@IJMTER-2016, All rights Reserved 519 Secure and Flexible Communication Technique: Implementation Using MAC Filter in WLAN and MANET for IP Spoofing Detection Ashwini R. Vaidya 1 , Siddhant Jaiswal 2 1,2 Department of Computer Science , G.H. Raisoni College of Engineering Nagpur, India Abstract— Wireless networking is the major aspect in the area of the communication system. MANET is having the infrastructure less, distributed and dynamic network. It consists of collection of moving nodes that communicates with each other without use of centralized user. As we know MANET has distributed in nature, there may occur various kind of security attacks such as worm whole, black hole, Sybil, DDOS attack also injecting the malicious nodes, false identity creation and also including spoofing attacks, reduces the overall routine of wireless networks. Due to insufficient security in the network, various kind of threats can be destroy the topology and minimize the speed of nodes in the area. WLAN could Network are vulnerable to the user. System Administrator can compromise his responsibilities and can access external threats. To overcome limited securities in WLAN and MANET it will enhance by using MAC filter for IP address spoofing. This system implement an effective algorithm for the authentication process or verification and filtering of the MAC addresses of the wireless devices. Index Terms—MANET, WLAN, MAC Address, IP Address, MAC Filter, DHCP, Intrusion detection, AD-HOC,IP Spoofing, Sever side database. I. INTRODUCTION As we all knows very well wireless technology have made it the most widely used communication system. As 802.11 networks increase in popularity for connecting to the internet so also have attacks against such networks. Wireless networks are vulnerable to the accessing the node. The main advantages of the wireless networks regarding the wireless as it will have the good networks among all networks topology, and also their mobility, flexibility and inexpensive deployment and maintenance cost, and the most is while doing the wiring purpose. So it will get more useful when we are using the wireless network instead of wired. As we know the IEEE 802.11 e has having the most of the good wireless purpose having the most of the qualities.ing With having exponential growth in the deployment of wireless Local Area Networks(WLAN), now the security issue of all these networks has become more concern for both server and client. MANET is the best way of ad hoc network which is used to communicate moving nodes in wireless network. It is distributed in nature not having the specific infrastructure. It generally changes its topology according to its need. Wireless LAN networks and MANET are prone assaults they have the centralized server to control the communication nodes in the network. Various kinds of attacks are there which are reduces the overall routine of the wireless networks. Verification of the identity or uniqueness is not possible as it necessitates key service management for more general calculations. An efficient algorithm is proposed to identification of the IP spoofing. Using the MAC filter means we are storing the authenticated MAC address of the client machine into the database, which can help to detect IP spoofing by comparing the MAC address of new client with the database having stored MAC address.
7
Embed
Secure and Flexible Communication Technique ... and Flexible Communication Technique: Implementation Using ... MAC Filter, DHCP, Intrusion detection, AD-HOC,IP Spoofing, ... Wireless
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
@IJMTER-2016, All rights Reserved 519
Secure and Flexible Communication Technique: Implementation Using
MAC Filter in WLAN and MANET for IP Spoofing Detection Ashwini R. Vaidya
1, Siddhant Jaiswal
2
1,2
Department of Computer Science , G.H. Raisoni College of Engineering Nagpur, India
Abstract— Wireless networking is the major aspect in the area of the communication system. MANET is
having the infrastructure less, distributed and dynamic network. It consists of collection of moving nodes
that communicates with each other without use of centralized user. As we know MANET has distributed in
nature, there may occur various kind of security attacks such as worm whole, black hole, Sybil, DDOS
attack also injecting the malicious nodes, false identity creation and also including spoofing attacks,
reduces the overall routine of wireless networks. Due to insufficient security in the network, various kind of
threats can be destroy the topology and minimize the speed of nodes in the area. WLAN could Network are
vulnerable to the user. System Administrator can compromise his responsibilities and can access external
threats. To overcome limited securities in WLAN and MANET it will enhance by using MAC filter for IP
address spoofing. This system implement an effective algorithm for the authentication process or
verification and filtering of the MAC addresses of the wireless devices.
Index Terms—MANET, WLAN, MAC Address, IP Address, MAC Filter, DHCP, Intrusion
detection, AD-HOC,IP Spoofing, Sever side database.
I. INTRODUCTION
As we all knows very well wireless technology have made it the most widely used communication system.
As 802.11 networks increase in popularity for connecting to the internet so also have attacks against such
networks. Wireless networks are vulnerable to the accessing the node. The main advantages of the wireless
networks regarding the wireless as it will have the good networks among all networks topology, and also
their mobility, flexibility and inexpensive deployment and maintenance cost, and the most is while doing
the wiring purpose. So it will get more useful when we are using the wireless network instead of wired. As
we know the IEEE 802.11 e has having the most of the good wireless purpose having the most of the
qualities.ing With having exponential growth in the deployment of wireless Local Area Networks(WLAN),
now the security issue of all these networks has become more concern for both server and client.
MANET is the best way of ad hoc network which is used to communicate moving nodes in wireless
network. It is distributed in nature not having the specific infrastructure. It generally changes its topology
according to its need.
Wireless LAN networks and MANET are prone assaults they have the centralized server to control the
communication
nodes in the network. Various kinds of attacks are there which are reduces the overall routine of the
wireless networks. Verification of the identity or uniqueness is not possible as it necessitates key service
management for more general calculations. An efficient algorithm is proposed to identification of the IP
spoofing. Using the MAC filter means we are storing the authenticated MAC address of the client machine
into the database, which can help to detect IP spoofing by comparing the MAC address of new client with
the database having stored MAC address.
International Journal of Modern Trends in Engineering and Research (IJMTER) Volume 03, Issue 04, [April– 2016] ISSN (Online):2349–9745 ; ISSN (Print):2393-8161
@IJMTER-2016, All rights Reserved 520
In this project we need not have to be used Internet connectivity. Network can be formed using AD-HOC
Network.
1. It can be used for wired as well as wireless network
2. Provide level of Security where needed.
There are three types of Network which could be deploy in
Wireless Network.
1. AD-HOC Network:
It does not contains centralize unit like Router. So mobile could not connect it. Like personal
computer, wireless printers.
2. Wireless access point(WAP): It is used for specific purpose like internet share not for file sharing.
3. Wireless Infrastructure(WLAN) : We need a Router which Controls both network internet and file
share.
II. BACKGROUND AND OBJECTIVES
1. IP Spoofing:
IP spoofing means any user could get change IP address of another system. We have studied that 12
bytes of the IP packet contains various information. And remaining 8 bytes contains source and the
destination IP address. Using many tools client or user could change the IP address of another
system.
2. To recognize the uniqueness of the IP address with the help of already stored MAC address.
3. To monitor the new node without having uniqueness of the MAC address.
4. To recognize spoofing and duplication of information attacks in wireless networks and monitor the
process by Browser-server model.
5. Regarding the Encryption and Decryption of the file:
When client will upload any file over the web application then it would get encrypted. After down
loading it would get decrypted in user machine. But still encrypted in server database as we need to
secure file or data in server side too as system administrator could be compromise his or her
responsibilities.
Fig. 1 IP to MAC Mapping.
III. METHODOLOGY AND FLOWCHART
This project has been designed on the basis of client server model. This middleware tier has been designed
like application server for the database server. Here transfer
International Journal of Modern Trends in Volume 03, Issue 04
@IJMTER-2016, All rights Reserved
of the data from client model to database server.
A. Learning Phase B. Practical Phase
• Network
Module: IP
address and
MAC Address
Detecting
Tracking
• Web Application
• File uploading
• File
Downloading
• Design of
APA(Automatic
Program
Administrator)
• Database
Design
• Design for
human admin
panel
• IP spoofing
Types
IV. IMPLEMENTATION
Fig 4: ARP scenario
International Journal of Modern Trends in Engineering and Research (IJMTER)Volume 03, Issue 04, [April– 2016] ISSN (Online):2349–9745 ; ISSN (Print):2393
, All rights Reserved
data from client model to database server.
Practical Phase
Web Application
File uploading
Downloading
Database
Design
IP spoofing
Fig. 2: Proposed Plan of Work
Fig 3: Network Module
IMPLEMENTATION OF PROJECT
Engineering and Research (IJMTER) 9745 ; ISSN (Print):2393-8161
521
Fig. 2: Proposed Plan of Work
International Journal of Modern Trends in Engineering and Research (IJMTER) Volume 03, Issue 04, [April– 2016] ISSN (Online):2349–9745 ; ISSN (Print):2393-8161
@IJMTER-2016, All rights Reserved 522
Use of the Static IP Mapping is being provided here for IP spoofing detection using MAC filter.
Fig.5: Parameter of Network Module get displayed after ARP request
MODULE II: Web Application Design
Fig.6: Web application- Rating to the existing file.
MODULE III: Databases
Fig.7 : Data and files get stored into the database.
The Data and files and application on files gets stored into the MYSQL Database server. Rating value and
updating values get stored into the database.
International Journal of Modern Trends in Engineering and Research (IJMTER) Volume 03, Issue 04, [April– 2016] ISSN (Online):2349–9745 ; ISSN (Print):2393-8161
@IJMTER-2016, All rights Reserved 523
MODULE IV
Server Side Applications: Back End Results.
Fig. 8 Admin could get log into the server side.
Fig.9: Client request to the server : Request is in pending list.
Fig. 10: Admin could accept and reject IP address/client
Admin panel can decide which IP address should be authorized and which should not be. If any IP address
is actually belongs to same WLAN then it would get accepted, otherwise it will be rejected by
Administrator. If user is authorized then it would have all the rights to access the web application and
further procedure.
Fig. 11: Rejected message will be displayed: As unauthorized user will trying to access again and again.
International Journal of Modern Trends in Engineering and Research (IJMTER) Volume 03, Issue 04, [April– 2016] ISSN (Online):2349–9745 ; ISSN (Print):2393-8161
@IJMTER-2016, All rights Reserved 524
IV. RESULTS AND DISSCUSIONS
In this project we are not going with DHCP that is dynamic host control protocol. As our main aim is to
create flexible and secure network providing security within the small wireless LAN. Dynamic allocate IP
address to different machine which will violet the objective of detecting IP spoofing using MAC filter. If
we use DHCP registered use get new and different IP address and then IPS,NRA messages among APA
algorithm will get repeatedly generated on registered client’s machine.
This is very inconvenience to registered user and client to connect and interacts with server system. So for
security purpose and for reliability of use with admin, it is best practice to use static IP address provide
static IP address.
As we have in the fig.12 As If system administrator trying to access the file which is stored in the database
of the server side then the same file could not be opened as that will is in the encrypted form. As we are
providing here 256 bit encryption with using AES technique with implementation of RijindealAES.cs
algorithm.
Fig. 12: Files could not get open as it is encrypted on server side also.
V. CONCLUSION
In this paper, we have studied WLAN and MANET with providing securities to the moving nodes. Also
studied the IP and MAC mapping with static IP address. IP spoofing detection has been performed with
using MAC filter. Any new client or user can access web applications for file access and sharing.
Authorized and registered user could get access to the server. If same user will try to access the network,
then one of the messages would get generated among APA algorithm. We have also provided securities
with the help of AES technique. Encryption and decryption has been provided to the files for security
purpose.
REFERENCES
[1] Keita Emura, nonMember, IEEE, and Akira Kanaoka, nonMember, IEEE, and Satoshi Ohta, nonMember, IEEE “Secure
and Anonymous Communication Technique: Formal Model and its Prototype Implementation” IEEE TRANSACTIONS
ON EMERGING TOPICS IN COMPUTING, VOL. *, NO. *, SEPTEMBER 2015
[2] S .Raguvaran, Member, IEEE “Spoofing Attack: Preventing in Wireless Networks” International Conference on
Communication and Signal Processing, April 3-5, 2014, India
[3] Suman Jana and Sneha K. Kasera”On Fast and Accurate Detectionof Unauthorized Wireless Access Points Using Clock
Skews”IEEE TRANSACTIONS ON MOBILE COMPUTING, VOL. 9, NO. 3, MARCH 2010
[4] Controlling IP Spoofing through Interdomain Packet Filters” IEEE TRANSACTIONS ON DEPENDABLE AND
[5] Ann Mary Jacob1, Saritha S2 “Survey on Various IP Spoofing Detection Techniques” International Journal of Science
and Research (IJSR)
International Journal of Modern Trends in Engineering and Research (IJMTER) Volume 03, Issue 04, [April– 2016] ISSN (Online):2349–9745 ; ISSN (Print):2393-8161
@IJMTER-2016, All rights Reserved 525
[6] Xinyu Yang, Jie Lin, Wei Yu, Paul-Marie Moulema, Xinwen Fu, and Wei Zhao “A Novel En-Route Filtering Scheme
Against False Data Injection Attacks in Cyber-Physical Networked Systems.”IEEE TRANSACTIONS ON
COMPUTERS, VOL. 64, NO. 1, JANUARY 2015
[7] Boldyreva and V. Kumar, “Extended abstract: Provable-security analysis of authenticated encryption in Kerberos,” in
IEEE Symposium on Security and Privacy, 2007, pp. 92–100.
[8] Libert and D. Vergnaud, “Unidirectional chosen-ciphertext secure proxy re-encryption,” IEEE Transactions on
Information Theory, vol. 57, no. 3, pp. 1786–1802, 2011.
[9] Y. Gilad and A. Herzberg, “Plug-and-play IP security – anonymity infrastructure instead of PKI,” in ESORICS, 2013,
pp. 255–272.
[10] Haining Wang, Cheng Jin, and Kang G. Shin,” Defense Against Spoofed IP Traffic Using Hop- Count Filtering”,
IEEE/Acm Transactions On Networking, Vol. 15, No. 1, February 2007.
[11] Yang, Y. Chen, and W. Trappe, "Detecting Spoofing Attacks in Mobile Wireless Environments,"Proc. Ann. IEEE Comm.
Soc. Conf. Sensor, Mesh and Ad Hoc Comm. and Networks (SECON),2009.
[12] Yaar, A. Perrig, and D. Song, “StackPi: New Packet Marking and Filtering Mechanisms for DDoS and IP Spoofing
Defense,” IEEE J. Selected Areas in Comm., vol. 24, no. 10, Oct. 2006.
[13] Z. Duan, X. Yuan, and J. Chandrashekar, “Constructing Inter-Domain Packet Filters to Control IP Spoofing Based on
BGP Updates,” Proc. IEEE INFOCOM, Apr. 2006.
[14] K. Park and H. Lee, “On the Effectiveness of Route-Based Packet Filtering for Distributed DoS Attack Prevention in
Power-Law Internets,” Proc. ACM SIGCOMM, Aug. 2001.