Detection and Prevention of Wormhole Attack in Mobile Adhoc Networks

Detection and prevention of wormhole attack in mobile adhoc networks

ABSTRACT

Wireless networks are suspectible to many attacks, including an attack known as the

wormhole attack. The wormhole attack is very powerful, and preventing the attack has

proven to be very difficult. A strategic placement of the wormhole can result in a

significant breakdown in communication across a wireless network. In such attacks two or

more malicious colluding nodes create a higher-level virtual tunnel in the network, which

is employed to transport packets between the tunnel endpoints. These tunnels emulate

shorter links in the network and so act as benefit to unsuspecting network nodes which by

default seek shorter routes. This paper present a novel trust-based scheme for identifying

and isolating nodes that create a wormhole in the network without engaging any

cryptographic means. With the help of extensive simulations, we demonstrate that our

scheme functions effectively in the presence of malicious colluding nodes and does not

impose any unnecessary conditions upon the network establishment and operation phase.

kEYWORDS—Ad hoc networks, computer network security, computer networks,

tunneling, wireless LAN, wormhole, packetleash.

CHAPTER 1

INTRODUCTION

An ad-hoc network is built, operated, and maintained by its constituent wireless nodes.

These nodes generally have a limited transmission range and so each node seeks the

assistance of its neighbouring nodes in forwarding packets . In order, to establish routes

between nodes, which are farther than a single hop, specially configured routing protocol

are engaged. The unique feature of these protocols is their ability to trace routes in spite

of a dynamic topology. The nodes in an ad-hoc network generally have limited battery

power and so active routing protocols endeavor to save upon this, by discovering routes

only when they are essentially required. In contrast, proactive routing protocols

continuously establish and maintain routes, so as to avoid the latency that occurs during

new route discoveries. Both types of routing protocols require persistent cooperative

behaviour, with intermediate nodes primarily contributing to the route development.

Similarly each node, which acts like a mobile router, has absolute control over the data

that passes through it. In essence, the membership of any ad-hoc network indisputably

calls for sustained benevolent behaviour by all participating nodes. In real life, such an

altruistic attitude is more than often extremely difficult to realise and so we often find

malicious nodes also present in the same network. Some of these are alien nodes, which

enter the network during its establishment or operation phase, while others may originate

indigenously by compromising an existing benevolent node. These malicious nodes can

carry out both Passive and Active attacks against the network.

In passive attacks a malicious node only eavesdrop upon packet contents, while in active

attacks it may imitate, drop or modify legitimate packets [14]. The severity of such

attacks increases multifold especially when these are performed in collusion. A typical

example of such a cooperative attack is a wormhole in which a malicious node tunnels the

packets from one end of the network to another. The tunnel essentially emulates a shorter

route through the network and so naive nodes prefer to use it rather than alternate longer

routes. The advantage gained by the colluding nodes is obvious as they are now for all

intents and purposes, in charge of a high usage route through the network. The

consequences of such a wormhole on the network can be catastrophic, and in worst-case

scenarios, may lead to a vertex cut in the network.

In this project, we apply a similar trust based scheme to the AODV protocol to detect and

evade wormhole attacks in a pure ad-hoc network. Each node in the network

autonomously executes the trust model and maintains its own evaluation regarding other

nodes in the network.

CHAPTER 2

PROBLEM DOMAIN

A. Problem Statement The increasing popularity and usage of wireless technology is creating a need for more

secure wireless networks. Wireless networks are particularly vulnerable to a Powerful

attack known as the wormhole attack [10] [1]. This paper disscuses a new trust based that

prevents wormhole attacks on a wireless network. A few existing Protocols detect

wormhole attacks but they require highly specialized equipment not found on most

wireless devices. This project aims to develop a defense against Wormhole attacks that

does not require as a significant amount of specialized equipment.

B. Problem Definition

Ad-hoc or spontaneous wireless networks are threatened by a powerful attack known as

the wormhole attack. A wormhole attack [10] [1] can be set up with relative ease, but

preventing one is difficult. To set up a wormhole attack, an attacker places two or more

transceivers at different locations on a wireless network as shown in figure1 as follows.

Node A can reach node C within a shorter time with the help of a wormhole[16]. This

establishes a wormhole or tunnel through which data can transfer faster than it could on

the original network. After setting up a wormhole, an attacker can disrupt routing to

direct packets through the wormhole using a technique known as selective forwarding[10]

depicted in Figure 2.

information about its surroundings such as temperature, sound or movement. The Mica

mote has little room for security measures to protect itself from a wormhole attack.

Current network protocols are also vulnerable to wormhole attacks. So its very necessary

to find out an useful scheme for detection and evasion of wormhole. This paper will

introduce a trust based model for same purpose.

II. ROUTING

The knowledge of routing protocols of MANETs is important to understand the security

problems in MANETs. The routing procols used in MANETs are di- erent from routing

protocols of traditional wired world because of frequent route updates, mobility and

limited transmission range. The performance criteria of nodes in MANETs are different

than that of wired networks. Routing protocols in Mobile Adhoc Networks are majorly of

two categories: Proactive Protocols and Reactive Protocols Reactive Routing protocols

are based on corresponding routes between two nodes , when it is required. This is

different from traditional

Proactive Routing Protocols in which nodes periodically sends messages to each other in

order to maintain routes.

III. SECURITY IN AD HOC NETWORKS

Due to the issues such as shared physical medium, lack Of central management, limited

resources and highly dynamic topology, ad hoc networks are much more vulnerable to

security attacks.Hence it is very necessary to find security solutions. In the following

sections we first address attacks in ad hoc networks, and list several typical special

attacks. we can classify the attacks into two brief categories, namely passive and active

attacks. A passive attack attempts to learn or make use of information from the system

but does not affect system resources. An active attack attempts to alter system resources

or affect their operation.Active attacks can be further classified into two types according

to the location of attackers, namely internal and external active attacks. According to the

layer attacked they can be classified into network layer attacks, transport layer attacks,

Application layer attacks, and multi-Layer attacks.

1) Network layer attacks

Attacks which could occur in network layer of the network protocol stack are:-

Wormhole attack: In this attack, an adversary receives packets at one point in the

network, tunnels them to another point in the network, and then replays them into the

network from that point .This tunnel between two adversaries are called wormhole. It can

be established through a single long-range wireless link or a wired link between the two

adversaries. Hence it is simple for the adversary to make the tunneled packet arrive

sooner than other packets transmitted over a normal multi-hop route.

Black hole attack: In this attack, a malicious node attempts to suggest false path to the

destination. An adversary could prevent the source from finding path to destination, or

forward all messages through a certain node. Routing attacks: In this attack, an adversary

attempts to disrupt the operation of the network. The attacks can be further classified into

several types, namely routing table overflow attack, routing table poisoning attack, packet

replication attack, route cache poisoning, and rushing attack. In a routing table overflow

attack, an adversary attempts to cause an overflow in routing table by adverting routes to

non-existent nodes, while in routing table positining attack the adversary sends false

routing updates or modifies the actual routing updates to result jam in networks.

2) Transport layer attacks

Transport layer attacks is generally session hijacking. In this type of attack, an adversary

obtains the control of a session between two parties. In most cases the authentication

process is executed when a session begins, hence an adversary could take the role of one

party in the whole session.

3) Application layer attacks

In this type of attack, an adversary analyzes the vulnerability. Dozens of attacks aiming at

application layer exist, such as script attack, virus, and worm.

4) Multi-Layer attacks

Attacks, which could occur in any layer of the network protocol stack, fall into this class.

Spoofing attack: Spoofing attacks are also called impersonation attack. The adversary

pretends to have the identity of another node in the network, thus receiving messages

directed to the node it fakes. One of these attacks is man-in-the-middle attack. In this

attack, attackers place their own node between two other nodes communicating with each

other and forward the communication.

Denial of service attack:

In this type of attack, the attacker attempts to prevent the authorized users from accessing

the services. Due to the disadvantage of ad hoc networks, it is much easier to launch Dos

attacks. For example, an adversary could disrupt the on-going transmissions on the

wireless channel by employing jamming signals on the physical and MAC layers.

5) Others

Unlike above addressed attacks, in a device tampering attack, devices such as PDA could

get stolen or damaged easily. The adversary could then get useful data from the stolen

devices and communication on behalf of the owner.

CHAPTER-3

THEORATICAL BACKGROUND

Hu and Evans developed a protocol using directional antennas to prevent

wormhole attacks[6]. Directional antennas are able to detect the angle of arrival

of a signal . In this protocol, two nodes communicate knowing that one node

should be receiving messages from one angle and the other should be receiving

it at the opposite angle (i.e. one from west and the other at east). This protocol

fails only if the attacker strategically placed wormholes residing between two

directional antennas.

Another localization scheme known as the coordinate system involves the work

done by Nagpal, Shrobe and Bachrach at Massachusetts Institute of

Technology (MIT). It uses a subset of GPS nodes to provide nodes without GPS

a sense of relative location . This is achieved using two algorithms:The gradient

which measures a GPS node’s hop count from a point in a network, and

multilateration, which determines the way GPS nodes spread information of its

location to nodes without GPS. Hop counts tell how far a node is from a

particular source. A flaw in using this scheme is that wormholes can disrupt hop

counts within a network . Therefore, any system following this scheme is

rendered defenseless under wormhole attacks.

Rouba El Kaissi et.al[21]obstacles impede the successful deployment of sensor

networks. In addition to the limited resources issue, security is a major concern

especially for applications such as home security monitoring, military, and

battle field applications. This paper presents a defense mechanism against

wormhole attacks in wireless sensor networks. Specifically, a simple routing

tree protocol is proposed

Y. C. Hu et.al.[18] have considered packet leashes – geographic and

packet can traverse is not always easy to determine. In temporal leashes,

extremely accurate globally synchronized clocks are used to bound the

propagation time of packets that could be hard to obtain particularly in low-cost

sensor hardware. Even when available, such timing analysis may not be able to

detect cut-through or physical layer wormhole attacks.

In S. Capkun et.al.[19], an authenticated distance bounding technique called

MAD is used. The approach is similar to packet leashes at a high level, but does

not require location information or clock synchronization. But it still suffers

from other limitations of the packet leashes technique. In the Echo protocol

[20], ultrasound is used to bound the distance for a secure location verification.

Use of ultrasound instead of RF signals as before helps in relaxing the timing

requirements; but needs an additional hardware. In a recent work [4], authors

have focused on practical methods of detecting wormholes. This technique uses

timing constraints and authentication to verify whether a node is a true

neighbor. The authors develop a protocol that can be implemented in 802.11

capable hardware with minor modifications. Still it remains unclear how

realistic such timing analysis could be in low-cost sensor hardware. In this

paper, the performance of multi-path routing under wormhole attack is studied

in detail by Ning Song et.al[22]. They showed that multi-path routing is

vulnerable to wormhole attacks. A simple scheme based on statistical analysis

(called SAM) is proposed to detect such attacks and to identify malicious nodes.

Comparing to the previous approaches (for example, using packet leash), no

special requirements (such as time synchronization or GPS) are needed in the

proposed scheme. Simulation results demonstrate that SAM successfully detects

wormhole attacks and locates the malicious nodes in networks with different

topologies and with different node transmission range.

Routing Protocols in MANET

A sender in an ad hoc network may not always be able to pass its packets

directly to the intended receiver. So, routing mechanisms are required

whenever an intended receiver is outside the transmission range of the sender .

The goal of the routing protocol is to discover the latest topology. The routing

protocols in MANET can be classified into three categories:

a) Proactive routing protocols:

In this family of routing protocol, all nodes exchange routing information

periodically or whenever the topology changes. Since each node maintains a

consistent view of the network, a route to the destination (if it can be reached)

is always available. Examples of proactive routing protocols include:

Destination-Sequenced Distance-Vector (DSDV) or Optimized Lint State

Routing (OLSR).

b) Reactive routing protocols:

In reactive routing, the route discovery process is initiated by a sender

whenever it wants to send packets to a destination. The route is maintained

until the destination becomes unreachable or is not needed anymore. Examples

are: Ad hoc ondemand Distance Vector (AODV) , Dynamic Source Routing

(DSR) [9], and Temporally Ordered Routing Algorithm (TORA).

c) Hybrid routing protocols:

The characteristics of proactive and reactive routing protocols are combined to

avoid the shortcomings of the two families and to retain most of their benefits.

Examples of hybrid routing protocols include: Zone Routing Protocol (ZRP) ,

and Wireless Adaptive Routing Protocol (WARP) .In the following sections, we

present illustration of two of the most popular routing protocols in ad hoc

networking: ad hoc on-demand distance vector (AODV) and optimized link

state routing (OLSR). In this research, our focus is on designing detection

mechanisms for two variations of wormhole attacks in AODV and OLSR

routing. We also present brief descriptions on other routing protocols (e.g.,

DSR, DSDV, and ZRP).

Ad Hoc On-Demand Distance Vector (AODV)

AODV [8] is a reactive routing protocol developed for MANET which uses

traditional routing table with one entry per destination. In this routing protocol,

routes are established dynamically at intermediate nodes. Each node maintains

sequence numbers to determine freshness of routing information and avoid

routing loops. Another important feature is the maintenance of timer-based

state, which is required to decide whether a routing table entry is expired or

not. The route discovery process in AODV starts with the broadcast of route

request (RREQ) packets by a source (S), who wants to send a packet to a

destination (D) for which it does not have any route information. A recipient of

RREQ first checks the sender ID and broadcast ID included in the RREQ

packet to make sure whether it has already received the same RREQ. If not, it

stores the sender ID as a reference for reverse path, increments the hop count

field, and rebroadcasts the RREQ in its vicinity. This process is continued until

a route to the destination (D) is found.

WORMHOLE ATTACK IN AODV

In any ad-hoc network, a wormhole can be created through the following three

ways:

1.Tunneling of packets above the network layer

2. Long-range tunnel using high power transmitters

3.Tunnel creation via external wired infrastructure

In the first type of wormhole, all packets which are received by a malicious

node are duly modified, encapsulated in a higher layer protocol and dispatched

to the colluding node using the services of the network nodes. These

encapsulated packets traverse the network in the regular manner until they reach

the collaborating node The recipient malicious node, extracts the original

packet, makes the requisite modifications and sends them to the intended

destination.

In the second and third type of wormholes, the packets are modified and

encapsulated in a similar manner. However, instead of being dispatched through

the network nodes, they are sent using a point to-point specialized link between

the colluding nodes. In this thesis, we only discuss solutions to the first type of

wormhole, which in our opinion has greater applicability to pure ad-hoc

networks. In an ad-hoc network executing the AODV protocol, each packet

contains the complete list of nodes that it has to traverse in order to reach the

destination. This feature, although excludes intermediate nodes form making

any routing decisions, can still be exploited to create a wormhole. Such

wormholes can be created in a number of topological scenarios. However, all

such settings are primarily derived from scenarios where the colluding nodes

(M1,M2) are not the immediate neighbours of the source (S) and destination (D)

nodes.Wormhole creation in such a scenario is generally accomplished using

the following steps: Sustained Routes between Colluding Nodes M1 and M2

periodically establish and maintain routes to each other in the network at all

times. This route serves as a higher layer tunnel for all other nodes whose traffic

is routed through M1 and M2. Fallacious Response to Source Node Route

Requests whenever a ROUTE REQUEST packet from S is received by M1, it

immediately sends a ROUTE REPLY packet so as to portray minimal delay.

M1 also makes the ROUTE REPLY packet (S-1-M1-M2-D) as short as

possible, indicating D as an immediate neighbour of M2. Such ROUTE REPLY

packets, have a high probability of being selected by S as they have minimal

hop-count and latency. Route Development till the Destination NodeM1 informs

M2 to initiate a route discovery to D through a pre agreed upon higher layer

protocol and also performs the same. In the mean time, all data packets from S

to D are buffered for a certain interval at M1. While waiting for a route to D, if

M1 receives a ROUTE REPLY packet from D to S, it verifies whether it can

reach D through M2. If yes, it creates a new working source route option from

M2 to D (S-M1-M2-5-D) for the buffered packets, encapsulates and sends them

to M2, else it waits for the ROUTE REPLY packet to be received in response to

the ROUTE REQUEST packet that was initiated by itself and M2. Upon receipt

of these ROUTE REPLY packets, M1 traces an optimal route to D through M2.

However, if during this waiting period, the buffer interval expires or an

overflow occurs, M1 sends a ROUTE ERROR packet to S for the last received

data packet.

WORMHOLE ATTACK IN AODV

Types of Wormhole Attack

Number of nodes involved in establishing wormhole and the way to establish it

classifies wormhole into the following types.

1.Wormhole using Out-of-Band Channel

In this two-ended wormhole, a dedicated out-of-band high bandwidth channel is

placed between end points to create a wormhole link. Fig. 2 represents this case.

2.Wormhole using Packet Encapsulation

Each packet is routed via the legitimate path only, when received by the worm-

hole end, gets encapsulated to prevent nodes on way from incrementing hop

counts.The packet is brought into original form by the second end point.

3.Wormhole using High Power Transmission

This kind of wormhole approach has only one malicious node with much high

transmission capability that attracts the packets to follow path passing from it.

4.Wormhole using Packet Relay

Like the previous approach, only one malicious node is required that replays

packets between two far nodes and this way fake neighbors are created.

5. Wormhole using Protocol Deviation

The malicious node creates wormhole by forwarding packets without backing

off unlike a legitimate node and thus, increases the possibility of wormhole path

getting selected. [5]

Models of Wormhole Attacks

Packet forwarding behaviour of wormhole end points as well as their tendency

to hide or show the identities, leads to the following three kinds of models.

Here, S and D are the source and destination respectively. Nodes M1 and M2

are malicious nodes.

Open Wormhole

Source and destination nodes and wormhole ends M1 and M2 are visible. Iden-

tities of nodes A and B, on the traversed path are kept hidden.

Half-Open Wormhole

Malicious node M1 near the source is visible, while second end M2 is set hid-

den. This leads to path S-M1-D for the packets sent by S for D.

Close Wormhole

Identities of all the intermediate nodes on path from S to D are kept hidden.

This leads to a scenario where both source and destination feel themselves only

one-hop away from each other. Thus fake neighbours are created.

CHAPTER 4

SOLUTION DOMAIN

Ad hoc on demand Distance Vector routing protocol (AODV) is a widely used

protocol for Mobile Ad hoc network. It is a pure on-demand routing protocol.

For sending messages to destination, it broadcasts RREQ messages to its

immediate neighbors. These neighbors in turn rebroadcast them to their

neighbors. This process continues unless the RREQ message reaches the

destination. Upon receiving the first RREQ message from the source node, it

sends a RREP to the source node following the same reverse path. All the

intermediate nodes also set up forward route entries in their table. Upon

detecting error in any link to a node, the neighboring nodes forward route error

message to all its neighbors using the link. These again initiate a route discovery

process to replace the broken link. The AODV routing protocol is vulnerable to

wormhole attack. Since the colluding nodes involved in wormhole attack uses a

high speed channel to send messages, it is possible that the RREQ packet

through them reaches the destination faster compared to usual path. According

to this protocol, the destination discards all the later RREQ packets received,

even though they are from authenticated node. The destination therefore

chooses the false path through wormhole for RREP.

We will simulate the performance of simple AODV and AODV under worm

whole attack with help of network simulator (ns-2) then we do performance

analysis for both the condition. Then we will use cryptographic techniques to

prevent the data loss.

Techniques for Wormhole Detection

There are several simple techniques to detect wormholes in a network but these

have some basic flaws which are discussed in the current section.

Link Frequency Analysis.

Analysis of the link frequency is a simple method to detect a wormhole in a

Network. Abnormally high frequency of a link could suggest that it can be a

wormhole luring traffic into it. But in the case of cluster networks where the

bottleneck links offer comparable delays as that of a wormhole in the network,

the traffic might be equally distributed between the bottleneck link and the

wormhole link and there is no way to find whether there is a wormhole and if

found, it will be difficult to identify the wormhole link.

Trust Based Model.

Another significant method to detect wormholes is by the use of trust informa-

tion. Nodes can monitor the behaviour of their neighbour and rate them. Assum-

ing that a wormhole drops all the packets it receives as in blackholes, a worm-

hole in such a system should have the least trust level and can be easily elimin-

ated. Drops in bottleneck in a network could be due to congestion, which could

be triggered by improper routing, high TCP window sizes, sudden bursts of

traffic from a node etc. But all these drops occur in bursts and network gets re-

configured after congestion. For example, if there are a lot of drops in TCP, the

window size is decreased. Hence, the drop of packets in bottleneck is generally

high only during congestion after which it is brought down again.

CHAPTER 5

SOFTWARE DOMAIN

SOFTWARE REQUIRMENTS

Network Simulator – ns2

Ns2 is a discrete event simulator targeted at networking research. It provides

substantial support for simulation of TCP, routing and multicast protocols over

wired and wireless networks. It consists of two simulation tools. The network

simulator (ns) contains all commonly used IP protocols. The network animator

(nam) is use to visualize the simulations. Ns2 fully simulates a layered network

from the physical radio transmission channel to high-level applications.Ns2 is

an object-oriented simulator written in C++ and TCL.The simulator supports a

class hierarchy in C++ and a similar class hierarchy within the TCL interpreter.

There is a one-to-one correspondence between a class in the interpreted

hierarchy and one in the compile hierarchy. The reason to use two different

programming languages is that OTCL is suitable for the programs and

configurations that demand frequent and fast change while C++ is suitable for

the programs that have high demand in speed.Ns2 is highly extensible. It not

only supports most commonly used IP protocols but also allows the users to

extend or implement their own protocols. The latest ns2 version supports the

four ad hoc routing protocols, including AODV. It also provides powerful trace

functionalities, which are very important in our project since various

information need to be logged for analysis. The full source code of ns2 can be

downloaded and compiled for multiple platforms such as UNIX, Windows.

Languages Used

C++

C++ is a programming language that implements object-oriented programming.

It is a popular language that is usable for many applications. As many compilers

support the ANSI/ISO standard for C++, programs written in C++ are highly

portable between different platforms. Because C++ uses a compiler, each time

something in the source code is changed, the program has to be partially

recompiled and delinked. If properly programmed, C++ programs can be fast. In

comparison with the C language, C++ source code generally describes a

problem, while a C source describes the solution of a problem. C++ is a superset

of C, which means that a programmer is free to use C code for the speed critical

parts of a program.

TCL

TCL is an interpretive language. In TCL, a programmer can add new commands

to the language by implementing them as C functions. The C functions can then

be called from the command line interface of the TCL interpreter. Besides from

implementing individual functions in the TCL language, a programmer can use

TCL as a front-end to a system, programmed in C. TK is a toolkit that is used to

extend TCL programs with a Graphical User Interface (GUI).

Simple Example in OTcl

#Create a simulator object

set ns [new Simulator]

#Define different colors for data flows (for NAM)

$ns color 1 Blue

$ns color 2 Red

#Open the NAM trace file

set nf [open out.nam w]

$ns namtrace-all $nf

#Define a ’finish’ procedure proc finish {} {

global ns nf

$ns flush-trace

#Close the NAM trace file

close $nf

#Execute NAM on the trace file

exec nam out.nam &

exit 0

}

#Create four nodes

set n0 [$ns node]

set n1 [$ns node]

set n2 [$ns node]

set n3 [$ns node]

#Create links between the nodes

$ns duplex-link $n0 $n2 2Mb 10ms DropTail

$ns duplex-link $n1 $n2 2Mb 10ms DropTail

$ns duplex-link $n2 $n3 1.7Mb 20ms DropTail

#Set Queue Size of link (n2-n3) to 10

$ns queue-limit $n2 $n3 10

#Give node position (for NAM)

$ns duplex-link-op $n0 $n2 orient right-down

$ns duplex-link-op $n1 $n2 orient right-up

$ns duplex-link-op $n2 $n3 orient right

#Monitor the queue for link (n2-n3). (for NAM)

$ns duplex-link-op $n2 $n3 queuePos 0.5

15A Simple Example in OTcl (Con’t)

#Setup a TCP connection

set tcp [new Agent/TCP]

$tcp set class_ 2

$ns attach-agent $n0 $tcp

set sink [new Agent/TCPSink]

$ns attach-agent $n3 $sink

$ns connect $tcp $sink

$tcp set fid_ 1

#Setup a FTP over TCP connection

set ftp [new Application/FTP]

$ftp attach-agent $tcp

$ftp set type_ FTP

#Setup a UDP connection

set udp [new Agent/UDP]

$ns attach-agent $n1 $udp

set null [new Agent/Null]

$ns attach-agent $n3 $null

$ns connect $udp $null

$udp set fid_ 2

16A Simple Example in OTcl (Con’t)

#Setup a CBR over UDP connection

set cbr [new Application/Traffic/CBR]

$cbr attach-agent $udp $cbr

set type_ CBR $cbr

set packet_size_ 1000 $cbr

set rate_ 1mb $cbr

set random_ false

#Schedule events for the CBR and FTP agents

$ns at 0.1 "$cbr start"

$ns at 1.0 "$ftp start"

$ns at 4.0 "$ftp stop"

$ns at 4.5 "$cbr stop"

#Detach tcp and sink agents (not really necessary)

$ns at 4.5 "$ns detach-agent $n0 $tcp ;

$ns detach-agent $n3 $sink"

#Call the finish procedure after 5 seconds of simulation time

$ns at 5.0 "finish"

#Print CBR packet size and interval

puts "CBR packet size = [$cbr set packet_size_]"

puts "CBR interval = [$cbr set interval_]"

#Run the simulation

CHAPTER 6

SIMULATION SETUP AND OUTPUT

Number of nodes 9Simulation Time 450 SECEnvironment Size 500*500

Transmission Range 250 MPacket Size 1518BYTE

Maximum Speed 20 M/SPROPOGATION MODEL TWO-RAY GROUND

Simulator Network Simulator-2Mobility Model RANDOM WAY POINTAntenna Type OMNI DIRECTIONAL ANTEENA

SIMULATION CODE FOR AODV PROTOCOL

set val(chan) Channel/WirelessChannel ;# Channel Type

set val(prop) Propagation/TwoRayGround ;# radio-propagation model

set val(netif) Phy/WirelessPhy ;# network interface type

set val(mac) Mac/802_11 ;# MAC type

set val(ifq) Queue/DropTail/PriQueue ;# interface queue type

set val(ll) LL ;# link layer type

set val(ant) Antenna/OmniAntenna ;# antenna model

set val(ifqlen) 50 ;# max packet in ifq

set val(nn) 9 ;# number of mobilenodes

set val(rp) AODV ;# routing protocol

set val(x) 500

set val(y) 500

# Initialize Global Variables

set ns_ [new Simulator]

set tracefd [open wireless-sim-aodv.tr w]

$ns_ trace-all $tracefd

set namtrace [open wireless-sim-aodv.nam w]

$ns_ namtrace-all-wireless $namtrace $val(x) $val(y)

# set up topography object

set topo [new Topography]

$topo load_flatgrid $val(x) $val(y)

# Create God

create-god $val(nn)

# Create channel

set chan_ [new $val(chan)]

# Create node(0) "attached" to channel #1

# configure node, please note the change below.

$ns_ node-config -adhocRouting $val(rp) \

-llType $val(ll) \

-macType $val(mac) \

-ifqType $val(ifq) \

-ifqLen $val(ifqlen) \

-antType $val(ant) \

-propType $val(prop) \

-phyType $val(netif) \

-topoInstance $topo \

-agentTrace ON \

-routerTrace ON \

-macTrace ON \

-movementTrace OFF \

-channel $chan_

for {set i 0} {$i < $val(nn)} {incr i} {

set node_($i) [$ns_ node]

}

for {set i 0} {$i < $val(nn)} {incr i} {

$node_($i) random-motion 0

}

#

# Provide initial (X,Y, for now Z=0) co-ordinates for mobilenodes

#

$node_(0) set X_ 0.0

$node_(0) set Y_ 200.0

$node_(0) set Z_ 0.0

$node_(1) set X_ 0.0

$node_(1) set Y_ 400.0

$node_(1) set Z_ 0.0

$node_(2) set X_ 200.0

$node_(2) set Y_ 100.0

$node_(2) set Z_ 0.0

$node_(3) set X_ 200.0

$node_(3) set Y_ 500.0

$node_(3) set Z_ 0.0

$node_(4) set X_ 300.0

$node_(4) set Y_ 300.0

$node_(4) set Z_ 0.0

$node_(5) set X_ 400.0

$node_(5) set Y_ 100.0

$node_(5) set Z_ 0.0

$node_(6) set X_ 400.0

$node_(6) set Y_ 500.0

$node_(6) set Z_ 0.0

$node_(7) set X_ 600.0

$node_(7) set Y_ 200.0

$node_(7) set Z_ 0.0

$node_(8) set X_ 600.0

$node_(8) set Y_ 400.0

$node_(8) set Z_ 0.0

for {set i 0} {$i < $val(nn)} {incr i} {

$ns_ initial_node_pos $node_($i) 20

}

# Setup traffic flow between nodes

# TCP connections between node_(0) and node_(1)

set tcp1 [new Agent/TCP]

$tcp1 set class_ 2

set sink1 [new Agent/TCPSink]

$ns_ attach-agent $node_(0) $tcp1

$ns_ attach-agent $node_(7) $sink1

$ns_ connect $tcp1 $sink1

set ftp1 [new Application/FTP]

$ftp1 attach-agent $tcp1

$ns_ at 3.0 "$ftp1 start"

set tcp2 [new Agent/TCP]

$tcp2 set class_ 2

set sink2 [new Agent/TCPSink]

$ns_ attach-agent $node_(1) $tcp2

$ns_ attach-agent $node_(8) $sink2

$ns_ connect $tcp2 $sink2

set ftp2 [new Application/FTP]

$ftp2 attach-agent $tcp2

$ns_ at 5.0 "$ftp2 start"

#

# Tell nodes when the simulation ends

#

for {set i 0} {$i < $val(nn)} {incr i} {

$ns_ at 450.0 "$node_($i) reset";

}

$ns_ at 450.0 "stop"

$ns_ at 450.01 "puts \"NS EXITING...\" ; $ns_ halt"

proc stop {} {

global ns_ tracefd

$ns_ flush-trace

close $tracefd

}

puts "Starting Simulation..."

$ns_ run

NAM OUTPUT OF AODV.TCL

S. No. Packet AODV

1. Sent 20929

2. Received 18797

3. Ratio 0.8981

CHAPTER - 7

CONCLUSION AND FUTURE WORK

A wormhole is one of prominent attack that is formed by malicious colluding

nodes. The detection and evasion of such wormholes in an ad-hoc network is

still considered a challenging task. In order to protect from wormholes, current

security-based solutions propose the establishment of ad-hoc networks in a

controlled manner, often requiring specialised node hardware to facilitate

deployment of cryptographic mechanisms. In this work we have simulated

AODV protocol and measured the packet delivery ratio which will help in

further enhancement of this project.

In our second phase we will simulate in total three scenarios. First, will be

implementing wormhole attack under MANET using AODV protocol. Second

we will be using trust model to detect and prevent the wormhole attack. In third

simulation we will be using the concept of cryptography to prevent wormhole

attack. Now total there will be three simulations as result of which we will show

result in the form of comparison between all the three scenarios using the below

performance matrices.

1.Throughput

2.Average End to End Delay

3.Packet Delivery Ratio

4.Latency Rate.

REFRENCES

1. C. Perkins, Ad hoc networking, Addison-Wesley, 2000.

2. J. Sun, Mobile ad hoc networking: an essential technology for pervasive computing. Proceedings of International Conferences on Infotech & Infonet, Beijing, China, C: p. 316–321.

3. M. Bansal, R. Rajput, and G. Gupta, Mobile ad hoc networking (MANET): routing protocol performance issues and evaluation considerations.Mobile Ad-hoc Network (MANET) Working Group, IETF (1998). 4. H. Yang, H. Luo, F. Ye, S. Lu, et. al., Security in mobile ad hoc networks: challenges and solutions. IEEE Wireless Communications, 2004. 11(1): p. 38-47.

5. M. Lasermann, Characterizing MANET topologies and analyzing their impact on routing protocols. Diploma Thesis, Stuttgart University, Germany, 2002.

6. C. Perkins and P. Bhagwat. Highly dynamic destination-sequenced distance-vector routing (DSDV) for mobile computers. In Proceedings of SIGCOMM '94 Conference on Communications, Architectures, Protocols, and Applications, (London, UK, Sept. 1994), p. 234-244.

7. C. Adjih, A. Laouiti, P. Minet, et. al., Optimized link state routing protocol. Work in Progress, IETF draft, MANET Working Group, INRIA Rocquencourt, France, 2003.

8. C. Perkins and E. Royer. Ad-hoc on-demand distance vector routing. In Workshop on Mobile Computing and Systems Applications, 1999. 9. D. Johnson and D. Maltz, Dynamic source routing in ad hoc wireless networks. In Mobile computing, T. Imielinski and H. Korth, Eds. Kluwer Academic Publishers, 1996: Ch. 5, p. 153-181.