MY PAPER

International Journal of Recent Advances in Engineering & Technology (IJRAET)

________________________________________________________________________________________________

________________________________________________________________________________________________

ISSN (Online): 2347 - 2812, Volume-2, Issue -11,12 2014

14

A Novel Approach to Defend and Detect Flood Attacks in Disruption

Tolerant Networks

1S. Joshua Johnson,

2S. Vineela Krishna

1Department of CSE, Gudlavalleru Engineering College

2Department of CSE, Gudlavalleru Engineering College

Email: 1 [email protected],

[email protected]

AbstractNetworking plays a key role in the field of

communication among different nodes all over the world.

Many techniques are available on how to communicate

among different nodes for efficient data transfer. There

exists a specialized class of networks called Disruption

Tolerant Networks (DTN), where the nodes in the network

are not continuously connected without any specialized

communication infrastructure available to control the

network. Apart from the existing challenges like

communication, data dissemination, and routing, there

exists another major challenge in DTNs to protect nodes

from the attacks caused by the attackers. Existing

mechanisms tried to provide security by using a complex

hashing algorithm, which takes significant amount of time,

ultimately affecting the limited bandwidth and battery life

of the mobile nodes. In this paper, we employed an

optimized algorithm which helps reducing the complex

hash generation, in addition not compromising on the

security. The proposed algorithm optimizes both the

concepts of security and complexity of computation for the

nodes in Disruption Tolerant Networks.

Keywords -security, limited resources, attacks, detection,

resource optimization

I. INTRODUCTION

Abbreviated as DTN, Disruption Tolerant Network is

the network which is designed to establish

communication in the most unstable and remote

environments, where the nodes in the network are

subjected to frequent disconnections and even high bit

error rates which could severely degrade the normal

communication. DTNs are frequently used in disaster

relief missions, in vehicular networks and in areas where

there is no communication infrastructure. Most recently,

NASA has tested DTN technology for space craft

communication. Generally the packet forwarding

strategy of TCP/IP is not suitable to DTNs because, we

do not have a continuous connectivity among the nodes

in the network, and also the structure of nodes

connected, cannot be predicted using the graph

structures as the connection is not persistent. Thus DTNs

use an approach called store and forward strategy which

works as follows. Consider a scenario that, when a

particular node in the network receives some packets,

then the node stores the packets in its buffer, now carries

the packets in the network until it contacts another node.

Soon after contacting the other node, it forwards the

packet to that node. We must remember that the usable

bandwidth and buffer spaces are the limited resources in

DTNs. Let us have an illustration of why the bandwidth

and buffer spaces are limited. Let two nodes in DTN

contacted at a particular instance of time. The time for

which they are in contact is very minute, due to the

principle of mobility; the nodes need to exchange the

packets within that short span of contacted time. Also,

every node is having a limit on the total number of

packets it can store in its buffer due to the battery power

constraints. The more the buffer capacity, the more

processing of packets is needed and hence more battery

power is consumed for the operations to be carried out.

As the nodes are mobile, saving of battery power is very

much essential. This is the reason why nodes in the

DTNs have limited buffer space. The point of interest to

be notified here is that the routing protocols, packet

forwarding strategies, security issues, and data

dissemination theories of a general internet

infrastructure cannot be applied to the architecture of

DTNs. Therefore a new strategy must be identified to

answer all the challenges associated with the nodes in

Disruption Tolerant Networks. Many of the researches

have been carried out in the fields of communication,

routing strategies, data dissemination, but only a little

amount of work has been dedicated to the field of

security in DTNs. The two most important attacks posed

on the nodes of DTNs are packet flood attacks and

replica flood attacks. The previous work on the category

of attacks employed a concept called Rate Limiting

Factor, which proposed a limit over the number of

replicas that a node can generate for each packet. A

concept called claim-carry-and-check is used to detect

whether a particular node in the network is an attacker

node or not. Initially, the nodes construct p-claims and t-

claims which are further used by the contacting nodes to

verify the genuineness of the node in the network. The

important issue here is to generate a hash of the packet,

and a further signature generation of all the parameters

involved either in p-claim or t-claim. The existing

algorithm employs a complex hash generation, which,

leads to fast consumption of battery. It is already known

that the DTNs have opportunistic contacts, and also, the

battery power available is a limited resource. Hence

there is a need to reduce the time taken by the node to

generate the hash for a packet and then the signature


________________________________________________________________________________________________

________________________________________________________________________________________________


15

generation too. In this paper, we employ an algorithm

which optimizes the hashing process, in addition

reducing the packet size by compression thereby

optimizing bandwidth and battery which saves the

limited available resources of DTNs.

II. RELATED WORK

As discussed, in the past, more significant work has

been dedicated to routing, data dissemination, black hole

attacks, wormhole attacks, but a major work has not

been done on flooding attacks. Researchers in [1]

present an algorithm called claim-carry-and-check,

which uses the claims carried by the nodes, when

contacted with each other, exchanges the claims and

then check the claims to identify an attacker. The

analysis of black hole attack tells that legitimate nodes

are compromised and adversary nodes launch black hole

attacks. Another kind of attack called worm hole attack,

illustrates that, malicious nodes records the packets at

one location and tunnels them to another colluding node,

which relays them locally into the network. So this

paper focuses on the flooding attacks on DTNs which is

the most important problem that is to be resolved.

III. OVERVIEW

A. Defining the problem

Nodes in DTNs frequently come across the following

two attacks. The first one is the packet flood attacks and

the second one is replica flood attacks. Let us consider

about how we are dealing with these two kinds of

attacks.

B. Defending against flood attacks

Consider that a node sends packets with some limit L at

each time interval T. If the node generates the packets

by adhering to its limits, then the node is considered as a

legitimate node. If the node exceeds its fixed limit, then

the packets are considered as the flooded packets in the

network.

C. Defending against replica attacks

Consider that a node is sending the packets to another

node in the network. Now, if the packets are sent within

the limit, and with unique packets, then there would not

be any problem. But if the source node intentionally

replicates the same packet several times and send them

into the network, then it can be identified as an attacker.

D. Approving the limit L

There are several methods available to approve the limit

L of the nodes to send the packets in the network. The

following method can be used. Whenever a user wants

to use the network, he/she joins the network and

requests the network operator that he/she wants a

particular limit L to send the packets. Then the authority

approves the limit L, if the request is legitimate. If in the

network, at some or the other time, if the user wants to

have a more or lesser limit than the limit in which he/she

is currently operating, he/she can request them and can

get the request satisfied by the trusted authority.

E. The core idea

To identify the attackers in the network, the nodes, as a

source must violate the allocated limit L. We are aware

that we do not have specialized nodes to view the

activities of the other nodes. So, here we add a

capability to the nodes that every node, while sending

packets, it counts the number of packets it has sent into

the network. So, it claims a particular count into the

network. After claiming, the nodes which contact the

source node, carries this claims while travelling in the

network, and at some point of time, when two of the

nodes contact, then they check the claims with each

other. If the claims are consistent, then the source node

is not an attacker node. If the claims are inconsistent,

then the source node is an attacker.

IV. SCHEME OF OUR PAPER

A considerable amount of work has been done on the

flooding attacks in [1]. Our paper assumes the contact

times of the nodes to be very minute, and thus, helps in

reducing the number of attacks. Consider a scenario,

which illustrates this situation. A node wants to send

packets into the network, and communicates with other

nodes. The cryptographic construction used in [1] uses a

complex algorithm which takes a significant amount of

time to calculate the signatures. As we are aware that the

contact opportunities of the nodes are very less, and

now, if the signature calculation takes a lot of time, then

the limited resources of the mobile nodes such as battery

power and bandwidth cannot be efficiently used. Hence,

we propose a simple algorithm which takes less amount

of time for signature calculation, thereby, optimizing the

security as well as limited available resources of the

nodes.

A. Protocols used

Assume that two nodes contact with each other and they

exchange packets to establish the communication. Then,

the protocol they use to forward the packet is as follows.

Algorithm: The following protocol is run by each node

when in contact.

1: Data exchange and identification of attacks.

2: if nodes have packets to transfer then

3: compress packets

4: generate the claims

5: generate the signature using the less complex

algorithm

6: end if

7: if node receives packet then

8: verify the claims

9: verify signatures using less complex algorithm


________________________________________________________________________________________________

________________________________________________________________________________________________


16

10: if signature verification fails then

11: discard the packet, identify the attacker

12: propagate information to network

13: end if

14: if detects consistency then

15: accept packet

16: proceed for further processing

17: end if

18: end if

V. PERFORMANCE EVALUATION

A. Setting up the environment

To evaluate our scheme, we simulate the network with

an initial number of nodes, and we intentionally deploy

the attacker nodes into the network. We also decide the

parameter k which is a system parameter. After some

time, the system is capable of finding the intentionally

deployed attacker and thus, we are successful in

identifying the attacker.

Here, we analyze the graphical representation for the

existing and proposed system in different perspectives.

Figure 1. Existing system for detection rate

Figure 2. Proposed system for detection rate

Figure 3. Existing system for storage

Figure 4. Proposed system for storage

Figure 5. Existing system for energy consumption

Figure 6. Proposed system for energy consumption

B. Different algorithms for routing

Disruption Tolerant Networks, while communicating

and transferring the data may follow any of the routing

strategy, depending on the context in which they are

operated. Some of the routing strategies are

Forward: here, a packet is forwarded from one node to

another intermediate node, if that intermediate node has

more regular contacts with destination.

Simbet: a packet is forwarded to an intermediate node,

provided it has higher value for similarity and

betweenness.

Spray-and-wait: the source node duplicates the packet to

intermediate node, and then the intermediate node

transfers the packet to the destination node when they

contact with each other.

C. Different metrics for routing

We have the following metrics to evaluate the

performance of our work.

Detection rate: can be calculated as the total number of

attackers that are identified out of all the available

attackers.

Detection Delay: it is the time between the first invalid

packet sent and the identification of the attacker.

Computation cost: the total number of signature

generations and verifications per one contact.

Storage cost: total amount of storage required to store

the claims per a single node.

VI. FUTURE WORK AND CONCLUSION

In this paper, we adopted the limits to nodes to alleviate

the attacks on DTNs, and proposed a scheme, which

reduces the complexity of signature generation and

verification. Our idea uses efficient methods to reduce

the consumption of limited resources like battery power

and bandwidth. Our simulation shows that we are

successful in detecting the flood attacks on DTNs, and

that too optimizing the security issues of the nodes in the

network. As the technology is enhancing day by day,

with lots of advantages, it also presents a lot of

challenges in the field of networking. DTNs have lots of

applications, as they can be used in places where there is

no infrastructure. These applications pose lots of

challenges to be resolved in future which gives a scope

for good research in the field of networking.

REFERENCES

[1] Quinghua Li, Weigao, Sencun Zhu and Guohong

Cao, To Lie or to Comply: Defending against

Flood Attacks in Disruption Tolerant

Networks, vol.10,no.3, pp.168-182,2013.

[2] P. Hui, A. Chaintreau, J. Scott, R. Gass, J.

Crowcroft, and C. Diot,Pocket Switched

Networks and Human Mobility in Conference

Environments, Proc. ACM SIGCOMM, 2005.

[3] M. Motani, V. Srinivasan, and P. Nuggehalli,

PeopleNet: Engineering a Wireless Virtual

Social Network, Proc. MobiCom,pp. 243-

257, 2005.

[4] J. Burgess, B. Gallagher, D. Jensen, and B.

Levine, Maxprop: Routing for Vehicle-Based

Disruption- Tolerant Networks, Proc. IEEE

INFOCOM, 2006.

[5] J. Mirkovic, S. Dietrich, D. Dittrich, and P.

Reiher, Internet Denial ofService: Attack and

Defense Mechanisms. Prentice Hall, 2005".

[6] C. Karlof and D. Wagner, Secure Routing in

Wireless SensorNetworks: Attacks and

Countermeasures, Proc. IEEE First Intl

Workshop Sensor Network Protocols and

Applications, 2003.

[7] E. Daly and M. Haahr, Social Network Analysis

for Routing in Disconnected Delay-Tolerant

MANETs, Proc. MobiHoc, pp. 32-40,2007.

[8] W. Gao, Q. Li, B. Zhao, and G. Cao,

Multicasting in Delay Tolerant Networks: A


________________________________________________________________________________________________

________________________________________________________________________________________________


17

Social Network Perspective, Proc. ACM

MobiHoc, 2009.

[9] F. Li, A. Srinivasan, and J. Wu, Thwarting

Blackhole Attacks in Distruption-Tolerant

Networks Using Encounter Tickets," Proc. IEEE

INFOCOM, 2009.

[10] Y. Ren, M.C. Chuah, J. Yang, and Y. Chen,

Detecting Wormhole Attacks in Delay Tolerant

Networks, IEEE Wireless Comm.

Magazine, vol. 17, no. 5, pp. 36-42, Oct. 2010.

[11] U. Shevade, H. Song, L. Qiu, and Y. Zhang,

Incentive-Aware Routing in DTNS, Proc. IEEE

Intl Conf. Network Protocols (ICNP 08),

2008.

[12] Q. Li and G. Cao, Mitigating Routing

Misbehavior in Disruption Tolerant Networks,

IEEE Trans. Information Forensics and

Security, vol. 7, no. 2, pp. 664-675, Apr. 2012.

[13] H. Zhu, X. Lin, R. Lu, X.S. Shen, D. Xing, and

Z. Cao, An Opportunistic Batch Bundle

Authentication Scheme for Energy

Constrained DTNS, Proc. IEEE INFOCOM,

2010.

[14] B. Raghavan, K. Vishwanath, S. Ramabhadran,

K. Yocum, and A. Snoeren, Cloud Control with

Distributed Rate Limiting, Proc. ACM

SIGCOMM, 2007.

MY PAPER

Documents

Transcript of MY PAPER