Er. Geetika Sharma,IJRIT 140 International Journal of Research in Information Technology (IJRIT)
www.ijrit.com ISSN 2001-5569
Comparative Analysis of DDOS Attack on MANET and VANET using various Protocols
Er. Geetika Sharma1, Er. Tamanna Narula2
1Assistant Professor, Department of Computer Science, Chandigarh University Gharaun,Mohali,India
2Assistant Professor, Department of Computer Science, Chandigarh University Gharaun,Mohali,India
Abstract
Vehicular Ad hoc Network (VANET), a subclass of mobile ad hoc networks (MANETs), is a promising approach for the intelligent transportation system (ITS). The design of routing protocols in VANETs is important and necessary issue for support the smart ITS.
The key difference of VANET and MANET is the special mobility pattern and rapidly changeable topology. The aim of this research paper is to discuss different number of scenarios of MANET network and VANET network which we implement in our simulation. And the effect of DDOS attack on various parameters like traffic received, packet delay, end to end delay on different protocols like AODV, DSR, OLSR individually for both the networks i.e. MANET and VANET. In our simulation we implement different routing protocols and also did comparative study that which one is better with respect to different aspects.
Keywords— MANET, VANET, DDoS attack, AODV,DSR, OLSR.
I. Introduction
A Distributed Denial of Service (DDoS) attack is a DoS attack utilizing multiple distributed attack sources. Typically, the attackers use a large number of controlled bots (also referred to as zombies) distributed in different locations to launch a large number of DoS attacks against a single target or multiple targets. With the rapid development of botnets in recent years, the attack traffic scale caused by DDoS attacks has been increasing, with the targets including not only business servers, but also Internet infrastructures such as firewalls, routers and DNS systems as well as network bandwidth. The attack influence sphere has also become broader.
Er. Geetika Sharma,IJRIT 141 Figure 1: Example of MANET
How do DDoS attacks work?
To best understand how DDoS attacks work, let's analyze them from a criminological point of view. A crime has three elements: method, opportunity and motive.
• DDoS Attack Method
In general, network packets use TCP/IP for transmission. The packets themselves are harmless, but if there are too many abnormal packets, it will cause the network devices or servers to overload. This can quickly consume the system resources. Another case is if the packets take advantage of certain protocols’ defects (e.g. artificial incompleteness or malformation), causing the failure of network devices or servers. Both cases will result in denial of service. These are the basic principles of DDoS attacks. The key reason it is hard to prevent DDoS attacks is the mixing up of legitimate and illegal traffic. The issue is effective identification of attack messages vs. mixed or regular traffic, especially when the attack messages look like normal messages. For example, in typical signature-based pattern matching IDS system, it can be difficult to distinguish illegal messages from legitimate messages as the initial connection attempt, in most cases, is a legitimate request.
DDoS attacks can be divided into the following types:
• Bandwidth-based attacks – DDoS attacks of this type send mass junk data messages to cause an overload, leading to the depletion of network bandwidth or equipment resources. Often the attacked routers, servers and firewalls processing resources are limited. Overload attacks lead to their failure in handling normal legal access, resulting in either a sharp decline in the quality of service or a complete denial of service - in either case it means your customers, users, etc cannot access the systems they need to.
• Traffic-based attacks --- the most common forms are traffic flooding attacks, which send large number of seemingly legitimate TCP, UDP, ICPM packets to target hosts; some attacks may also evade detection system monitoring through source address forging technology. Legitimate requests get lost in noise. These attacks can also be devastating if combined with other illegal activity, such as malware exploitation to cause information leakage: while you are fighting off the DDoS, your sensitive data is slipping out the backdoor.
• Application-based attacks - attacks of this type often send application-layer data messages according to business-specific features (using seemingly legit functions, like a DB call, etc), resulting in the depletion of certain resources in the application layer (such as the number of users, connections, etc.) and the system’s services are no longer available. Such attacks are usually not particularly large in volume; but even such low-rate traffic can often lead to a serious declination or even paralysis of business system performance.
1.1 MANET(mobile Ad hoc Network )
Er. Geetika Sharma,IJRIT 142 MANETs are a kind of Wireless ad hoc network that usually has a routable networking environment on top of a Link Layer ad hoc network. A mobile ad hoc network is a self-configuring infrastructure less network of mobile devices connected by wireless. Each device in a MANET is free to move independently in any direction, and will therefore change its links to other devices frequently.
Each must forward traffic unrelated to its own use, and therefore be a router. The primary challenge in building a MANET is equipping each device to continuously maintain the information required to properly route traffic. Such networks may operate by themselves or may be connected to the larger Internet. [20].
1.2 VANET(Vehicular Adhoc network)
A Vehicular Adhoc network,a form of Mobile Adhoc Networks (MANETs), provides communication among nearby vehicles, between vehicles and nearby fixed equipments called Road Side Units (RSUs).The use of wireless communication in VANET implies an always increasing number of potential applications in these networks such as driving assistance, road traffic information or emergency braking alert. All these applications need to exchange data with other vehicles that may be related to the driver safety. Fig. 2 shows the VANET architecture. Every node i.e., a vehicle or RSU communicates with other nodes in single hop or multi hop. VANETs are designed with the goals of enhancing driving safety and providing passenger comfort. In VANETs, the types of communication are the following:
• Vehicle-to-Vehicular (V-V) or Inter-Vehicular Communication
• Vehicle-to-Infrastructure (V-I) or Vehicle-to-Roadside Communication
• Inter Roadside Communication.
Fig 2. VANET Architecture
1.3 MANETs Routing Protocols
To be implemented and to provide efficient better end-to-end communication MANETs created a new set of demands [5]. To provide the means of communication between communicating work stations MANETs works on TCP/IP structure. In order to compensate the MANETs mobility to provide efficient functionality Work stations are mobile and they have limited resources, therefore the traditional TCP/IP model needs to be refurbished or modified. So, the key research area for the researchers is routing in any network. In MANETs Routing protocols are challenging and attractive tasks [6]. Routing protocols in MANETs are classified into three different categories according to their functionality.
1. Reactive protocols 2. Proactive protocols 3. Hybrid protocols
Er. Geetika Sharma,IJRIT 143
• Reactive protocols- While in this kind of routing protocols, a node simply maintains routes information to get destination that it needs to send required data packets. The routes to get their desire destinations will expire automatically after some time of idleness, while the network is not being used. These routing protocols are AODV, DSR and TORA.
• Proactive protocols- In these routing protocols each node in the network maintains the complete routing information of the network by occasionally updating the routing table, so when a node needs to send some data or information, so there is no any kind of delay for discovering the route in the whole network. This type of routing protocols approximately works the same way as the wired network routing protocol works. The table driven protocols are Destination Sequenced Distance Vector (DSDV), Optimized Link State Routing (OLSR), Wireless Routing Protocol (WRP).
• Hybrid routing protocols- In this type of routing protocol is the combination of the above two categories. In which nodes belonging to a particular geographical area or within a certain detachment from an anxious node are said to be in routing area and uses table driven routing protocol. Communication between nodes in different areas will rely on the source initiated or on-demand routing protocols. This routing protocol Include ZRP. 20
II. PERFORMANCE ANALYSIS
Here we explain the various performance metrics required for evaluation of protocols. To reiterate the DDOS attack, we begin with the overview of performance metrics that includes traffic received, packet delay, end to end delay. These matrices are important because of it performance analysis of network. The first parameter is Traffic Received in bits/sec i.e. Traffic received calculates how many bits are being received by destination in a second. The second parameter is Packet Delivery Ratio which is calculated by dividing the number of packets received by the destination by the number of packets originated by the source (i.e. Constant Bit Rate (CBR)). It specifies the packet loss rate, which limits the maximum throughput of the network. The better the delivery ratio, the more complete and correct is the routing protocol. The third parameter is End-to-End Delay in seconds is the average time it takes a data packet to reach the destination. This includes all possible delays caused by buffering during route discovery latency, queuing at the interface queue, retransmission delays at the MAC, propagation and transfer times. We will see the effect of DDOS Attack on these parameters for both the networks i.e. MANET and VANET.
III. COLLECTION OF RESULTS AND STATISTICS
Table I. Simulation Parameters
Parameters Value
Number of Nodes 15
Examined Protocols AODV, DSR, OLSR
Simulation Time 300 seconds
Simulation Area( m* m) 100 * 100
Performance Parameter Traffic rate, Packet delay, End-End Delay.
Pause Time 100 seconds
Mobility Model Random
In OPNET simulation two types of statistics are involved. Global and object statistics, global statistics is for entire network’s collection of data and object statistic includes individual node statistics. Results are taken and analyzed, after the selection of statistics and running the simulation. In our case we have used global discrete event statistics (DES) [24].
IV.
RESULTS
This part focuses on result and its analysis based on the simulation performed in OPNET modeler 14.5. Our simulated results are provided in Figures (3.1-3.4) gives the variation in network nodes while under Black Hole attack. To evaluate the behavior of simulated intrusion based black hole attack, we considered the performance metrics of traffic rate, packet delay, end to end delay.
A. Traffic Received (bits/sec)
Er. Geetika Sharma,IJRIT 144 After implementing DDOS attack on all protocols the rate at which traffic is being received gets effected. And in both the MANET and VANET traffic received is maximum in case of AODV. But on comparing with other protocols, in case of VANET it is almost same, but in case of MANET traffic receiving ratio is greater in case of DSR in comparison to OLSR.
Fig 3: Traffic Received in case of MANET
Fig 4: Traffic Received in case of VANET
B. Packet Delay
After implementing DDOS attack on all protocols on both the networks the delivery of packets gets effected. And delay is the term used when the time taken by the delivery of packets exceeds from the expected time. And in case of VANET DSR got the maximum packet delay that means that there is maximum difference in the packet delivery time and expected time. And in caseof MANET,OLSR got the maximum packet delay. Similarity is that in both the cases AODV got the minimum packet delivery ratio.
But minimum in case of VANET.
Fig 5: Packet Delay in case of MANET
Er. Geetika Sharma,IJRIT 145 Fig 6: Packet Delay in case of VANET
C. End to End delay
After implementing DDOS attack on various protocols the delivery time of packets from one end to another end got effected. And in case of VANET DSR got the maximum end to end delay that means that there is maximum difference in the packet delivery time and expected time. And in caseof MANET,OLSR got the maximum end to end delay. Similarity is that in both the cases AODV got the minimum end to end delay. But minimum in case of VANET.
Figure 7: End-End Delay in case of MANET.
Figure 8: End-End Delay in case of VANET.
Er. Geetika Sharma,IJRIT 146
V. CONCLUSION
In this research paper, we evaluate the performance of two networks –MANET and VANET on the basis of various parameters : traffic rate, packet delay, end to end delay using various protocols. Our motive is to evaluate the performance of these routing protocols after implementing DDOS attack on these routing protocols. Selection of efficient and reliable routing protocol for the network is major issue. The behavior of these routing protocols is analyzed under DDOS attack to conclude which protocol is better.
On the basis of the results, we may conclude that the performance of AODV routing protocol is best as compared to other protocols in the case when we have implemented the DDOS attack in mobile ad hoc network. We have concluded that AODV is best out of all by checking the effect of DDOS attack on various parameters under each protocol. Like in case of traffic received AODV protocol is the only protocol in which total traffic sent is equal to the total traffic received. And also in case of packet delay and end to end delay AODV got the minimum value in comparison of other three protocols. We also concluded that the VANET performance ratio is better than the MANET as the traffic received is more in case of VANET using AODV protocol and also the packet delay and end to end variation is minimum in case of VANET using AODV protocol.
VI. FUTURE WORK
This work can be further extended as the routing protocols can also be evaluated on the basis of other parameters like throughput, bandwidth, network load, jitter, MOS value. Other routing protocols can also be evaluated to check the effect of DDOS attack. Some changes can be made to develop a new routing protocol in order to mitigate the effect of DDOS Attack. And also we can compare more Ad-hoc networks for their performance.
REFERENCES
[1] J. Mirkovic, and P. Reiher, “A taxonomy of DDoS attack and DDoS defense mechanisms,” Computer Journal of ACM SIGCOMM,vol. 34, no. 2, pp. 39- 53, Apr. 2004.
[2] J. Mirkovic, “D-WARD: source end defense against distributed denial of service attacks,” Ph.D. thesis,University of California,2003.
[3] K. Sivakumar, Dr. G. Selvaraj,”Overview of various Attack in MANET and Countermeasures for Attack”, International Journal of Computer Science and Management Research, Vol 2 Issue 1, January 2013.
[4] Laxmi Bala, A.K. Vatsa, “Quality based Bottom-up-Detection and Prevention Techniques for DDOS in MANET”,International Journal of Computer Applications, Volume 55– No.2, October 2012.
[5] Minda Xiang,Yu Chen,Wei-Shinn Ku, Zhou Su, “ Mitigating DDoS Attacks using Protection Nodes in Mobile Ad Hoc Networks”, Dept. of Computer Science & Software Engineering, Auburn University, Auburn, AL 36849.
[6] Mohan K Mali, Pramod A Jadhav, ” Review of DDoS and Flooding Attacks in MANET”, International Journal of Emerging Technology and Advanced Engineering, Volume 3, Issue 5, May 2013.
[7] Maha Abdelhaq, Sami Serhan, Rred Alsqour and Rosilah Hassan (2011) IEEE sponsored International Conference on Electrical Engineering & Informatics.
[8] Michael R. Lyu and Lorrien K.Y. Lau (2000) 24th International Computer Software and Applications Conference 116-121.
[9] M. Robinson, J. Mirkovic, M. Schnaider, S. Michel, and P. Reiher, "Challenges and principles of DDoS defense,"
Computer Journal of ACM SIGCOMM, vol. 5, no. 2, pp. 148-152, 2003.
[10] Priyanka Goyal, Vinti Parmar, Rahul Rishi, ”Vulnerabilities, Challenges, Attacks, Application”,International Journal of Computational Engineering & Management, Vol. 11, January 2011.
[11] Saini A, Kumar H (2010) Comparison between Various Black Hole Detection Techniques in VANET. Paper presented at the National Conference on Computational Instrumentation, Chandigarh, India, 19-20 March 2010
[12] Bijan Paul, Md. Ibrahim, Md. Abu Naser Bikas, VANET Routing Protocols: Pros and Cons, International Journal of Computer Applications (0975 – 8887),Volume 20– No.3, April 2011.
Er. Geetika Sharma,IJRIT 147 [13] C. LOCHERT, H. HARTENSTEIN, J. TIAN, D. HERRMANN, H. Füßler, M. MAUVE, "A Routing Strategy for Vehicular Ad Hoc Networks in City Environments", IEEE Intelligent Vehicles Symposium (IV2003), pp. 156-161, Columbus, OH, USA,( June 2003).
[14] B.-C. SEET, G. LIU, B.-S. LEE, C. H. FOH, K. J. WONG, K.-K. Lee, "A-STAR: A Mobile Ad Hoc Routing Strategy for \Metropolis Vehicular Communications". NETWORKING 2004, 989-999.
[15] Farrukh Shahzad, Amir Qayyum, Rashid Mehmood," A Survey on Security in Vehicular Ad Hoc Networks Saira Gillani", Communication Technologies for Vehicles, Springer Berlin Heidelberg, pp. 59-74, 2013.
[16] Tim Leinmuller, Elmar Schoch, and Christian Maihofer, “Security Requirements and Solution Concepts in Vehicular Ad Hoc Networks”, Proceedings of Forth Annual Conference on Wireless on Demand Network Systems and Services Oberguyrgl,pp.84-91, 2007
[17] P. Papadimitratos, L. Buttyan, T. Holczer, E. Schoch, J. Freudiger, M. Raya, M. Zhendong, F. Kargl, A. Kung, J-P Hubaux, “Secure vehicular communication system :
Design and Architecture Communications” IEEE Magazine, November 2008,vol. 46, pp. 100-109.
[18] S. Jaap, M. Bechler and L. Wolf, "Evaluation of Routing Protocols for Vehicular Ad Hoc Networks in City Traffic Scenarios," Proceedings ofthe 5th International Conference on Intelligent Transportation Systems Telecommunications (ITST), Brest, France, June 2005.
[19] Ayonija Pathre,Chetan Agrawal, Anurag Jain,” Identification of malicious vehicle in vanet environment from ddos attack”, Journal of Global Research in Computer Science, Volume 4, No. 6, June 2013