IMPLEMENTATION OF SYBIL ATTACK IN MANET

Submitted by: Avnish Mishra Anand kumar singh Amit Bhardwaj Jyoti

PROBLEM INTRODUCTION

MOTIVATION As MANET is prone to different kind of

security attacks such as: • DoS attacks• Impersonation• Node Hijacking• Attacks on Information in Transit• Eavesdropping

Therefore performance measurement by simulating Sybil attack which is a impersonation attack is major concern and so is the motivation of our project.

PROJECT OBJECTIVE

The objective of this project is to implement Sybil attack in MANET while using AODV as a routing protocol and to analyze and compare network performance under Sybil attack in different attacking scenarios.

 

SCOPE Study of the wireless networks and their

types. Study of the AODV protocol. Study of Sybil Attack. Installation of NS 2. Study of the network simulator NS 2 to

perform simulation work. Study of the Object Oriented Tool Command

Language (OTcl), AWK and GNUPlot. Performing Sybil Attack in MANET Performance analysis and comparisons in

presence of Sybil attack using performance metric like throughput, packet lost, end-to-end delay .

LITERATURE SURVEY

WIRELESS AD HOC NETWORKS Consist of a collection of wireless nodes, all

of which may be mobile Dynamic creation of a wireless network

among nodes No administrative support Rapidly changing topology

CONCEPTUAL REPRESENTATION OF AN AD HOC NETWORK

TYPES OF AD HOC NETWORKS•Nodes are free to move without constraints•Highly dynamic membership and mobility•Topology may change rapidlyMANET•Nodes are typically static and resource constrained•Topology changes when nodes go in sleep mode

Sensor networks

•Combine mobile wireless nodes with energy-unconstrained static wireless nodes

Mesh networks

THE MANET Networking technology that allows for fast,

easy and inexpensive network deployment Collection of wireless nodes, all of which may

be mobile Multi-hop network, where each node is

able to forward data to other nodes Each node has to make routing decisions

itself, i.e. no centralized authority No fixed size and network topology

VULNERABILITIES OF AD HOC NETWORKS

Lack of Secure Boundaries

Threats from Compromised Nodes

Lack of Centralized Management Facility

Restricted Resources

ScalabilityLack of Physical

Security

ATTACKS

Based on position

External attacks

Internal attacks

THE SYBIL ATTACK An impersonation attack A malicious device illegitimately fabricates

multiple identities, behaving as if it were a larger number of nodes

Additional identities are referred to as Sybil identities

Not easy to detect because Sybil node may behave like legitimate node for sometime

A SIMPLE SYBIL ATTACK

A,e1

E,e5

G,e5

B,e2

C,e3

D,e4

F,e5

Orthogonal representation of Sybil

Attack

SYSTEM DESIGN & METHODOLOGY

NS-2 (NETWORK SIMULATOR) Discrete Event Simulator Modeling Network protocols Collection of Various protocols at multiple

layersMAC( 802.11, 802.3, TDMA)Ad-hoc Routing ( DSDV, DSR, AODV)Multicast protocols, Satellite protocols, and many

others

NS INPUT AND OUTPUTOTCL Script

OTCLNS simulator

library

Simulation results

Analysis Network Animator(NAM)

AWK

Refined analysis

Traffic source file

Scenario source

file(Cbrsimple.text)

(scen-10.text)

(simple.tcl)

(out.tr) (out.nam)

(out.awk)

(out.plot) Gnuplot

(simple.tr)

A SIMPLE NETWORK TOPOLOGY AND SIMULATION SCENARIO

AODV PROTOCOL MESSAGING

IMPLEMENTATION

ALGORITHM Create scenario (11)

On any node N,

create Sybil_nodes(s1,s2,s3,s4)

N creates 4 stolen/fake identities(s1,s2,s3,s4). add s1,s2,s3,s4 to the scenario. Create traffic to the destination using Sybil

identities. Start the traafic

For every packet p coming to node N Drop/ listen/ modify/ forward it using Sybil

identity depending on type of attack.

RESULTS AND CONCLUSION

COMPARISON OF THROUGHPUT IN STATIC SCENARIO

COMPARISON OF THROUGHPUT IN MOBILE SCENARIO

COMPARISON OF PDR IN STATIC SCENARIO

COMPARISON OF PDR IN STATIC SCENARIO

COMPARISON OF PDR IN MOBILE SCENARIO

COMPARISON IN STATIC SCENARIO

Sybil node Throughput PDR End-to-End delay

No sybil node 30,600 0.037485 0.015713

Near source 36,200 0.123810 0.001292

Near destination 39,600 0.041183 0.003849

Ouside route 82,900 0-935955 4.316442

Multiple 53,800 0.057985 0.001675

Black hole attack 4,400 0.004055 7.996747

COMPARISON IN MOBILE SCENARIO

Sybil node Throughput PDR End-to-End delay

No sybil node 23,000 0.042463 0.006144

Near source 22,800 0.043208 0.009381

Near destination 65,000 0.154374 0.001446

Ouside route 37,100 0.083408 0.026492

Multiple 46,100 0.105734 0.012403

Black hole attack 6,400 0.011645 0.006104

CONCLUSION The work done indicates the performance of

MANET in presence of Sybil node. The performance of network degrades in

presence of Sybil node. There is variation in throughput, PDR and

end-to-end delay depending on type of scenario .

There is increase in load due extra packets transferred by Sybil identities.

FUTURE WORK Sybil attack for other routing protocols like

DSDV , DSR etc can be performed. Like CBR traffic, Sybil attack can also be

performed on other traffics like FTP traffic. Sybil attack on multicast, Satellite network

can be done where one node can attack on multiple nodes.

Sybil identities can also be used for eavesdropping, masquerading, traffic analysis etc.

The work done so far can also be performed in Sensor and Mesh networks.

REFERENCE 1.Cheng, A., Friedman, E.: Sybilproof reputation mechanisms.

In: P2PECON ’05: Proceedings of the 2005 ACM SIGCOMM workshop on Economics of peer-to-peer systems, New York, NY, USA, ACM (2005) 128–132 

2. Douceur J.R., Donath, J.S. “The sybil attack” In: Proceedings for the 1st International Workshop on Peer-to-Peer Systems, Cambridge, MA, USA, 251–260, March 2002. 

3. Martucci Leonardo, Andersson Christer, Kohlweiss Markulf, Panchenko Andriy. “Self-certified Sybil-Free Pseudonyms”. 

4. Martucci, L.A., Kohlweiss, M., Andersson, C., Panchenko, A.: Self-certified sybilfree pseudonyms. In: WiSec ’08: Proceedings of the first ACM conference on Wireless network security, New York, NY, USA, ACM (2008) 154–159. 

5.Maniatis, P., Rosenthal, D.S.H., Roussopoulos, M., Baker, M., Giuli, T., Muliadi, Y.: Preserving peer replicas by rate-limited sampled voting. SIGOPS Oper. Syst. Rev. 37(5) (2003) 44–59

6. Maniatis, P., Roussopoulos, M., Giuli, T.J., Rosenthal, D.S.H., Baker, M.: The lockss peer-to-peer digital preservation system. ACM Trans. Comput. Syst. 23(1) (2005) 2–50

7. Margolin, N.B., Levine, B.N.: Quantifying resistance to the sybil attack. In: Proc. Financial Cryptography (FC). (January 2008) 

8.Newsome, J., Shi, E., Song, D., Perrig, A.: The sybil attack in sensor networks: analysis & defenses. In: Information Processing in Sensor Networks, 2004. IPSN 2004. Third International Symposium on. (2004) 259–268

9. Ribeiro Carlos, Rodrigues Lu´ıs, “Thwarting the Sybil Attack in Wireless Ad Hoc Networks”.

10.Yu, H., Kaminsky, M., Gibbons, P., Flaxman, A.: Sybilguard: Defending against sybil attacks via social networks. Networking, IEEE/ACM Transactions on 16(3) (June 2008) 576–589