Download 投影片 1

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
Document related concepts

Computer security wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Airborne Networking wikipedia , lookup

Wireless security wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Routing in delay-tolerant networking wikipedia , lookup

Transcript 
Denial of Service (DoS) Attacks in
Green Mobile Ad–hoc Networks
MIPRO 2012, May 21-25,2012, Opatija, Croatia
Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek***
102062517 資工所碩一 陸家鈞
1/31
outline
– Abstract
– Introduction
– Routing Protocols
– Security Attacks On Routing Protocols
– Classification Of DOS Attack Detection Scheme
– Conclusion
2/31
Abstract
The mobile ad-hoc networks (MANET) are multi-hop
wireless network. It is dynamically formed amongst groups of
mobile users having wireless network.
3/31
Abstract
In MANET, nodes are limited resources like bandwidth,
battery power and storage space. MANET is vulnerable of
different types of DoS attack in which packets are not transfer
to the next node.
4/31
Introduction
The mobile ad-hoc networks (MANET) It has different
characteristics such as lack of centralized administration,
distributed cooperation, changing topology and requires no
existing infrastructure. Without router or access point
wireless clients connect directly together.
5/31
Routing Protocols
General categories of routing protocols:
• Proactive Routing Protocol:
• Reactive Routing Protocol:
• Hybrid Routing Protocol:
6/31
1. Proactive (table-driven)
Routing Protocol
a)Mobile nodes periodically broadcast their
routing information to the next node.
b)Each node needs to maintain the records of
the adjacent and reachable nodes
c) Nodes have to evaluate their neighborhood as
per the network topology change.
7/31
2. Reactive (On-demand)
Routing Protocol
If a node wants to send packet to another
node then the protocol searches for the route
in on demand and establish the connection in
order to transmit and receive the packet.
8/31
3. Hybrid Routing Protocol:
combines the advantages of proactive routing
and reactive routing
 gathering unfamiliar routing information
 maintain the routing information when
network topology changes.
9/31
Security Attacks On
Routing Protocols
General attack types are threats against
network layers that function for the routing
mechanism of the mobile ad hoc networks.
There are two basic types of attacks in
mobile ad hoc networks:
•
Passive attacks
•
Active attacks
10/31
Passive attacks:
This type of attack does not disrupt the normal operation
of the network. Detection of passive attacks is difficult to
identify because the network operation is normal.
Passive attacks are eavesdropping, traffic analysis and
monitoring.
Active attacks:
an attacker actively participates and disrupts the normal
operation of the network services. It degrades the network
performance.
Forms of active attacks are jamming, spoofing,
modification, replaying and Denial of Service (DoS).
11/31
Attacks on MANET:
1. Denial of Service Attacks
2. Black hole attack
3. Cooperative Black hole attack
4. Gray hole attack
5. Flooding Attack
6. Worm hole Attack
7. Jamming attack
8. DDoS attack
9. Rushing attack
10. JellyFish attack
12/31
1. Denial of Service Attacks:
• The goal of Denial of Service (DoS) attacks is to prevent
availability of networks services from their legitimate users
• DoS attack has different scenarios.
1.
Attack memory, storage, CPU of the service provider
 Sends an executable flooding packet
2.
Attack energy resources
 Sends a bogus packet to a node with the intension
3.
Attack bandwidth
 Located between multiple communicating nodes and waste the
bandwidths and disrupt the connectivity
13/31
2.Black hole attack:
The malicious node can attract all packets by pretending
shortest route to the destination. It drops all traffic destined
for that node when traffic is received by it. The effect of this
attack completely degrades the performance of the network
14/31
3. Cooperative Black hole attack:
It is a type of black hole attack when multiple black hole
nodes are acting in a coordinated manner with each other:
e.g.black hole node B1 cooperates with another black hole
node B2 in the next hop.
15/31
4. Gray hole attack:
•
Gray hole attack is a variation of black hole attack, where
some nodes switch their states from black hole to honest
intermittently and vice versa.
•
Detection of gray hole attack is harder because nodes can
drop packets partially not only due to its malicious nature but
also due to congestion.
S
D
Attacker
16/31
5. Flooding Attack:
Attacker selects
many IP addresses
which are from
outside of the
networks . Attacker
sends Route Request
(RREQ) message with
such IP address.
17/31
6. Worm hole Attack:
Worm hole link attack records the wireless data, forward
this data and replays the packet through worm hole link.
It will not show the true picture of the network and there
is effect on the decisions.
18/31
7. Jamming attack:
The objective of jammer is to interfere with legitimate
wireless communication and to degrade the overall network
performance.
 Constant jammer
 Deceptive jammer
 Radom jammer
 Reactive jammer
19/31
8. DDoS attack:
DDoS attack consists of two phases
 Deployment phase:
an attacker installs a tool in the vulnerable nodes.
 Attack phase:
an attacker coordinates a attack against a victim by
flooding the unwanted data
20/31
9. Rushing attack:
• The attack consists, for the adversary, in quickly forwarding its
Route Request messages when a route discovery is initiated. If
the Route Requests that first reach the target’s neighbors are
those of the attacker, then any discovered route includes the
attacker.
S
Attacker
D
21/31
10. JellyFish attack:
JellyFish attack is following the routing and forwarding
protocol specification. This is passive type of attack which is
difficult to detect. It is responsive to the network conditions
like delay and packet drop rate.
S
D
Attacker
22/31
10. JellyFish attack:
• Behavior of JellyFish attacks are
JellyFish Recorder Attack:
 reorder packets
JellyFish Periodic Dropping Attack:
 drop all packets
JellyFish Delay Variance Attack:
 randomly delays packets
23/31
Classification Of DOS Attack
Detection Scheme
24/31
Black hole attack
• Solution / Security Mechanism
25/31
Cooperative Black hole attack
• Solution / Security Mechanism
26/31
Gray hole attack
• Solution / Security Mechanism
Flooding attack
• Solution / Security Mechanism
27/31
Worm hole attack
• Solution / Security Mechanism
Jamming attack
• Solution / Security Mechanism
28/31
Distributed Dos attack
• Solution / Security Mechanism
JellyFish attack
• Solution / Security Mechanism
Rushing attack
• Solution / Security Mechanism
29/31
Contribution&Improvement
• Contribution
– Explain the routing protocols on MANET
– Explain attacks on MANET
– List the solutions and reference resources of
attacks.
• Improvement
– More graphical example
– Detail about solution
30/31
Conclusion
This type of attack may lead to degrade the performance
of the network. There is need to develop efficient security
mechanism and secure routing protocols for avoiding different
types of attacks. And we must encrypt the data what we sent
over the network to reduce the chance of packet
eavesdropping
31/31
Related documents
Chapter 1 Exploring the Network
Chapter 1 Exploring the Network
Rational Functions and Black Holes
Rational Functions and Black Holes
dos_nanog
dos_nanog
Skating on Stilts
Skating on Stilts
Alocasia Amazonica Polly
Alocasia Amazonica Polly
Abstract
Abstract
No Slide Title
No Slide Title
Heuchera Peach Flambe
Heuchera Peach Flambe
Chandra Science Highlights - Chandra X
Chandra Science Highlights - Chandra X
Honeynet Project
Honeynet Project
UNIVERSE - Qatar University
UNIVERSE - Qatar University