Identity attacks detection system for 802. 11 based Ad hoc networks

Abstract

802.11 based Mobile Ad hoc networks are low energy and spontaneous networks. However, the absence of a central identity management system to keep a track of identities in network and broadcast nature, these networks are always prone to identity attacks. In such attacks, multiple illegitimate (arbitrary or spoofed) identities are created on a physical device for various malevolent reasons, such as to launch DoS or DDoS attacks to escape detection and accountability in the network. In this thesis, two main identity attack scenarios i.e., Sybil attack and replication attack have been considered. In the former scenario, more than one identities are created for a single physical device; whereas, in the latter scenario, duplicate identities are created for many physical devices in the same network. Collectively, these attacks are referred to as identity attacks. The current literature proposed solutions where such attacks are counteracted separately. We have proposed an Identity Attack Detection System (IADS) that considers the fluctuation in the RSS value of nodes to identify malevolent nodes. The detected malevolent nodes can be quarantined and can be blacklisted for future correspondence by the system. The IADS can identify both attacks in a single shot. The IADS can detect: i) duplicate node, ii) change in node position, iii) change in RSS both abrupt or gradual, iv) the status (ON/OFF) of the node, v) the location of a node whether at the start or the end of the ad hoc topology. In addition, IADS do not require any additional hardware such as GPS or Trusted Third-party or Certification authority. The proposed scheme has been assessed using: first, mathematical evaluation via graph theory, second statistical evaluation via Minitab and third simulation via NS-2 simulator. It is worth mentioning that the data for the statistical analysis has been obtained from real test beds. The results obtained from statistical, mathematical and simulation show, comparatively, the overall improvement of the proposed detection system with high rate of accuracy and without adding extra overhead. Overall, the IADS deliver at average 4 % FPR while 96.56%, 96.01% and 100% TPR using three different evaluation techniques simulation, statistical and mathematical respectively.