International Journal of Engineering Trends and Technology (IJETT) – Volume17 Number 9–Nov2014
Unauthorized Node detection and prevention with in
and out flow rate of transmission
S Raju Chintalapati1, V Sangeeta2
1
1,2
Final M.Tech Student,2Associate professor
Computer Science and Engineering from Pydah College of Engineering and Technology ,Visakhapatnam
Dist.A.P
Abstract:
Detection of malicious or unauthorized node is a
complex task accurately, some time it misleads the
authentication of genuine users. In this paper we propose
an enhanced approach of intrusion detection and secure
data transmission after through genuine nodes .We are
proposing a data rating based secure path. Initially nodes
can be classified as genuine or malicious then path can be
computed based on data rating and to maintain the data
confidentiality data can be encrypted with Triple DES
algorithm.
I. INTRODUCTION
In wireless sensor network every independent
node can send request, process the request and send the
response to the client, every node is open and data packets
can be transmitted over open network, for identification of
unauthorized nodes or malicious nodes various approaches
proposed by various authors from years of research, every
approach has their own advantages and vulnerabilities with
in it. Port bases classification approach filter the data of
incoming node based on the port number.
In classification approach incoming node can be
analyzed or detected based behavior of the node, it means
to which node it is connecting, from which port number,
which type of service it is using and how many number
packets transmitting to destination node. This testing
sample can be examined by the training data set with
classification or machine learning approach.
In network wireless sensor network
(WSN) play an important role in the technology and having
application like military, hospital and so on. Many features
are there in wireless sensor network such as low cost for
installation and also unattended network operation because
no physical line of defense in other words the information
flow is not monitored through any source like switches or
gates. To secure such type of network is the challenge
where application confidentiality has a prior significance
over the network. so first we should expose the intrusion
tries to attack over the network (sensor node and
destination of the information) which is harmful for the
network then protect and operate the WSN in safe and
secure manner in order to provide security for the wireless
ISSN: 2231-5381
sensor network. By this WSN proposed a Intrusion
Detection System (IDS) with the survey of state of the art.
At the beginning complete information of the IDS is
required and then proposed a survey of IDS for Ad-Hoc
networks to the system to which the WSN is applied and
finally we get the WSN which is proposed by the IDS.
Analysis, comparison of each scheme and also the
advantages and disadvantages is obtained. At last WSN is
obtained by the guidelines of IDS with the application
potentiality
Intrusion Prevention: It task is to prevent the intrusion of
any attack over the network. A technique is proposed to
prevent the attack of intrusion by defending against the
target.
Intrusion Detection : It task is to identify the attack if any
attacker enter over the network inspire of the protection
then the IDS comes in to the active mode and switch to
detection mode, it identifies the node that are being
attacked and gets them to the switch mode of detection.
Migration: It task is to find the attacker and then remove
the node from the network
In network unauthorized activity enters is known
as intrusion these are of two types one is passive like
eavesdropping ,information gathering and the other is
active like hole attack, harmful packet forwarding, packet
dropping. For the first line of protection ‘Intrusion
Prevention’ does nothing in preventing the intrusion but in
second line of protection ‘Intrusion Detection’ intrusion is
detected the auspicious behavior of the network member in
the network over the wireless sensor network.
In Intrusion Detection Systems offers the
information to the network system which support the
security such as location on intruder and intruder
identification, intrusion time, activity of the intrusion
(active or passive),intrusion type (attacks such as worm
hole, black hole,sink hole, selective forwarding)layer over
the WSN.
II. RELATED WORK
Consider a training data to apply the classification on
traffic to improve the performance of classified data is
http://www.ijettjournal.org
Page 454
International Journal of Engineering Trends and Technology (IJETT) – Volume17 Number 9–Nov2014
proposed in this paper. The flow of the traffic is described
on the statistical feature, flow correlation information
which is modeled by the bag of flow (BoF). Based on
traffic classification of a classifier theBof is solved and
improved a framework with the classifier combination to
get the better performance of the classification. so to
improve this process of BoF naive Bayes (NB) prediction
of correlated flow method is proposed based on traffic
classification. Aggregation strategies are analyzed
by
predicted the sensitivity of the error. Finally to verify the
proposed system huge number of experiments is conducted
comparing to the real world scenario using the datasets.
Thus the experiments results in showing the traffic
classification can succeed to the better performance of the
previous existing classification.
In the modern network security traffic
classification is one of the essential and useful technologies
and also handles many difficult situation like lawful
interception and also intrusion detection. One such
example is that to detect the worm propagation, intrusions,
spam spread and indicative denial of service attacks can
use handled by the traffic classification. it plays an
significant part in the world of modern network by
providing the control over the quality of service(QoS) .
several commercial tools with traffic classification
organized and also with the requirement of the traffic
classification demand increases in the modern world on
traffic classification.
Traditional traffic classification depends on the
port numbers stated by the application of the required in
the ip packets payload whereas in modern technique
generally host behavior or encrypt the application based on
statistical features of flow level. In recent time’s machine
learning techniques gained attentiveness considerably to
the traffic classification of the statistical features. To obtain
the structural patterns, online traffic is applied
automatically to the flow statistical properties and machine
learning . these methods find the problem which are
regularly obtained by the traditional method like dynamic
port numbers over the network and protecting the privacy
of the user .
NavieBayes is one of the finest classification
method over the internet classification and can improve to
the feature discretization. The benefit of NB classifier is
that it allows data of the training dataset to calculate the
parameters of the classification technique ,further the
feaues discretization proves that the NB has quicker speed
ISSN: 2231-5381
of classification and accuracy and asloits is most
significant features in the modern world of traffic
classification .
Our current work divided into three parts, one is
node authentication and detection ,here node can identified
as genuine node or malicious node based on signature over
key,then path can be computed based on the data rating
between the source node to destination node and to
maintain the data confidentiality data can be encrypted and
decrypted with Triple DES cryptographic algorithm.
III. PROPOSED WORK
In this paper we are proposing an efficient and hybrid
approach for malicious node detection and secure data
transmission with signature based mechanism for
authentication, Data rating for optimal path computation
and to maintain the privacy between genuine nodes we are
using cryptographic algorithm.
We are proposing an efficient malicious node
detection and prevention mechanism with signature and
data rating techniques. Master node (MN) is a centralized
server it generates a random session key and distributed to
all available nodes or general nodes (GN) in the
networks,nodesin turn applies signature over the key which
is received frommaster node and forward back to master
node. Master node itself generates signature on key and
compares the signatures of all individual nodes, if signature
generated at master node and general node are equal then
that node is genuine otherwise it is malicious.
ALGORITHM: Node recognition
Step1 : A random session Sk is shared by MN to each
node individually.
Step2 : MN computes signature(Sk).
Step43: Individual GN computes hash or signature over
received Sk
S=[h(Sk)]
h=hash function known by both MN and general node
5) GN requests MN for sign verification with S or [h(Sk)]
6) if S (send by GN)= S (stored in MN)
Then “Node is genuine”
else
Malicious Node
end if
http://www.ijettjournal.org
Page 455
International Journal of Engineering Trends and Technology (IJETT) – Volume17 Number 9–Nov2014
Data rating:
After node recognition, genuine nodes can communicate
with each other, any node can transmit data packets to
destination node through the intermediate nodes by
computing the data rating of the nodes. Here data rating
can be computed based on packets which are incoming to a
node and packets which are going out from the node .Let
use consider a source node “A” wants to transmits some
data packets to destination node “E” and B,C,D are
intermediate nodes, path can be based on highest data
rating by computing average of in out packet transmission.
The following table shows sample data rating table as
follows.
In (data packets in Bytes)
30
40
25
23
45
46
Out (data packets in Bytes)
20
40
22
23
40
44
Data rating can be computed with average of in and out
with respect to all intermediate nodes and data transmitted
through highest rating path of genuine nodes. For secure
transmission of data packets from source to destination
data packets can be encrypted with Triple DES
cryptographic algorithm and these data packets can
decrypted only at destination node even though
transmitting through intermediate node. The following
algorithm shows triple DES algorithm as follows
Secure Transmission:
IV. CONCLUSION
We are concluding our current research work with efficient
malicious node detection technique i.e data rating, here it
computes average rate of in and out packets which are
transmitted through intermediate nodes and data packets
can be passed only through maximum average rate
transmission nodes, to avoid the malicious nodes, further
communication can be done with genuine nodes after
authentication with cryptographic algorithm. Our
experimental results show efficient results than the
traditional approach
REFERENCES
From source to destination data can be securely
transmitted through cryptographic algorithm i.e Triple DES
algorithm, it is a symmetric key algorithm, uses same key
for encryption ad decryption between source and
destination, intermediate nodes cannot decrypt it.
Triple DES is the common name for the Triple Data
Encryption Algorithm (TDEA) block cipher. It is so named
because it applies the Data Encryption Standard (DES)
cipher algorithm three times to each data block. Triple DES
provides a relatively simple method of increasing the key
size of DES to protect against brute force attacks, without
requiring a completely new block cipher algorithm.
The standards define three keying options:
 Keying option 1: All three keys are independent.
 Keying option 2: K1 and K2 are independent, and K3
= K1.
 Keying option 3: All three keys are identical, i.e. K1 =
K2 = K3.
ISSN: 2231-5381
Keying option 1 is the strongest, with 3 x 56 = 168
independent key bits.
Keying option 2 provides less security, with 2 x 56 = 112
key bits. This option is stronger than simply DES
encrypting twice, e.g. with K1 and K2, because
it protects against meet-in-the-middle attacks.
Keying option 3 is no better than DES, with only 56 key
bits. This option provides backward compatibility with
DES, because the first and second DES operations simply
cancel out. It is no longer recommended by the National
Institute of Standards and Technology (NIST) and not
supported by ISO/IEC 18033-3.
In general Triple DES with three independent keys (keying
option 1) has a key length of 168 bits (three 56-bit DES
keys), but due to the meet-in-the-middle attack the
effective security it provides is only 112 bits. Keying
option 2, reduces the key size to 112 bits. However, this
option is susceptible to certain chosen-plaintext or knownplaintext attacks and thus it is designated by NIST to have
only 80 bits of security.
[1]
Berkeley
MICA
mote.ttp://webs.cs.berkeley.edu/tos/hardware/hardware.htm
l, 2003.
[2]
MICA2
radio
stack
for
TinyOS.http://webs.cs.berkeley.edu/tos/tinyos1.x/doc/mica2radio/CC1000.html, 2003.
[3] Chipcon. SmartRF CC1000 single chip very low power
RFtransceiver.http://www.chipcon.com/files/CC1000 Data
Sheet 2 1.pdf,2003.
[4] J. Hill and D. Culler. A wireless embedded sensor
architecturefor system-level optimization. Technical report,
Universityof California, Berkeley, 2001.
[5] S. Hollar. COTS Dust.Master’s thesis, University of
California,Berkeley, December 2000.
[6] Y.-C. Hu, A. Perrig, and D. B. Johnson. Packet leashes:
A defense against wormhole attacks in wireless ad hoc
networks.Proceedings of the 22nd Annual Joint
http://www.ijettjournal.org
Page 456
International Journal of Engineering Trends and Technology (IJETT) – Volume17 Number 9–Nov2014
Conference ofthe IEEE Computer and Communications
Societies (INFOCOM2003), April 2003.
[7] J. M. Kahn, R. H. Katz, and K. S. J. Pister. Next
centurychallenges: Mobile networking for “smart dust”. In
InternationalConference on Mobile Computing and
Networking(MOBICOM), pages 271–278, 1999.
[8] J. M. Kahn, R. H. Katz, and K. S. J. Pister. Emerging
challenges:Mobile networking for “smart dust”. Journal of
Communications and Networks, 2(3):188–196, September
2000.
[9] C. Karlof and D. Wagner. Secure routing in wireless
sensornetworks: Attacks and countermeasures. First IEEE
InternationalWorkshop on Sensor Network Protocols and
Applications,May 2003.
[10] T. S. Rappaport. Wireless communications: principles
andpractice. Prentice Hall, 2nd edition, 2002.
BIOGRAPHIES
S RajuChintalapati completed MSc. in
Andhra University in year 2011.He is
pursuing M.Tech in Computer Science
and Engineering from Pydah College of
Engineering and Technology ,Visakhapatnam
Dist.A.P. His areas of interest include Java, Computer
Networks and Computer Organization, DBMS.
V Sangeeta completed her M.Tech in
Andhra University, Visakhapatnam in
year 2006.She is currently working as
an Associate professor and Head of
the Department of Computer Science
and Engineering at Pydah College of Engineering and
Technology, JNTUK University. She is pursuing her
Ph.D degree in computer science at Andhra
University. Her research focus on Data Mining and
Warehousing .
ISSN: 2231-5381
http://www.ijettjournal.org
Page 457