Nghin cu gii php chng tn cng l en (Black Hole Attack) trong mng khng dy di ng (Mobile Ad-hoc Network)

Ng Thnh Huyn
Trng i hc Cng ngh Lun vn Thc s ngnh: Truyn d liu v Mng my tnh; M s: 60 48 15 Ngi hng dn: PGS.TS Nguyn Vn Tam Nm bo v: 2011
Abstract: nh gi nhng thch thc i vi an ninh trong mng khng dy di ng, c th l hnh thc tn cng l en trong giao thc nh tuyn AODV. Trnh by mt s gii php chng tn cng l en trn giao thc nh tuyn AODV trong mng MANET. S dng cng c m phng NS-2 tin hnh ci t m phng cc kch bn tn cng l en, gii php chng tn cng l en da trn c ch b m gi tin c ci t trong phn mm NS-2. Qua cc kt qu m phng, tin hnh x l cc s liu, phn tch nh gi c mc nh hng ti hiu nng mng khi b tn cng. Keywords: Cng ngh thng tin; Mng khng dy; Mng khng dy di ng Content M U Hin nay, vi s pht trin mnh m ca cng ngh thng tin nh hng su sc ti hu ht cc lnh vc ca i sng. S gia tng ng k ca cc thit b di ng cm tay nh in thoi di ng, my tnh bng,c chc nng giao tip khng dy ang t ra nhiu vn v ti u ha bng thng v c ch kim sot an ninh, an ton trong giao tip gia cc thit b. Mng khng dy di ng (MANET) l mng m trong bao gm cc nt t tr, t qun l m khng c bt k c s h tng no. Mi nt mng va ng vai tr ca mt host ng thi m nhn chc nng ca mt router nh tuyn d liu. Do c tnh thiu an ton nn mng khng dy di ng l mc tiu ca a s cc kiu tn cng t lp thp nht n lp cao nht trong m hnh OSI. Trong phm vi nghin cu ca mnh, lun vn s trnh by mt s gii php chng tn cng l en (Black hole attack) trn giao thc nh tuyn AODV trong mng khng dy di ng c cc tc gi nghin cu cng b trong thi gian qua, ng thi m phng li cc cuc tn cng l en v nh gi thit hi ca n gy ra cho mng. Lun vn s dng NS -2 l mt chng trnh m phng c cha tp hp cc giao thc mng m t c nhiu cu trc mng khc nhau. Tuy NS-2 c cha cc cc giao thc nh tuyn khng dy, nhng n cha

th m phng giao thc tn cng l en. V vy, m phng cc cuc tn cng l en trn giao thc AODV cn phi b sung mt giao thc tng t AODV tin hnh m phng. Sau khi thc hin ci t mt giao thc nh tuyn mi m phng l en, lun vn s tin hnh nhiu kch bn m phng vi cc cu trc mng khc nhau qua so snh hiu nng mng khi c tn cng l en v khng c tn cng l en. CHNG 1. MNG KHNG DY V NHNG VN AN NINH TRONG MNG MANET 1.1. Gii thiu chung v mng khng dy 1.1.1. c im mng khng dy Tnh nng ch yu ca mng khng dy: - Tnh di ng: ngi dng c th truy cp d liu ngay c khi ang di chuyn, vic ny nng cao hiu qu truy xut d liu - Tc trin khai mng nhanh v d dng: Khng gp kh khn trong vic xc nh lp t dy cp mng nh trong mng c dy. - Tnh mm do: Ch ng trong vic thit lp cc nhm mng nh, do mi trng mng l khng kh nn vic m rng mng l v cng d dng. iu ny ph hp vi vic b tr cc h thng thng tin phc v cho mc ch cng cng. - Chi ph: So vi vic lp t mng c dy truyn thng th trin khai mng khng dy gim thiu chi ph lp t mt cch ng k. Tuy nhin, mng khng dy cng gp phi mt s hn ch nh: - Phm vi: Cc thit b khng dy ch hot ng trong phm vi ph sng ca mng, ngoi vng ph sng ca mng th khng th tham gia truyn nhn d liu. - Cht lng: Do vic s dng sng v tuyn truyn thng nn b nhiu, b tc ng bi cc thit b pht sng khc l iu kh trnh khi - Bo mt: L mt im quan trng trong thit k h thng mng khng dy 1.1.2. Cc m hnh hot ng ca mng khng dy a. M hnh c lp Ad hoc (IBSS) Cc nt mng trong m hnh ny hot ng theo phng thc ngang hng, b. M hnh Infrastructure (BSSs) Mi thit b trong m hnh u truyn tn hiu v im truy cp Access Point.. c. M hnh mng din rng WIMAX M hnh ny bao gm nhiu mng mng WLAN, bao ph trong mt khng gian rng ln v d nh gia cc ta nh. 1.2. Mng khng dy di ng 1.2.1. MANET L mng da trn m hnh c lp ad hoc, cc nt trong m hnh ny giao tip trc tip vi nhau m khng s dng mt im truy cp no. Do vic kt hp gia tnh di ng vi mng Ad hoc nn ngi ta thng gi l mng MANET (Mobile Ad -hoc-Network). Mng MANET c cc c im chnh sau:

- L tp hp cc nt di chuyn ngu nhin v giao tip vi nhau m khng cn s gip ca bt k c s h tng mng no. Cc nt va ng vai tr l mt host ng thi ng vai tr l mt router c kh nng tm kim, duy tr v nh tuyn cc gi d liu cho cc nt nm trong vng ph sng ca n. - Tt c cc nt u ngang hng v khng c nt no ng vai tr my ch trung tm. - Cc nt c th gia nhp hay ri b mng bt k khi no do to ra s thay i topology mt cch lin tc. MANETs ph hp cho vic s dng trong tnh hung m mng c dy hoc mng khng dy da trn c s h tng khng th truy cp, qu ti, h hng hoc b ph hy nh trong cc trng hp khn cp hoc cc nhim v cu h, cu tr thin tai v chin thut trn chin trng, hoc thng thng nh cc hi ngh trc tuyn, trong nghin cu mng cm bin. 1.1.2. Giao thc nh tuyn trong mng MANET a. Yu cu c bn i vi giao thc nh tuyn Vic thit k mt giao thc nh tuyn c hiu qu trong mng MANET phi cn c vo mt s yu cu sau: - Tc hi t mng nhanh - m bo cc c ch duy tr tuyn mng trong iu kin bnh thng - Thut ton nh tuyn thng minh, trnh tnh trng lp vng - Ch khm ph tuyn khi thc s c nhu cu truyn gi d liu - Bo mt: - Xy dng nhiu tuyn ng cho cng mt ch (redundant route). - H tr cht lng dch v - QoS b. Phn loi Mt trong nhng phng php ph bin nht phn loi cc giao thc nh tuyn cho mng MANET l da trn cch thc trao i thng tin nh tuyn gia cc nt. Theo phng php ny th giao thc nh tuyn trong mng ad hoc c chia thnh cc loi sau: Cc giao thc nh tuyn theo bng, nh tuyn theo yu cu, v nh tuyn lai ghp - Cc giao thc nh tuyn theo yu cu (on-demand). Qu trnh khm ph tuyn bt u khi c yu cu v kt thc khi c tuyn ng c tm ra hoc khng tm ra c tuyn do s di chuyn ca nt . - Cc giao thc nh tuyn theo bng (table-driven). Trong giao thc ny mi nt lun lu tr mt bng nh tuyn cha cc tuyn ng ti cc nt khc trong mng. nh k mi nt nh gi cc tuyn ti cc nt trong mng duy tr trng thi kt ni. Mi khi c s th ay i cu hnh, cc thng bo c qung b lan truyn trong ton mng thng bo cho cc nt cp nht li bng nh tuyn ca mnh. - Cc giao thc nh tuyn lai ghp (hybrid) kt hp u im ca 2 loi giao thc trn v khc phc cc nhc im ca chng. 1.2. Vn an ninh trong mng MANET 3

1.2.1. Thch thc v an ninh trong mng MANET Mng MANET gp phi nhiu thch thc: - Mi trng l khng kh km bo mt - Vic cc nt gia nhp v ri mng bt k lc no to nn s thay i thng xuyn v cu trc mng - Gii hn v ti nguyn - Thiu mt c s h tng tr gip 1.2.2. Cc yu cu v an ninh Tnh bo mt (Confidentialy) Tnh xc thc (Authentication) Tnh ton vn (Intergrity) Tnh chng chi b (Non-Repudiation) Tinh sn sng (Availability 1.2.2. Cc loi tn cng trong mng MANET C nhiu cch phn loi tn cng trong mng MANET, mc ny s phn tch da vo phn loi theo tnh cht tn cng. Chia ra lm hai loi: Tn cng b ng (Passive attacks) v Tn cng ch ng (Active attacks). Tn cng b ng l kiu tn cng khng tc ng trc tip vo thit b no trn mng, khng lm cho cc thit b trn mng bit c hot ng ca n. Cc phng thc dng trong tn cng b ng: nghe trm (Sniffing, Eavesdropping), phn tch lung thng tin (Traffic analytics). Tn cng ch ng l tn cng trc tip vo mt hoc nhiu thit b trn mng. Cc loi tn cng kiu ny c bit n nh: Tn cng t chi dch v (DOS), sa i thng tin (Message Modification), ch to thng tin mo danh (Fabrication) Trong loi tn cng ch ng ny c th c chia lm hai loi: Tn cng t bn ngoi (Extenal attack) v tn cng t bn trong (Internal attack) a. Tn cng b ng (bao gm cc hnh thc nghe trm, phn tch lu lng) Do mi trng mng l khng kh nn k tn cng c th nghe trm bt k mng khng dy no bit trong mng ang xy ra nhng g. b. Tn cng bng cch sa i Trong kiu tn cng ny, mt s trng ca thng ip nh tuyn b sa i dn n vic lm ri lon cc tuyn ng, chuyn hng hoc hnh thnh mt cuc tn cng t chi dch v. Bao gm cc hnh thc sau: - Sa i s tun t ch (destination sequence number), s chng (hop_count) ca tuyn ng - Sa i ngun ca tuyn ng Cc cuc tn cng thng gp dng ny nh l: Tn cng lm mt tuyn (Misrouting Attack), tn cng ng vng (Detour attack), tn cng hm da (Blackmail Attack). 4

c. Tn cng bng cch mo danh Kiu tn cng ny e da tnh xc thc v bo mt trong mng. Nt c hi c th gi mo a ch ca nt khc thay i cu trc mng hoc n mnh trn mng. Mt trong nhng in hnh ca loi tn cng ny l Man in the midle attack. d. Tn cng bng cch ch to (Fabrication Attack) Trong cch tn cng ny, nt c hi c gng bm vo mng cc thng ip gi mo hoc cc thng ip nh tuyn sai ph v c ch nh tuyn trong mng. Cc cuc tn cng c th in hnh dng ny nh: - Tn cng lm cn kit ti nguyn - Tn cng gy nhim c bng nh tuyn - Tn cng l en 1.3. Tng kt Ni dung chng ny trnh by nhng kin thc tng quan v cng ngh mng khng dy, cc m hnh mng khng dy, nhng c im ca mng MANET c lin quan n vn an ninh. Trong chng ny cng gii thiu mt cch c bn nht v giao thc nh tuyn trong mng Ad hoc. Ni dung chng ny cng trnh by c cc nguy c dn n mt an ninh trong mng Ad hoc v gii thiu mt s hnh thc tn cng vo giao thc nh tuyn trong mng Ad hoc. CHNG 2. TN CNG L EN TRONG GIAO THC NH TUYN AODV 2.1. Giao thc nh tuyn AODVv tn cng l en trn giao thc AODV 2.2.1. Tng quan v AODV Giao thc nh tuyn AODV [3] l nh tuyn nhiu bc, n thit lp ng i chi khi no c nhu cu truyn d liu, s dng thng ip yu cu nh tuyn (RREQ) v thng ip tr li nh tuyn (RREP). Khi mt nt mun tm ng i ti nt ch, n qung b thng ip yu cu ng i RREQ vi mt ID duy nht (RREQ ID) ti cc nt xung quanh. Khi mt nt nhn c thng ip RREQ, n cp nht s tun t (sequence number - SN) ca nt ngun v thit lp ng ngc ti nt ngun trong bng nh tuyn. Nu nh nt ny l nt ch hoc c sn ng i ti nt ch nh yu cu trc, n pht i thng ip tr li RREP tr li ti nt ngun. Khi mt ng lin kt b t, gi tin bo li ng i (RRER) c lan truyn ti nt ngun theo ng tr li c thit lp v cc nt trung gian xa u vo trong bng nh tuyn ca chng. AODV duy tr lin kt vi cc nt k cn bng cch gi i th ng ip hello theo nh k. 2.2.2. L hng giao thc AODV dn ti nguy c tn cng l en

Giao thc AODV d b k tn cng lm sai lch thng tin ng i chuyn hng ng i v bt u cc cuc tn cng khc. S sai st ca bt c trng no trong g i tin iu khin c th khin AODV gp s c. Cc trng d b ph hoi trong thng ip nh tuyn AODV nh s SN, Hc, ID ca gi tin thc hin mt cuc tn cng l en trong giao thc AODV, nt c hi ch gi tin RREQ gi t cc nt lng ging ca n. Khi nhn c gi RREQ, n ngay lp tc gi tr li gi tin RREP vi ni dung sai lch trong thit lp gi tr SN cao nht v gi tr HC nh nht m khng thc hin kim tra bng nh tuyn xem c tuyn ng ti ch no khng trc khi cc nt khc (trong gm cc nt trung gian c tuyn ng hp l hoc chnh nt ch) gi cc bng tin tr li tuyn. Sau mi d liu truyn t nt ngun ti nt ch c nt c hi loi b (drop) ton b thay v vic chuyn tip ti ch thch hp. 2.2.3. Phn loi tn cng l en thc hin cuc tn cng Black hole attack trong giao thc AODV, c th phn loi theo hai cch: RREQ Black hole attack v RREP Black hole attack: - RREQ Black hole attack - RREP black hole attack 2.3. Mt s nghin cu v gii php phng chng tn cng l en trong giao thc AODV 2.3.1. SAODV SAODV s dng hai c ch bo mt cc thng ip nh tuyn AODV: - Ch k s xc thc cc trng khng thay i trong cc thng ip nh tuyn - Chui hm bm bo v cc thng tin v s chng (thay i trong qu trnh pht hin tuyn). a) SAODV s dng chui hm bm xc thc trng thay i ca thng ip: s chng (Hop count) Gi tr hm bm cao nht (Top Hash) c tnh nh s dng hm bm h v gi tr khi u ngu nhin. Khi nt tip nhn RREQ hoc RREP th n s xc minh s chng nh sau: tnh hm bm h s ln l n [n = (S chng - S chng ca nt hin thi)] ri so snh vi gi tr c cha trong gi tr hm bm cao nht ( Top Hash). Nt trung gian sau khi xc minh c tnh ton vn v xc thc, th n s chun b thng bo RREQ hoc RREP. b) Xc thc cc trng khng thay i ca thng ip bng ch k s Khi mt nt ln u tin nhn RREQ, n s xc minh ch k trc khi to hoc cp nht mt tuyn ngc li ti nt ngun. Khi RREQ n c nt ch, RREP s c gi vi mt ch k RREP. Khi mt nt nhn c RREP, th u tin n s xc minh ch k trc khi to hoc cp nht mt tuyn ti nt ngun. Ch khi ch k c xc minh, th nt s lu li tuyn vi ch k ca RREP v thi hn tn ti. 2.3.2. Gii php chng hp tc tn cng l en da trn bng d liu thng tin nh tuyn (DRI) v kim tra cho (Cross Checking)

y l mt trong nhng gii php u tin c xut chng hp tc tn cng l en. tng chnh ca gii php l thay i giao thc nh tuyn AODV bng cch a ra d liu thng tin bng nh tuyn (DRI) v kim tra cho. a) Bng d liu thng tin nh tuyn (DRI) Gii php xc nh nhiu nt l en phi hp hot ng tn cng c b sung hai bit thng tin tr li gi RREQ ca nt ngun. Mi nt duy tr mt bng d liu thng tin nh tuyn b sung. Cu trc bng DRI gm 2 bit: bit u tin From xc nh thng tin nh tuyn t nt no (nhn 1 trong 2 gi tr 0 l FALSE v 1 l TRUE); bt th hai Through xc nh thng tin nh tuyn thng qua nt no (nhn 1 trong 2 gi tr 0 l FALSE v 1 l TRUE). b) Kim tra cho Vic kim tra ny ly tng da vo cc nt ng tin cy chuyn tip cc gi tin. Cc gi RREQ c gi bi nt ngun ti mi nt v n gi d liu ti nhng nt m ti chuyn tip gi RREP. Cc nt trung gian (IN) s gi thng tin v cc chng tham gia vo tuyn ng ny (Next Hop Node NHN) v thng tin tuyn ng c lu trong bng DRI. Nt ngun (SN) kim tra DRI ca n v so snh vi DRI nhn c xem xt IN no l ng tin cy. Sau , SN tip tc gi yu cu ti chng lin k NHN ca IN ang c xem xt yu cu cc thng tin nh NHN hin ti, DRI ca IN v DRI ca n. Nu SN s dng IN gi d liu th n c coi nh l nt ng tin cy, nu khng th ngc li. Kim tra cho c thc hin trn cc nt trung gian. N l mt trong nhng th tc thi gian, do ko theo chi ph kim tra cho tng ln. C th lm gim thiu vic ny bng cch cho php cc nt chia s danh sch ng tin cy vi nhau. 2.3.3. Mt s gii php khc Semih Dokurer [13], da trn tng ht sc n gin theo c ch lm vic ca giao thc AODV l kim tra s SN ca gi tin RREP tr li. Nu trong mng hin din nt l en th ngay lp tc nt l en ny s tr li gi tin RREP vi gi tr s SN c gn cao nht v ng nhin s tr li ngay lp tc ti nt ngun gi yu cu RREQ. Do , ch cn loi b gi tin RREP u tin nhn c v chp nhn gi tin RREP th hai vi gi tr s SN cao nht thit lp tuyn ng truyn thng bng c ch b m gi tin. Tuy nhin, trong mt s trng hp khng phi bao gi gi tin RREP vi gi tr s SN ln nht nhn u tin cng n t nt l en, l khi nt ch hay nt trung gian tr li gi RREP vi gi tr s SN ln nht c v tr gn nt ch hn so vi nt l en. Trong phm vi nghin cu ca mnh, lun vn xin c trnh by tng ca gii php v m phng li da trn m ngun vit bng ngn ng C c tc gi chia s ti http://www.dokurer.net/files/others/. Phn ci t m phng tn cng l en v gii php lm gim hiu ng ca nt l en theo cch ny s c lun vn trnh by trong chng sau. Tm li, c nhiu nghin cu nhm mc ch chng tn cng l en trong giao thc nh tuyn AODV. Tuy nhin, m bo p ng c tt cc yu cu bo mt, ton vn, tin cy, xc thc ngun gc cn phi phi hp nhiu k thut nh m ha, trin khai h thng

PKI, sa i cc giao thc nh tuyn ring cho mng MANET va linh hot i vi s thay i v tr cc nt mng va m bo tnh bo mt ca h thng. CHNG 3. NH GI NH HNG CA TN CNG L EN TRN GIAO THC NH TUYN AODV BNG M PHNG 3.1. Phn tch la chn phng php m phng nh gi [1] Trong lun vn ny ti s dng b m phng NS2, mt b m phng m ngun m v h tr tt giao thc nh tuyn trong mng MANET. 3.2. B m phng NS 2 v ci t m phng 3.2.1. Gii thiu NS2 NS-2 l phn mm m phng mng, hot ng ca n c iu khin bi cc s kin ri rc. NS-2 c thit k v pht trin theo kiu hng i tng, c pht trin ti i hc California, Berkely. B phn mm ny c vit bng ngn ng C++ v OTcl. 3.2.2. Ci t m phng cuc tn cng l en 3.2.2.1. M hnh khng dy c bn trong NS2 a. Nt di ng Nt di ng (MobileNode) l mt i tng ns Node c bn vi cc chc nng m rng nh s di chuyn, kh nng truyn v nhn trn knh m cho php n c th s dng to s di ng trong cc mi trng m phng khng dy. b. Quy trnh m phng mng MANET vi NS2 Qu trnh m phng mng MANET vi b m phng NS2 thng thng tri qua cc bc nh sau trong vic xy dng tp kch bn:

+ To b lp lch cc s kin + To b lp lch + Lp lch s kin + Khi ng b lp lch - Ghi li vt cc s kin ca mng m phng + D vt cc gi tin trn tt c cc lin kt, xut ra tp traceout.tr + D vt cc gi tin trn tt c cc lin kt, xut ra nh dng dng trong NAM + Cng c th d vt mt s tham s, v d: - Thit lp mng m phng + Thit lp topo mng - Cu hnh nt di ng + Cu hnh nt di ng + Thit lp v tr ban u + Thit lp s di chuyn cho cc nt di ng ta dng

To ra cc ngun sinh lu lng

+ To lu lng Vic to lu lng c th ly t tp sinh lu lng ca cng c c sn cbrgen trong b m phng NS2. 3.2.2.2. Ci t giao thc b sung blackholeaodv v idsaodv m phng cuc tn cng l en v gii php pht hin lm gim nh hng tn cng l en a. Ci t giao thc blackholeaodv - Da trn vic thay i giao thc gc AODV tuy nhin c thay i th hin hnh vi ca nt l en b. Ci t giao thc idsaodv - Sa i da trn giao thc gc AODV - S dng c ch b m gi RREP c to thnh vi cc hm chc nng: rrep_insert c chc nng lu m gi RREP, rrep_lookup c chc nng tm kim bt k gi RREP nu n tn ti, rrep_remove loi b tuyn ng vi RREP n t nt c x c nh v rrep_purge c chc nng xa nh k t danh sch nhng gi tin RREP ht hn 3.3. M phng tn cng l en v nh hng ca n 3.3.1. Kim tra hot ng giao thc blackholeAODV Lun vn th nghim vic ci t mc trc xem giao thc blackholeAODV hot ng c chnh xc khng. gim st vic ny, ti s dng ng dng NAM trong b m phng NS2 Sau khi nh gi hot ng ca cc giao thc mi ci t hot ng hon ton ng, phn tip theo ca lun vn s xy dng kch bn m phng mng thc t vi phm vi v s lng cc nt, kt ni ln hn. 3.3.2. M phng, nh gi nh hng v gii php lm gim hiu ng ca tn cng l en 3.3.2.1. Cc o hiu nng c nh gi - T l phn pht gi tin thnh cng(PDR Packet Delivery Ratio): L t l gia s gi tin c phn pht thnh cng ti ch so vi s gi tin c gi i ngun pht. - S gi tin b mt: L tng s gi tin b loi b trong qu trnh m phng - tr trung bnh (End-to-End Delay): Thi gian trung bnh gi mt gi d liu ti ch. 3.3.2.2. Thit lp cc la chn, tham s m phng Khi nghin cu v nh hng ca tn cng l en trong mng Ad hoc ta cn ch n mt s la chn, tham s m phng nh: - Kch thc mng ( ln ca mng): S lng nt trong mng - Mt nt: Tnh theo s hng xm trung bnh hoc theo s nt trung bnh trong din tch ph sng (radio range) ca mt nt. - linh ng ca mng: c o bng tc chuyn ng trung bnh ca cc nt mng. - Cc mu lu lng: H thng vi cc mu lu lng nh CBR hoc TCP chng hn. 3.3.2.3. Cc thng s kch bn m phng S dng 03 kch bn m phng: - Kch bn 1: cc nt trong mng s dng giao thc chun AODV 9

- Kch bn 2: cc nt s dng giao thc chun AODV v trong mng xut hin 1 nt l en - Kch bn 3: Cc nt s dng gii php pht hin du hiu tn cng IDSAODV v trong mng c 1 nt l en

Cc tham s m phng cho bi bng sau: Thng s Cu hnh chung Khu vc a l Tng s nt Vng thu pht sng Cu hnh di chuyn Tc di chuyn nhanh nht Tc di chuyn chm nht Cu hnh truyn d liu Ngun sinh lu lng S kt ni Kch thc gi tin Tc pht gi Khu vc a l CBR 10 512 bytes 4 gi/s 1000m x 1000m 20 m/s 72 km/h 0 m/s ng yn Gi tr 1000m x 1000m 50 nt 250m

3.4. Tin hnh m phng, phn tch tp vt tnh cc tham s hiu nng 3.4.1. T l phn pht gi tin thnh cng Bng - T l phn pht gi tin thnh cng

10

Kch bn Tc di chuyn 0 5 10 15 20

S dng AODV thng thng (%) 87.01 92.21 89.92 83.51 80.26

S dng AODV b tn cng l en (%) 9.35 3.18 2.07 9.52 8.31

S dng IdsAODV gim hiu ng l en (%) 32.06 20.28 24.69 25.62 25.21 Hnh Biu th hin t l phn pht thnh cng gi tin

Biu th hin t l phn pht gi tin thnh cng

100 80
PDR (%)

60 40 20 0 0 5 10 15 20 Tc di chuyn ca nt mng (m/s)

AODV AODV b tn cng AODV s dng IDS

3.4.2. S gi tin b mt Bng - S lng gi tin b mt

Kch bn Tc di chuyn 0 5 10 15 20

S dng AODV thng thng 325 208 240 368 471

S dng AODV b tn cng l en 1060 1087 1139 1105 1143

S dng IdsAODV gim hiu ng l en 865 946 905 983 986

Biu th hin gi tin b mt

S gi tin b mt (Packets)

1400 1200 1000 800 600 400 200 0 0 5 10 15 20 Tc di chuyn nt mng (m/s) AODV AODV b tn cng AODV s dng IDS

Hnh Biu th hin s gi tin b mt 11

3.4.3. tr trung bnh Kch bn Tc di chuyn 0 5 10 15 20 Bng tr trung bnh S dng S dng AODV thng AODV b tn thng cng l en (ms) (ms) 83.18 127.92 59.42 21.67 81.87 42.25 131.83 108.53 80.42 25.22 S dng IdsAODV gim hiu ng l en (ms) 50.60 24.33 20.53 100.60 44.20

Biu th hin tr trung bnh

140 120
Thi gian (ms)

100 80 60 40 20 0 0 5 10 15 20 Tc di chuyn nt mng (m/s)

AODV AODV b tn cng AODV s dng IDS

Hnh Biu th hin thi gian tr trung bnh truyn thnh cng 1 gi tin

3.5. nh gi nh hng ca tn cng l en trong giao thc nh tuyn AODV T l phn pht gi tin thnh cng: Trong trng hp mng hot ng bnh thng t l phn pht gi tin thnh cng tt vi t l trn 80%, t l mt gi tin rt t ch chim khong t 2 4 %. S mt gi tin ny do chuyn ng ca cc nt mng tng dn (0 20 m/s). Tuy nhin, trong kch bn th hai vi trng hp trong mng xut hin mt nt l en th t l phn pht gi tin thnh cng gim nhanh, ch cn li t hn 2 9%. Vi cch ci t giao thc idsaodv nhm lm gim hiu ng nt l en, t l phn pht gi tin thnh cng tng ln ti gn 20 30 %. S gi tin b mt do nt l en loi b, tng t nh t l phn pht gi tin thnh cng, s lng gi b mt tng t bin khi trong mng xut hin tn cng l en. Bng cch p dng gii php idsaodv s gi b mt gim gn 1/3 so vi khi b nt l en tn cng.

12

 tr trung bnh trong qu trnh pht 1 gi tin : Do vic ci t cc giao thc mi khng c s thay i cu trc gi tin nh tuyn so vi giao thc AODV chun do , gi tr tr trung bnh trong cc kch bn l tng ng nhau, vic tng gim l do s chuyn ng ca cc nt mng gy ra. KT LUN 1. Cc kt qu ca lun vn Lun vn trnh by cc kt qu kho st nh gi v nh hng ca tn cng l en trong giao thc AODV n hiu sut hot ng trong MANET. Lun vn nghin cu v mi trng mng khng dy ni chung v mng MANET ni ring c nh hng n vn an ninh, giao thc nh tuyn v c bit quan tm ti giao thc AODV, phn tch mt s gii php phng chng tn cng l en c th. ng thi, trin khai m phng c qu trnh tn cng v gii php pht hin lm gim nh hng tn cng trn b m phng NS -2 i vi giao thc AODV. 2. Hng pht trin ca ti Do hn ch v mt thi gian nn lun vn cha xut c gii php mi m mi dng li mc tp trung nghin cu k giao thc nh tuyn in hnh AODV, cc gii php phng, chng tn cng l en ph bin trn giao thc ny. Trong thi gian ti ti s tip tc nghin cu su hn c th xut mt gii php mi c hiu qu hn v nghin cu vn ny trn cc giao thc cn li l DSR, DSDV, OLSR v TORA. Thm vo vn cn mt s vn khc ca cc giao thc cn c xem xt nh: + Cc hnh thc bo mt khc trong mng MANET + Vn bo mt kt hp m bo cht lng dch v References Ting Vit 1. Nguyn nh Vit, Bi ging nh gi hiu nng mng my tnh, 2008 Ting Anh 2. Al-Shurman M, Yoo S-M, Park S (2004), Black Hole Attack in Mobile Ad Hoc Networks, Paper presented at the 42nd Annual ACM Southeast Regional Conference (ACM-SE42), Huntsville, Alabama, 2-3 April 2004 3. C.Perkins, (RFC) Request for Comments 3561,Category: Experimental, Network, Working Group, July 2003. 4. T. Franklin, Wireless Local Area Networks, Technical Report , 5 July 2005 5. F. J. Ros and P. M. Ruiz (2004), Implementing a New Manet Unicast Routing Protocol in NS2, December, 2004, 6. G. Vigna, S. Gwalani and K. Srinivasan (2004), An Intrusion Detection Tool for AODV-Based Ad hoc Wireless Networks, Proc. of the 20th Annual Computer Security Applications Conference (ACSAC04). 7. H. Deng, W. Li and D. P. Agrawal (2002), Routing Security inWireless Ad Hoc Networks. University of Cincinnati, IEEE Communication Magazine, October 2002.

13

8. Manel Guerrero Zapata (2002), Secure Ad hoc On-Demand Distance Vector Routing. ACM Mobile Computing and Communications Review (MC2R), 6(3):106-107, July 2002 9. Mohammad Al-Shurman, Seong-Moo Yoo, Seungjin Park: Black hole attack in mobile Ad Hoc networks. ACM Southeast Regional Conference 2004: 96-97 10. P. Yau and C. J. Mitchell, Security Vulnerabilities in Adhoc Network 11. Raj PN, Swadas PB (2009), DPRAODV: A Dynamic Learning System Against Blackhole Attack in AODV based MANET , International Journal of Computer Science 2:5459. doi: abs/0909.2371 12. Sanjay Ramaswamy, Huirong Fu, Manohar Sreekantaradhya, John Dixon, and Kendall Nygard, Prevention of Cooperat ive Black Hole Attack in Wireless Ad Hoc Networks, 2003 International Conference on Wireless Networks (ICWN03), Las Vegas, Nevada, USA 13. S. Dokurer Simulation of Black hole attack in wireless ad -hoc networks Thesis Master in Computer Engineering Atihm University, September 2006 14. The VINT Project, The NS manual, A Collaboration between researches at UC Berkeley, LBL, USC/ISI, and Xerox PARC, March 14,2008 15. Tseng et al, A survey of black hole attack in wireless mobile ad hoc networds Human-centric Computing and Information Sciences, 2011.

14