7/28/2019 Dhana Print Final Report
1/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
1
`1. Abstract:
Over the past decade, wireless technology has improved at a dramatic rate. The
ubiquity, low cost, and high functionality of the newest wireless devices have opened the
door for researchers to conduct new ways of using this technology. The main difficulty
in designing routing algorithms for such a network is the large number of topology
changes that the network undergoes due to device movement. Ad hoc networking allows
wireless mobile devices to form networks without the need for any fixed centralized
management .An ad hoc network is a collection of mobile wireless devices that
cooperate with each other to route packets amongst themselves. The main difficulty in
designing routing algorithms for such a network is the large number of topology changes
that the network undergoes due to device movement. To access multimedia data mobile
users like to use their own consumer electronic devices anywhere and at anytime.
Communication in Manet functions properly only if the participating nodes cooperate in
routing without any malicious intention. However, some of the nodes may be malicious
in their behavior, by indulging in flooding attacks on their neighbors. Some others may
act malicious by launching active security attacks like denial of service.
The lack of any centralized infrastructure in mobile ad hoc networks (MANET) is
one of the greatest security concerns in the deployment of wireless networks. Thus
Consumer electronic devices generally operate on limited battery power means every
wireless device may have little computing power. At some instant of time these mobile
devices may not communicate with each other directly. Therefore are vulnerable to
security threats like data flooding attacks. The existing schemes may not guarantee the
Quality of Service (QoS) of burst traffic since multimedia data are usually burst.
Therefore, we propose a novel defense mechanism against data flooding attacks with the
aim of enhancing the throughput. The simulation results show that the proposed scheme
enhances the throughput of burst.
7/28/2019 Dhana Print Final Report
2/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
2
2. INTRODUCTION
2.1 Objective
Ad Hoc Networks represent complex distributed systems that comprise wireless
mobile nodes that can freely and dynamically self-organize into arbitrary and temporary,
ad-hoc network topologies, allowing people and devices to seamlessly inter-network
in areas with no pre-existing communication infrastructure, e.g., disaster recovery
environments. Here a brief overview of what is Ad Hoc Networks and how they work is
provided. Then a look at the advantages of Ad Hoc Networks and also the issues faced
by Ad Hoc Networks is provided. The last part of this paper is dedicated to identifying
the areas of improvement in the field of Ad Hoc Networks.
2.2 Overview
Ad Hoc Networks is defined as a collection of mobile hosts forming a temporary
network without the aid of any centralized administration or standard support services. In
Latin, ad hoc literally means "for this," further meaning "for this purpose only," and thus
usually temporary. Ad hoc networks represent complex distributed systems that comprise
wireless mobile nodes that can freely and dynamically self-organize into arbitrary and
temporary, ad-hoc network topologies, allowing people and devices to seamlessly
inter-network in areas with no pre-existing communication infrastructure. The concept of
Ad Hoc Networking has been around for nearly 20 years but has received renewed
interest in the last 18 to 24 months. In Ad Hoc Networks the individual mobile hosts
(nodes) act at the same time as both the router and the host.
An ad-hoc (or "spontaneous") network is a local area network or any other small
network, especially one with wireless or temporary plug-in connections, in which some
of the network devices are part of the network only for the duration of a communication
session, whereas in the case of mobile or portable devices it is part of the network when
in some close proximity to the rest of the network. In Latin, ad hoc literally means "for
this," further meaning "for this purpose only," and thus usually temporary. Ad Hoc
Networks are future alternative to the current trend of connections among wireless
devices via fixed infrastructure-based service.
7/28/2019 Dhana Print Final Report
3/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
3
2.3 Problem statement:
In wireless ad hoc network all nodes follows mobility model behavior. Mobile
nodes can wish to download or upload multimedia data anywhere and at any time using
their mobile or electronic devices such as laptopsetc. when any malicious node try to
intrude in the normal traffic flow intentionally by introducing more number of useless
data packets then the flooding will be occurred which effects the normal traffic flow and
also consumes more time for processing. Basically most of the consumer electronic
devices are vulnerable limited battery power due to that sometimes may get out of from
service completely (Denial of service).
So Data Flooding Attack can become issue for those who like to download burst
amount of data. Through put obviously decreases due to Flooding Attack. So by
implementing periodic based Defense Mechanism user can observe enhanced a through
put by which quality of service will be increased.
Existing system:
The flooding attack prevention (FAP) suggested a defense system against either
RREQ or data flooding attacks. The path cut off mechanism is used as defense against
data flooding attacks. However, FAP cannot distinguish burst traffic from Attack traffic
since FAP distinguishes an attack by comparing the incoming packets with a threshold.
Hence, the throughput of burst traffic may degrade if a simple threshold-based defense
system in used in FAP
2.4 Limitations of Existing System:
Ranging and positioning techniques are highly vulnerable to attacks from
dishonest nodes and external attackers; dishonest nodes can report false position and
distance information in order to cheat on their locations; external attackers can spoof
measured positions of honest nodes. An attacker can generally Influence all these
measurements by jamming and delaying signals, and by modifying their signal strengths.
7/28/2019 Dhana Print Final Report
4/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
4
2.5 SOFTWARE HARDWARE REQUIREMENTS
HARDWARE REQUIREMENT
Processor type : Intel Pentium 4Clock speed : 2.4GHz
Ram size : 128 MB
Hard disk capacity : 20 GB
Keyboard type : internet keyboard
SOFTWARE REQUIREMENT
Operating System : Windows Xp
Programming package : java
Tools : Eclipse, My Sql
SDK : JDK1.5
7/28/2019 Dhana Print Final Report
5/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
5
3.1 Literature Survey
Ad Hoc Networks are useful in areas that have no fixed infrastructure and hence
need alternative ways to deliver services. Ad Hoc Networks work by having mobile
devices connect to each other in the transmission range through automatic configuration,i.e., setting up an ad hoc network that is very flexible. In other words there is no
intervention of any controller that goes ahead and gathers data from all nodes and
2organizes it. All data gathering and cross-node data transfer is taken care of by the
nodes themselves.
Ad Hoc Networks are a major goal towards the evolution of 4G (Fourth generation)
devices. In the nodes of the Ad Hoc Networks, computing power and network
connectivity are embedded in virtually every device to bring computation to users, no
matter where they are, or under what circumstances they work. These devices
personalize themselves to find the information or software they need. The strife is to
make use of all technologies available without making any major change to the users
behavior. There is also work going on to make the seamless integration of various
networks possible, i.e., integration of LAN, WAN, PAN and Ad Hoc Networks. But
there is still a lot of work to be done to make this completely possible. Node mobility in
an ad hoc network causes frequent changes of the network topology.
Spread Spectrum Techniques are used in the implementation of Ad Hoc Networks
because spread spectrum helps to reduce interference from other sources. Also it helps in
bandwidth reuse. The boundaries of Ad Hoc Networks are not absolute and hence it is
possible that when certain nodes stray into the area of influence of certain transmitters
these may get affected by their signals.
The use of Spread Spectrum (SS) makes sure that this does not happen as the spreading
code and the de-spreading code should ideally be the same. This same technique
provides the method for frequency reuse.
Figure shows such an example: initially, nodes A and D have a direct link between them.
When D moves out of As radio range, the link is broken. However, the network is still
connected, because A can reach D through C, E, and F.
7/28/2019 Dhana Print Final Report
6/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
6
Fig 1: Topology change in Ad Hoc network
3.2 DIFFERENCES BETWEEN CELLULAR NETWORKS AND AD HOC
NETWORKS
Table 1: differentiating Ad hoc networks with respect to cellular networks.
Cellular network Ad Hoc Network
Fixed, pre-located cell sites and base stations. No fixed base stations, very rapid deployment.
Static backbone network topology. Highly dynamic network topologies with multi-
hop.
Relatively benign environment and stable
connectivity.
Hostile environment (losses, noise) and sporadic
connectivity.
Detailed planning before base stations can be
installed.
Ad hoc network automatically forms and adapts to
changes.
7/28/2019 Dhana Print Final Report
7/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
7
3.3 PHYSICAL LAYER IN AD HOC NETWORKS Data rates:
1 Mbps, 2 Mbps
Transmission bands Transmission in license-fee 2.4 GHz band (in US, Europe 2.4000-
2.4835 GHz) and in 5 GHz band
Use of spread spectrum technique for 1 Mbps or 2 Mbps
DSSS (direct sequence spread spectrum)
FHSS (frequency hopping spread spectrum)
The major advantage of the Ad Hoc Networks is that it does not need any base
station as is required in regular mobile networks. They can form a network in any place
as required immediately which make them indispensable in battlefield and disaster relief
situations. They are useful in areas that have no fixed network for internet coverage.
Here they can be used to provide coverage. They can be used in areas where the
available network has been destroyed.
Security is a very major concern in the development of Ad Hoc Networks. The
boundaries of the network are not well defined and hence it is possible for any node to go
out of the network. It is also possible for an Ad Hoc Network having a large number of
nodes to split into two networks. It is less reliable than wired media due to the inherent
problem faced by any wireless network.
Due to the formation of Ad Hoc Networks by various devices that need not be
having the same capacity it is possible that each device may have different capacity,
functionality and protocols. Hence it is necessary to find a solution where all there varied
devices can operate together. They also have asymmetric propagation metrics. Capacity
constraints faced by these networks in the form of transmission range, wireless
bandwidth is another concern.
This is taken care of to an extent by the use of Spread Spectrum techniques. Errors and
breakdown could also happen in these networks and it is imperative to have a solution or
a backup plan for these exigencies. Ad Hoc Networks also face a problem called the
Hidden-terminal and exposed-terminal phenomena.
7/28/2019 Dhana Print Final Report
8/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
8
In Hidden terminal situation is when two devices A and C are outside the transmission
range of each other and cannot detect each others transmissions, but B is in the
transmission range of both. As shown below a collision may occur, for example, when
the station A and station C start transmitting towards the same receiver, station B. This
should be avoided.
A transmission range covers B and C. Hence when A transmits to B, C thinks that
it cannot transmit when actually it could transmit to D. This is a waste of resource which
should also be avoided. Route changes will occur due to router mobility, i.e., as the node
themselves act as routers and certain nodes can leave the network in between.
Energy consumption and saving is a major area of interest. Advances in battery
technology have not been at par with the development of Ad Hoc technology. Most
existing solutions for saving energy in ad hoc networks revolve around the reduction of
power used by the device. At the MAC level and above, this is often done by selectively
sending the device into a sleep mode, or by using a transmitter with variable output
power (and proportionate input power draw) and selecting routes that require many short
hops, instead of a few longer hops. Beaconing is used by the nodes to let the other nodes
know of its presence. The beaconing interval has to be short enough to let the other
nodes know that the node is in the network yet long enough so as to save.
7/28/2019 Dhana Print Final Report
9/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
9
4. SECURITY ISSUES IN MANETS
Security is the major issue in wireless Ad Hoc Networks and actually ought to
receive a complete analysis of it than being presented as a part of the study on Ad Hoc
Networks. The use of wireless links renders an ad hoc network susceptible to link attacksranging from denial of service, passive eavesdropping to active impersonation, message
replay, and message distortion. Eavesdropping might give an adversary access to secret
information, violating confidentiality. Active attacks might allow the adversary to delete
messages, to inject erroneous messages, to modify messages, and to impersonate a node,
thus violating availability, integrity, authentication, and non-repudiation.
Nodes, roaming in a hostile environment (e.g., a battlefield) with relatively poor
physical protection, have non-negligible probability of being compromised. Therefore,
we should not only consider malicious attacks from outside a network, but also take into
account the attacks launched from within the network by compromised nodes. Therefore,
to achieve high survivability, ad hoc networks should have a distributed architecture with
no central entities. Introducing any central entity into our security solution could lead to
significant vulnerability; that is, if this centralized entity is compromised, then the entire
network is subverted.
Unlike other wireless mobile networks, such as mobile IP, nodes in an ad hoc
network may dynamically become affiliated with administrative domains. Any security
solution with a static configuration would not suffice. It is desirable for our security
mechanisms to adapt on-the-fly to these changes. Finally, an ad hoc network may consist
of hundreds or even thousands of nodes. Security mechanisms should be scalable to
handle such a large network.
The denial of a service can be caused by such legitimate ways as a radio jammingor battery exhaustion. An attacker can cause a radio jamming by jamming a wider
frequency band and in that way using more power. The latter can be of real threat,
because once a battery runs out the attacker can walk away and leave the victim disabled.
This kind of technique is called the sleep deprivation torture attack. Symmetric key
cryptography is used to provide authenticity and integrity. Integrity means that no node
has been maliciously changed.
7/28/2019 Dhana Print Final Report
10/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
10
An Ad-hoc network is an infrastructure less network. Unlike traditional
networks there is no pre-deployed infrastructure such as centrally administered routers
or strict policy for supporting end-to-end routing. The nodes themselves are
responsible for routing packets. Each node relies on the other nodes to route packets
for them. Mobile nodes in direct radio range of one another can communicate directly,
but nodes that are too far apart to communicate directly must depend on the
intermediate nodes to route messages for them.
Direct Radio Reach
Thread
Fig 2: Routing in Ad-hoc networks Fig 3: Routing in traditional networks
4.2 FREQUENT CHANGES IN NETWORK TOPOLOGY
Ad-hoc networks contain nodes that may frequently change their locations. Hence the
topology in these networks is highly dynamic. This results in frequently changing
neighbors on whom a node relies for routing. As a result traditional routing protocols
can no longer be used in such an environment. This mandates new routing protocols
that can handle the dynamic topology by facilitating fresh route discoveries.
4.3 PROBLEMS ASSOCIATED WITH WIRELESS COMMUNICATION
As the communication is through wireless medium, it is possible for any intruder to
tap the communication easily. Wireless channels offer poor protection and routing
related control messages can be tampered. The wireless medium is susceptible to
signal interference, jamming, eavesdropping and distortion. An intruder can easily
eavesdrop to know sensitive routing information or jam the signals to prevent
propagation of routing information or worse interrupt messages and distort them to
manipulate routes. Routing protocols should be well adopted to handle such
problems.
7/28/2019 Dhana Print Final Report
11/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
11
4. 4 PROBLEMS WITH EXISTING AD-HOC ROUTING PROTOCOLS
Implicit Trust Relationship between Neighbors
Current Ad-hoc routing protocols inherently trust all participants. Most Ad-hoc
routing protocols are cooperative by nature and depend on neighboring nodes to
route packets. This naive trust model allows malicious nodes to paralyze an Ad-hoc
network by inserting erroneous routing updates, replaying old messages, changing
routing updates or advertising incorrect routing information. While these attacks are
possible in fixed network as well, the Ad-hoc environment magnifies this makes
detection difficult.
Throughput
Ad-hoc networks maximize total network throughput by using all available nodes for
routing and forwarding. However a node may misbehave by agreeing to forward
packets and then failing to do so, because it is overloaded, selfish, malicious or
broken. Misbehaving nodes can be a significant problem. Although the average loss
in throughput due to misbehaving nodes is not too high, in the worst case it is very
high.
Attacks Using Modification of Protocol Fields of Messages
Current routing protocols assume that nodes do not alter the protocol fields of
messages passed among nodes. Routing protocol packets carry important control
information that governs the behavior of data transmission in Ad-hoc networks. Since
the level of trust in a traditional Ad-hoc network cannot be measured or enforced,
enemy nodes or compromised nodes may participate directly in the route discovery
and may intercept and filter routing protocol packets to disrupt communication.
Malicious nodes can easily cause redirection of network traffic and DOS attacks bysimply altering these fields.
For example, in the network illustrated in Figure 4.3, a malicious node M
could keep traffic from reaching X by consistently advertising to B a shorter route to
X than the route to X, which C is advertising. The attacks can be classified as remote
redirection attacks and denial of service attacks. Let us look at them now.
Remote Redirection with Modified Route Sequence Number (AODV)
7/28/2019 Dhana Print Final Report
12/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
12
Remote redirection attacks are also called black hole attacks. In the attacks, a
malicious node uses routing protocol to advertise itself as the shortest path to nodes
whose packets it wants to intercept. Protocols such as AODV instantiate and maintain
routes by assigning monotonically increasing sequence numbers to routes towards a
specific destination. In AODV, any node may divert traffic through itself by
advertising a route to a node with a destination sequence number greater than the
authentic value. Suppose a malicious node, M, receives the RREQ that originated
from S for destination X after it is re-broadcast by B during route discovery. M
redirects traffic towards itself by unicasting to B a RREP containing a significantly
higher destination sequence num for X than the authentic value last advertised by X.
Redirection with modified hop count (AODV)
A redirection attack is also possible in certain protocols, such as AODV, by
modification of the hop count field in route discovery messages. When routing
decisions cannot be made by other metrics, AODV uses the hop count field to
determine a shortest path. In AODV, malicious nodes can attract route towards
themselves by resetting the hop count field of the RREP to zero. Similarly, by setting
the hop count field of the RREP to infinity, routes will tend to be created that do not
include the malicious node.
Once the malicious node has been able to insert itself between two communicating
nodes it is able to do anything with the packets passing between them. It can choose
to drop packets to perform a denial of service attack, or alternatively use its place on
the route as a first step in man-in-the-middle attack.
Denial of Service with Modified Source Routes
DSR is a routing protocol, which explicitly states routes in data packets. These
routes lack any integrity checks and a simple denial-of-service attack can be launched
in DSR by altering the source routes in packet headers.
Modification to source routes in DSR may also include the introduction of
loops in the specified path. Although DSR prevents looping during the route
discovery process, there are insufficient safeguards to prevent the insertion of loops
into a source route after a route has been salvaged.
Ad Hoc Network:
7/28/2019 Dhana Print Final Report
13/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
13
The need to exchange digital information outside the typical wired office environment is
growing. For example, a class of students may need to interact during a lecture; business
associates serendipitously meeting in an airport may wish to share files; or disaster
recovery personnel may need to coordinate relief information after a hurricane or flood.
Each of the devices used by these information producers and consumers can be
considered a node in an ad hoc network. In a typical ad hoc network, mobile nodes come
together for a period of time to exchange information. While exchanging information,
the nodes may continue to move, and so the network must be prepared to adapt
continually. In the applications we are interested in, networking infrastructure such as
repeaters or base stations will frequently be either undesirable or not directly reachable,
so the nodes must be prepared to organize themselves into a network and establish routes
among themselves without any outside support. The idea of ad hoc networking is
sometimes also called infrastructure less networking[4], since the mobile Nodes in the
network dynamically establish routing among themselves to form their own network on
the fly.
A mobile ad hoc network (MANET) is a collection of mobile nodes that can
instantly establish a network, whenever they coexist in the same neighborhood without
the need of any fixed infrastructure or centralized administration. The role of routing
protocols in an ad hoc network is to allow the source to find routes to destination withthe cooperation of other nodes. Due to the arbitrary movement of the nodes, the network
topology changes rapidly and randomly. Hence the routing protocol must also be able to
react to these changes and must enable the nodes to identify new routes to maintain
connectivity.
A node is malicious if it is an attacker that cannot authenticate itself as a
legitimate node due to the lack of valid cryptographic information. The attack on
MANET can be classified as the active and passive attacks: A Mobile Ad hoc Network
(MANET) [1] is a dynamic wireless network that is established by a group of mobile
stations without necessarily using pre-existing infrastructure or centralized
administration. Such networks can be useful in disaster recovery where there is not
enough time or resources to configure a wired network.
Denial of service attack:
As the name suggests, a Denial-of-Service (DoS) attack aims to prevent legitimate users
from accessing a particular service. In general, there are two types of DoS attacks in the
Internet: application-level attacks, and network-level attacks. An application-level DoS
7/28/2019 Dhana Print Final Report
14/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
14
attack aims to exhaust the resources at a particular service so that legitimate users cannot
enjoy the service. For instance, a service may need to perform complicated and
expensive database operations in order to answer a query from a user; let us suppose it
can at most answer x user queries per second. Then in an application-level DoS attack
against this service, attackers may submit 10x queries per second. If the service chooses
to temporarily hold the unprocessed queries, it may eventually run out of memory and
crash, preventing legitimate users from further accessing the service; or if the service
discards queries it cannot process in time, the query drop rate for both attackers and
legitimate users will be at least 90%, meaning the majority of the users still cannot enjoy
the service.
Attacks on MANET
Passive attacks: A passive routing attack does not disrupt the operation of a routing
protocol, but only attempts to discover valuable information by listening to the routing
traffic. Hence such attacks are difficult to detect.
Acti ve attacksAn active attack attempts to improperly modify data, gain authentication,
or procure authorization by inserting false packets into the data steam or modifying
packets transition through the network. Active attack is of two types: external and
internal. An external attack is one caused by nodes that do not belong to the network. An
internal attack is one from compromised or hijacked nodes that belong to the network.
As malicious nodes already belong to the network as authorized parties, and hence are
protected with network security mechanisms and services, therefore, internal attacks are
more severe.
Black hole: An attacker can project itself as having shortest route to a destination, whose
data packets it wants to intercept, thereby causing the source to send data packets via this
node. A malicious node receiving the RREQ may claim to have route to the desired
destination by sending RREP back to the originator. If the source receives this RREPfirst then it sends all data packets via this malicious node and thereby leaving the fate of
those data packets on the malicious node. The malicious node now discards or consumes
all the data packets, leading to the complete loss of all data packets.
Gray hole: An attacker forwards all RREQs and RREPs but forwards only a few data
packets, dropping all other data packets. Clearly it points out a lapse in the routing
protocol. This type of attack is known as gray hole problem. By nature, it belongs to the
set of internal active attacks.
7/28/2019 Dhana Print Final Report
15/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
15
Wormhole: Wormhole is a collection of two or more malicious nodes belonging to the
ad hoc network that are connected by a private network connection. Suppose two nodes
A and B make a wormhole. Then a forwards all packets that it receives to B through the
worm hole to be forwarded by B normally, similarly, B forwards all packets to A, that it
receives, through the wormhole. It clearly disrupts routing by short circuiting the normal
flow of routing packets.
Denial of service (DoS): The attack results when the network bandwidth is hijacked by a
malicious node. It can be done in several ways. One way is to flood any centralized
resource so that the network crashes or no longer operates correctly. For example, a
malicious node by generating frequent route requests can make the network resources
unavailable to other nodes.
The flooding attack prevention (FAP) suggested a defense system against either
RREQ or data flooding attacks. The path cut off mechanism is used as defense against
data flooding attacks. When the victim node realizes that it has been subjected to the data
flooding attack, it may cut off the path.
At the physical layer the capacity of ad hoc wireless networks is constrained by
the mutual interference of concurrent transmissions between nodes. We study an ad hoc
network model where n nodes communicate in random source {destination pairs. Gupta
and Kumar showed that for static random ad hoc networks using a general routingalgorithm the capacity available for each node decays asp1 n. Other works delve into the
problem of optimizing various parameters of the transmission (e.g., power consumption
or medium access control), and try to devise routing protocols that for particular user
profiles or scenarios on the same network. Our present study focuses on the general
properties of the per node throughput available for ad hoc wireless networks (capacity)
using an ideal routing process.
The nodes in our model do not move, which modes the customary definition of
an ad hoc network to a backbone- less network of wireless nodes occupying a flat
topology. Our network model includes ideal collision avoidance and transmission
through shortest paths as explained in the following Section. We introduce an alternative
description of network throughput approximation that varies the claims of [3] and
extends the results by providing the relations of the various network parameters that can
change with topology or trace generation algorithm. We have investigated the throughput
of various non-planar network topologies, and the results generalize the pn dependence
of the average call length parameter. We also check the validity of our model by
7/28/2019 Dhana Print Final Report
16/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
16
simulation. A novel framework for ns2 to facilitate the simulation and, in general, the
design of beyond 3G networks. The set of libraries we wrote for this purpose is called
Multi Interface Cross Layer Extension for ns2 (MIRACLE). They enhance the
functionalities offered by the Network Simulator ns2 by providing an efficient and
embedded engine for handling cross-layer messages and, at the same time, enabling the
coexistence of multiple modules within each layer of the protocol stack. For instance,
multiple network, link, MAC or physical layers can be specified and used within the
same node. The implications of this are manifold. First of all, the framework facilitates
the implementation and the simulation of modern communication systems in ns2.
Secondly, due to its modularity, the code will be portable, re-usable and extensible. As
an example of the advantages offered by our architecture, we show how the MIRACLE
framework can be used to quickly set up protocol architectures for Ambient Networks
[1] and evaluate their performance in wireless and multi-technology environments.
However, the procedure of the path cut off mechanism is not explained in detail,
and FAP cuts off the path when many data packets are transmitted to the victim node.
Current users like to download or access multimedia data using the consumer Electronic
devices so that the packets may be transferred as burst traffic. However, FAP cannot
distinguish burst traffic from attack traffic since FAP distinguishes an attack by
comparing the incoming packets with a threshold. Hence, the throughput of burst trafficmay degrade if a simple threshold-based defense System is used in FAP.
Therefore, this paper proposes a novel period-based defense mechanism (PDM)
against data flooding attacks taking enhancing the throughput of burst traffic into
account. The proposed PDM scheme is based on periods and uses a blacklist to
efficiently prevent the data flooding attack.
Wireless ad hoc networks can be victimized to various kinds of attacks. Among
them, the ad hoc flooding attack can easily cause Denial-of-Service (DoS) attacks by
flooding many Route Request (RREQ) or data packets .Since a mobile node has limited
resource capacities such as memory space, computational ability, battery power,
bandwidth capacity, and so on, it cannot provide services when it receives a lot of
packets. Hence, the whole network as well as the victim node can get easily paralyzed.
This project proposes a novel period-based defense mechanism (PDM) against data
flooding attacks taking enhancing the throughput of burst traffic into account. The
proposed PDM scheme is based on periods and uses a blacklist to efficiently prevent the
data flooding attack.
7/28/2019 Dhana Print Final Report
17/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
17
The main objective of this is to develop a period based defense mechanism
against data flooding attacks in wireless Ad Hoc networks. PDM scheme is based on
periods and uses a blacklist to efficiently prevent the data flooding attack, as a Result of
which many data packets are forwarded at a high rate for the whole duration.
APPLICATIONS OF AD HOC NETWORKS
Personal area networking
Cell phone, laptop, ear phone, wrist watch
Military environments
Soldiers, tanks, planes
Civilian environments
Taxi cab networkMeeting rooms
Sports stadiums
Boats, small aircraft
Emergency operations
Search and rescue
Policing and fire fighting
Collaborative computing
Communications within buildings, organizations, ad hoc conferences
Communications in battlefields and disaster recovery areas
Sensor networks
7/28/2019 Dhana Print Final Report
18/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
18
AD-HOC ON-DEMAND VECTOR
AODV is a relative of the Bellman-Ford distant vector algorithm, but is adapted to work
in a mobile environment. AODV determines a route to a destination only when a node
wants to send a packet to that destination. Routes are maintained as long as they areneeded by the source. Sequence numbers ensure the freshness of routes and guarantee
the loop-free routing. Routing tables Each routing table entry contains the following
information [2] as destination, next hop, and number of hops, destination sequence
number, and active neighbors for this route and expiration time for this route table entry.
Expiration time, also called lifetime, is reset each time the route has been used. The new
expiration time is the sum of the current time and a parameter called active route
timeout. This parameter, also called route caching timeout, is the time after which the
route is considered as invalid, and so the nodes not lying on the route determined by
RREPs delete their reverse entries. If active route timeout is big enough route repairs will
maintain routes. RFC 3561 defines it to 3 seconds. Control messages Routing r equest
When a route is not available for the destination, a route request packet (RREQ) is
flooded throughout the network. The RREQ contains the following fields,
Source
addressRequest
Id
Source
Sequence
number
Hop count Destination
address
Destination
sequence
number
Table 2: RREQ packet Format
The request ID is incremented each time the source node sends a new RREQ, so the pair
(source address, request ID) identifies a RREQ uniquely. On receiving a RREQ message
each node checks the source address and the request ID. If the node has already received
a RREQ with the same pair of parameters the new RREQ packet will be discarded.
Otherwise the RREQ will be either forwarded (broadcast) or replied (unicast) with a
RREP message: if the node has no route entry for the destination, or it has one but this is
no more an up-to-date route, the RREQ will be rebroadcasted with incremented hop
count and if the node has a route with a sequence number greater than or equal to that of
RREQ, a RREP message will be generated and sent back to the source. The number of
RREQ messages that a node can send per second is limited.
7/28/2019 Dhana Print Final Report
19/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
19
There is an optimization of AODV using an expanding ring (ESR) technique
when flooding RREQ messages [5, 6]. Every RREQ carries a time to live (TTL) value
that specifies the number of times this message should be re-broadcasted. This value is
set to a predefined value at the first transmission and increased at retransmissions.
Retransmissions occur if no replies are received. Historically such flooding used a TTL
large enough - larger than the diameter of the network - to reach all nodes in the network,
and so to guarantee successful route discovery in only one round of flooding. However,
this low delay time approach causes high overhead and unnecessary broadcast messages.
Later, it was shown [7, 8] that the minimal cost flooding search problem can be solved
via a sequence of flooding with an optimally chosen set of TTLs. Routing replyIf a node
is the destination, or has a valid route to the destination, it unicasts a route reply message
(RREP) back to the source. This message has the following,
Source
addressDestination
address
Destination
Sequence
number
Hop count Life time
Table 3: Message Format
The reason one can uncast RREP back is that every node forwarding a RREQ message
caches a route back to the source node. Route errorAll nodes monitor their own
neighborhood. When a node in an active route gets lost, a route error message (RERR) is
generated to notify the other nodes on both sides of the link of the loss of this link.
HEL LO messagesEach node can get to know its neighborhood by using local
broadcasts, so-called HELLO messages. Nodes neighbors are all the nodes that it can
directly communicate with. Al-though AODV is a reactive protocol it uses these periodic
HELLO messages to inform the neighbors that the link is still alive. The HELLO
messages will never be forwarded because they are broadcasted with TTL = 1. When a
node receives a HELLO message it refreshes the corresponding lifetime of the neighbor
information in the routing table. This local connectivity management should be
distinguished from general topology management to optimize response time to local
changes in the network
7/28/2019 Dhana Print Final Report
20/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
20
PROPOSED SYSTEM
5.1 Proposed system:
We are proposing a new mechanism called periodic based defense mechanism
which works against data flooding attacks in wireless mobile Ad Hoc networks to
enhance the throughput of burst traffic
5.2 Advantages over the existing system:
1. Proposed system can distinguish normal traffic from attack traffic
2. It can enhance the quality of service
3. Proposed defense mechanism can enhance the throughput of the burst traffic
7/28/2019 Dhana Print Final Report
21/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
21
6. SRS DOCUMENT
6.1 Purpose:
The main purpose of this is to develop a period based defense mechanism against
data flooding attacks in wireless Ad Hoc networks to increase throughput and Quality of
service of Burst Traffic which is being transferred.
6.2 Definitions, Acronyms, keywords:
Mobile Ad Hoc network:
A mobile Ad Hoc Network is a self Configuring infrastructure less network of
mobile devices connected by wireless.Ad hoc is Latin and means "for this purpose".[1]
Each device in a MANET is free to move independently in any direction.
Ad Hoc network:
A wireless ad hoc networkis a decentralized type of wireless network. The
network is ad hoc because it does not rely on a preexisting infrastructure, such
as routers in wired networks or access points in managed (infrastructure) wireless
networks.
Abbreviations:
HTML (Hyper Text Markup Language): It is used to create static web pages.
Java: It is used to create dynamic web content.
JDK (Java Development kit): It is a programming platform, belonging to the Java
platform, which is used for developing and running distributed java applications.
HTTP (Hyper Text Transfer Protocol): It is a transaction oriented client/ server protocol
between a web browser and a web server.
Keywords:
Wireless ad hoc Networks, Denial of Service attack, Data Flooding Attack,
through put.
6.3 Technologies to be used
Java: create dynamic web content pages to meet User and System Requirements
http://en.wikipedia.org/wiki/Mobile_ad_hoc_network#cite_note-1http://en.wikipedia.org/wiki/Mobile_ad_hoc_network#cite_note-1http://en.wikipedia.org/wiki/Mobile_ad_hoc_network#cite_note-17/28/2019 Dhana Print Final Report
22/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
22
Tools To be used:
ECLIPSE: eclipse also provides the runtime in which eclipse components are loaded,
integrated, and executed. The primary purpose of the platform project is to enable other
developers to easily build and deliver integrated tools and applications.
6.4 Study of the system
Overall description:
The next session, the Overall Description section, of this document gives an
overview of the functionality of the product. It describes the informal requirements and
is used to establish a context for the technical requirements specification in the next
session
Basic Aim of this project is to forestall the Flooding Attack from being by
implementing periodic based Defense mechanism (PDM) to enhance the throughput of
the burst traffic.
The flooding attack prevention (FAP) suggested a defense system against either
RREQ or data flooding attacks. The path cut off mechanism is used as defense against
data flooding attacks. However, FAP cannot distinguish burst traffic from Attack traffic
since FAP distinguishes an attack by comparing the incoming packets with a threshold.
Hence, the throughput of burst traffic may degrade if a simple threshold-based defense
system is used in FAP.
FAP cannot distinguish burst traffic from attack traffic hence the throughput of
burst traffic may degrade if a simple threshold-based defense system is used in FAP.
We are proposing a new mechanism called periodic based defense mechanism
which works against data flooding attacks in wireless mobile Ad Hoc networks to
enhance the throughput of burst traffic
7/28/2019 Dhana Print Final Report
23/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
23
7.1 Data flow diagram
A DFD shows what kinds of data will be input to and output from the system,
where the data will come from and go to, and where the data will be stored.
Fig 2: Data Flow diagram level 0
7.2 Level 2 DFD
Fig 3: DFD Level1
Context analysis Diagram:
Fig 4: Context analysis diagram
User
Routing Security against flooding attacks
in wireless ad hoc networks
UserAdaptive text
Attack encountered
Communication
Transfer data
Delivered path
7/28/2019 Dhana Print Final Report
24/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
24
8.1 Product perspective:
Fig 5 : system architecture
We can implement PDM mechanism at each and every node in a communication path
where attack may suppose to happen.
8.2 Specific Requirements:
Functional Requirements: This section outlines the use case for each of the activity
separately. The User can have only one use case apiece
Use Case: Add Node
User
Fig 6: Use case Add Node
Add
node
Node A
PDM
Add name
Node B Node C
PDM
Node d
PDM
Attack Attack
Add node
7/28/2019 Dhana Print Final Report
25/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
25
Brief Description:
1. User will prompt for the node
2. When Node found in a path it will add the node in that transmission range.
Use Case: Add Address
User
Fig 7: Use Case Add Address
Brief Description:
1. After getting the node in the range it will add address of that particular node in to an account
Use case: Add name
User
Fig 8: Use Case Add Name
Description:
System will add the Name when user prompts to add
Use case: Fill parameter
User
Fig 9: Use Case Fill Parameter
Add
Address
Add
Name
Fill parameter
7/28/2019 Dhana Print Final Report
26/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
26
Brief Description:
User will count the connection range parameters named (x,y) of transmission
range as an arguments which works as a transmission range parameters for which data
will be transmitted
Use case: send attacker
User
Fig 10 Use case Send Attacker
Brief Description:
System will generate an anonymous node as an attacker and release (send) in to
the node transmission range
Use case: send data
User
Fig 11: Send data
Brief Description:
User enters the data for to communication to transmit with in communication
range
Send attacker
Send data
7/28/2019 Dhana Print Final Report
27/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
27
8.3 UML DIAGRAMS
8.3.1 Use case diagram
Fig 12: Use case Diagram
8.3.2 Sequence Diagram
Fig 13: sequence Diagram
Add address
Add Nodes
Add name
Fill parameters
Send Attacker
Send Data
Search Node
User
user node name Fill parameter Attack Transfer data Search Status
Add
Enter name
Fill connection parameters
Process attack
data transfered
Sent Acknowledgement
Search node
view status
Recieve Acknowledge
7/28/2019 Dhana Print Final Report
28/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
28
8.3.3 Activity Diagram
Fig: 14 Activity Diagram
AddName
SendData
FindAttack
Deleverdata
SendAcknowledgement
Attack FoundNot Found
Start State
Stop state
7/28/2019 Dhana Print Final Report
29/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
29
8.3.4 Collaboration diagram
Fig 15: Collaboration Diagram
User
Node
Name
Fill connection
parameters
Attack
Transferdata
Search
nodeView
status
Add1:Enter name2:
Fill connection parameters3:
4: process attack
5: show the attack
6: transfer data
7: recieve acknowledge
8: search node9: view status
7/28/2019 Dhana Print Final Report
30/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
30
8.3.5 Class diagram
Fig 15: Class Diagram
7/28/2019 Dhana Print Final Report
31/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
31
9.1 MODULES
9.1.1 Throughput of Burst Traffic under Data Flooding Attacks.
9.1.2 PeriodBased Defense Mechanism against Data Flooding Attacks
9.1.3 Performance Evaluations
Module Description:
9.1.1 Throughput of burst Traffic under Data Flooding attacks
In wireless ad hoc networks, handheld-based consumer electronic devices are
used as mobile nodes. The data flooding attack sends many data packets in order to clog
not only a victim node but also the entire network since all packets are transmitted via
multiple hops. Hence, data flooding attacks are extremely hazardous to wireless ad hoc
networks. To conduct the data flooding attack, an attacker first sets up a path to thevictim node since the attack can be performed only after a path is constructed. Then, the
attacker forwards tremendous useless data packets along the path to make sure that the
victim node cannot process packets in a normal fashion. Finally, the resources of the
victim node are exhausted, so the node may get isolated from the network. In order to
measure the effect of the data flooding attack on data traffic including burst traffic in
wireless ad hoc networks, we calculate the throughput. The throughput is defined as the
ratio between the amount of data packets sent by the source node and the amount of data
packets received by the destination node during a time span from ts to td [4] The amount
of packets sent by the source node (tr) can be classified into control packets (C) such as
RREQ, Route Reply (RREP), Route Error (RERR) packets and data packets including
traffic for conducting data flooding attacks. On the other hand, the amount of data
packets received by the destination node (rc) can be classified into normal traffic
excluding the traffic meant for data flooding attacks Therefore, we can represent the
throughput using the following equation:
Through put = ()
(1)
9.1.2 The procedure of the PDM scheme is following as:
Step 1)at the end of the period compares the variance of received datapackets with the variance limit ( )).
Step 2-1) IfD ( is in the black list.it is not transmitted until the nextperiod .
7/28/2019 Dhana Print Final Report
32/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
32
Step 2-2) Else priority is determined by the inversion of the number of received data
packets and process the data packets according to priority.
Step 3) updates the black list by the greatest number of received packets in the
period.
Step 4) checks the period is the last period, the procedure of the PDM scheme isstopped.
Step 4-2) Else go to step 1
11.3 PERFORMANCE EVOLUATION
The performance of the proposed PDM scheme is measured by the throughput as
given in (1). The PDM scheme sets up wperiods for the data session from ts to td defendthe data flooding attack. The PDM scheme guarantees the QoS of non-burst traffic as
well as burst traffic.
[] []
By reducing the received traffic for conducting the data flooding attack at the
victim node, the received normal traffic regardless of burst traffic are increased. Hence,
the victim node receives much larger number of received non-burst traffic and burst
traffic than the case when the PDM scheme is not conducted [5].
We use the AODV as the basis routing protocol and compare its performance
with that of our PDM scheme attacker first sets up a path to the victim node since the
attack can be performed only after a path is constructed. Then, the attacker forwards
tremendous useless data packets along the path to make sure that the victim node cannot
process packets in a normal fashion. Finally, the resources of the victim node are
exhausted, so the node may get isolated from the network.
7/28/2019 Dhana Print Final Report
33/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
33
10. SIMULATION:
NS2 is an open-source event-driven simulator designed specifically for research
in communication networks. Since its inception in 1989, NS2 has continuously gained
tremendous interest from industry, academia, and government. Having been under
constant investigation and enhancement for years, NS2 now contains modules for
numerous network components such as routing, transport layer protocol, application, etc.
To investigate network performance, researchers can simply use an easy-to-use scripting
language to configure a network, and observe results generated by NS2. Undoubtedly,
NS2 has become the most widely used open source network simulator, and one of the
most widely used network simulators.
The network designed consists of basic network entities with the simulation parameters
presented in table
10.2 PARAMETERS OF SIMULATION
Description Value
Simulation time 300 s
Simulation area 1000*1000 m
Number of nodes 50, 120
Application traffic FTP server
File size 5000000 bytes
Data rate (bps) 11 mbps
Mobility algorithm Random waypoint
Routing protocol Aodv
Performance parameter Throughput, delay, Drop
Table 3: simulation Parameters
7/28/2019 Dhana Print Final Report
34/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
34
11. SAMPLE CODING AND SAMPLE SCREEN SHOTS
MYFORM.JAVA
package UI;import UI.myobjects.NodeButton;
import UI.myobjects.NodeButton1;
import UI.myobjects.draganddrop.DropTargetImp;
import UI.myobjects.GraphicalNode;
import UI.myobjects.PowerShower;
import UI.actions.*;
import javax.swing.*;
import java.awt.*;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import java.awt.event.MouseEvent;
import java.awt.event.MouseListener;
import java.awt.event.MouseMotionListener;
import java.awt.image.ImageConsumer;
import java.awt.image.ImageProducer;
import java.util.ArrayList;
import java.util.List;
import java.util.Observer;
import simulator.Node;
import logger.StatusManager;
public class Myform extends JFrame implements ActionListener,MouseListener {
public final NumberKeyListener nkl = new NumberKeyListener();
JPanel content;
public MyMap myMap;
public static MapForm mapForm;
int P = 20, Q = 20,p=0,q=0, dp = 3, dq = 3;
private Image cup;
// private Panel keyPad;
public int top = 10;
public int left = 10;
private Node_Properties nodePanel;
public int xScale = 10;
public int yScale = 10;
public final int mapWidth = 550;
7/28/2019 Dhana Print Final Report
35/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
35
public final int mapHeight = 550;
public NodeButton newNodeBtn = new NodeButton(new
ImageIcon("images/SendingNode0.png"));
// public NodeButton1 newNodeBttn = new NodeButton1(new ImageIcon("images/virus.gif"));
private final List graphicalNodes = new ArrayList();
private final JTextField minNumber = new JTextField("3",3);
private final JCheckBox doubleDirection = new JCheckBox("DoubleDirection",true);
private final JTextField searchText = new JTextField(8);
JButton generateBtn ;
JButton delGnodeBtn = new JButton(new ImageIcon("images/delete.png"));
PowerShower powerShower;
JToolBar toolBar;
public JButton start =new JButton("Attacker");
JButton stop =new JButton("Stop");private GraphicalNode selectedGNode;
// JButton atkBtn=new JButton("Gen. Attacker");
public List getGraphicalNodes() {
return graphicalNodes;
}
/**
* returns the {@link GraphicalNode} that currently selecteed
*/
public GraphicalNode getSelectedGNode() {
return selectedGNode;
}
public MyMap getMyMap() {
return myMap;
}
public void refreshPowerShower(){
this.powerShower.setVisible(false);
this.powerShower.setXYrXrY(selectedGNode.getLocation().x,selectedGNode.getLocation().y,
selectedGNode.getNode().getPower()/this.xScale,selectedGNode.getNode().getPower()/this.yScal
e);
this.powerShower.setVisible(true);
this.powerShower.invalidate();
}
public void setSelectedGNode(GraphicalNode selectedGNode) {
this.selectedGNode = selectedGNode;
if (selectedGNode!=null){
7/28/2019 Dhana Print Final Report
36/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
36
this.getNodePanel().nameText.setEnabled(selectedGNode.getName().trim().length()==0);
selectedGNode.fillNodePanel();
this.refreshPowerShower();
}else{
this.powerShower.setVisible(false);
}
}
public Myform(String title) {
super(title);
content = new JPanel(new BorderLayout());
content.setOpaque(true);
myMap = new MyMap();
myMap.setPreferredSize(new Dimension(this.mapWidth,this.mapHeight));
myMap.setBorder(BorderFactory.createEtchedBorder());// newNodeBttn.setToolTipText("Attacker");
newNodeBtn.setToolTipText("Base Station");
cup = Toolkit.getDefaultToolkit().getImage("images/virus.gif");
this.getContentPane().add(content)
toolBar = new JToolBar();
// toolBar.add(newNodeBttn);
// toolBar.add(atkBtn);
toolBar.add(newNodeBtn);
toolBar.add(delGnodeBtn);
start.setIcon(new ImageIcon("images/virus.gif"));
toolBar.add(start);
// toolBar.add(stop);
toolBar.add(Box.createHorizontalStrut(5));
toolBar.add(new JSeparator(SwingConstants.VERTICAL));
toolBar.add(Box.createHorizontalStrut(5));
toolBar.add(new JLabel("Min Neighbor: "));
toolBar.add(minNumber);
toolBar.add(doubleDirection);
generateBtn = new JButton("Fill Parameter");
toolBar.add(generateBtn);
minNumber.addKeyListener(new NumberKeyListener());
toolBar.add(Box.createHorizontalStrut(5));
toolBar.add(new JSeparator(SwingConstants.VERTICAL));
toolBar.add(Box.createHorizontalStrut(5));
toolBar.add(new JLabel("Search: "));
toolBar.add(searchText);
content.add(toolBar,BorderLayout.PAGE_START);
7/28/2019 Dhana Print Final Report
37/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
37
/ atkBtn.addActionListener(this);
start.addActionListener(this);
// stop.addActionListener(this);
// newNodeBttn.addMouseListener(this);
myMap.setDropTarget(new DropTargetImp(myMap));
myMap.setLayout(null);
}
public boolean isDoubleDirection(){
return this.doubleDirection.isSelected();
}
public int getMinNumberForFillParameter(){
if (this.minNumber.getText().trim().length()>0){
return Integer.parseInt(this.minNumber.getText());
}else{return 0;
}
}
/**
* finds GraphicalNode in graphicalNode list
* @param name
* @return null: if it didn't find the gnode with name
* reference to that node if it found
*/
public GraphicalNode getGNode(String name){
for (GraphicalNode graphicalNode : graphicalNodes) {
if (graphicalNode.getName().equals(name)){
return graphicalNode;
}
}
return selectedGNode;
}
public void putGNode (GraphicalNode gNode){
graphicalNodes.add(gNode);
}
public Node_Properties getNodePanel() {
return nodePanel;
}
public void setNodePanel(Node_Properties nodePanel) {
7/28/2019 Dhana Print Final Report
38/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
38
this.nodePanel = nodePanel;
}
public GraphicalNode getGnodebyNode(Node node){
for (GraphicalNode graphicalNode : graphicalNodes) {
if (graphicalNode.getNode().equals(node)){
return graphicalNode;
}
}
return selectedGNode;
}
public JTextField getSearchText() {return searchText;
}
public static void main(String[] args) {
Myform frame = new Myform("Novel defense mechanism against data flooding attacks in
wireless ad hoc networks");
frame.newNodeBtn.myForm = frame;
// frame.newNodeBttn.myForm = frame;
frame.setNodePanel(new Node_Properties(frame));
JSplitPane splitPane = new
JSplitPane(JSplitPane.HORIZONTAL_SPLIT,frame.myMap,frame.getNodePanel());
splitPane.setOneTouchExpandable(true);
splitPane.setDividerLocation(550);
frame.content.add(splitPane,BorderLayout.CENTER);
frame.myMap.addMouseListener(new PanelAction(frame));
//frame.atkBtn.addActionListener(this);
frame.generateBtn.addActionListener(new InitParameters(frame));
frame.powerShower = new PowerShower(frame);
frame.delGnodeBtn.addActionListener(new DeleteBtnAction(frame));
frame.searchText.addActionListener(new SearchGNodeAction(frame));
frame.setGlassPane(frame.powerShower);
frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
frame.pack();
mapForm = new MapForm(frame,"Initializing Map",true,frame);
mapForm.pack();
mapForm.setVisible(true);
7/28/2019 Dhana Print Final Report
39/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
39
StatusManager.init(frame);
}
Graph.java :
package graph;
import java.awt.BasicStroke;
import java.awt.Color;
import java.awt.Polygon;
import java.awt.Shape;
import java.awt.geom.Rectangle2D;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.Statement;import java.util.StringTokenizer;
import java.util.Vector;
import org.jfree.chart.ChartFactory;
import org.jfree.chart.ChartPanel;
import org.jfree.chart.JFreeChart;
import org.jfree.chart.axis.NumberAxis;
import org.jfree.chart.plot.CategoryPlot;
import org.jfree.chart.plot.DefaultDrawingSupplier;
import org.jfree.chart.plot.DrawingSupplier;
import org.jfree.chart.plot.PlotOrientation;
import org.jfree.chart.renderer.category.LineAndShapeRenderer;
import org.jfree.data.category.CategoryDataset;
import org.jfree.data.category.DefaultCategoryDataset;
import org.jfree.ui.ApplicationFrame;
import org.jfree.ui.RefineryUtilities;
public class graph extends ApplicationFrame {
public graph(final String title) {
super(title);
final CategoryDataset dataset = createDataset();
final JFreeChart chart = createChart(dataset);
final ChartPanel chartPanel = new ChartPanel(chart);
chartPanel.setPreferredSize(new java.awt.Dimension(500, 270));
setContentPane(chartPanel);
}
private CategoryDataset createDataset() {
// row keys...
7/28/2019 Dhana Print Final Report
40/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
40
final String series1 = "Position";
final String series2 = "Distance";
//final String series3 = "Failure Recovery Time";
Vector vec1=new Vector();
Vector vec2=new Vector();
// Vector vec3=new Vector();
// create the dataset...
final DefaultCategoryDataset dataset = new DefaultCategoryDataset()
try {
Class.forName("com.mysql.jdbc.Driver");
String url="jdbc:mysql://localhost:3306/secure";
Connection con=DriverManager.getConnection(url,"root","root");
Statement st=con.createStatement();
//DBConnection connection2=new DBConnection();//Util util=new Util();
ResultSet rs=null;
String sql=null;
sql="SELECT * FROM local";
rs=st.executeQuery(sql);
Vector v1=new Vector();
Vector v2=new Vector();
Vector v3=new Vector();
while(rs.next())
{
v1.addElement(rs.getString(1));
v2.addElement(rs.getString(2));
v3.addElement(rs.getString(3));
}
System.out.println("v1============"+v1);
System.out.println("v2============"+v2);
//System.out.println("v3============"+v3);
for (int i = 0; i < v1.size(); i++)
{
StringTokenizer tokenizer=new StringTokenizer(v1.elementAt(i).toString(),"T[pos ] =");
vec1.addElement(tokenizer.nextToken())
}
for (int i = 0; i < v2.size(); i++)
{
StringTokenizer tokenizer=new StringTokenizer(v2.elementAt(i).toString(),"T[ Td ] =");
vec2.addElement(tokenizer.nextToken());
}
7/28/2019 Dhana Print Final Report
41/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
41
/*for (int i = 0; i < v3.size(); i++)
{
StringTokenizer tokenizer=new StringTokenizer(v3.elementAt(i).toString(),"T[ r ] =");
vec3.addElement(tokenizer.nextToken());
}*/
System.out.println("vecc==="+vec1);
System.out.println("vecc==="+vec2);
//System.out.println("vecc==="+vec3);
for (int i = 0; i < vec1.size(); i++)
{
dataset.addValue(Float.parseFloat(vec1.elementAt(i).toString()), series1, String.valueOf(i));
}
for (int i = 0; i < vec2.size(); i++){
dataset.addValue(Float.parseFloat(vec2.elementAt(i).toString()), series2, String.valueOf(i)
}
/*for (int i = 0; i < vec3.size(); i++)
{
dataset.addValue(Float.parseFloat(vec3.elementAt(i).toString()), series3, String.valueOf(i));
}
}catch(Exception e){e.printStackTrace();}
return dataset;
}
private JFreeChart createChart(final CategoryDataset dataset) {
final JFreeChart chart = ChartFactory.createLineChart(
"Novel defense mechanism against data flooding attacks in wireless ad hoc networks",
// chart title
"Distance", // domain axis label
"Execution Time", // range axis label
dataset, // data
PlotOrientation.VERTICAL, // orientation
true, // include legend
true, // tooltips
false // urls
);
7/28/2019 Dhana Print Final Report
42/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
42
// final StandardLegend legend = (StandardLegend) chart.getLegend();
// legend.setDisplaySeriesShapes(true);
final Shape[] shapes = new Shape[3];
int[] xpoints;
int[] ypoints;
// right-pointing triangle
xpoints = new int[] {-3, 3, -3};
ypoints = new int[] {-3, 0, 3};
shapes[0] = new Polygon(xpoints, ypoints, 3);
// vertical rectangle
shapes[1] = new Rectangle2D.Double(-2, -3, 3, 6);
// left-pointing triangle
xpoints = new int[] {-3, 3, 3};
ypoints = new int[] {0, -3, 3};
shapes[2] = new Polygon(xpoints, ypoints, 3);
final DrawingSupplier supplier = new DefaultDrawingSupplier(
DefaultDrawingSupplier.DEFAULT_PAINT_SEQUENCE,
DefaultDrawingSupplier.DEFAULT_OUTLINE_PAINT_SEQUENCE,
DefaultDrawingSupplier.DEFAULT_STROKE_SEQUENCE,
DefaultDrawingSupplier.DEFAULT_OUTLINE_STROKE_SEQUENCE,
shapes
);
final CategoryPlot plot = chart.getCategoryPlot();
plot.setDrawingSupplier(supplier);
chart.setBackgroundPaint(Color.CYAN);
// set the stroke for each series...
plot.getRenderer().setSeriesStroke(
0,
new BasicStroke(
2.0f, BasicStroke.CAP_ROUND, BasicStroke.JOIN_ROUND,
1.0f, new float[] {10.0f, 6.0f}, 0.0f
)
);
plot.getRenderer().setSeriesStroke(
7/28/2019 Dhana Print Final Report
43/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
43
1,
new BasicStroke(
2.0f, BasicStroke.CAP_ROUND, BasicStroke.JOIN_ROUND,
1.0f, new float[] {6.0f, 6.0f}, 0.0f
)
);
plot.getRenderer().setSeriesStroke(
2,
new BasicStroke(
2.0f, BasicStroke.CAP_ROUND, BasicStroke.JOIN_ROUND,
1.0f, new float[] {2.0f, 6.0f}, 0.0f
)
);
// customise the renderer...
final LineAndShapeRenderer renderer = (LineAndShapeRenderer) plot.getRenderer();
// renderer.setDrawShapes(true);
renderer.setItemLabelsVisible(true);
// customise the range axis...
final NumberAxis rangeAxis = (NumberAxis) plot.getRangeAxis();
rangeAxis.setStandardTickUnits(NumberAxis.createIntegerTickUnits());
rangeAxis.setAutoRangeIncludesZero(false);
rangeAxis.setUpperMargin(0.12);
return chart;
}
public static void main(final String[] args) {
final graph local = new graph("Novel defense mechanism against data flooding attacks in wireless ad
hoc networks");
local.pack();
RefineryUtilities.centerFrameOnScreen(local);
local.setVisible(true);
}
}
7/28/2019 Dhana Print Final Report
44/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
44
11. Effect of flooding attack
Initially it suggest to adjust the map settings but defaultly it takes some parameter
values
Fig: 16: Nodes Are participating in Ad Hoc Network
In wireless ad hoc networks all nodes are participating in a communication network
range when they need. Each and every mobile will have distinct parametric values and
their power ranges. At a particular instant of time every node can act as base station
along their network. Before establishing communication between an nodes their need to
build a route between nodes. After establishing a route communication may be done.
Fig 17:Effect of the flooding attack in MANET
7/28/2019 Dhana Print Final Report
45/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
45
Simulation Results:
Fig 18: Simulation Environment of the PDM scheme in MANET
Fig: 19 Evaluation of Random way point Model
7/28/2019 Dhana Print Final Report
46/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
46
Fig: 20 values stored in data base
Fig : 21 graphical analysis of periodic based defense mechanism
7/28/2019 Dhana Print Final Report
47/51
7/28/2019 Dhana Print Final Report
48/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
48
Valid Input : identified classes of valid input must be accepted.
Invalid Input : identified classes of invalid input must be rejected.
Functions : identified functions must be exercised.
Output : identified classes of application outputs must be exercised.
Systems/Procedures: interfacing systems or procedures must be invoked.
Organization and preparation of functional tests is focused on requirements, key
functions, or special test cases. In addition, systematic coverage pertaining to identify
Business process flows; data fields, predefined processes, and successive processes must
be considered for testing. Before functional testing is complete, additional tests are
identified and the effective value of current tests is determined.
System Test
System testing ensures that the entire integrated software system meets
requirements. It tests a configuration to ensure known and predictable results. An
example of system testing is the configuration oriented system integration test. System
testing is based on process descriptions and flows, emphasizing pre-driven process links
and integration points.
White Box Testing
White Box Testing is a testing in which in which the software tester has
knowledge of the inner workings, structure and language of the software, or at least its
purpose. It is purpose. It is used to test areas that cannot be reached from a black box
level.
Black Box Testing
Black Box Testing is testing the software without any knowledge of the inner
workings, structure or language of the module being tested. Black box tests, as most
other kinds of tests, must be written from a definitive source document, such as
specification or requirements document, such as specification or requirements document.
It is a testing in which the software under test is treated, as a black box .you cannot see
into it. The test provides inputs and responds to outputs without considering how the
software works.
7/28/2019 Dhana Print Final Report
49/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
49
Unit Testing:
Unit testing is usually conducted as part of a combined code and unit test phase
of the software lifecycle, although it is not uncommon for coding and unit testing to be
conducted as two distinct phases.
Test strategy and approach
Field testing will be performed manually and functional tests will be written in
detail.
Test objectives
All field entries must work properly.
Pages must be activated from the identified link.
The entry screen, messages and responses must not be delayed.
Features to be tested
Verify that the entries are of the correct format
No duplicate entries should be allowed
All links should take the user to the correct page.
Integration Testing
Software integration testing is the incremental integration testing of two or more
integrated software components on a single platform to produce failures caused by
interface defects.
The task of the integration test is to check that components or software
applications, e.g. components in a software system or one step up software
applications at the company levelinteract without error.
Test Results: All the test cases mentioned above passed successfully. No defects
encountered.
Acceptance Testing
User Acceptance Testing is a critical phase of any project and requires significant
participation by the end user. It also ensures that the system meets the functional
requirements.
Test Results: All the test cases mentioned above passed successfully. No defects
encountered.
7/28/2019 Dhana Print Final Report
50/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
50
13. CONCLUSION
The proposed the period-based defense mechanism against data flooding attack
paralyzes a victim node by consuming its resources. Hence, the throughput of the victim
node is significantly reduced. However, the current defense systems focus on RREQ
flooding attacks rather than the data flooding attack. They easily reduce the throughput
of burst traffic by comparing with the simple threshold. Hence, we aim to enhance the
throughput of burst traffic under the data flooding attack. The proposed scheme uses a
blacklist, considers the data type, and processes packets according to the priority so as to
defend against data flooding attacks; since the attacker forwards many data packets at a
high rate for the whole session. Recently, many users like to download and share
multimedia data, so we expect that the proposed scheme is useful to networks where
burst traffic are transferred.
7/28/2019 Dhana Print Final Report
51/51
Routing security against data flooding attack in wireless mobile Ad Hoc networks
REFERENCES
[1] A. Jamal pour, "Self-organizing networks [message from the editor-in-
chief],"IEEE Wireless Communications, vol. 15, no. 6, pp.2-3, Dec. 2008.[2] S.-J. Lee and M. Gerla, "Split multipath routing with maximally disjoint paths in
ad hoc networks," IEEE International Conference on Communications
(ICC2001), vol. 10, pp. 3201-3205, Jun. 2001.
[3] L. Xia and J. Slay, "Securing wireless ad hoc networks: towards a mobile agent
security architecture," the 2nd Australian Information Security Management
Conference 2004 (InfoSec 2004), Nov. 2004.
[4] M. Al-Shurman, S.-M. Yoo, and S. Park, "Black hole attack in mobile ad hoc
networks," the 42nd annual Southeast regional conference ACM Southeast
Regional Conference (ACMSE 2004), pp. 96-97, Apr. 2004.
[5] Y.-C. Hu, A. Perrig, D. B. Johnson, "Wormhole attacks in wireless networks,"
IEEE Journal on Selected Areas in Communications, vol. 24, no. 2, pp. 370- 380,
Feb. 2006.
[6] Y.-C. Hu, A. Perrig, and D. B. Johnson, "Rushing attacks and defense in Wireless
ad hoc network routing protocols," the 2nd ACM Workshop on Wireless Security,
pp. 30-40, Sept. 2003.
Top Related