A Secure Intrusion-Detection

System for MANETs using EAACK scheme

1

By

Kshirsagar Sachin Laxman

WCE sangli.

Content

EAACK-Secure IDS For MANET's

2

Introduction

Problem Statement

Objectives

Methodology

References

Introduction to MANETs

EAACK-Secure IDS For MANET's

3

Mobile Ad hoc Network(MANET) –

collection of mobile nodes equipped with both a wireless transmitter and a receiver that communicate with each other via bidirectional wireless links

No need of infrastructue

Vulnerable to malicious attacks

Types

EAACK-Secure IDS For MANET's

4

single-hop network:

-Nodes communicate directly

multi-hop network :

-relay of messages by neighbors

IDS in MANET

EAACK-Secure IDS For MANET's

5

Assumption that all nodes cooperate

Significant impact if some nodes are compromised

IDS work as a second layer in MANETS

IDS in MANET

EAACK-Secure IDS For MANET's

6

Watchdog

TWOACK

AACK

Watchdog

EAACK-Secure IDS For MANET's

7

Watchdog and pathrater

capable of detecting malicious nodes misbehaviors

in network

if node fails to forward packet within time,

increases failure counter

Problems with Watchdog

EAACK-Secure IDS For MANET's

8

1. False Misbehavior :

Node A sends back a misbehavior report even

through node B forwarded the packet to C

Fig:False Misbehavior

EAACK-Secure IDS For MANET's

9

2. Limited Transmission Power:

Node B intentionally limits its transmission power

EAACK-Secure IDS For MANET's

10

3)Receiver collision

TWOACK

EAACK-Secure IDS For MANET's

11

resolve receiver collision and limited transmission power problem

AACK

EAACK-Secure IDS For MANET's

12

combination of TACK and end to end ACK

first ACK is used if it fails switch to TACK

Digital Signature

EAACK-Secure IDS For MANET's

13

Digital Signature is an authentication mechanism

which Provide valid acknowledgement in manet.

Fig: communication with Digital signature

Problem Statement

EAACK-Secure IDS For MANET's

14

Design and implementation of an intrusion detection system

for Mobile Adhoc Networks using EAACK scheme.

Objectives

EAACK-Secure IDS For MANET's

15

Study of different Intrusion Detection Systems for MANETs

Study of NS2 and other required softwares.

Implementation of IDS for MANETs using

EAACK scheme.

Use of digital signatures in the EAACK scheme.

Comparison of EAACK performance analysis with other contemporary approaches like ACK and TWOACK

EAACK

EAACK-Secure IDS For MANET's

16

Enhanced Adaptive ACKnowledgement

Solves 3 problems with watchdog

EAACK consists of three major parts:

1.ACK

2.S-ACK

3.MRA

ACK

EAACK-Secure IDS For MANET's

17

Basically end to end acknowledgement.

Works as hybrid scheme in EAACK

S-ACK

EAACK-Secure IDS For MANET's

18

improved version of TWOACK

let every three consecutive nodes work in a group

to detect misbehaving nodes.

misbehavior report switch the system to MRA

mode

MRA

EAACK-Secure IDS For MANET's

19

resolve weakness of watchdog of detecting misbehaving nodes.

a) Source node

1)checks local knowledge base

2)if no path use DSR and send MRA to destination

b)Destination node

1)checks local knowledge base

2)if packet received then falsify the report

EAACK-Secure IDS For MANET's

20

Refferences

EAACK-Secure IDS For MANET's

21

[1] EAACK – A Secure Intrusion Detection System for MANETs Elhadi M. Shakshuki, Senior Member, IEEE, Nan Kang and Tarek R. Sheltami, Member, IEEE

[2]K. Liu, J. Deng, P. K. Varshney, and K. Balakrishnan, “An acknowledgment-based approach for the detection of routing misbehaviour in MANETs,” IEEE Trans. Mobile Comput., vol. 6, no. 5 pp. 536–550

[3] S. Marti, T. J. Giuli, K. Lai, and M. Baker, “Mitigating routing misbehaviour in mobile adhhoc networks,” in Proc. 6th Annu. Int. Conf. Mobile Comput. Netw., Boston, MA, 2000, pp. 255–265

[4] T. Sheltami, A. Al-Roubaiey, E. Shakshuki, and A. Mahmoud, “Video transmission enhancement in presence of misbehaving nodes inMANETs,” Int. J. Multimedia Syst., vol. 15 no. 5, pp. 273–282, Oct. 2009.

[5] J.-S. Lee, “A Petri net design of command filters for semiautonomous mobile networks,” IEEE Trans. Ind. Electron., vol. 55, no. 4,pp. 1835–1841, Apr. 2008.

[6] N. Kang, E. Shakshuki, and T. Sheltami, “Detecting forged acknowledgements in MANETs,” in Proc. IEEE 25th Int. Conf. AINA, Biopolis Singapore, Mar. 22–25, 2011, pp. 488–494.

[7] Nat. Inst. Std. Technol., Digital Signature Standard (DSS) Federal Information Processing Standards Publication, Gaithersburg, MD, 2009, Digital Signature Standard (DSS).

EAACK-Secure IDS For MANET's

22

THANK YOU