1、PerformanceassessmentofSecureMANETroutingprotocolsinaMaliciousEnvironmentOctober 2011University Id : 10532Student Id: LY2009017Security Level : NormalHUNAN UNIVERSITYPerformance assessment of secure MANET routingprotocols in malicious environmentMASTERS THESISByFoday Konko KamaraCollegeMajorResearch
2、 FieldSupervisor: Information Science and Engineering: Computer Applications: Computer Networking: Professor Wang DongSubmission DateDefense Date:15th October 201128th October 2011Defense committee Chairman: Professor LiaoHunan University二Octor 2011PerformanceassessmentofSecureMANETroutingprotocolsi
3、naMaliciousEnvironmentPerformance assessment of secure MANET routingprotocols in malicious environmentByFoday Konko KamaraDiploma in Computer Hardware Engineering (Africa InformationTechnology Holdings Limited, Freetown Sierra Leone) 2008A Thesis Submitted in partial fulfillment of theRequirements f
4、or the Degree ofMaster of EngineeringinComputer Science and TechnologyInThe graduate SchoolofHunan University Changsha ChinaSupervisorProfessor Wang DongOctober 2011Copyright 2011, Foday Konko KamaraHunan University三Octor 2011PerformanceassessmentofSecureMANETroutingprotocolsinaMaliciousEnvironmentH
5、unan University四Octor 2011PerformanceassessmentofSecureMANETroutingprotocolsinaMaliciousEnvironmentHUNAN UNIVERSITYDECLARATIONI, Foday Konko Kamara hereby declare that the work presented in this Masters thesistitled “Performance assessment of secure MANET routing protocols in maliciousenvironment” i
6、s my original work and has not been presented elsewhere for anyacademic qualification. Where references have been used from books, publishedpapers, reports and websites, it is fully acknowledged in accordance with the standardreferencing practices of the discipline.Students signature: Date:Copyright
7、 StatementPermission is herewith granted to Hunan University to circulate and reproduce fornon-commercial purposes, at its discretion, this thesis upon the request of individualsor institutions. The author does not reserve other publication rights and the thesis norextensive extracts from it be prin
8、ted or otherwise reproduce without the authorswritten permissionThis thesis belongs to:1. Secure , and this power of attorney is valid after2. Not secure( Please mark the above corresponding check box with“”)Authors Signature:Supervisors Signature:Date:Date:Hunan UniversityIOctor 2011Performanceasse
9、ssmentofSecureMANETroutingprotocolsinaMaliciousEnvironmentDEDICATIONI dedicate this thesis to my family for the love and courage they have shown to methroughout this time.Hunan UniversityIIOctor 2011PerformanceassessmentofSecureMANETroutingprotocolsinaMaliciousEnvironmentAbstractMobile Ad-hoc Networ
10、k (MANET), by virtue of their flexibility and independence ofnetwork infrastructures like base stations and unique characteristics such as dynamicnetwork topology, limited bandwidth and limited battery power, routing in thisnetwork is a particularly challenging task as compared to a conventional net
11、work. InMANET, routing is severely vulnerable to various kinds of routing attacks viz-a-viz:black hole attack, link with holding attack, link spoofing attack, replay attack,wormhole attack and colluding mis-relay attack. All of these attacks influence thenormal operations of MANET in different ways.
12、 With the dynamic network topologyin MANET, routing functions are carried out by available nodes since there are fixedbase stations. In such routing environment, each node acts both as a router and as ahost thus, causes the network to raise security problems for routing processes sincenodes in ad ho
13、c cannot be trusted for the non-jeopardized execution of criticalnetwork functions. For instance, in a malicious routing environment, a malicious nodecan launch flooding attack to exhaust the network resources such as bandwidth and toconsume legitimate nodes resources such as computational and batte
14、ry power or todisrupt the routing operation by causing severe degradation in network performance.As a result of all these mentioned above, research in this area became an importantand attractive issue to researchers in the recent decades. Our research work is to assessthe performance and effectivene
15、ss of some secure routing protocols in a maliciousenvironment through by simulating various scenarios of attacks in MANET includingARIADNE and the Secure Ad hoc On-demand Distance Vector routing protocol(SAODV).In achieving the above mentioned goal, we used OPNET (Optimised NetworkEngineering Tool)
16、simulation tool in our research work to assess and evaluate howHunan UniversityIIIOctor 2011PerformanceassessmentofSecureMANETroutingprotocolsinaMaliciousEnvironmentmalicious nodes can disrupt the routing processes and performances of these fourrouting protocols: DSR, ARIADNE, AODV and SAODV. In the
17、 process, a scenario isset up for data collection and this scenario is run 11 times with 11 different values ofthe mobility pause time ranging from 0 to 100 seconds. The data is collectedaccording to two metrics: Packet Delivery Fraction (PDF) and Normalized RoutingLoad (NLR). In our work, the actua
18、l values of the performance metrics in a givenscenario are affected by many factors, such as node speed, moving direction of thenodes, the destination of the traffic, data flow, congestion at a specific node, etc.Thus, it was therefore difficult to evaluate the performance of the protocols bydirectl
19、y comparing the acquired metrics from individual scenarios. Hence, we decidedto take the average values of multiple simulation runs in order to obtain representativevalues for the performance metrics. The average values of these 11 simulation runsare then calculated for the two metrics and used as a
20、 baseline to evaluate theperformance of routing protocols in a given malicious environments. Furthermore, thesimulations are diversified by changing the pause time value of the mobility modelfrom 0 to 100 seconds. The average numbers of collected statistics are used tocalculate the metrics, and then
21、 evaluate the performance of the four routing protocolsto determine the impacts of the attacks upon these metrics.According to the analytical results of the simulation experiments, we observed that ina benign environment, given the network setup and mobility model; AODV andSAODV protocols were obser
22、ved to do better than DSR and ARIADNE. This is dueto the high mobility of the nodes, and as such there is a more negative impact uponthe operations of the DSR and ARIADNE protocols in such environment. However,the route drop attacks cause the number of received data packets to decrease for all ofthe
23、 protocols and when the number of malicious nodes increases, fewer data packetsHunan UniversityIVOctor 2011PerformanceassessmentofSecureMANETroutingprotocolsinaMaliciousEnvironmentcan get to the destination. The secure protocols such as ARIADNE and SAODV,working in malicious environments with route
24、modification attacks, achieved almostthe same high PDF metric as in the benign environments but there is a slight decreaseof PDF metric due to more routing packets being generated. As observed in ourexperiment, in all simulated malicious environments, the normal routing protocolsDSR and AODV failed
25、to get data delivered to the destinations and positioning themalicious nodes initially in the middle of the network affects the PDF metrics themost. Furthermore, the ARIADNE protocol did not properly handle the case in whichthe intermediate nodes return cached routes. We noticed that if this feature
26、 is enabledin order to take advantage of faster route discovery time, the protocol may becomevulnerable to fabrication attacks and this vulnerability must be removed in order forthe cached route feature to be effectively used. However, the SAODV protocol reallyneeds a key management mechanism to wor
27、k properly in malicious environments.Key words: Mobile Ad Hoc Network, Routing Protocol, Security, Network AttacksHunan UniversityVOctor 2011PerformanceassessmentofSecureMANETroutingprotocolsinaMaliciousEnvironment摘要自组织网络( Ad Hoc)以它们的灵活性、节点等网络设备的独立性、网络拓扑结构动态变化的独特性、有限的带宽和有限的电源等为特点。和传统的网络相比路由是自组织网络中一个
28、挑战,在自组织网络中路由选择很容易受到路由攻击。例如:黑洞攻击、牵制攻击、虫洞攻击、欺骗攻击、重发攻击和串通误解攻击 ,所有的这些攻击都在不同程度影响着网络的正常运行。在自组织网络的动态拓扑中,因为有固定的节点,路由的功能可以由可用的节点来执行。在这种路由环境下,每个节点既是路由器又是主机,这使得网络路由过程中存在安全性的问题,因为自组织的节点对于非有害的关键网络功能的执行不予信任。例如,在一个恶意的网络环境中,一个恶意的的节点能够发起洪泛攻击,使得网络带宽被完全的占用并消耗合法节点的资源如计算能力,电源功耗或者通过引起网络性能的严重下降从而使得破坏路由的运行。正如上面所提到的一样,这个领域的
29、研究在近年变得很重要也吸引了很多学者来研究。我们的研究工作就是通过模拟各种情形的攻击估计那些在恶意环境中提出的 MANET(包括 ARIADNE 和 SAODV)的可靠的路由协议的性能和效果。为了达到这个目的,在我们的研究中使用了 OPNET 模拟工具来评价和分析恶意节点是如何进行和实现破坏 DSR, ARIADNE, AODV 和 SAODV 四个协议的。在这个过程中,我们设计一种方案来收集数据,这个方案用 11 个不同的可移动的终止时间重复做 11 次,这些终止时间的值得范围从 0-100s。数据根据 PDF 和 NLR 这两个标准来收集,在本文的工作中,给定的方案中性能标准的实际值被许多
30、因素影响。例如节点速度、节点的移动方向、移动Hunan UniversityVIOctor 2011PerformanceassessmentofSecureMANETroutingprotocolsinaMaliciousEnvironment的目的地址、数据流和特定节点的拥塞等等。因此,要想只从个别的方案的得到的标准直接来评价协议的性能是很困难的。为了得到更具代表性的性能指标,我们决定用多次运行结果的平均值。这 11 次的运行结果的平均值可推导两个指标,它们被用为在恶意环境的路由协议性能的评价基准。另外,通过在 0-100s 中选择移动模型的终止时间来实现模拟的多样化。收集到的数据的平均值
31、被用来计算评价指标的值,然后再用这些指标来评价这四个协议的性能并用指标来衡量攻击的影响。根据模拟的分析结果,我们观察到在好的环境下(在给定的网络配置和移动设备的前提下) AODV 和 SAODV 协议比 DSR 和 ARIADNE 表现的更好。这是因为节点的高移动性,就像是 DSR 和 ARIADNE 协议在这种环境下有个更差的影响。但是,对所有的协议一样,路由终止攻击导致收到的数据包减少而恶意节点数增加,从而很少的数据包能到达目的地址。例如ARIADNE 和 SAODV 安全协议,在有路由修正的攻击的恶意环境下工作,得到了和在好环境下几乎一样高的 PDF 指标,但由于生成了更多的路由数据包,
32、 PDF 指标有轻微的减少,正如我们实验观察到的,所以在恶意模拟环境下,正常的路由协议 DSR 和 AODV 未能将数据送至目的地。另外,最初在网络中恶意节点的布置对 PDF 指标的影响最大。 ARIADNE 协议不能正确的处理中间节点返回缓存路由的这种情形。我们注意到,如果为了利用更快的路由传播而使这个特征被激活,那么协议可能会很容易受到人为的攻击,这个弱点必须被克服因为缓存路由必须被有效的使用,但是 SAODV 协议在实际中是需要一个管理机制以实现在恶意环境下的工作。关键字:移动自组网;路由协议;网络安全;网络攻击Hunan UniversityVIIOctor 2011Performan
33、ceassessmentofSecureMANETroutingprotocolsinaMaliciousEnvironmentTABLE OF CONTENTSDECLARATION IDEDICATION . IIAbstract III摘要 VIITABLE OF CONTENTS .VIIILIST OF FIGURES XILIST OF TABLES , XIIICHAPTER ONE INTRODUCTION. 11.1 Background of the study 11.2 Statement of the problem 31.3 The aim and objective
34、s of the study . 41.4 Organization of the thesis . 5CHAPTER TWO LITERATURE REVIEW OF RELATED WORKS 72.1 Secure routing protocol in Mobile ad hoc Network (MANET). 72.2 General Routing issues in Manet and classification 92.3 Dynamic Source Routing Protocol (DSR)2.3.1 Route Discovery Phase2.3.2 Route M
35、aintenance2.4 Ad-hoc On-demand Distance Vector (AODV) routing protocol2.4.1 Route Discovery phase2.4.2 Route maintenance1011121313152.5 Routing Attacks against MANET Protocols . 162.6 Summary 18CHAPTER THREE SECURITY ALERT IN ROUTING PROTOCOLS. 19Hunan UniversityVIIIOctor 2011Performanceassessmentof
36、SecureMANETroutingprotocolsinaMaliciousEnvironment3.1 Security Goals 193.2 Attacks and exploits on the existing protocols 213.2.1 Attacks using Modification. 213.2.23.2.3Attacks using Impersonation 23Attacks using Fabrication 243.3 Proposed solutions 243.3.13.3.23.3.3ARIADNE 24Route Discovery Phase
37、25Route Maintenance Phase. 283.4 SAODV283.4.13.4.23.5SAODV Hash Chains 29SAODV Digital signatures 31Summary. 32CHAPTER FOUR SIMULATION AND RESULTS ANALYSIS 334.1 Simulation tool analysis 334.2. OPNET Architecture 334.2.14.2.24.2.3Wireless support of OPNET Modeler 34Implementing the protocols in the
38、OPNET modeler. 35Implementing the attack Models in OPNET Modeler 374.3 Attack models. 384.3.14.3.2Route Drop Attack 38Route Modification Attack 394.3.3 Fabrication Attack 394.3.4 Impersonation Attack 404.4. Scenario Setup 41Hunan UniversityIXOctor 2011PerformanceassessmentofSecureMANETroutingprotoco
39、lsinaMaliciousEnvironment4.5 Summary 44CHAPTER FIVE EXPERINMENTS5.1 Experiments in the benign environments.5.2 Malicious Environments Simulation Experiment4545485.2.15.2.25.2.35.2.4Route Drop Attack 48Route Modification 52Route Fabrication 55Impersonation 575.3 Summary 58CONCLUSION FUTURE WORK6061RE
40、FERENCES 63ACKNOWLEDGEMENT. 66Hunan UniversityXOctor 2011PerformanceassessmentofSecureMANETroutingprotocolsinaMaliciousEnvironmentLIST OF FIGURESFigure 1.1 Overview of operation of Mobile ad hoc network Figure 2.1 Classification of Routing Protocols in Mobile Ad-hoc Networks Figure 2.2 Route Discove
41、ry in DSR .Figure 2.3 Route Maintenance in DSR3101213Figure 2.4 Route discovery in AODV 14Figure 2.5 Route Maintenance in AODV 16Figure 3.1 Types of Security Goals 19Figure 3.2 Classification of attack on MANET routing protocols. 21Figure 3.3 An example of route modification attack 23Figure 3.4 An e
42、xample of impersonation attack. 23Figure 3.5 An example of fabrication attack 24Figure 4.1 Simulation Cycle in OPNET. 34Figure 4.2 Steps to add new secure routing protocols into OPNET 36Figure 4.3 Procedure to add security features into existing protocols in OPNET 36Figure 4.4 Procedure to integrate
43、 attack models in the routing process. 38Figure 4.5 Network setup for the experiments 43Figure 5.1 Packet Delivery Fraction vs. pause time values in benignenvironment. Figure 5.2 Normalized Routing Load vs. pause time values in benignenvironment Figure 5.3 Packet Delivery Fraction vs. number of mali
44、cious nodeswith route drop attackFigure 5.4 Normalized Routing Load Vs. number of malicious nodes withroute drop attack.45474951Hunan UniversityXIOctor 2011PerformanceassessmentofSecureMANETroutingprotocolsinaMaliciousEnvironmentFigure 5.5 Packt Delivery Fraction vs number of malicious nodes withrou
45、te modification attackFigure 5.6 Normalized Routing Load vs. number of malicious nodeswith route modification attack.5354Figure 5.7 Packet Delivery Fraction vs. number of malicious nodesfor DSR/ARIADNE with fabrication attack 56Figure 5.8 Normalized Routing Load vs. number of malicious nodesfor DSR/
46、ARIADNE with fabrication attack 56Figure 5.9 Packet Delivery Fraction vs. number of malicious nodes forAODV/SAODV with impersonation attack 57Figure 5.10 Normalized Routing Load vs. number of malicious nodes forAODV/SAODV with impersonation attack 58Hunan UniversityXIIOctor 2011PerformanceassessmentofSecureMANETroutingprotocolsinaMaliciousEnvironmentLIST OF TABLESTable 3.1 Example of ARIADE Routing processTable 3.2 Possible values of the Hash function field2730Table 4.1 List of cryptographical functions in the simulation 37Table 4.2 Implementa
