Cross-layer IDS for Rushing attack in Wireless Mesh Networks

Publications

Cross-layer IDS for Rushing attack in Wireless Mesh Networks


Abstract:

Wireless Mesh Networks (WMNs) are a promising technology to provide the wireless internet connectivity. WMNs are becoming a popular choice for wireless internet service providers to offer internet connectivity as it allows a fast, easy and inexpensive network deployment. However, security in WMNs is still in its infancy. Security and privacy has been a major concern in WMNs. WMNs are susceptible to broad variety of attacks due to its open medium, dynamic topology and lack of physical security. WMNs are more vulnerable in Network layer. Several attacks are possible in the network layer. Some of the attacks have possible solutions but there is no solution for to detect Rushing attack which leads to the Denial of Service. In this paper, the authors proposed Cross-Layer Intrusion Detection System (CLIDS) for Rushing attack. We evaluated the performance of our technique using network simulator 2. Simulation results show that CLIDS has less false positive and false negative rates than single layer intrusion detection system.



Comments

Post a Comment

Popular posts from this blog

NS2 Code for Blackhole Attack (multiple blackholes) in AODV Protocol

Image
Workshop on Cyber Security and Forensics (16th to 20th August 2016) http://svecw.edu.in/docs/CSEFDPCS.pdf   Workshop on Big Data Analytics (2nd to 6th August 2016) http://svecw.edu.in/docs/CSEFDPBigDataAnalytics2016.pdf The following scenario consists of 25 nodes, in which 1,7 and 13 nodes are blackholenodes and other nodes are non-malicious.           To create multiple blackhole   attackers in AODV protocol     i)              In aodv.h the following blue colour lines needs to be added to define balckhole attackers      /*        * History management        */      double                PerHopTime(aodv_rt_entry *rt); nsaddr_t malicious1; nsaddr_t malicious2; nsaddr_t malicious3;     ii)             In   aodv.cc the following blue colour lines needs to be added to initialize the attackers   int AODV::command(intargc, const char*const* argv) { if(argc == 2) { Tcl&tcl = Tcl::instance(); if(strncasecmp(argv[1]
Read more

NS2 code for Rushing attacks (Jellyfish and Byzantine attacks)

Image
Workshop on Cyber Security and Forensics (16th to 20th August 2016) http://svecw.edu.in/docs/CSEFDPCS.pdf    Workshop on Big Data Analytics (2nd to 6th August 2016) http://svecw.edu.in/docs/CSEFDPBigDataAnalytics2016.pdf Rushing attack   Rushing attack is a zero delay attack andmore effective when the attacker nearby source or destination node.On-demand routing protocols like AODV and DSR are more vulnerable to this attack, because whenever source nodefloods the route request packet in the network, an adversary nodereceives the route request packet and sends without any hop_count update and delay intothe network. Whenever the legitimate nodes receive the originalsource request packets, they are dropped because legitimate nodes,would have already received packet from the attacker and treat the currently received packets asduplicate packets. Thus, adversary is included in active routeand disturbs the data forwarding phase. Rushing attack can be takenplace at source side o
Read more

Intrusion Detection Technique for Wormhole and Following Jellyfish and Byzantine Attacks in Wireless Mesh Network

Abstract Wireless Mesh Networks (WMNs) have emerging application because of its ad-hoc features, high internet bandwidth capability, and interoperable with various networks. However, all features of WMNs vulnerable due to their inadequate security services, and most of the existing techniques protect WMNs from single adversary node, but failed to protect colluding attacks. We proposed new Intrusion Detection (ID) technique, to protect the WMNs from wormhole attack (colluding attack) and following jellyfish and byzantine attacks. The proposed ID technique works based on different delays such as initial end-to-end packet delay, average end-to-end packet delay, and worst case end-to-end packet delay because wormhole attackers attract the network nodes by sending lower latency. Eventually, simulation results show that, our ID technique improves throughput of the network, when source and destination nodes detect and isolate (select new path which does not contain adversaries) the adver
Read more