SlideShare a Scribd company logo

NetSim Webinar on Network Attacks and Detection

Download as PPTX, PDF
D
DESHPANDE M

The document provides an overview of the NETSIM network simulation platform, its capabilities for designing and researching various networking scenarios, including a detailed explanation of the sinkhole attack in mobile ad-hoc networks (MANET) and the associated intrusion detection system. It highlights the importance of using a network simulator for understanding complex communication systems and offers functionalities such as traffic modeling, performance analysis, and a user-friendly interface for researchers and developers. Additionally, it showcases NETSIM's technology libraries, customer segments, and various applications across industries and academic fields.

Technology
Related topics:
Cyber-Security
1 of 29
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
Twitter.com/tetcos linkedin.com/tetcos youtube.com/tetcos NetSim v9Network Simulation/Emulation Platform TM Webinar: Network Attacks and Detection 29th April 2016
NetSim TM Webinar Contents 1.Why use a Network Simulator 2.Introduction to NetSim 3.Introduction to Sinkhole Attack : Attack scenario in MANET using NetSim 4.Intrusion Detection System: Detection mechanism in MANET using NetSim 5.Analyzing Metrics 6.Areas of R & D in MANET 7.Q & A
NetSim TM Why use a Network Simulator for research ?
NetSim TM Communication Networks have become too complex for traditional analytical methods or “rules of thumb” to provide an accurate understanding of system behavior and possible problems and solutions
NetSim TM I. Networking traffic will quadruple by 2017 driven by wireless & mobile communication II. 2+ billion videos watched online every day III. Mobiles, tablets & sensors to join with existing internet cloud to form “network of things” I. Mobile Ad-hoc Networks II. Wireless Sensor Networks III. Cognitive Radio IV. LTE / LTE-A V. Internet of Things (IOT) 50 % of all research papers in IEEE & ACM refer a Network Simulator Observations in computer networking domain Key areas of research & development
NetSim TM Introduction to NetSim
NetSim TM NetSim is a popular tool for Network Design, Network R & D and defense applications. It allows users to create network scenarios, model traffic and study network performance metrics Wide range of technologies across LAN, WAN, BGP, WLAN, MANET, Wi-MAX, Cellular(GSM and CDMA), Cognitive Radio, Sensor Networks, IOT and LTE as per international Standards Open architecture with protocol C source code for users to write, link and de- bug.
NetSim TM NetSim - Customer Segments • Enterprise • Network design • Network validation • Defence • Network Centric Warfare • R&D Labs • Protocol Development • New Technology testing • Academic • Network Labs (B.Tech/BS), • Advanced Network Labs(M.Tech/MS) – ECE,CSE,IT • Phd thesis/M.Tech Projects
NetSim TM Technology Libraries Component No Networks / Protocols Component 1 (Base. Required for all components) Internetworks: Ethernet - Fast & Gigabit, Address Resolution Protocol, WLAN - 802.11 a, b, g , n, ac and e, Propagation - Free space, Log-normal Shadowing, Rayleigh Fading, IPv4 with VPN, Firewalls, Routing - RIP, OSPF, Queuing - Round Robin, FIFO, Priority, TCP, UDP. Common Modules Applications: Traffic Generator: Voice, Video, FTP, Database, HTTP, Email, Peer-to-peer and Custom. Virtual Network Stack, Simulation Kernel Command Line Interface, Metrics Engine with packet and event trace, Packet Animator Component 2 Legacy Networks: Aloha - Pure & Slotted, CSMA/CD, Token Ring, Token Bus, ATM, X.25, Frame Relay, Multi-Protocol Label Switching (MPLS) Component 3 BGP Networks: Border Gateway Protocol (BGP) Component 4 Advanced Wireless Networks: MANET - DSR, AODV, OLSR, ZRP, Wi-Max Component 5 Cellular Networks - GSM, CDMA Component 6 (Component 4 required) Wireless Sensor Networks, IOT & Personal Area Networks: WSN with agent model & battery models ZigBee Component 7 Cognitive Radio Networks WRAN Component 8 Long Term Evolution LTE Component 9 (Component 4 required) Military Radio TDMA Link 16
NetSim TM 1. New Technologies • Internet of things • 802.11 ac (Gigabit Wi-Fi) • Rate adaptation algorithm for WLAN • Military Radios: HF, UHF and VHF Bands 2. Network Emulator Add-on Module • Connect NetSim to Real Devices running Live Application 3. Interfacing with softwares • MATLAB interface • Wireshark Interface 4. Accelerated and multithreaded kernel • Approx. 40x times faster than v8.3 for large simulations 5. Simulation Scale up • Pro version tested up to 100,000 devices What’s new in v9
NetSim TM Introduction to Sinkhole Attack
NetSim TM Sinkhole Attack in MANET • Sinkhole attack is one of the severe attacks in wireless Ad hoc network. • In sinkhole Attack, a compromised node or malicious node advertises wrong routing information to produce itself as a specific node and receives whole network traffic. • After receiving whole network traffic it can either modify the packet information or drop them to make the network complicated. • Sinkhole attacks affects the performance of Ad hoc networks protocols such as DSR protocol.
NetSim TM Sinkhole in DSR in NetSim • In DSR the source broadcasts RREQ packet during Route Discovery. • The destination on receiving the RREQ packet replies with a RREP packet containing the route to reach the destination. • But Intermediate nodes can also send RREP packet to the source if they have a route to the destination in their route cache. • Using this loophole the malicious node adds a fake route entry into its route cache with the destination node as its next hop.
NetSim TM Sinkhole in DSR in NetSim • On receiving the RREQ packet from the source the malicious node sends a fake RREP packet with the fake route. • The source node on receiving this packet observes this as a better route to the destination. • All the Network Traffic is attracted towards the Sinkhole (Malicious Node) and it can either modify the packet information or simply drop the packet (NetSim implementation)
NetSim TM Malicious.c • A file Malicious.c is added to the DSR project which contains the following functions: • fn_NetSim_DSR_MaliciousNode( ) - This function is used to identify whether a current device is malicious or not in-order to establish malicious behavior • fn_NetSim_DSR_MaliciousRouteAddToCache() - This function is used to add a fake route entry into the route cache of the malicious device with its next hop as the destination • fn_NetSim_DSR_MaliciousProcessSourceRouteOption() - This function is used to drop the received packets if the device is malicious, instead of forwarding the packet to the next hop
NetSim TM Simulation of sinkhole attack in NetSim Source – Device id 1 Destination – Device id 6 Sinkhole (malicious node) – Device id 2
NetSim TM Intrusion Detection System
NetSim TM Introduction • An intrusion detection system (IDS) monitors network for malicious activities • Once an attack is identified, or abnormal behaviour is sensed, measures are taken to recover from the attack. • The system also keeps track of the intruders so as to avoid further attacks in future.
NetSim TM IDS in NetSim In NetSim Intrusion Detection System has two major functionalities 1.Watchdog • A watchdog timer is added to each Node in the Network. • The timer starts the moment a packet is sent. • Once the packet is forwarded to the next hop within the Watchdog time duration. • If the next hop is malicious then it need not forward the packet (as per the sinkhole attack implemented) • A counter is used to keep track of number of time watchdog timer expires. • Once the counter reaches the failure threshold the current node marks its next hop as malicious and sends it for blacklisting. 2.Pathrater • Adds malicious nodes to blacklist. • Validates routes by verifying route reply. • Discards route reply if blacklisted nodes are present in it.
NetSim TM Watchdog.c Some of the important functions are: • add_watchdog_timer() - Adds a watchdog timer to each Node in the Network. • watchdog_timer_execute() - Checks if the packet is sent before timer expiry & checks if failure threshold is reached. Pathrater.c Some of the important functions are: • add_to_blacklist() - Adds malicious nodes to blacklist of the current device • verify_route_reply() - Checks if the IP addresses in the route reply contains the IP of any blacklisted node. IDS in NetSim
NetSim TM Simulation of IDS in NetSim Source – Device id 1 Destination – Device id 6 Intruder (malicious node) – Device id 3 , Device id 4 IDS running in all the nodes
Analyzing Metrics: Comparison of Network performance
NetSim TM Comparison of Throughput • Normal working • After attack • With IDS 0 0.02 0.04 0.06 0.08 0.1 0.12 Throughput Normal Attack IDS
NetSim TM Comparison of Application Delay 0 5000000 10000000 15000000 20000000 25000000 30000000 35000000 40000000 Delay Application Delay Normal Attack IDS
NetSim TM Youtube Channel http://www.youtube.com/tetcos
NetSim TM Over 300+ Customers across 15 countries Education - International Defence / Space / Industry Education - India
NetSim TM Research Areas in MANET • Routing protocols – Location based, Power aware etc. • QoS in adhoc networks • Intrusion detection • Performance Analysis • Vehicular adhoc networks etc., The Project Codes of Sinkhole Attack, IDS and other projects in different Networks can be accessed using the link: http://www.tetcos.com/File_Exchange/
NetSim TM Q & A Session Note: Depending on the available time, we will try to cover all your questions. In case your query is not answered, we assure you to answer your question via email.
NetSim TM For technical information contact Visit: www.tetcos.com E-mail: sales@tetcos.com Tele-fax: +91 80 2663 062411 For Commercial information: please contact our local channel partner available at http://tetcos.com/listcp.html

More Related Content

PPTX
Wormhole attack
Harsh Kishore Mishra
 
PDF
Blackhole attack in Manet
Prof Ansari
 
PDF
wormhole attacks in wireless networks
Thesis Scientist Private Limited
 
PDF
Wormhole Attack
Pecific University
 
PPT
Flooding attack manet
Meena S Pandi
 
PDF
Attacks on mobile ad hoc networks
Zdravko Danailov
 
PPTX
Protocol manet
Kunal Prajapati
 
PPTX
DETECTION OF SYBIL ATTACK IN MOBILE ADHOCK NETWORKING
Prakash Kumar
 
Wormhole attack
Harsh Kishore Mishra
 
Blackhole attack in Manet
Prof Ansari
 
wormhole attacks in wireless networks
Thesis Scientist Private Limited
 
Wormhole Attack
Pecific University
 
Flooding attack manet
Meena S Pandi
 
Attacks on mobile ad hoc networks
Zdravko Danailov
 
Protocol manet
Kunal Prajapati
 
DETECTION OF SYBIL ATTACK IN MOBILE ADHOCK NETWORKING
Prakash Kumar
 

What's hot (20)

PPT
Attacks in MANET
Sunita Sahu
 
PDF
Black hole Attack Avoidance Protocol for wireless Ad-Hoc networks
ijsrd.com
 
PPT
Security in mobile ad hoc networks
Piyush Mittal
 
PPTX
A survey on complex wormhole attack in wireless
farrukh Farrukh
 
PPTX
Security Issues in MANET
Nitin Verma
 
PPTX
Black hole attack
Richa Kumari
 
PPT
Security in wireless sensor networks
Piyush Mittal
 
PDF
Detection and prevention of wormhole attack in mobile adhoc networks
ambitlick
 
PDF
WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...
ijsrd.com
 
PPTX
Abdullah Mukhtar ppt
Abdullah Mukhtar
 
PPTX
Security issues in manet
flowerjaan
 
PDF
Wormhole attack detection algorithms in wireless network coding systems
Pvrtechnologies Nellore
 
PPTX
Study of security attacks in manet
Kunal Prajapati
 
PPTX
Presentation1
Rajat Soni
 
PPTX
Grayhole
Kumud Dixit
 
PPTX
Various Security Attacks in mobile ad hoc networks
Kishan Patel
 
PPT
Wireless sensor networks
nagibtech
 
PDF
D0961927
IOSR Journals
 
PPTX
Security of ad hoc networks
Jayesh Rane
 
PPTX
Blackhole Attck detection in AODV Protocol
Birju Tank
 
Attacks in MANET
Sunita Sahu
 
Black hole Attack Avoidance Protocol for wireless Ad-Hoc networks
ijsrd.com
 
Security in mobile ad hoc networks
Piyush Mittal
 
A survey on complex wormhole attack in wireless
farrukh Farrukh
 
Security Issues in MANET
Nitin Verma
 
Black hole attack
Richa Kumari
 
Security in wireless sensor networks
Piyush Mittal
 
Detection and prevention of wormhole attack in mobile adhoc networks
ambitlick
 
WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...
ijsrd.com
 
Abdullah Mukhtar ppt
Abdullah Mukhtar
 
Security issues in manet
flowerjaan
 
Wormhole attack detection algorithms in wireless network coding systems
Pvrtechnologies Nellore
 
Study of security attacks in manet
Kunal Prajapati
 
Presentation1
Rajat Soni
 
Grayhole
Kumud Dixit
 
Various Security Attacks in mobile ad hoc networks
Kishan Patel
 
Wireless sensor networks
nagibtech
 
D0961927
IOSR Journals
 
Security of ad hoc networks
Jayesh Rane
 
Blackhole Attck detection in AODV Protocol
Birju Tank
 
Ad

Similar to NetSim Webinar on Network Attacks and Detection (20)

DOCX
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A probabilistic-misbehavior-de...
IEEEMEMTECHSTUDENTPROJECTS
 
PPT
Network monotoring
Programmer
 
DOCX
2014 IEEE DOTNET PARALLEL DISTRIBUTED PROJECT A probabilistic-misbehavior-det...
IEEEGLOBALSOFTSTUDENTSPROJECTS
 
PDF
6
aniketnimaje
 
PDF
A REVIEW ON NMAP AND ITS FEATURES
IRJET Journal
 
DOC
A wireless intrusion detection system and a new attack model (synopsis)
Mumbai Academisc
 
PPT
Snort
Stickman Hai
 
PDF
Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...
Editor IJCATR
 
DOCX
JPD1423 A Probabilistic Misbehavior Detection Scheme toward Efficient Trust ...
chennaijp
 
PPT
Week 10 - Packet Sssdssssssssniffers.ppt
fzbshf
 
PDF
Internet Worm Classification and Detection using Data Mining Techniques
iosrjce
 
PDF
L017317681
IOSR Journals
 
DOCX
For your final step, you will synthesize the previous steps and la
ShainaBoling829
 
PPTX
Network Penetration Testing
Mohammed Adam
 
PPTX
Scanning and Enumeration in Cyber Security.pptx
MahdiHasanSowrav
 
PPTX
Implementation Of Byzantine Fault Tolerant Algorithm on WSN
Shatadru Chattopadhyay
 
PPT
Isys20261 lecture 06
Wiliam Ferraciolli
 
PDF
VTU 8TH SEM INFORMATION AND NETWORK SECURITY SOLVED PAPERS
vtunotesbysree
 
PPTX
Artificial neural networks
Tharushi Ruwandika
 
PPT
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
skpatel91
 
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A probabilistic-misbehavior-de...
IEEEMEMTECHSTUDENTPROJECTS
 
Network monotoring
Programmer
 
2014 IEEE DOTNET PARALLEL DISTRIBUTED PROJECT A probabilistic-misbehavior-det...
IEEEGLOBALSOFTSTUDENTSPROJECTS
 
6
aniketnimaje
 
A REVIEW ON NMAP AND ITS FEATURES
IRJET Journal
 
A wireless intrusion detection system and a new attack model (synopsis)
Mumbai Academisc
 
Snort
Stickman Hai
 
Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...
Editor IJCATR
 
JPD1423 A Probabilistic Misbehavior Detection Scheme toward Efficient Trust ...
chennaijp
 
Week 10 - Packet Sssdssssssssniffers.ppt
fzbshf
 
Internet Worm Classification and Detection using Data Mining Techniques
iosrjce
 
L017317681
IOSR Journals
 
For your final step, you will synthesize the previous steps and la
ShainaBoling829
 
Network Penetration Testing
Mohammed Adam
 
Scanning and Enumeration in Cyber Security.pptx
MahdiHasanSowrav
 
Implementation Of Byzantine Fault Tolerant Algorithm on WSN
Shatadru Chattopadhyay
 
Isys20261 lecture 06
Wiliam Ferraciolli
 
VTU 8TH SEM INFORMATION AND NETWORK SECURITY SOLVED PAPERS
vtunotesbysree
 
Artificial neural networks
Tharushi Ruwandika
 
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
skpatel91
 
Ad

Recently uploaded (20)

PPTX
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
KodekX | Application Modernization Development
KodekX
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Approach and Philosophy of On baking technology
30anthuong17
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
KodekX | Application Modernization Development
KodekX
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 

NetSim Webinar on Network Attacks and Detection

  • 1. Twitter.com/tetcos linkedin.com/tetcos youtube.com/tetcos NetSim v9Network Simulation/Emulation Platform TM Webinar: Network Attacks and Detection 29th April 2016
  • 2. NetSim TM Webinar Contents 1.Why use a Network Simulator 2.Introduction to NetSim 3.Introduction to Sinkhole Attack : Attack scenario in MANET using NetSim 4.Intrusion Detection System: Detection mechanism in MANET using NetSim 5.Analyzing Metrics 6.Areas of R & D in MANET 7.Q & A
  • 3. NetSim TM Why use a Network Simulator for research ?
  • 4. NetSim TM Communication Networks have become too complex for traditional analytical methods or “rules of thumb” to provide an accurate understanding of system behavior and possible problems and solutions
  • 5. NetSim TM I. Networking traffic will quadruple by 2017 driven by wireless & mobile communication II. 2+ billion videos watched online every day III. Mobiles, tablets & sensors to join with existing internet cloud to form “network of things” I. Mobile Ad-hoc Networks II. Wireless Sensor Networks III. Cognitive Radio IV. LTE / LTE-A V. Internet of Things (IOT) 50 % of all research papers in IEEE & ACM refer a Network Simulator Observations in computer networking domain Key areas of research & development
  • 7. NetSim TM NetSim is a popular tool for Network Design, Network R & D and defense applications. It allows users to create network scenarios, model traffic and study network performance metrics Wide range of technologies across LAN, WAN, BGP, WLAN, MANET, Wi-MAX, Cellular(GSM and CDMA), Cognitive Radio, Sensor Networks, IOT and LTE as per international Standards Open architecture with protocol C source code for users to write, link and de- bug.
  • 8. NetSim TM NetSim - Customer Segments • Enterprise • Network design • Network validation • Defence • Network Centric Warfare • R&D Labs • Protocol Development • New Technology testing • Academic • Network Labs (B.Tech/BS), • Advanced Network Labs(M.Tech/MS) – ECE,CSE,IT • Phd thesis/M.Tech Projects
  • 9. NetSim TM Technology Libraries Component No Networks / Protocols Component 1 (Base. Required for all components) Internetworks: Ethernet - Fast & Gigabit, Address Resolution Protocol, WLAN - 802.11 a, b, g , n, ac and e, Propagation - Free space, Log-normal Shadowing, Rayleigh Fading, IPv4 with VPN, Firewalls, Routing - RIP, OSPF, Queuing - Round Robin, FIFO, Priority, TCP, UDP. Common Modules Applications: Traffic Generator: Voice, Video, FTP, Database, HTTP, Email, Peer-to-peer and Custom. Virtual Network Stack, Simulation Kernel Command Line Interface, Metrics Engine with packet and event trace, Packet Animator Component 2 Legacy Networks: Aloha - Pure & Slotted, CSMA/CD, Token Ring, Token Bus, ATM, X.25, Frame Relay, Multi-Protocol Label Switching (MPLS) Component 3 BGP Networks: Border Gateway Protocol (BGP) Component 4 Advanced Wireless Networks: MANET - DSR, AODV, OLSR, ZRP, Wi-Max Component 5 Cellular Networks - GSM, CDMA Component 6 (Component 4 required) Wireless Sensor Networks, IOT & Personal Area Networks: WSN with agent model & battery models ZigBee Component 7 Cognitive Radio Networks WRAN Component 8 Long Term Evolution LTE Component 9 (Component 4 required) Military Radio TDMA Link 16
  • 10. NetSim TM 1. New Technologies • Internet of things • 802.11 ac (Gigabit Wi-Fi) • Rate adaptation algorithm for WLAN • Military Radios: HF, UHF and VHF Bands 2. Network Emulator Add-on Module • Connect NetSim to Real Devices running Live Application 3. Interfacing with softwares • MATLAB interface • Wireshark Interface 4. Accelerated and multithreaded kernel • Approx. 40x times faster than v8.3 for large simulations 5. Simulation Scale up • Pro version tested up to 100,000 devices What’s new in v9
  • 12. NetSim TM Sinkhole Attack in MANET • Sinkhole attack is one of the severe attacks in wireless Ad hoc network. • In sinkhole Attack, a compromised node or malicious node advertises wrong routing information to produce itself as a specific node and receives whole network traffic. • After receiving whole network traffic it can either modify the packet information or drop them to make the network complicated. • Sinkhole attacks affects the performance of Ad hoc networks protocols such as DSR protocol.
  • 13. NetSim TM Sinkhole in DSR in NetSim • In DSR the source broadcasts RREQ packet during Route Discovery. • The destination on receiving the RREQ packet replies with a RREP packet containing the route to reach the destination. • But Intermediate nodes can also send RREP packet to the source if they have a route to the destination in their route cache. • Using this loophole the malicious node adds a fake route entry into its route cache with the destination node as its next hop.
  • 14. NetSim TM Sinkhole in DSR in NetSim • On receiving the RREQ packet from the source the malicious node sends a fake RREP packet with the fake route. • The source node on receiving this packet observes this as a better route to the destination. • All the Network Traffic is attracted towards the Sinkhole (Malicious Node) and it can either modify the packet information or simply drop the packet (NetSim implementation)
  • 15. NetSim TM Malicious.c • A file Malicious.c is added to the DSR project which contains the following functions: • fn_NetSim_DSR_MaliciousNode( ) - This function is used to identify whether a current device is malicious or not in-order to establish malicious behavior • fn_NetSim_DSR_MaliciousRouteAddToCache() - This function is used to add a fake route entry into the route cache of the malicious device with its next hop as the destination • fn_NetSim_DSR_MaliciousProcessSourceRouteOption() - This function is used to drop the received packets if the device is malicious, instead of forwarding the packet to the next hop
  • 16. NetSim TM Simulation of sinkhole attack in NetSim Source – Device id 1 Destination – Device id 6 Sinkhole (malicious node) – Device id 2
  • 18. NetSim TM Introduction • An intrusion detection system (IDS) monitors network for malicious activities • Once an attack is identified, or abnormal behaviour is sensed, measures are taken to recover from the attack. • The system also keeps track of the intruders so as to avoid further attacks in future.
  • 19. NetSim TM IDS in NetSim In NetSim Intrusion Detection System has two major functionalities 1.Watchdog • A watchdog timer is added to each Node in the Network. • The timer starts the moment a packet is sent. • Once the packet is forwarded to the next hop within the Watchdog time duration. • If the next hop is malicious then it need not forward the packet (as per the sinkhole attack implemented) • A counter is used to keep track of number of time watchdog timer expires. • Once the counter reaches the failure threshold the current node marks its next hop as malicious and sends it for blacklisting. 2.Pathrater • Adds malicious nodes to blacklist. • Validates routes by verifying route reply. • Discards route reply if blacklisted nodes are present in it.
  • 20. NetSim TM Watchdog.c Some of the important functions are: • add_watchdog_timer() - Adds a watchdog timer to each Node in the Network. • watchdog_timer_execute() - Checks if the packet is sent before timer expiry & checks if failure threshold is reached. Pathrater.c Some of the important functions are: • add_to_blacklist() - Adds malicious nodes to blacklist of the current device • verify_route_reply() - Checks if the IP addresses in the route reply contains the IP of any blacklisted node. IDS in NetSim
  • 21. NetSim TM Simulation of IDS in NetSim Source – Device id 1 Destination – Device id 6 Intruder (malicious node) – Device id 3 , Device id 4 IDS running in all the nodes
  • 22. Analyzing Metrics: Comparison of Network performance
  • 23. NetSim TM Comparison of Throughput • Normal working • After attack • With IDS 0 0.02 0.04 0.06 0.08 0.1 0.12 Throughput Normal Attack IDS
  • 24. NetSim TM Comparison of Application Delay 0 5000000 10000000 15000000 20000000 25000000 30000000 35000000 40000000 Delay Application Delay Normal Attack IDS
  • 26. NetSim TM Over 300+ Customers across 15 countries Education - International Defence / Space / Industry Education - India
  • 27. NetSim TM Research Areas in MANET • Routing protocols – Location based, Power aware etc. • QoS in adhoc networks • Intrusion detection • Performance Analysis • Vehicular adhoc networks etc., The Project Codes of Sinkhole Attack, IDS and other projects in different Networks can be accessed using the link: http://www.tetcos.com/File_Exchange/
  • 28. NetSim TM Q & A Session Note: Depending on the available time, we will try to cover all your questions. In case your query is not answered, we assure you to answer your question via email.
  • 29. NetSim TM For technical information contact Visit: www.tetcos.com E-mail: sales@tetcos.com Tele-fax: +91 80 2663 062411 For Commercial information: please contact our local channel partner available at http://tetcos.com/listcp.html