CRYPTOGRAPHIC HASH KEY ALGORITHM TO MITIGATE WORMHOLE ATTACKS AND LURE CATCH ALGORITHM TO BLOCK THE ATTACKERS

http://www.iaeme.com/IJCET/index.asp 108 editor@iaeme.com International Journal of Computer Engineering & Technology (IJCET) Volume 7, Issue 3, May-June 2016, pp. 108–117, Article ID: IJCET_07_03_010 Available online at http://www.iaeme.com/IJCET/issues.asp?JType=IJCET&VType=7&IType=3 Journal Impact Factor (2016): 9.3590 (Calculated by GISI) www.jifactor.com ISSN Print: 0976-6367 and ISSN Online: 0976–6375 © IAEME Publication CRYPTOGRAPHIC HASH KEY ALGORITHM TO MITIGATE WORMHOLE ATTACKS AND LURE CATCH ALGORITHM TO BLOCK THE ATTACKERS Manpreet Ph. D. Scholar, Department of Computer Science and Engineering SunRise University, Alwar (Rajasthan), India Dr. Anil Kumar Sharma Professor and Principal Institute of Engineering and Technology, Alwar-301030 (Rajasthan), India ABSTRACT Ad hoc networks are vulnerable to attacks due to mobility of nodes in a dynamic network where nodes can its position at any point of time. In MANeT, a lot of attacks can be initiated but most of them are comparatively easy to detect because of their property of dramatically changing the network data. It is very vital when considering security issues of MANET to consider wormhole attack, which is complex to detect & can spoil important data by directing to illegal nodes. It consists of two malicious nodes and a tunnel among them through which an attacker tunnel the data. In the route discovery process, a wormhole can relay route request and response messages between far-away nodes, creating the manifestation of shorter path to destination. Since the wormhole can be at anyplace along a path, a source will have to identify it when a node sets up the route. Many protocols have been proposed, their confrontation towards various types of security attacks and efficiency are key point of concern in implementing these protocols. In this paper, we use cryptographic hash code to verify the credentials of each node and lure the faulty node with pre-known route to remove the malicious node from the network. Key words: Cryptography, Hash Code, MANeT, RREQ, Wormhole attack.

Cryptographic Hash Key Algorithm to Mitigate Wormhole Attacks and Lure Catch Algorithm to Block the Attackers http://www.iaeme.com/IJCET/index.asp 109 editor@iaeme.com Cite this Article: Manpreet and Dr. Anil Kumar Sharma, Cryptographic Hash Key Algorithm to Mitigate Wormhole Attacks and Lure Catch Algorithm to Block the Attackers, International Journal of Computer Engineering and Technology, 7(3), 2016, pp. 108–117. http://www.iaeme.com/IJCET/issues.asp?JType=IJCET&VType=7&IType=3 INTRODUCTION MANeT is a growing technology which is offering solution to variety of application areas such as health care, military and industry because of its dynamicity and adaption to changes quickly as and when required. Generally these nodes are wireless and it also includes the sensors like GPS to broadcast their location for shortest route discovery or highly synchronized clocks by detecting the packet sending time as well as packet receiving time which calculates the distance with the help of network speed. These different techniques are working perfectly in the standard situation but lacks up to a certain limit in the presence of latency or entire area is fully covered with highly accurate GPS devices. Along with the positivity of sensors, a negativity too involves with sensor devices which exposed the network to variety of attacks. Conventional security mechanisms are not suitable for MANeTs as they are usually heavy and nodes are limited. The importance of wormhole attacks is vital as it can occur to all types of wireless networks. Therefore, identifying the possibility of wormhole attacks and methods to protect against these attacks are important to the security of wireless networks as a whole. As a wormhole attack challenges higher-level protocols, most effective procedures to detect such attacks are based on looking for inconsistencies in measurements performed at the physical layer. The medium for information to travel on wireless networks is air and in a sense, without physical boundary makes wireless networks more vulnerable than wired networks to security attacks like eavesdropping, man-in-the-middle, etc. that might have been better protected against in wired networks. It is also more difficult to come up with security measures of protecting data that flows through the air. WORMHOLE ATTACK Wormhole attack is a relay-based attack that can disrupt the routing protocol and therefore disrupt or breakdown a network and this is the reason the attacks are serious. There are 4 steps to explain about a general wormhole attack.  An attacker has two trusted nodes (or two colluded attackers each has one node) in two different locations of a network with a direct link between the two nodes.  The attacker records packets at one location of a network.  The attacker then tunnels the recorded packets to a different location.  The attacker re-transmits those packets back into the network location from step 1.

Manpreet and Dr. Anil Kumar Sharma http://www.iaeme.com/IJCET/index.asp 110 editor@iaeme.com A B Figure.1: Illustration of Wireless Sensor Network Figure 1 shows an example of a wormhole attack. Let us assume that network A and B are not neighbors. However, X and Y are the wormhole nodes that are connected through a wormhole link that is created by the attacker. Due to this attack, node A and B consider them as neighbors by sending routing messages. The attacker can choose to disrupt communications between A and B. Overall; the routes in the network can be re-arranged when the attack occurs during protocol discovery phase. For example, using figure 1, we can see that packets from protocol discovery phase will get from node A to node B fastest if going through the wormhole link since it has the smallest number of hops. This causes the disruption of the routing protocol and brings severe damage to the network. It can be launched without having the cryptographic keys. Some harmful effects of wormhole are as follow: selectively drop data packets, routing disruption in which attackers prevent discovery of legitimate route and traffic analysis for information leaking. Now, let us discuss that how wormhole attack can be launched in wireless network: It can be launched by four ways  Packet Encapsulation: In which one malicious node encapsulates the route request and sends it to colliding node which decapsulate it and forwards the route request (RREQ) packet.  Out-of-Band: In Out-of-Band, two malicious nodes sends route request (RREQ) between them by using the long range directional wireless link or direct wired link.  High-Power-Transmission: In high power transmission a malicious node get a route request (RREQ) and broadcast that request with high power level. Any other node that hears the high power broadcast must be a malicious node so it receives that route request and again rebroadcast towards the destination.  Packet Relay: I n packet relay two malicious nodes relay packet between two nodes which are far apart from each other and convenience these nodes that they are neighbor. In an infrastructure based wireless network, the two nodes that form the wormhole link can be two rogue access points. A rogue access point is an access point that is not authorized to be in a wireless network and is usually setup by an attacker to sniff the traffic or to do with attacks that the attacker launches. The attacker has two rogue X Y

Cryptographic Hash Key Algorithm to Mitigate Wormhole Attacks and Lure Catch Algorithm to Block the Attackers http://www.iaeme.com/IJCET/index.asp 111 editor@iaeme.com access points in the infrastructure based wireless network. The essential point remains the same and that is packets from one rogue access point will be getting to the other rogue access point faster than other routes as to create a false idea that two end-point devices are close to each other when they are not. The attacker has the control over the rogue access points so he/she can launch wormhole attacks without the need to worry about cryptographic keys or the need to compromise any legitimate node in the network. RELATED WORK Maria A. Gorlatova, Peter C. Mason, Maoyu Wang, Louise Lamont, Ramiro Liscano in “Detecting Wormhole Attacks in Mobile Ad Hoc Networks through Protocol Breaking and Packet Timing Analysis”, has introduced the Wormhole attacks detection by timing analysis. A lot of search has been done to detect and protect against wormhole attacks and more research and protection methods are continued to be developed. So far most of them focus on ad-hoc or sensor wireless networks. However, there is some research done in infrastructure based wireless networks in recent years. X. Wang and J. Wong, In “An end-to-end detection of wormhole attack in wireless ad-hoc networks”, the authors calculate the minimum number of hops to reach the destination by measuring its geographical location using GPS. M. Rafiqul Alam and K. S. Chan, In “RTT-TC: A topological comparison based method to detect wormhole attacks in MANeT”, use the average RTT(Round Trip Time) to identify the attack and then compare the neighbor list of the fake neighbors in process to detect it. E. Alata, V. Nicomette, M. Kaaniche, M. Dacier, and M. Herrb, In “Lessons learned from the deployment of a high interaction honeypot,” provides a in-depth understanding of way the attackers behave by observing their interactions with a high interaction honeypot. I. Mokube and M. Adams, In “Honeypots: concepts, approaches, and challenges”, the authors have elucidated the different kinds of honeypot and approach to implement them and also the legal issues and challenges to be taken into consideration when a honeypot is implemented. A. Prathapani, L. Santhanam, and D. Agrawal, In “Intelligent honeypot agent for blackhole attack detection in wireless mesh networks”, the author has identified a honeypot based method to find the blackhole attack in infrastructure based Wireless Mesh Network using virtual honeypots. Other approach which was proposed in (Rasheed & Mahapatra, 2009) uses mobile sink ,it will be suitable for only some kinds of applications which required MS and also applies additional hardware in order to provide its mobility. Also, it applies multiple channel radio transmission which may not be available for all kinds of nodes. Jakob Erikson, Shrikanth V. Krishnamurty and Michalis Faloutos proposed a countermeasure for wormhole attack in a wireless network. They proposed TrueLink Protocol for defending wormhole attack. It checks bidirectionality of links. It enables a node to verify adjacency of apparent neighbor. It uses a combination of timing and authentication. It uses together with secure routing protocol. Therefore underling this assumption made the proposed method not suitable for many application of WSNs which do not have reliable media to transfer neighbor list to the base. There are methods proposed preventing wormholes like attacks in ad-hoc networks by verifying physical presence of neighbors.

Manpreet and Dr. Anil Kumar Sharma http://www.iaeme.com/IJCET/index.asp 112 editor@iaeme.com PROPOSED SYSTEM In order to mitigate effect of wormhole attack in MANeT network, a neighbor discovery process has been proposed. There are some criteria to determine whether wormhole attack is performing in the network or not. Some methods use statistical approach. They find dramatic changes in the certain statistical patterns and then decide on existence of wormhole in the network. Longer propagation can be another symptom of wormhole existence. Additionally we can determine the existence of wormhole in the network by checking the parameters such as bigger transmission range than that of normal condition, and previous node is not a neighbor as well. The proposed method is based on the fact that mentioned wormhole data comes from unauthorized and illegal neighbors. To avoid the wormhole attack in mobile ad hoc network, it is assumed that each legitimate node shares the digital signature of every node in the network and malicious node does not have its own digital signature. When the sender broadcast the route request (RREQ) it also add its digital signature in signature column of packet header, all the nodes which received that request compare the signature of sending nodes from its database which contains the signature of all nodes in the network, If the signature is matched that means the sender is legitimate node so receiving node also add its signature in signature column of header and again broadcast that request. The process is repeated again and again until that route request (RREQ) reached at its destination. If the route request reached at destination is legal then destination node unicast route reply following the same route through which it received route request. If there is presence of any malicious node in the path, it receives route request and sends it to next node. The node that receives packet from malicious node found that signature column of packet header which either contains duplicate digital signature of previous node or no digital signature because the malicious node does not have its own digital signature. The node that receives the request from malicious node verifies the request, it found any duplicity and absence of digital signature so it discard the request and inform to all node in the network about the malicious node and all other nodes in the network feeds that information in their database. Along with it, further the proposed method works in two phases. They are the neighbor discovery phase and the encryption phase. The discovery phase starts with every node in network, say „A‟. It sends a HELLO message to the all one hope neighbors in the network. This broadcasted message contains source address and its own public key, which is broadcasted to all nodes. In response to this message, every authentic neighbor sent their own public key to „A‟. Receiver public key of one hop neighbor sent in the encrypted message format. This message contains source ID, public key of „B‟ encrypted with the public key of A and destination address. When the node „A‟ want to send data to „B‟ then „A‟ encrypt data with public key of „B‟ and this data again encrypted with the private key of sender i.e. „A‟. When receiver „B‟ receives data from the sender „A‟ then first „B‟ decrypt data with public key of sender A and remaining data is decrypted with its own private key. In this way secure communication is done. For encryption and decryption purposes we use the RSA technique. Every node should share its public key with its neighbors during neighbor discovery phase. Thus the first phase helps in recognizing the neighbors. Then the proposed system undergoes the encryption phase which comprises of another two phases: Encryption and authentication, Decryption and Verification. Confidentiality is the ability of hiding message to an unauthorized attacker. It means that if an illegal and unauthorized adversary access to the message, it cannot understand it.

Cryptographic Hash Key Algorithm to Mitigate Wormhole Attacks and Lure Catch Algorithm to Block the Attackers http://www.iaeme.com/IJCET/index.asp 113 editor@iaeme.com Authentication is ability to identify the reliability of message origin. In encryption, the data to be sent is encrypted with the public key of the receiver and the hash of data is added with the encrypted data which is then encrypted with the private key of the sender. The hash of data taken contributes to authentication. Data Transmitted by node is in encrypted form as Encrypt ( KSPR Encrypt ( KRPE, D)) + Encrypt (KSPR, H(D)) Where E is public key encryption function, KSPR is private key of sender node, KRPE is public key of Receiving Node, H (M) is hash function to calculate message digest. Public KeyR Private KeyS Data Data to send Figure 2: Encryption and Authentication Integrity provides a mechanism in order to know whether the message had been tampered or not. The received data gets decrypted by the receiver using the private key of the receiver. The hash values are compared with the public key of the sender. If the hash values are equal then the message gets verified. Received Data Accept if Equal Figure 3: Decryption and Verification Thus the combined action of the two phases eliminated pretending identity of neighbor node completely even if attacker in present at time of neighbor discovery. If node receives data with false digest value then it declares packet received through wormhole node and discards packet. It also discards routing entry for wormhole node. Further, the techniques available so far are dependable on some external sources like GPS or highly synchronized clock system and that too in the absence of jitter and standard conditions and they too capable of detecting the wormhole attack not removing them from the network. So, I proposed lure and catch algorithm to remove the malicious node from the network to avoid the attack from the same node in future, A sample and fake data is to be sent among a predefined route with a non existing E E H D D(H) H =?

Manpreet and Dr. Anil Kumar Sharma http://www.iaeme.com/IJCET/index.asp 114 editor@iaeme.com destination node which is set outside the network and decided among all nodes who participated in the MANeT dynamic network so that even not in the presence of shortest route, it follows the preferred route and no node is disturbing it to follow this route. But is a node is malicious, it starts disturbing it to change the route of said packet through it. But as our node is following the predefined route, malicious node start changing its position to get closer to it and finally throws out of the network as the destination node is not exist at all. Source Figure.4 MANeT Dynamic Network SIMULATION AND RESULTS To evaluate the effectiveness of proposed scheme, we simulate the scheme using network simulator version 2 (NS2). In simulation, we used the number of nodes as 20 and carried out simulation 5 times on every scenario at different time intervals and get the results. We implement the random way point movement model for simulation in which nodes start at 0 position with simulation time 25 seconds, PDR values varies from 0 to 1, delay values 15 to 37, with all the three cases i.e. case including wormhole attack network and after implementing cryptographic hash code and after using lure catch algorithm. Figure.5: Graph of Simulation Time vs Delay Values (With All Three Cases) Network WH Node Destination ∞ ∞

Cryptographic Hash Key Algorithm to Mitigate Wormhole Attacks and Lure Catch Algorithm to Block the Attackers http://www.iaeme.com/IJCET/index.asp 115 editor@iaeme.com Figure.6: Graph of Simulation Time vs Packet Delivery Ratio (With All Three Cases) Figure.7: Graph of Simulation Time vs Throughput (With All Three Cases) Figure. 8: Comparison between percentages of genuine RREQs dropped with and without Honeypots.

Manpreet and Dr. Anil Kumar Sharma http://www.iaeme.com/IJCET/index.asp 116 editor@iaeme.com Figure 9: Graph showing the increase in genuine RREQs delivery ratio by using Honeypots. CONCLUSION Wormhole attacks have been identified as attacks that can be powerful and can cause severe damage to the network. It is not something that can be taken lightly. Methodologies for detecting and protecting against these attacks have been proposed mainly for ad-hoc and sensor networks. It is new for infrastructure based networks. However, it is not less significant. Therefore it was mentioned a possible strategy in detecting and protecting against wormhole attacks by combining the cryptography hash code algorithm and lure catch technique to mitigate wormhole attacks, and maybe other attacks in infrastructure based wireless networks by focusing on identifying rogue access pints in infrastructure based wireless networks. REFERENCES [1] Ali modirkhazeni, Saeedeh Aghamahamoodi, and Naghmeh Niknejad,“Distributed Approach To Mitigate Wormhole Attack in Wireless Sensor Network ”,2011IEEE , page no. 122-128 [2] Dhara Buch, Devesh Jinwala “Detection of wormhole attack in Wireless Sensor”, Proc of international conference on Advances in Recent Technologies In communication computing 2011, Page no. 7-14. [3] Prabhudatta Mohanty, Sangram Panigrahi, Nityananda Sharma and Siddhartha Sankar Satapathy,“Security Issues In Wireless Sensor Network Data Gathering Protocols : A Survey ”Journal of Theoretical & Applied Information Technology 2005-2010 JATIT, Page no. 14-27 [4] X. Wang and J. Wong, “An end-to-end detection of wormhole attack in wireless ad-hoc networks,” in Computer Software and Applications Conference, COMPSAC 2007. 31st Annual International, vol. 1, july 2007, pp. 39 –48. [5] M. Rafiqul Alam and K. S. Chan, “RTT-TC: A topological comparison based method to detect wormhole attacks in manet,” in Communication Technology (ICCT), 12th IEEE International Conference, nov. 2010, pp. 991 –994.

Cryptographic Hash Key Algorithm to Mitigate Wormhole Attacks and Lure Catch Algorithm to Block the Attackers http://www.iaeme.com/IJCET/index.asp 117 editor@iaeme.com [6] E. Alata, V. Nicomette, M. Kaaniche, M. Dacier, and M. Herrb, “Lessons learned from the deployment of a highinteraction honeypot,” in Dependable Computing Conference, EDCC ’06. Sixth European, 2006. [7] I. Mokube and M. Adams, “Honeypots: concepts, approaches, and challenges,” in Proceedings of the 45th annual southeast regional conference. New York, USA: ACM, 2007. [8] A. Prathapani, L. Santhanam, and D. Agrawal, “Intelligent honeypot agent for blackhole attack detection in wireless mesh networks,” in Mobile Adhoc and Sensor Systems, 2009. MASS ’09. IEEE 6th International Conference, oct. 2009, pp. 753 –758. [9] Verifying Physical Presence of Neighbors against Replay-based Attacks in Wireless Networks, Turgay Korkmaz, 2005 [10] Methodology for Securing Wireless LANs Against Wormhole Attack, V. S. Shankar Sriram, Ashish Praptap Singh and G. Sahoo, 2009 [11] LITE WORP: A lightweight Countermeasure for the Wormhole Attack in Multihop Wireless Networks, Issa Khalil, Saurabh Bagchi and Ness B. Shroff, 2007 [12] Analysis of Detecting Wormhole Attacks in Wireless Networks, Khin Sandar Win, 2009 [13] DAWWSEN: A Defense Mechanism Against Wormhole Attacks in Wireless Sensor Networks, Rouba El Kaissi, Ayman Kayssi, Ali Chehab and Zaher Dawy, 2005. [14] A Secure Routing Protocol for Ad-hoc Networks, B. Dahill, B. N. Levine, E. Royer and C. Shields, 2001 [15] Secure Routing for Mobile Ad Hoc Networks, P. Papadimitratos and Z. Haas, 2002 [8]Detecting and Avoiding Wormhole Attacks in Wireless Ad Hoc Networks, Farid Na¨ıt-Abdesselam, Brahim Bensaou and Tarik Taleb, 2007 [16] Defending against Wormhole attacks in Mobile Ad Hoc Networks, Weichao Wang, Bharat Bhargava, Yi Lu and Xiaoxin Wu, 2006 [17] Detecting Wormhole Attacks in Wireless networks Using Connectivity Information, Ritesh Maheshwari, Jie Gao and Samir R Das, 2007 [18] Statistical Wormhole Detection in Sensor Networks, Levente Buttyán, Lászlό Dόra and István Vajda, 2007. [19] Akshatha M M, Lokesh B and Nuthan A C, A Novel Technique of Visual Cryptography for Maintaining the Security of Visual Information Transaction, International Journal of Computer Engineering and Technology, 5(8), 2014, pp. 194–199. [20] Swati R. Salunke and Prof. S. Pratap Singh, Hybrid Cryptography Algorithms for Secure Eaack in MANeT, International Journal of Computer Engineering and Technology, 5(7), 2014, pp. 43–47.

CRYPTOGRAPHIC HASH KEY ALGORITHM TO MITIGATE WORMHOLE ATTACKS AND LURE CATCH ALGORITHM TO BLOCK THE ATTACKERS

More Related Content

What's hot

Similar to CRYPTOGRAPHIC HASH KEY ALGORITHM TO MITIGATE WORMHOLE ATTACKS AND LURE CATCH ALGORITHM TO BLOCK THE ATTACKERS

More from IAEME Publication

Recently uploaded

CRYPTOGRAPHIC HASH KEY ALGORITHM TO MITIGATE WORMHOLE ATTACKS AND LURE CATCH ALGORITHM TO BLOCK THE ATTACKERS