study and analysis vurnerability of aodv protocol
TRANSCRIPT
1
3
Content Introduction What is MANET ? Characteristic of MANET Routing protocol on MANET What is DSR protocol ? What is DSDV protocol ? What is AODV Protocol? Why We Use AODV Protocol? Security On AODV Protocol. Route discovery process of AODV Different attacks On AODV Protocol. Wormhole attack Colluding misrelay attack Replay attack False route error message
What is DDOS Attacks? What is Black Hole Attack? Why AODV is vulnerable ? Conclusion Future Work
4
Introduction
Wireless ad-hoc networks are composed of autonomous nodes that are self- managed without any infrastructure. In this way, ad-hoc networks have a dynamic topology such that nodes can easily join or leave the network at any time.
5
What is MANET?
A collection of wireless mobile hosts forming a temporary network without the aid of any established infrastructure. Each node operates as both an end-system and a router.
6
Characteristics of MANET
MANET characteristics:
Mobility and dynamic topologyBandwidth-constrained Energy-constrainedProne to security threats
7
Routing protocol on MANET
The routing protocols for a MANET are:
Dynamic source routing protocol (DSR)Destination-sequenced distance-vector routing
protocol (DSDV)Ad hoc on-demand distance vector (AODV)
8
What is DSR Protocol?
The Dynamic Source Routing protocol (DSR) is a simple and efficient routing protocol designed specifically for use in multi-hop wireless ad hoc networks of mobile nodes.
9
What is DSDV protocol?
The DSDV described is a table-driven proactive protocol. The basic improvements made include freedom from loops in routing tables, more dynamic and less convergence time.
10
What is AODV Protocol?
Ad-hoc On-Demand Distance Vector (AODV) is an on demand routing protocol. which is used to find a route between the source and destination node as needed.
11
Why We Use AODV Protocol?
We select AODV Protocol because:
One of the leading protocols for MANET Uses sequence numbers to avoid loops Quick adaptation to dynamic networks Unicasting and multicasting is possible Avoids counting to infinity problem
12
Security Design Issues in AODV
In based on security issues of AODV protocoldivided in to three categories, they are:
Key ExchangeSecure RoutingData Protection
13
Security Design Issues in AODV(Cont…)
Key exchange:
Nodes can generate a Group Session Key between immediate neighbors using a suitable group keying protocol.
These session keys are used for securing the routing process and data flow.
Thus authentication, confidentiality and integrity are assured.
14
Security Design Issues in AODV(Cont…)
Secure Routing (RREQ):
Fig1(a): Secure routing (RREQ)
a
bh
c
e
f
n
p
i
y
x
g
Ka
Kb KhKn
Kx
Kx
Kc Ke
Kf
Kp
Kf
Kg
15
Security Design Issues in AODV(Cont…)
Data Protection:
Node ‘x’ desiring to establish end-to-end secure data channel, first establishes a session key Kxy with ‘y’.
‘x’ symmetrically encrypts the data packet using Kxy and transmits it over the secure route.
Intermediate nodes forward the packet in the intended direction.
Node ‘y’ decrypts the encrypted data packet using Kxy.
16
Security Design Issues in AODV(Cont…)
Secure Routing (RREP):
Fig1(b): Secure routing (RREP)
a
bh
c
e
f
n
p
i
y
x
g
Ka
Kb KhKn
Kx
Kx
Kc Ke
Kf
Kp
Kf
KgKxy
17
Route discovery Process on AODV protocol
Route request (RREQ):
1
2
4
3
5
6
7
1
2
4
3
5
6
7
Fig.2 (a)Fig.2 (b)
18
Route discovery Process on AODV protocol
Route request (RREQ):
1
2
4
3
5
6
7
1
2
4
3
5
6
7
Fig.2. (c) Fig.2. (d)
19
Route discovery Process on AODV protocol
Routes reply (RREP):
1
2
4
3
5
6
7
1
2
4
3
5
6
7
Fig.3 (a)Fig.3 (b)
20
Different attacks On AODV Protocol
Known attacks on AODV are:
Wormhole attack Colluding misrelay attack Replay attacks. False route error. DDOS attack.
21
Wormhole attack
Wormhole attack:
In this attack, a pair of colluding attackers record packets at one location and replay them at another location using a private high speed network. The seriousness of this attack is that it can be launched against all communications that provide authenticity and confidentiality.
22
Wormhole attack (Cont…)
RREQ
RREQ through wormhole
RREP
Wireless link
Wormhole link
Fig 4: Wormhole Attack
4 6 8
1 11
753 9
2
10
Attacker1 Attacker2
Target
23
Colluding misrelay attack
Colluding misrelay attack:
In colluding misrelay attack, multiple attackers
work in collusion to modify or drop routing packets to disrupt routing operation in a MANET.
This attack is difficult to detect by using the conventional methods such as watchdog and path rater.
24
Colluding misrelay attack (Cont..)
Correct routing packet
Modified routing packet
Fig 5 : Colluding misrelay attack
1 2 3 4
Attacker1 Attacker2
25
Replay Attack
Replay Attack:
A replay attack is a form of network attack in which a valid data transmission is maliciously repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it, possibly as part of a masquerade attack by IP packet substitution.
26
False Route Error Message
False Route Error Message: The destination node or an intermediate node
along an active path moves or fails, the node which precedes the broken link broadcast a route error message to all active neighbors which precede the broken link. The nodes then invalidate the route for this destination in their routing tables.
27
What Is DDOS Attacks?
Distributed Denial of Service (DDoS) attacks involve breaking in to hundreds or thousands of machines, so for this reason, this attack called Distributed. This kind of attack, consume more bandwidth and uses more sources in network. One of the most important attacks of DDoS attacks category is Black hole attack.
28
What Is Black Hole Attack?
A black hole attack is a severe attack that can be easily employed against routing in mobile ad hoc networks. A black hole is a malicious node that falsely replies for any route requests without having active route to specified destination and drops all the receiving packets.
29
Caused of Black hole attack
Scenario before the black hole attack:
A B C D
Active Link Non active Link
Fig 6. (a)
30
Caused of Black hole attack (Cont..)
Scenario after the black hole attack:
A
B C D
M
M gets control over A-D communications
Step 1
Fig.6. (b)
31
Caused of Black hole attack (Cont..)
Scenario after the black hole attack:
A
B C D
M
Step 2
Black HolePacket Drop
Fig.6. (c)
32
Why AODV is vulnerable
AODV is particularly vulnerable due to its fundamental characteristics, such as open medium, dynamic topology, distributed cooperation, and constrained capability.
Each mobile node operates not only as a host but also as a router.
33
Conclusion
The performance of routing protocols AODV depends heavily on much kind of attacks. One of these attacks is Black hole attack. This attack has high effect on AODV protocol.
34
Future Work
For future work, I want to show the performance of AODV protocol when it is affected by the black hole attack. I will use network simulator-2(NS-2) to show the performance of AODV protocol during black hole attack.