Research On DoS Attack And Defense In Ad Hoc Network Based On Gateway

Ad Hoc network is kind of wireless and mobile network. Ad Hoc Networks are the collection of wireless computer, communicating among themselves over possible multi-hop paths, without the help of any infrastructure, such as base stations or access points. Nodes in Ad Hoc network collaboratively contribute to routing functionality by forwarding packets for each other to allow nodes to communicate beyond direct wireless transmission range, hence practically all nodes may act as both hosts and routers. Ad Hoc networks require no centralized administration or fixed network infrastructure and can be quickly and inexpensively set up as needed. They can thus be used in scenarios where no infrastructure exists, such as military applications, emergent operations, personal electronic device networking, and civilian applications like an ad-hoc meeting or an ad-hoc classroom.Ad Hoc Network is a multi-hop self-organizing network composed of an amount of wireless receiving and sending equipment. It has its own features of dynamic network structure and network nodes self-organizing. In Ad Hoc Networks, each mobile node may function as both a host and a router. With the development of Ad Hoc Networks, especially the potential for ground, people pay more attention to its security. The mobility and wireless links bring some problems which won't occur in lineate network. To secure Ad Hoc Networks, my dissertation will explore the security technologies in Ad Hoc Networks, including Denial of Service attack. Ad Hoc Networks will often be developed in environments where the nodes of the networks are unattended and have little or no physical protection against tampering. The nodes of Ad Hoc Networks are thus susceptible to compromise. The networks are particularly vulnerable to Denial of Service (DoS) attacks launched through compromised nodes or intruders. Presented in this paper is the Ad Hoc flooding attack, a new attack, which results in denial of service when used against on demand routing protocols for Ad Hoc Networks, such as DSR, AODV.In AODV, path discovery is entirely on-demand. When a source node needs to send packets to a destination to which it has no available route, it broadcasts a Route Request (RREQ) packet to its neighbors. Each mobile node maintains a monotonically increasing sequence number to ensure loop free routing and supersede stale route cache. The source node includes the known sequence number of the destination in the Route Request packet. The intermediate node receiving a Route Request packet checks its route table entries. If it possesses a route toward the destination with greater sequence number than that in the Route Request packet, it unicasts a Route Reply (RREP) packet back to its neighbor from which it received the Route Request packet. Otherwise, it sets up the reverse path and then rebroadcasts the Route Request packet. Duplicate Route Request packets received by one node are silently dropped. This way, the Route Request packet is flooded in a controlled manner in the network, and it will eventually arrive at the destination itself or a node that can supply a fresh route to the destination, which will generate the Route Reply packet. As the Route Reply packet is propagated along the reverse path to the source, the intermediate nodes update their routing tables using distributed Bellman-Ford algorithm with additional constraint on the sequence number, and set up the forward path.The intruder broadcasts mass Route Request packets and useless DATA packets to exhaust the communication bandwidth and node resource so that the valid communication can not be kept. The attack of initiating and forwarding fake Route Requests (RREQ) flooding attack is a typical kind of malicious routing flooding and is easy to launch. This type of attack is hard to detect since malicious nodes have no difference with normal nodes in all aspects except that they do route discoveries much more frequently than other nodes. In the Flooding Attacks, the whole network will be full of RREQ packets which the attacker sends. The communication bandwidth is exhausted by the flooded RREQ packets and the resource of nodes is exhausted at the same time. DATA Flooding Attack is composed of two parts. Firstly, the attack node sets up paths to all nodes in the networks. Secondly, the attacker stream large volumes of useless DATA packets to all nodes along these paths. The excessive DATA packets in network clog the network and deplete the available network bandwidth for communication among the other nodes in the network. The destination node will be busy for receiving the excessive packets from the attacker and can not work normally.On the basis of introducing the basic conception of Ad Hoc flooding attack, this paper discusses the possible security threats to the Ad Hoc Network. A security routing mechanism is proposed, which is composed of neighbor listening and credit standing evaluating. We present a new flooding attack prevention base on Gateway in order to improve the Ad Hoc Network security. This paper does the following detailed jobs:Firstly, a security routing mechanism is presented, which is composed of neighbor listening and credit standing evaluating. We present a value trust relationships between nodes. This credibility relationship is defined as a multiple dynamic evaluation on the object. By calculating credit value of node, we can determine legal node and attacker in the Ad Hoc Network. When node receiving a data packet of source node,According to credibility the data packets corresponding to distinguish between treatment services. If a node attacks other nodes,whose credibility will reduce. When the node is not trust, other node will disconnect communication links. When the nodes receive the source node of data packets, According to trust in the corresponding differentiated services treatment. For the Route Request flooding attacks, we present Route Requests Filter which filters the route request packets. The Route Request Packet delivery rate is restricted by two threshold quantities. The source node Send a large number of route request packets whose credibility will be reduced, preventing Route Request flooding attacks efficiently.Secondly, Gateway Bulletin (GABU) and Attack Report (ATRE) The AODV routing protocol will be used as the base protocol to access Ad Hoc Networks. Modify route request message format and add to Attacker IP Address in the protocol by adding new flag A and B in reserved bit. When A = 1, B=1 indicates the node can come to the higher layer network, that is the gateway node. The gateway node will advertise attacker information by broadcasting the GABU messages and the other nodes can get the information of attacker information from GABU message. When A = 0, B = 1 indicates the node is general node, which will send ATRE message to gateway node. The gateway node can get the information attacker information from ATRE message and reduce attacker's credibility. By sending GABU and ATRE message, all nodes can report and get the information attacker information. All nodes will disconnect communication links together attacker, improving the Ad Hoc Network security.At last, the simulator of NS-2 test bed is used to the experiment on Linux Operating System. In order to study Ad Hoc Flooding to attack the influence which produces to the network performance, simultaneously confirms the defensive measure the actual function effect, the results of our implementation show mechanism can prevent the Ad hoc Flooding attack efficiently.