You are on page 1of 60

DETECTION OF PACKET LOSS IN WIRELESS AD HOC

NETWORKS BY PUBLIC AUDITING ARCHITECTURE


A PROJECT REPORT

Submitted by

NAGARANI.M (950712104058)
SUMAYA FATHIMA.M (950712104095)

in partial fulfillment for the award of the degree


of

BACHELOR OF ENGINEERING
in
COMPUTER SCIENCE AND ENGINEERING

FRANCIS XAVIER ENGINEERING COLLEGE, TIRUNELVELI

ANNA UNIVERSITY: CHENNAI 600 025


MAY 2016

ANNA UNIVERSITY: CHENNAI 600 025


BONAFIDE CERTIFICATE
Certified

that this project report DETECTION OF PACKE LOSS IN

WIRELESS

AD

HOC

ARCHITECTURE is

NETWORKS

the

bonafide

BY
work

PUBLIC
of

AUDITING

NAGARANI.M

(950712104058), SUMAYA FATHIMA.M (950712104095) who carried out


the project work under my supervision.

SIGNATURE

SIGNATURE

Dr. D. C. Joy Winnie Wise

Dr. D. C. Joy Winnie Wise

HEAD OF THE DEPARTMENT

SUPERVISOR

Professor

Professor

Department of CSE

Department of CSE

Francis Xavier Engineering College

Francis Xavier Engineering College

This project report was submitted for Viva-Voce held on ..

INTERNAL EXAMINER

EXTERNAL EXAMINER
ACKNOWLEDGEMENT

First and foremost we praise and thank The Almighty, the Lord of all
creations, who by His abundant grace has sustained and helped us to complete this
project successfully.
We really find unique and immense pleasure in thanking our respected
Chairman of our college Dr. S.Cletus Babu. A deep bouquet of thanks to respected
Principal Dr. V.Ilangovan B.E., M. Tech., Ph.D., F.I.E., for having provided the
facilities required for pursuing my project. We sincerely thank

Dr. D.C.Joy

Winnie Wise M.E., Ph.D., Professor and Head, Department of Computer Science
and Engineering, Francis Xavier Engineering College and also we thank our
project coordinator Mr. C.Gopala Krishnan M.E., (Ph.D.,) and Mrs. V.Perathu
Selvi M.E., Department of Computer Science and Engineering, who inspired us
and gave us time to make this project to work grand success.
We also thank our guide Professor Dr. D.C.Joy Winnie Wise M.E., Ph.D.,
Department of Computer Science and Engineering, for her valuable guidance
throughout and it is our great privilege to express our gratitude to her. We extend
out hearty thanks and profound gratitude to all the faculty members of Computer
Science and Engineering Department for their kind help during our project work.
Finally, we express our sincere thanks to our parents, who have constantly
encouraged us throughout our course.

ABSTRACT

Link error and malicious packet dropping are two sources for packet
losses in multi-hop wireless ad hoc network. While observing a sequence of packet
losses in the network, determine whether the losses are caused by link errors only,
or by the combined effect of link errors and malicious drop, whereby malicious
nodes are part of the route that exploit their knowledge of the communication
context to selectively drop a small amount of packets critical to the network
performance. To improve the detection accuracy, exploit the correlations between
lost packets. Furthermore, to ensure truthful calculation of these correlations, a
homomorphic linear authenticator (HLA) based public auditing architecture has
been developed that allows the detector to verify the truthfulness of the packet loss
information reported by nodes.

To reduce the computation overhead of the

baseline scheme, a packet-block-based mechanism is also proposed, which allows


one to trade detection accuracy for lower computation complexity. Through
extensive simulations, the proposed mechanisms achieve significantly better
detection accuracy than conventional methods such as a maximum-likelihood
based detection.

TABLE OF CONTENTS

CHAPTER
NO

TITLE
ABSTRACT
LIST OF FIGURES
LIST OF ABBREVIATIONS

INTRODUCTION
1.1

Dropping of Packets

1.2

Insider attack

1.3

Link error

1.4

Auto-Correlation Function

1.5

Homomorphic Linear Authenticator

1.6

Privacy Preserving

LITERATURE SURVEY

SYSTEM ANALYSIS

3.1

Existing System

3.2

Proposed System

SYSTEM DESIGN
4.1

System Architecture

4.2

System Requirements
4.2.1 Hardware
4.2.2 Software

4.3

System Environment
4.3.1 NS2

PAGE NO

4.3.1.1 Characteristics of NS2


4.3.2 Software tools used with NS2
4.3.2.1 NAM(Network Animator)
4.3.2.2 X Graph
4.3.3 Simulation tool
5

SYSTEM IMPLEMENTATION
5.1

System Maintenance
5.1.1 Corrective Maintenance
5.1.2 Adaptive Maintenance
5.1.3 Perceptive Maintenance
5.1.4 Preventive Maintenance

5.2

System Module
5.2.1 Network Function
5.2.2 Link Error
5.2.3 Malicious Drop
5.2.4 Evaluation

SCREENSHOTS

CONCLUSIONS

APPENDIX

REFERENCES

LIST OF FIGURES

FIG NO

TITLE

Fig.3.1

System Design

Fig.5.1

Creation of Network

Fig.5.2

Occurrence of Link Error

Fig.5.3

Malicious Drop

Fig.5.4

Analyzing performance

Fig.6.1

sending data in Wired Network

Fig.6.2

Receiver receiving the packets

Fig.6.3

sending data in Wireless Network

Fig.6.4

Detection of Malicious Packet Dropping Rate


using Miss-Detection Probability.

Fig.6.5

Detection of Malicious Packet Dropping Rate


using False-Alarm Probability.

LIST OF ABBREVIATIONS

PAGE NO

DOS

Denial Of Service

ACF

Auto Correlation Function

HLA

Homomorphic Linear Authenticator

LAN

Local Area Network

TCP

Transmission Control Protocol

DSR

Dynamic Source Routing

FTP

File Transfer Protocol

MANET

Mobile ad hoc Network

SAODV

Secure Ad hoc On-Demand Distance Vector

TCL

Tool Command Language

NAM

Network Animator

CHAPTER 1
INTRODUCTION
1.1 DROPPING OF PACKETS

In a multi-hop wireless network, nodes cooperate in relaying/routing


traffic. An adversary can exploit this cooperate- a multi-hop wireless network,
nodes cooperate in relative nature to launch attacks. For example, the adversary
may first pretend to be a cooperative node in the route discovery process. Once
being included in a route, the adversary starts dropping packets. In the most severe
form, the malicious node simply stops forwarding every packet received from
upstream nodes, completely disrupting the path between the source and the
destination. Eventually, such a severe denial-of-service (DOS) attack can paralyze
the network by partitioning its topology. Even though persistent packet dropping
can effectively degrade the performance of the network, from the attackers stand
point such an always-on attack has its disadvantages. First, the continuous
presence of extremely high packet loss rate at the malicious nodes makes this type
of attack easy to be detected. Second, once being detected, these attacks are easy to
mitigate. For example, in case the attack is detected but the malicious nodes are not
identified, one can use the randomized multi-path routing algorithms to circumvent
the black holes generated by the attack, probabilistically eliminating the attackers
threat. If the malicious nodes are also identified, their threats can be completely
eliminated by simply deleting these nodes from the networks routing table.
1.2 INSIDER ATTACK:
A malicious node, the part of the route can exploit its knowledge of
the network protocol and the communication context to launch an insider attack
an attack that is intermittent, but can achieve the same performance degradation
effect as a persistent attack at a much lower risk of being detected. Specifically, the
malicious node may evaluate the importance of various packets, and then drop the
small amount that is deemed highly critical to the operation of the network. For
example, in a frequency-hopping network, these could be the packets that convey

frequency

hopping

sequences

for

network-wide

frequency-hopping

synchronization; in an ad hoc cognitive radio network, they could be the packets


that carry the idle channel lists (i.e., white spaces) that are used to establish a
network-wide control channel. By targeting these highly critical packets, the
authors in have shown that an intermittent insider attacker can cause significant
damage to the network with low probability of being caught. In particular, the
interest is in the problem of detecting the occurrence of selective packet drops and
identifying the malicious node(s) responsible for these drops. Detecting selective
packet-dropping attacks is extremely challenging in a highly dynamic wireless
environment. The difficulty comes from the requirement that need to not only
detect the place (or hop) where the packet is dropped, but also identify whether the
drop is intentional or unintentional. Specifically, due to the open nature of wireless
medium, a packet drop in the network could be caused by harsh channel conditions
(e.g., fading, noise, and interference, a.k.a., link errors), or by the insider attacker.
1.3 LINK ERRORS:
In an open wireless environment, link errors are quite significant, and
may not be significantly smaller than the packet dropping rate of the insider
attacker. So, the insider attacker can camouflage under the background of harsh
channel conditions. In this case, just by observing the packet loss rate is not
enough to accurately identify the exact cause of a packet loss. The above problem
has not been well addressed in the literature. As discussed, most of the related
works preclude the ambiguity of the environment by assuming that malicious
dropping is the only source of packet loss, so that there is no need to account for
the impact of link errors. On the other hand, for the small number of works that
differentiate between link errors and malicious packet drops, their detection
algorithms usually require the number of maliciously-dropped packets to be

significantly higher than link errors, in order to achieve acceptable detection


accuracy. An accurate algorithm for detecting the selective packet drops made by
insider attackers has been developed. This algorithm also provides a truthful and
publicly verifiable decision statistics as a proof to support the detection decision.
1.4 AUTO-CORRELATION FUNCTION (ACF)
The high detection accuracy is achieved by exploiting the correlations
between the positions of lost packets, as calculated from the auto-correlation
function (ACF) of the packet-loss bitmapa bitmap describing the lost/received
status of each packet in a sequence of consecutive packet transmissions. The basic
idea behind this method is that even though malicious dropping may result in a
packet loss rate that is comparable to normal channel losses, the stochastic
processes that characterize the two phenomena exhibit different correlation
structures. Therefore, by detecting the correlations between lost packets, one can
decide whether the packet loss is purely due to regular link errors, or is a combined
effect of link error and malicious drop. The algorithm takes into account the crossstatistics between lost packets to make a more informative decision, and thus is in
sharp contrast to the conventional methods that rely only on the distribution of the
number of lost packets. The main challenge lies in how to guarantee that the
packet-loss bitmaps reported by individual nodes along the route are truthful, i.e.,
reflects the actual status of each packet transmission. Such truthfulness is essential
for correct calculation of the correlation between lost packets. This challenge is not
trivial, because it is natural for an attacker to report false information to the
detection algorithm to avoid being detected. For example, the malicious node may
understate its packet-loss bitmap, i.e., some packets may have been dropped by the
node but the node reports that these packets have been forwarded. Therefore, some
auditing mechanism is needed to verify the truthfulness of the reported

information. Considering that a typical wireless device is resource-constrained, it


requires that a user should be able to delegate the burden of auditing and detection
to some public server to save its own resources.
1.5 HOMOMORPHIC LINEAR AUTHENTICATOR (HLA)
The solution to the above public-auditing Problem is constructed based
on the homomorphic linear authenticator (HLA) cryptographic primitive, which is
basically a signature scheme widely used in cloud computing and storage server
systems to provide a proof of storage from the server to entrusting clients.
However, direct application of HLA does not solve our problem well, mainly
because in our problem setup, there can be more than one malicious node along the
route. These nodes may collide during the attack and when being asked to submit
their reports. For example, a packet and its associated HLA signature may be
dropped at an upstream malicious node, so a downstream malicious node does not
receive this packet and the HLA signature from the route. However, this
downstream attacker can still open a back-channel to request this information from
the upstream malicious node. When being audited, the downstream malicious node
can still provide valid proof for the reception of the packet. So packet dropping at
the upstream malicious node is not detected. Such collusion is unique to the
problem, because in the cloud computing/storage server scenario, a file is uniquely
stored at a single server, so there are no other parties for the server to collide with.
The new HLA construction is collusion-proof. This construction also provides the
following new features. First, privacy-preserving: the public auditor should not be
able to decent the content of a packet delivered on the route through the auditing
information submitted by individual hops, no matter how many independent
reports of the auditing information are submitted to the auditor. Second, incurs low
communication and storage overheads at intermediate nodes. This makes the

mechanism applicable to a wide range of wireless devices, including low-cost


wireless sensors that have very limited bandwidth and memory capacities. This is
also in sharp contrast to the typical storage-server scenario, where bandwidth /
storage are not considered an issue. Last, to significantly reduce the computation
overhead of the baseline constructions so that they can be used in computationconstrained mobile devices, a packet-block-based algorithm is proposed to
achieves scalable signature generation and detection. This mechanism allows one
to trade detection accuracy for lower computation complexity.
1.6 PRIVACY-PRESERVING
The public auditor should not be able to decern the content of a packet
delivered on the route through the auditing information submitted by individual
hops, no matter how many independent reports of the auditing information are
submitted to the auditor.
Second, construction incurs low communication and storage overheads
at intermediate nodes. This makes the mechanism applicable to a wide range of
wireless devices, including low-cost wireless sensors that have very limited
bandwidth and memory capacities. This is also in sharp contrast to the typical
storage server scenario, where bandwidth/storage is not considered an issue.

CHAPTER 2
LITERATURE SURVEY
1. 802.11 Markov channel modeling

Arauz.J.N, Julio Nicolas (2004)


In this dissertation, different models have been proposed along with their
validity analysis. The experimental data with stochastic modeling approaches are
used to characterize the frame losses in IEEE 802.11 wireless LANs. We also
characterize the important factor of current wireless LAN technology, the
transmission rate variations. New guidelines for the construction of Markov and
hidden Markov models for wireless LAN channels are developed and presented
along the necessary data to implement them in performance studies. Furthermore
we also evaluate the validity of using Markovian models to understand the effects
on upper layer protocols such as TCP.
Wireless fading channels are commonly characterized by Markov
models. Almost all models assume the underlying channel has flat fading
characteristics and that fairly simply modulation schemes are used. These
assumptions are not necessarily valid for wireless channels like the ones used by
IEEE 802.11 technologies. Although Markov models of wireless channels have
been widely used to study the performance of communications protocols at the link
and transport layers, no validation of their accuracy has been performed against
experimental data. We use experimental traces that represent the frame error
process in 802.11a and 802.11b networks under different conditions to test the
accuracy of the traditional models.
2. Detecting Malicious Packet Dropping Using Statistically Regular Traffic
Patterns
Rao.R, Kesidis.G (2003)
Ad hoc networks are gaining presence with the proliferation of cheap
wireless devices and the need to keep them connected. Individual applications and

larger missions, such as those of tactical sensor networks, require secure data
transmission among wireless devices. Security remains a major challenge for such
networks. Current protocols employ encryption and authentication techniques for
secure message exchange, but given the limitations and innately insecure nature of
ad-hoc networks, such mechanisms may not suffice. A security breach can, for
example,

be

network-level

denial-of-service

(DOS)

attack,

passive

eavesdropping, or physical layer jamming to degrade communication channels.


In a multi hop network, an intruder node can degrade communication
quality by simply dropping packets that are meant to be relayed (forwarded). The
network could then misinterpret the cause of packet loss as congestion instead of
malicious activity. In this system, the traffic transmission patterns are selected to
facilitate verification by a receiver. Such traffic patterns are used in concert with
suboptimal MAC that preserves the statistical regularity from hop to hop. This
general technique for intrusion detection is therefore suitable for networks that are
not bandwidth limited but have strict security requirements, e.g., certain kinds of
tactical sensor networks.

3. Performance Analysis of the Confidant Protocol


Sonja Buchegger, Jean-Yves Le Boudec (2002)

Mobile ad-hoc networking works properly only if the participating


nodes cooperate in routing and forwarding. However, it may be advantageous for
individual nodes not to co operate. Thus propose a protocol, called CONFIDANT,
for making misbehavior unattractive; it is based on selective altruism and
utilitarianism. It aims at detecting and isolating misbehaving nodes, thus making it
unattractive to deny cooperation. Trust relationships and routing decisions are
based on experienced, observed, or reported routing and forwarding behavior of
other nodes. The detailed implementation of CONFIDANT in this paper assumes
that the network layer is based on the Dynamic Source Routing (DSR) protocol.
We present a performance analysis of DSR for tied by CONFIDANT and compare
it to regular defenseless DSR. It shows that a network with CONFIDANT and up
to 60% of misbehaving nodes behaves almost as well as a benign network, in sharp
contrast to a defenseless network. All simulations have been implemented and
performed in Glo Mo Sim

4. A Simple, Cheat-proof, Credit-based System for Mobile Ad Hoc Networks


Zhong, Chen.J, Yang.Y.R (2003)

This system gives a review of existing reputation based and credit


based systems and proposes a credit based solution called MODSPIRITE which is
a modification of SPIRITE system. MODSPIRITE system detects selfish node
using neighbor monitoring mechanism and enforce cooperation among noncooperative node by providing incentives to intermediate nodes. One of the
limitations of SPIRITE system is that sender loses too much credit to forward its
data to the destination and for future sender have very less or no credit to forward
its data. As compared to SPIRITE, MODSPIRITE reduces overhead of sender for
up to 25%. It also punishes non-cooperative nodes so that non cooperative node get
discourage.
An Ad-hoc network (MANET) is a self-configuring and infrastructure
less network of mobile nodes. Each node acts as a router and free to move
independently in any direction. In an ad-hoc network communication between two
nodes beyond the transmission range relies on intermediate nodes to forward the
packet. The communication takes place using routing protocol which is of three
types: Proactive, Reactive and Hybrid routing protocol.

5. Truthful Detection of Packet Dropping Attack in MANET


Noble George, Sujitha.M (2015)

The system introduces a new protocol named secured Ad hoc on demand


distance vector (SAODV), which can truthfully detect packet dropping attack in
MANET. SAODV can detect malicious nodes by identifying dropping of routing
and data packet. Packet dropping due to both link error and presence of malicious
nodes can detect by SAODV.
It also provides importance to preserve privacy of data MANETs are a
type of wireless networks which are rapidly growing because there is no such
requirement for setting up an infrastructure for their operational purposes. In such
networks, the topology is dynamic, and the nodes are mobile in nature. It must be
able to continue their traffic even if the wireless transmission medium is out of
range. This effectiveness and flexibility makes these types of networks attractive
for many applications. Two nodes can communicate or send data packets to each
other when they come within the radio range to each other, if they are not in the
radio range neighboring nodes forwards the packet to them. MANETs supports the
multi hop communication between the nodes. While performing such operations, it
may take into concern that the data cannot be dropped by malicious nodes or
misbehaved links.

6. NAODV Distributed Packet Dropping Attack Detection in MANET


Bobby Sharma Kakoty, Hazarika.S.M, Sarma.N (2013)

Mobile ad hoc network (MANET) is a self-configuring network in


which mobile nodes are connected by wireless link. Communication in MANET is
done with the help of cooperation of nodes in the network. A distributed packet
dropping attack (PDA) detection methodology named NAODV is proposed.
Detection and isolation of malicious node is based on cooperative participation of
node involved in communication based on TRUST level of the nodes. TRUST
levels of the nodes are dynamically updated based on their qualitative participation
in detection of malicious nodes. Performance of this methodology is evaluated
through simulation in different network scenarios and results are compared with
two existing methodologies. Mobile ad hoc network (MANET) is a selfconfiguring network in which mobile nodes are connected by wireless link.
Packet dropping attack can be considered as the most vulnerable
attack. Malicious node in the network drops packets intentionally which are
supposed to be forwarded to reach destination. Routes that pass through such kind
of nodes fail to establish path from source to destination. As a result, network
performance degrades abruptly. Even it leads to complete failure of network. A
distributed PDA detection methodology is proposed. PDA is detected and
confirmed not only by the node which has been suffering but also confirmed by
other nodes in the network.

7. Detection of Packet Dropping in Ad Hoc Networks


Reena.R, Hemalatha.B, Jenifercruz.A, and Menaka.P (2015)

The two sources for packet losses in multi-hop wireless ad hoc networks
are link error and malicious packet dropping. This demonstrates that determining
whether the losses are caused by link errors only, or by the combined effect of link
errors and malicious drop. It is achieved through the implementation of
homomorphic linear authenticator (HLA) based architecture that allows the
detector to verify the truthfulness of the packet loss information reported by nodes.
This architecture is privacy preserving, collusion proof, and incurs low
communication and storage overheads.
Ad hoc networks, which are also called, mesh networks, defined by the
manner in which the network nodes are organized to provide path ways for data to
be routed from the user to and from the desired destination. The term mesh
network accurately describes the structure of the network: All available nodes are
aware of all other nodes within range. The entire collection of nodes is
interconnected in many different ways, just as a physical mesh is made of many
small connections to create a larger fabric. It provides a simple diagram illustrating
these concepts. This is modeled after a wireless hot spot, where an ad hoc
network links users to a router with access to the Internet. In this example, two
users are highlighted, showing two paths through several nodes to the router.

8. Improving the Attack Detection Accuracy Using HLA in Wireless Ad Hoc


Network
Veeramani.R, Sindhu Bharathy.B (2015)

The malicious node pretends to be one of the nodes in the routing path
and cause the attack. Conventional algorithm does not provide the efficient
detection of packet loss so, In order to improve the detection accurately we
propose correlation function and also for the correct calculation of correlation we
implement BLS based Homomorphism Linear Authenticator to check the
information provided by the node are true. The HLA architecture provides privacy
preserving, collusion proof and allows low communication and storage overheads.
An absolute algorithm has been developed for identifying the most significant
packet discard made by the inside intruder. The algorithm provides truthful and
publicly verifiable decision by the auditor. The accurate detection is obtained by
the correlations between the lost packets. HLA is a signature scheme and is based
on algorithm that provides privacy, collusion avoidance and low storage overheads.
The distinguishing between causes for dropped packets considered only collisions
and channel errors and ignored malicious packet drops. On the other hand,
protocols that detect malicious packet dropping ignored collisions and channel
errors. It considers two possibilities for a malicious node. First, it aims to disrupt
network operation by not relaying a packet to the next hop. In this case the node
will acknowledge the packet to the sender.

9. Secure and Privacy-Preserving Communication in Hybrid Ad Hoc


Networks
Srdjan Capkun, Jean-Pierre Hubaux and Markus Jakobsson (2004)
A scheme for secure and privacy-preserving communication in hybrid ad
hoc networks has been presented. This scheme enables users to secure

communication and to protect their anonymity and location privacy. The approach
is based on frequently changing node pseudonyms and cryptographic keys, which
enable users to avoid being identified by the locations they visit, or by the type of
traffic they generate. It can be effectively used for secure and private routing in
hybrid ad hoc networks. The robustness of the proposed solution with respect to
various attacks was studied. Further show that the proposed solution introduces a
very moderate overhead to the network operation.
This approach seems to be promising, as it combines the best of both
worlds: the extended reach and scalability of classical, large-scale wired networks
with the flexibility of ad hoc networks; a network resulting from this combination
is called as a hybrid ad hoc network. A possible in-carnation of such a network is
a multi-hop Wi-Fi network. In this case; the network operator would typically be a
Wireless Internet Service Provider. Other examples of hybrid ad hoc networks
include multi-hop cellular networks. In order to gain acceptance from the users,
hybrid ad hoc networks must provide an appropriate level of security. In-deed in
general, a user trusts his network operator, but he does not trust the other users; he
may also distrust the operators of the networks in which he roams. This approach
addresses both routing security and privacy preservation; the two mechanisms can
be embedded in the same protocols.
10. Detection of Malicious Packet Dropping in Wireless Ad Hoc Networks
Based on Privacy-Preserving Public.
Bhagyashree.S (2015)
In a multi-hop wireless ad hoc network, packet losses are attributed to
harsh channel conditions and intentional packet discard by malicious nodes, while
observing a sequence of packet losses the interest is in determining whether losses

are due to link errors only, or due to the combined effect of link errors and
malicious drop. The packet dropping rate in this case is comparable to the channel
error rate; conventional algorithms that are based on detecting the packet loss rate
cannot achieve satisfactory detection accuracy.
To improve the detection accuracy, to exploit the correlations between
lost packets ensure truthful calculation of these correlations, the proposed
mechanism achieves significantly better detection accuracy than conventional
methods such as a maximum-likelihood based detection. In a multi-hop wireless
network, nodes cooperate in relaying/routing traffic. An adversary can exploit this
cooperative nature to launch denial-of-service (DOS) attacks.

CHAPTER 3
SYSTEM ANALYSIS
3.1 EXISTING SYSTEM
The malicious node may understate its packet-loss bitmap, i.e., some
packets may have been dropped by the node but the node reports that these packets
have been forwarded. Therefore, some auditing mechanism is needed to verify the
truthfulness of the reported information. Considering that a typical wireless device

is resource-constrained, requiring that a user should be able to delegate the burden


of auditing and detection to some public server to save its own resources.
Disadvantages
Link error and malicious packet dropping are two sources for packet
losses in multi-hop wireless ad hoc network. While observing a
sequence of packet losses in the network, the losses are caused by link
errors only, or by the combined effect of link errors and malicious
drop should be determined.
The interest is in the insider-attack case, whereby malicious nodes that
are part of the route exploit their knowledge of the communication
context to selectively drop a small amount of packets critical to the
network performance.
Because the packet dropping rate in this case is comparable to the
channel error rate, conventional algorithms that are based on detecting
the packet loss rate cannot achieve satisfactory detection accuracy

3.2 PROPOSED SYSTEM


An accurate algorithm has been developed for detecting selective
packet drops made by insider attackers. This algorithm also provides a truthful and
publicly verifiable decision statistics as a proof to support the detection decision.
The high detection accuracy is achieved by exploiting the correlations between the
positions of lost packets, as calculated from the auto-correlation function (ACF) of

the packet-loss bitmapa bitmap describing the lost/received status of each packet
in a sequence of consecutive packet transmissions. The basic idea behind this
method is that even though malicious dropping may result in a packet loss rate that
is comparable to normal channel losses, the stochastic processes that characterize
the two phenomena exhibit different correlation structures (equivalently, different
patterns of packet losses). Therefore, by detecting the correlations between lost
packets, one can decide whether the packet loss is purely due to regular link errors,
or is a combined effect of link error and malicious drop. The algorithm takes into
account the cross-statistics between lost packets to make a more informative
decision, and thus is in sharp contrast to the conventional methods that rely only on
the distribution of the number of lost packets.
The main challenge in the mechanism lies in how to guarantee that
the packet-loss bitmaps reported by individual nodes along the route are truthful,
i.e., reflects the actual status of each packet transmission. Such truthfulness is
essential for correct calculation of the correlation between lost packets. This
challenge is not trivial, because it is natural for an attacker to report false
information to the detection algorithm to avoid being detected.

Advantages
The solution to the problem is constructed based on the homomorphic
linear authenticator (HLA) cryptographic primitive, which is basically
a signature scheme widely used in cloud computing and storage server
systems to provide a proof of storage from the server to entrusting
clients.

To reduce the computation overhead of the baseline scheme, a packetblock-based mechanism is also proposed, which allows one to trade
detection accuracy for lower computation complexity.

CHAPTER 4
SYSTEM DESIGN
4.1 SYSTEM ARCHITECTURE

Network Formation

Link Error

Link Error Malicious


Drop

Performance Evaluation

Result

Fig 3.1: System Design


4.2 SYSTEM REQUIREMENTS

4.2.1 SOFTWARE:
Operating System - Linux(VMware)
Simulator

- NS 2

Language

- TCL/TK

Node Creation

Graph

- GNUPLOT

4.2.2 HARDWARE:
Processor Type

- core i3

Processor Speed

- 2.4 GHz

RAM

- 2 GB

4.3 SYSTEM ENVIRONMENT


4.3.1 NS2
NS2 is an open-source event-driven simulator designed specifically for
research in computer communication networks. NS2 has continuously gained
tremendous interest from industry, academia, and government. Having been under
constant investigation and enhancement for years, NS2 now contains modules for
numerous network components such as routing, transport layer protocol,

application, etc. To investigate network performance, researchers can simply use


an easy-to-use scripting language to configure a network, and observe results
generated by NS2. Undoubtedly, NS2 has become the most widely used open
source network simulator, and one of the most widely used network simulators.

4.3.1.1 CHARACTERISTICS OF NS2


NS2 implementation the following features
Multicasting
Simulation of wireless networks
Terrestrial (cellular, Ad hoc, GPRS, WLAN, BLUETOOTH), satellite
IEEE 802.11 can be simulated, Mobile IP and Ad hoc protocols such
as DSR, TORA, DSDV and AODV Routing

4.3.2 SOFTWARE TOOLS USED WITH NS2


In the simulation, there are the two tools are used.
NAM(Network Animator)
X-graph
4.3.2.1 NAM (NETWORK ANIMATOR)

NAM provides a visual interpretation of the network topology created.


The application was developed as part of the VINT project. Its feature is as
follows.
Provides a visual interpretation of the network created
Can be executed directly from a TCL script
Controls include play; stop fast forward, rewind, pause, a display
speed controller button and a packet monitor facility.
Presented information such as throughput, number packets on each
link
4.3.2.2 X GRAPH
X- Graph is an X-Window application that includes:
Interactive plotting and graphing
Animated and derivatives
To use Graph in NS2 the executable can be called within a TCL script.
This will then load a graph displaying the information visually displaying the
information of the file produced from the simulation. The output is a graph of size
800 x 400 displaying information on the traffic flow and time.
4.3.3 SIMULATION TOOL
NS2 are often growing to include new protocols. LANs need to be
updated for new wired/wireless support. NS are an object oriented simulator,
written in C++, with an OTCL interpreter as a front-end. The simulator supports a
class hierarchy in C++ and a similar class hierarchy within the OTCL interpreter

(also called the interpreted hierarchy). The two hierarchies are closely related to
each other; from the users perspective, there is a one-to-one correspondence
between classes in the interpreted.
NS2 uses two languages because simulator has two different kinds of
things it needs to do. On one hand, detailed simulations of protocols require a
systems programming language which can efficiently manipulate bytes, packet
headers, and implement algorithms that run over large data sets. For these tasks
run-time speed is important and turn-around time (run simulation, find bug, fix
bug, recompile, re-run) is less important.
On the other hand, a large part of network research involves slightly
varying parameters or configurations, or quickly exploring a number of scenarios.
In these cases, iteration time (change the model and re-run) is more important.
Since configuration runs once (at the beginning of the simulation), run-time of this
part of the task is less important. NS meets both of these needs with two languages,
C++ and OTCL. C++ is fast to run but slower to change, making it suitable for
detailed protocol implementation. OTCL runs much slower but can be changed
very quickly (and interactively), making it ideal for simulation configuration. NS
(via TCL) provides glue to make objects and variables appear on both languages.
NS (from network simulator) is a name for series of discrete event
network simulators, specifically NS-1, NS-2 and NS-3. All of them are discreteevent network simulator, primarily used in research and teaching. NS-3 is free
software, publicly available under the GNU GPLv2 license for research,
development, and use. NS (version 2) is an object-oriented, discrete event driven
network simulator developed at UC Barkley written in C++ and OTCL. NS is
primarily useful for simulating local and wide area networks. Although NS is fairly

easy to use once you get to know the simulator, it is quite difficult for a first time
user, because there are few user-friendly manuals. Even though there is a lot of
documentation written by the developers which has in depth explanation of the
simulator, it is written with the depth of a skilled NS user. The purpose of this
project is to give a new user some basic idea of how the simulator works, how to
setup simulation networks, where to look for further information about network
components in simulator codes, how to create new network components, etc.,
mainly by giving simple examples and brief explanations based on our
experiences. Although all the usage of the simulator or possible network simulation
setups may not be covered in this project, the project should help a new user to get
started quickly.
The goal of the NS-3 project is to create an open simulation
environment for networking research that will be preferred inside the research
community:
It should be aligned with the simulation needs of modern networking
research.
It should encourage community contribution, peer review, and
validation of the software.
Since the process of creation of a network simulator that contains a
sufficient number of high-quality validated, tested and actively maintained models
requires a lot of work, NS-3 project spreads this workload over a large community
of users and developers. The core of NS-2 is also written in C++, but the C++
simulation objects are linked to shadow objects in OTCL and variables can be

linked between both language realms. Simulation scripts are written in the OTCL
language, an extension of the TCL scripting language.
Presently, NS-2 consists of over 300,000 lines of source code, and
there is probably a comparable amount of contributed code that is not integrated
directly into the main distribution (many forks of NS-2 exist, both maintained and
unmaintained). It runs on GNU/Linux, FreeBSD, Solaris, Mac OS X and Windows
95/98/NT/2000/XP. It is licensed for use under version 2 of the GNU General
Public License.
The NS-2 modules included within are nodes, links, Simple Link
objects, packets, agents, and applications. Further, the book covers three helper
modules: timers, random number generators, and error models. Also included are
chapters on summary of debugging, variable and packet tracing, result compilation,
and examples for extending NS2. Two appendices provide the details of scripting
language TCL, OTCL and AWK, as well object oriented programming used
extensively in NS2.

CHAPTER 5
SYSTEM IMPLEMENTATION
Implementation of software refers to the final installation of the
package in its real environment, to the satisfaction of the intended users and the

operation of the system. The people are not sure that the software is meant to
make their job easier.
The active user must be aware of the benefits of using the system
Their confidence in the software built up
Proper guidance is impaired to the user so that he is comfortable in
using the application
Before going ahead and viewing the system, the user must know that
for viewing the result, the server program should be running in the server. If the
server object is not running on the server, the actual processes will not take place.

User Training
To achieve the objectives and benefits expected from the proposed
system it is essential for the people who will be involved to be confident of their
role in the new system. As system becomes more complex, the need for education
and training is more and more important. Education is complementary to training.
It brings life to formal training by explaining the background to the resources for
them. Education involves creating the right atmosphere and motivating user staff.
Education information can make training more interesting and more
understandable.

Training on the Application Software

After providing the necessary basic training on the computer


awareness, the users will have to be trained on the new application software. This
will give the underlying philosophy of the use of the new system such as the
screen flow, screen design, type of help on the screen, type of errors while
entering the data, the corresponding validation check at each entry and the ways to
correct the data entered. This training may be different across different user
groups and across different levels of hierarchy.

Operational Documentation
Once the implementation plan is decided, it is essential that the user
of the system is made familiar and comfortable with the environment. A
documentation providing the whole operations of the system is being developed.
Useful tips and guidance is given inside the application itself to the user. The
system is developed user friendly so that the user can work the system from the
tips given in the application itself.

5.1 SYSTEM MAINTENANCE

The maintenance phase of the software cycle is the time in which


software performs useful work. After a system is successfully implemented, it
should be maintained in a proper manner. System maintenance is an important
aspect in the software development life cycle. The need for system maintenance is
to make adaptable to the changes in the system environment. There may be social,
technical and other environmental changes, which affect a system which is being
implemented. Software product enhancements may involve providing new
functional capabilities, improving user displays and mode of interaction,
upgrading the performance characteristics of the system. So only thru proper
system maintenance procedures, the system can be adapted to cope up with these
changes. Software maintenance is of course, far more than finding mistakes.
5.1.1 CORRECTIVE MAINTENANCE
The first maintenance activity occurs because it is unreasonable to
assume that software testing will uncover all latent errors in a large software
system. During the use of any large program, errors will occur and be reported
to the developer. The process that includes the diagnosis and correction of one
or more errors is called Corrective Maintenance.
5.1.2 ADAPTIVE MAINTENANCE
The second activity that contributes to a definition of maintenance
occurs because of the rapid change that is encountered in every aspect of
computing. Therefore Adaptive maintenance termed as an activity that modifies
software to properly interfere with a changing environment.
5.1.3 PERCEPTIVE MAINTENANCE

The third activity that may be applied to a definition of maintenance


occurs when a software package is successful. As the software is used,
recommendations for new capabilities, modifications to existing functions, and
general enhancement are received from users. This activity accounts for the
majority of all efforts expended on software maintenance.
5.1.4 PREVENTIVE MAINTENANCE
The fourth maintenance activity occurs when software is changed to
improve future maintainability or reliability, or to provide a better basis for future
enhancements. Often called preventive maintenance, this activity is characterized
by reverse engineering and re-engineering techniques.

5.2 SYSTEM MODULE

Network formation
Link error
Malicious drop
Evaluation

5.2.1 NETWORK FORMATION

Network
Creation

Create Node

Send Data
Packets

Use TCP

Fig 5.1: Creation of Network


Form a network with two base stations and number of nodes.
Use the Dynamic Source Routing (DSR) protocol. In Dynamic
Source Routing, each source determines the route to
be used in transmitting its packets to selected
destinations. There are two main components, called
Route Discovery and Route Maintenance. Route
Discovery determines the optimum path for a
transmission between a given source and destination.
Route Maintenance ensures that the transmission path
remains optimum and loop-free as network conditions

change, even if this requires changing the route during


a transmission.
TCP (Transmission Control Protocol) is a standard that defines
how to establish and maintain a network conversation via which application
programs can exchange data. TCP works with the Internet Protocol (IP), which
defines how computers send packets of data to each other is used for establishing
the connection between the source and destination.
The File Transfer Protocol (FTP) is used for randomly choose
different source-destination connections is a standard network protocol
used to transfer computer files between a client and server on a
computer network. FTP is built on a client-server model
architecture and uses separate control and data connections
between the client and the server.

5.2.2 LINK ERROR

Link Error

Packet
Creation

Link Error

Packet
Dropped

Fig 5.2: Occurrence of Link Error


The packets are sending from the source to destination.
The source and destination connection was not correctly established
and the data cannot reach the destination.
The packet drop is also committed using the link error

5.2.3 MALICIOUS DROP

Fig 5.3: Malicious Drop

This was a way of packet dropping mechanism.


It is very hard to detect.
The packets are not delivered to the destination.

The packets are routinely dropped.

5.2.4 EVALUATION

Fig 5.4: Analyzing Performance

The performance was analyzed using the overall-detection, missdetection and false-alarm probability.

The malicious packet dropped also measured for the overalldetection, miss-detection and false-alarm probability.
The graph shown the variation of the output.

CHAPTER 6
SCREEN SHOTS

Fig 6.1: Sending Data in Wired Network

Fig 6.2: Receiver Receiving the Packets

Fig 6.3: Packets Dropping in Wired Network

The packets are sending from client 1 and client 2 to the server
through router. If more number of packets are sending at the same time, they
should wait in the router .
If any of the packet is lost then all the packets will be dropped
based on the link error and also by the malicious drop. If one packet is loss in the
network all the packet is loss because there is a problem in the path. The path for
sending the packet is damaged because of it.
Link error will occur when the distance between the client and
server is longer, there may be a chance for packet loss because of the large
distance and the malicious drop will occur when the packet was hacked by the
hacker, there is a hacker between the client and server that hacker will hack the
data packets due to this hacking there is a loss in data packets .

Fig 6.4: Detection of Malicious Packet Dropping Rate using Miss-Detection


Probability.

Fig 6.5: Detection of Malicious Packet Dropping Rate using False-Alarm


Probability.

CHAPTER 7
CONCLUSION

An HLA-based public auditing architecture was developed that ensures


truthful packet-loss reporting by individual nodes. The improvement is especially
visible when the number of maliciously dropped packets is comparable with those
caused by link errors. To correctly calculate the correlation between lost packets, it
is critical to acquire truthful packet-loss information at individual nodes. This
architecture is collusion proof, requires relatively high computational capacity at
the source node, and to reduce the computation overhead of the baseline
construction a packet-block-based mechanism was also proposed, which allows
one to trade detection accuracy for lower computation complexity. Some open
issues remain to be explored in the future work. First, the proposed mechanisms
are limited to static or quasi-static wireless ad hoc networks. In addition, this
architecture assuming that source and destination are truthful in following the
established protocol because delivering packets end-to-end is in their interest.
Misbehaving source and destination will be pursued in future research. Moreover,
as a proof of concept, the main focus is on showing the feasibility of the proposed
crypto-primitives and how second order statistics of packet loss can be utilized to
improve detection accuracy. As a first step in this direction, analysis mainly
emphasize the fundamental features of the problem, such as the untruthfulness
nature of the attackers, the public verifiability of proofs, the privacy-preserving
requirement for the auditing process, and the randomness of wireless channels and
packet losses, but ignore the particular behavior of various protocols that may be
used at different layers of the protocol stack. The implementation and optimization
of the proposed mechanism under various particular protocols will be considered in
future studies.

APPENDIX
Drop.tcl
set ns [new Simulator]
set nf [open tcp1.nam w]
$ns namtrace-all $nf
#open the trace file
set nt [open tcp1.tr w]
$ns trace-all $nt
set proto rlm
$ns color 1 blue
$ns color 2 yellow
$ns color 3 red
set Client1 [$ns node]
set Router1 [$ns node]
set Endserver1 [$ns node]
$ns duplex-link $Client1 $Router1 2Mb 100ms DropTail
$ns duplex-link $Router1 $Endserver1 200Kb 100ms DropTail
$ns duplex-link-op $Client1 $Router1 orient right
$ns duplex-link-op $Router1 $Endserver1 orient right
$ns at 0.0 "$Client1 label Client1"
$ns at 0.0 "$Router1 label Router1"
$ns at 0.0 "$Endserver1 label Endserver1"
$Endserver1 shape hexagon
$Router1 shape square
#$ns duplex-link-op $Client1 $Router1 queuePos 0.1
#$ns duplex-link-op $Router1 $Endserver1 queuePos 0.5

proc finish {}
{
global ns nf nt
$ns flush-trace
close $nf
close $nt
puts "running nam..."
exec nam tcp1.nam &
exit 0
}
#Calling finish procedure
$ns at 6.0 "finish"
$ns
Awk script
set ns [new Simulator]
set nt [open test10.tr w]
$ns trace-all $nt
set nf [open test10.nam w]
$ns namtrace-all $nf
set totalNodes 3
for {set i 0} {$i < $totalNodes} {incr i}
set node_($i) [$ns node]
set server 0
set router 1
set client 2
$ns duplex-link $node_($server) $node_($router) 2Mb 50ms DropTail

$ns duplex-link $node_($router) $node_($client) 2Mb 50ms DropTail


$ns duplex-link-op $node_($server) $node_($router) orient right
$ns duplex-link-op $node_($router) $node_($client) orient right
$ns at 0.0 "$node_($server) label Server"
$ns at 0.0 "$node_($router) label Router"
$ns at 0.0 "$node_($client) label Client"
$ns at 0.0 "$node_($server) color blue"
$ns at 0.0 "$node_($client) color blue"
$node_($server) shape hexagon
$node_($client) shape hexagon
set tcp [new Agent/TCP]
$ns attach-agent $node_($server) $tcp
set sink [new Agent/TCPSink]
$ns attach-agent $node_($client) $sink
$ns connect $tcp $sink
set ftp [new Application/FTP]
$ftp attach-agent $tcp
$tcp set fid_ 4
$ns at 1.0 "$ftp start"
$ns at 6.0 "$ftp stop"
proc finish {}
{
global ns nf nt
$ns flush-trace
close $nf
close $nt
puts "running nam..."

exec nam test10.nam &


exec awk -f Throughput.awk test10.tr > output.tr &
exit 0
}
$ns at 10.0 "finish"
$ns run
Graph Script
set ns [new Simulator]
set tracefd [open Graph2.tr w]
set namtrace [open Graph2.nam w]
$ns trace-all $tracefd
$ns namtrace-all-wireless $namtrace $val(x) $val(y)
set topo [new Topography]
$topo load_flatgrid $val(x) $val(y)
set god_ [create-god $val(nn)]
$ns node-config -adhocRouting $val(rp) \
-llType $val(ll) \
-macType $val(mac) \
-ifqType $val(ifq) \
-ifqLen $val(ifqlen) \
-antType $val(ant) \
-propType $val(prop) \
-phyType $val(netif) \
-channelType $val(chan) \
-topoInstance $topo \
-agentTrace ON \
-routerTrace ON \

-macTrace OFF \
-movementTrace ON
for {set i 0} {$i < $val(nn) } { incr i }
set node_($i) [$ns node]
for {set i 0} {$i < $val(nn) } {incr i }
{
$node_($i) color black
$ns at 0.0 "$node_($i) color black"
}
$node_(0) set X_ 50.0
$node_(0) set Y_ 50.0
$node_(0) set Z_ 0.0
$node_(1) set X_ 200.0
$node_(1) set Y_ 250.0
$node_(1) set Z_ 0.0
$node_(2) set X_ 300.0
$node_(2) set Y_ 300.0
$node_(2) set Z_ 0.0
for {set i 0} {$i < $val(nn)} { incr i }
{
# 30 defines the node size for nam
$ns initial_node_pos $node_($i) 30
}
for {set i 0} {$i < $val(nn) } { incr i }

$ns at $val(stop) "$node_($i) reset";


$ns at $val(stop) "$ns nam-end-wireless $val(stop)"
$ns at $val(stop) "stop"
$ns at 10.01 "puts \"end simulation\" ; $ns halt"
$ns at 1.0 "Graph"
set g [open graph.tr w]
set g1 [open graph1.tr w]
proc Graph {}
{
global ns g g1
set time 1.0
set now [$ns now]
puts $g "[expr rand()*8] [expr rand()*6]"
puts $g1 "[expr rand()*8] [expr rand()*6]"
$ns at [expr $now+$time] "Graph"
}
proc stop {}
{
global ns tracefd namtrace
$ns flush-trace
close $tracefd
close $namtrace
exec xgraph -P -bb -geometry 700X800 graph.tr graph1.tr &
exec nam Graph2.nam &
exit 0

REFERENCES

1. Arauz, J.N. Julio Nicolas (2004) 802. 11 Markov channel modeling, Ph.D.
dissertation, School Inform. Sci., Univ. Pittsburgh, Pittsburgh, PA, USA.
2. Ateniese, C. Burns, R. Curtmola, R. Herring, J. Kissner, L. Peterson, Z. and
Song, D. (2007 ) Provable data possession at untrusted stores, in Proc. ACM
Conf. Computand Commun. Secur., pp. 598610.
3. Ateniese, G. Kamara, S. and Katz, J. (2009) Proofs of storage from homomorphic
identification protocols, in Proc. Int. Conf. Theory Appl. Cryptol. Inf. Security,
pp. 319333.
4. Awerbuch, B. Curtmola, R. Holmer, D. Nita-Rotaru, C. and Rubens, H. (2008)
ODSBR: An on-demand secure byzantine resilient routing protocol for wireless ad
hoc networks, ACM Trans. Inform. Syst. Security, vol. 10, no. 4, pp. 135.
5. Balakrishnan, K. Deng, J. and Varshney, P.K. (2005 ) TWOACK: Preventing
selfishness in mobile ad hoc networks, in Proc. IEEE Wireless Commun. Netw.
Conf., pp. 21372142.
6. Boneh, D. Lynn, B. and Shacham, H. (2004 ) Short signatures from the weil
pairing, J. Cryptol., vol. 17, no. 4, pp. 297319.
7. Buchegger, S. and Boudec, J.Y.L. (2002) Performance analysis of the confidant
protocol (cooperation of nodes: Fairness in dynamic ad hoc networks), in Proc.
3rd ACM Int. Symp. Mobile Ad Hoc Netw. Comput. Conf., pp. 226236.

8. Buttyan, L. and Hubaux, J.P. (2003) Stimulating cooperation in self organizing


mobile ad hoc networks, ACM/Kluwer Mobile Netw. Appl., vol. 8, no. 5, pp. 579
592.
9. Crowcroft, J. Gibbens, R. Kelly, F. and Ostring, S. (2003) Modelling incentives
for collaboration in mobile ad hoc networks, presented at the First Workshop
Modeling Optimization Mobile, Ad Hoc Wireless Netw., Sophia Antipolis, France.
10.Eriksson, J. Faloutsos, M. and Krishnamurthy, S. (2007) Routing amid colluding
attackers, in Proc. IEEE Int. Conf. Netw. Protocols, pp. 184193.
11.Galuba, W. Papadimitratos, P. Poturalski, M. Aberer, K. Despotovic, Z.
and Kellerer, W. (2010) Castor: Scalable secure routing for ad hoc networks, in
Proc. IEEE INFOCOM, pp. 1 9.
12.Hayajneh, T. Krishnamurthy, P. Tipper, D. and Kim, T. (2009) Detecting malicious
packet dropping in the presence of collisions and channel errors in wireless ad hoc
networks, in Proc. IEEE Int. Conf. Commun., pp. 10621067.
13.He, Q. Wu, D. and Khosla, P. (2004) Sori: A secure and objective reputation-based
incentive scheme for ad hoc networks, in Proc. IEEE Wireless Commun. Netw.
Conf., pp. 825830.
14.Johnson, D.B. Maltz, D.A. and Broch, J. (2001) DSR: The dynamic source routing
protocol for multi-hop wireless ad hoc networks, in Ad Hoc Networking. Reading,
MA, USA: Addison-Wesley, ch. 5, pp. 139172.
15.Kozma Jr, W. and Lazos, L. (2009) Dealing with liars: Misbehavior identification
via Renyi-Ulam games, presented at the Int. ICST Conf. Security Privacy in
Commun. Networks, Athens, Greece.
16.Liu, K. Deng, J. Varshney, P. and Balakrishnan, K. (2006) An acknowledgementbased approach for the detection of routing misbehavior in MANETs, IEEE Trans.
Mobile Comput., vol. 6, no. 5, pp. 536550, May 2006.
17.Liu, Y. and Yang, Y.R. (2003) Reputation propagation and agreement in mobile
ad-hoc networks, in Proc. IEEE WCNC Conf., pp. 15101515.
18.Marti, S. Giuli, T.J. Lai, K. and Baker, M. (2000) Mitigating routing misbehavior
in mobile ad hoc networks, in Proc. ACM Mobi Com Conf., 2000, pp. 255265.

19.Noubir, G. and Lin, G. (2003) Low-power DOS attacks in data wireless LANs and
countermeasures, ACM SIGMOBILE Mobile Comput. Commun. Rev., vol. 7, no.
3, pp. 2930.
20.Padmanabhan V.N. and Simon, D.R. (2003) Secure trace route to detect faulty or
malicious routing, in Proc. ACM SIGCOMM Conf., pp. 7782.
21.Papadimitratos, P. and Haas, Z. (2003) Secure message transmission in mobile ad
hoc networks, Ad Hoc Netw., vol. 1, no. 1, pp. 193209.
22.Proano and Lazos, L. (2012) Packet-hiding methods for preventing selective
jamming attacks, IEEE Trans. Depend. Secure Comput, vol. 9, no. 1, pp. 101114.