Different Types of Attacks on Multicast in Mobile Ad Hoc Networks Reporter : Claudia 1 0-7695-2552-0/06 $20.00 © 2006 IEEE 2011/12/7 Outline Basic knowledge Mobile Ad Hoc Networks (MANET) Ad hoc On Demand Distance Vector (AODV) protocol MANET Rushing attack Blackhole attack Neighbor attack Jellyfish attack Summary Reference 2 0-7695-2552-0/06 $20.00 © 2006 IEEE 2011/12/7 Mobile Ad Hoc Networks (MANET) Def. A self-configuring infrastructureless network of mobile devices connected by wireless links. Characteristic 3 Each device in a MANET is free to move independently in any direction, and will therefore change its links to other devices frequently. Each device must forward traffic unrelated to its own use, and therefore be a router. 0-7695-2552-0/06 $20.00 © 2006 IEEE 2011/12/7 Ad hoc On Demand Distance Vector (AODV) protocol On Demand routing. Distance Vector. Hello messages. Route discovery. Sequence number. 4 0-7695-2552-0/06 $20.00 © 2006 IEEE 2011/12/7 Ad hoc On Demand Distance Vector (AODV) protocol (cont.) 5 Route discovery(Example from reference [5] 0-7695-2552-0/06 $20.00 © 2006 IEEE 2011/12/7 Ad hoc On Demand Distance Vector (AODV) protocol (cont.) 6 Route discovery(Example from reference [5] 0-7695-2552-0/06 $20.00 © 2006 IEEE 2011/12/7 Ad hoc On Demand Distance Vector (AODV) protocol (cont.) 7 Route discovery(Example from reference [5] 0-7695-2552-0/06 $20.00 © 2006 IEEE 2011/12/7 Ad hoc On Demand Distance Vector (AODV) protocol (cont.) 8 Route discovery(Example from reference [5] 0-7695-2552-0/06 $20.00 © 2006 IEEE 2011/12/7 Ad hoc On Demand Distance Vector (AODV) protocol (cont.) 9 Route discovery(Example from reference [5] 0-7695-2552-0/06 $20.00 © 2006 IEEE 2011/12/7 Rushing attack By skipping some of the routing processes, can quickly forward these packets and make other router discard the normally-process packets. Cause the attacker is able to gain access to the forwarding group. 10 0-7695-2552-0/06 $20.00 © 2006 IEEE 2011/12/7 Rushing attack (cont.) Picture from reference [1]. 11 0-7695-2552-0/06 $20.00 © 2006 IEEE 2011/12/7 Blackhole attack Using rushing attack at first. Drops all of data packets it receives. Cause very low packet delivery ratio. 12 0-7695-2552-0/06 $20.00 © 2006 IEEE 2011/12/7 Blackhole attack(cont.) Picture from reference [1]. 13 0-7695-2552-0/06 $20.00 © 2006 IEEE 2011/12/7 Jellyfish attack Using rushing attack at first. Delays data packets unnecessarily for some amount of time before forwarding them. Results in significantly high end-to-end delay and delay jitter. 14 0-7695-2552-0/06 $20.00 © 2006 IEEE 2011/12/7 Jellyfish attack(cont.) Picture from reference [1]. 15 0-7695-2552-0/06 $20.00 © 2006 IEEE 2011/12/7 Jellyfish attack(cont.) Picture from reference [1]. 16 0-7695-2552-0/06 $20.00 © 2006 IEEE 2011/12/7 Neighbor attack Using rushing attack at first. Attacker simply forwards the packet without recording its ID in the packet. Resulting in a disrupted route. 17 0-7695-2552-0/06 $20.00 © 2006 IEEE 2011/12/7 Summary Protocols that use the duplicate suppression mechanism such as ODMRP, ADMR are very vulnerable to rushing attacks. Jellyfish attacks do not affect the packet delivery ratio or the throughput of a multicast group, but they severely increase the packet end-to-end delay and delay jitter. The operations of blackhole attacks and neighbor attacks are different, they both cause the same degree of damage to the performance of a multicast group in terms of packer loss rate. 18 0-7695-2552-0/06 $20.00 © 2006 IEEE 2011/12/7 Reference [1]http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber =1628395 [2]http://en.wikipedia.org/wiki/Mobile_ad_hoc_network [3]http://en.wikipedia.org/wiki/List_of_ad_hoc_routing_p rotocols [4]http://users.crhc.illinois.edu/yihchun/pubs/wise03.pdf [5]http://www.cs.jhu.edu/~cs647/aodv.pdf 19 0-7695-2552-0/06 $20.00 © 2006 IEEE 2011/12/7