Final

34
IMPLEMENTATION OF SYBIL ATTACK IN MANET Submitted by: Avnish Mishra Anand kumar singh Amit Bhardwaj Jyoti

Transcript of Final

Page 1: Final

IMPLEMENTATION OF SYBIL ATTACK IN MANET

Submitted by: Avnish Mishra Anand kumar singh Amit Bhardwaj Jyoti

Page 2: Final

PROBLEM INTRODUCTION

Page 3: Final

MOTIVATION As MANET is prone to different kind of

security attacks such as: • DoS attacks• Impersonation• Node Hijacking• Attacks on Information in Transit• Eavesdropping

Therefore performance measurement by simulating Sybil attack which is a impersonation attack is major concern and so is the motivation of our project.

Page 4: Final

PROJECT OBJECTIVE

The objective of this project is to implement Sybil attack in MANET while using AODV as a routing protocol and to analyze and compare network performance under Sybil attack in different attacking scenarios.

 

Page 5: Final

SCOPE Study of the wireless networks and their

types. Study of the AODV protocol. Study of Sybil Attack. Installation of NS 2. Study of the network simulator NS 2 to

perform simulation work. Study of the Object Oriented Tool Command

Language (OTcl), AWK and GNUPlot. Performing Sybil Attack in MANET Performance analysis and comparisons in

presence of Sybil attack using performance metric like throughput, packet lost, end-to-end delay .

Page 6: Final

LITERATURE SURVEY

Page 7: Final

WIRELESS AD HOC NETWORKS Consist of a collection of wireless nodes, all

of which may be mobile Dynamic creation of a wireless network

among nodes No administrative support Rapidly changing topology

Page 8: Final

CONCEPTUAL REPRESENTATION OF AN AD HOC NETWORK

Page 9: Final

TYPES OF AD HOC NETWORKS•Nodes are free to move without constraints•Highly dynamic membership and mobility•Topology may change rapidlyMANET•Nodes are typically static and resource constrained•Topology changes when nodes go in sleep mode

Sensor networks

•Combine mobile wireless nodes with energy-unconstrained static wireless nodes

Mesh networks

Page 10: Final

THE MANET Networking technology that allows for fast,

easy and inexpensive network deployment Collection of wireless nodes, all of which may

be mobile Multi-hop network, where each node is

able to forward data to other nodes Each node has to make routing decisions

itself, i.e. no centralized authority No fixed size and network topology

Page 11: Final

VULNERABILITIES OF AD HOC NETWORKS

Lack of Secure Boundaries

Threats from Compromised Nodes

Lack of Centralized Management Facility

Restricted Resources

ScalabilityLack of Physical

Security

Page 12: Final

ATTACKS

Based on position

External attacks

Internal attacks

Page 13: Final

THE SYBIL ATTACK An impersonation attack A malicious device illegitimately fabricates

multiple identities, behaving as if it were a larger number of nodes

Additional identities are referred to as Sybil identities

Not easy to detect because Sybil node may behave like legitimate node for sometime

Page 14: Final

A SIMPLE SYBIL ATTACK

A,e1

E,e5

G,e5

B,e2

C,e3

D,e4

F,e5

avnish
nodes are arranged in identity, entity pair.first e5 behaves like legitimate node and after some time it creates 2 more identities F ans G
Page 15: Final

Orthogonal representation of Sybil

Attack

Page 16: Final

SYSTEM DESIGN & METHODOLOGY

Page 17: Final

NS-2 (NETWORK SIMULATOR) Discrete Event Simulator Modeling Network protocols Collection of Various protocols at multiple

layersMAC( 802.11, 802.3, TDMA)Ad-hoc Routing ( DSDV, DSR, AODV)Multicast protocols, Satellite protocols, and many

others

Page 18: Final

NS INPUT AND OUTPUTOTCL Script

OTCLNS simulator

library

Simulation results

Analysis Network Animator(NAM)

AWK

Refined analysis

Traffic source file

Scenario source

file(Cbrsimple.text)

(scen-10.text)

(simple.tcl)

(out.tr) (out.nam)

(out.awk)

(out.plot) Gnuplot

(simple.tr)

Page 19: Final

A SIMPLE NETWORK TOPOLOGY AND SIMULATION SCENARIO

Page 20: Final

AODV PROTOCOL MESSAGING

Page 21: Final

IMPLEMENTATION

Page 22: Final

ALGORITHM Create scenario (11)

On any node N,

create Sybil_nodes(s1,s2,s3,s4)

N creates 4 stolen/fake identities(s1,s2,s3,s4). add s1,s2,s3,s4 to the scenario. Create traffic to the destination using Sybil

identities. Start the traafic

For every packet p coming to node N Drop/ listen/ modify/ forward it using Sybil

identity depending on type of attack.

Page 23: Final

RESULTS AND CONCLUSION

Page 24: Final

COMPARISON OF THROUGHPUT IN STATIC SCENARIO

Page 25: Final

COMPARISON OF THROUGHPUT IN MOBILE SCENARIO

Page 26: Final

COMPARISON OF PDR IN STATIC SCENARIO

Page 27: Final

COMPARISON OF PDR IN STATIC SCENARIO

Page 28: Final

COMPARISON OF PDR IN MOBILE SCENARIO

Page 29: Final

COMPARISON IN STATIC SCENARIO

Sybil node Throughput PDR End-to-End delay

No sybil node 30,600 0.037485 0.015713

Near source 36,200 0.123810 0.001292

Near destination 39,600 0.041183 0.003849

Ouside route 82,900 0-935955 4.316442

Multiple 53,800 0.057985 0.001675

Black hole attack 4,400 0.004055 7.996747

Page 30: Final

COMPARISON IN MOBILE SCENARIO

Sybil node Throughput PDR End-to-End delay

No sybil node 23,000 0.042463 0.006144

Near source 22,800 0.043208 0.009381

Near destination 65,000 0.154374 0.001446

Ouside route 37,100 0.083408 0.026492

Multiple 46,100 0.105734 0.012403

Black hole attack 6,400 0.011645 0.006104

Page 31: Final

CONCLUSION The work done indicates the performance of

MANET in presence of Sybil node. The performance of network degrades in

presence of Sybil node. There is variation in throughput, PDR and

end-to-end delay depending on type of scenario .

There is increase in load due extra packets transferred by Sybil identities.

Page 32: Final

FUTURE WORK Sybil attack for other routing protocols like

DSDV , DSR etc can be performed. Like CBR traffic, Sybil attack can also be

performed on other traffics like FTP traffic. Sybil attack on multicast, Satellite network

can be done where one node can attack on multiple nodes.

Sybil identities can also be used for eavesdropping, masquerading, traffic analysis etc.

The work done so far can also be performed in Sensor and Mesh networks.

Page 33: Final

REFERENCE 1.Cheng, A., Friedman, E.: Sybilproof reputation mechanisms.

In: P2PECON ’05: Proceedings of the 2005 ACM SIGCOMM workshop on Economics of peer-to-peer systems, New York, NY, USA, ACM (2005) 128–132 

2. Douceur J.R., Donath, J.S. “The sybil attack” In: Proceedings for the 1st International Workshop on Peer-to-Peer Systems, Cambridge, MA, USA, 251–260, March 2002. 

3. Martucci Leonardo, Andersson Christer, Kohlweiss Markulf, Panchenko Andriy. “Self-certified Sybil-Free Pseudonyms”. 

4. Martucci, L.A., Kohlweiss, M., Andersson, C., Panchenko, A.: Self-certified sybilfree pseudonyms. In: WiSec ’08: Proceedings of the first ACM conference on Wireless network security, New York, NY, USA, ACM (2008) 154–159. 

5.Maniatis, P., Rosenthal, D.S.H., Roussopoulos, M., Baker, M., Giuli, T., Muliadi, Y.: Preserving peer replicas by rate-limited sampled voting. SIGOPS Oper. Syst. Rev. 37(5) (2003) 44–59

Page 34: Final

6. Maniatis, P., Roussopoulos, M., Giuli, T.J., Rosenthal, D.S.H., Baker, M.: The lockss peer-to-peer digital preservation system. ACM Trans. Comput. Syst. 23(1) (2005) 2–50

7. Margolin, N.B., Levine, B.N.: Quantifying resistance to the sybil attack. In: Proc. Financial Cryptography (FC). (January 2008) 

8.Newsome, J., Shi, E., Song, D., Perrig, A.: The sybil attack in sensor networks: analysis & defenses. In: Information Processing in Sensor Networks, 2004. IPSN 2004. Third International Symposium on. (2004) 259–268

9. Ribeiro Carlos, Rodrigues Lu´ıs, “Thwarting the Sybil Attack in Wireless Ad Hoc Networks”.

10.Yu, H., Kaminsky, M., Gibbons, P., Flaxman, A.: Sybilguard: Defending against sybil attacks via social networks. Networking, IEEE/ACM Transactions on 16(3) (June 2008) 576–589