. The key and the cipher texts take random walks separately in the system, where each walk is called a rumor. Once a key rumor and a cipher rumor meet at some peer, the peer is able to recover the original query message and act as an agent to issue the query for the initiator. We call the agent peer as a sower.

  1. Rumor Generation and Recovery

         RR employs the AES algorithm to encrypt original messages. The key size is 128-bit. To determine whether a pair of cipher and key rumors hit, we employ a Cyclic Redundancy Check (CRC) function to attach a CRC value, CRC (M), to the message M. For received key rumors and cipher rumors, the sower S uses AES to recover a message M’ and the checksum CRC(M’). It then performs the CRC function to the recovered M’ and compares the result with CRC (M’). If they match, the sower S is aware that it has successfully recovered a message M. 

  1. Query Issuance

          When an initiator I wishes to issue an anonymous query, it first generates the query content q, and a public key K. Node I then uses an AES cryptographic algorithm to encrypt q into a cipher text C with a symmetric key K. It organizes the key K and the cipher text C into two query rumors, qK and qC. In Gnutella, each packet is labeled with a Descriptor ID, a string that uniquely identifies the packet. RR also uses the descriptors to identify rumors. Thus, two random number strings, IDqK and IDqC, are used to label the two rumors. After generation, I forwards the rumor messages to two randomly chosen neighbors, as illustrated by the dashed and dotted lines in Fig. 1. The query cipher rumor and the query key rumor then start their random walks.

 

Algorithm

AES cryptographic algorithm

Rumor Riding employs the AES algorithm to encrypt original messages. When an initiator  I wishes to issue an anonymous query, it first generates the query content q, and a public key K. Node I then uses an AES cryptographic algorithm to encrypt q into a cipher text C with a symmetric key K. It organizes the key K and the cipher text C into two query rumors, qK and qC. In Gnutella, each packet is labeled with a Descriptor ID, a string that uniquely identifies the packet. RR also uses the descriptors to identify rumors. Thus, two random number strings, IDqK and IDqC, are used to label the two rumors. After generation, I forwards the rumor messages to two randomly chosen neighbors, as illustrated by the dashed and dotted lines in the above Fig 1. The query cipher rumor and the query key rumor then start their random walks.

HARDWARE & SOFTWARE REQUIREMENTS

HARDWARE REQUIREMENTS

  • System                        :           Pentium IV 2.4 GHz.
  • Hard Disk                   :           40 GB.
  • Floppy Drive               :           1.44 Mb.
  • Monitor                       :           15 VGA Color.

SOFTWARE REQUIREMENTS

  • Operating system        :           Windows XP Professional.
  • Coding Language       :           Java

CONCLUSION

A trust model for P2P networks is presented, in which a peer can develop a trust network in its proximity. A peer can isolate malicious peers around itself as it develops trust relationships with good peers. Two context of trust, service and recommendation contexts, are defined to measurecapabilities of peers in providing services and giving recommendations. Interactions and recommendations are considered with satisfaction, weight, and fading effect parameters. A recommendation contains the recommender’s own experience, information from its acquaintances, and level of confidence in the recommendation. These parameters provided us a better assessment of trustworthiness. Individual, collaborative, and pseudonym changing attackers are studied in the experiments. Damage of collaboration and pseudo spoofing is dependent to attack behavior. Although recommendations are important in hypocritical and oscillatory attackers, pseudo spoofers, and collaborators, they are less useful in naive and discriminatory attackers. SORT mitigated both service and recommendation-based attacks in most experiments. However, in extremely malicious environments such as a 50 percent malicious network, collaborators can continue to disseminate large amount of misleading recommendations. Using trust information does not solve all security problems in P2P systems but can enhance security and effectiveness of systems. If interactions are modeled correctly, SORT can be adapted to various P2P applications.

Get Code