Presentation On Design and implement a cross

layer verification framework(CLVF) for detecting

and preventing blackhole and wormhole attack in
wireless ad-hoc networks for cloud environment
BY S. JAGADEESANV. PARTHASARATHY
 Content
• Introduction

• Contributions

• Wormhole Attack

• Related works

• Proposed methodology-crosslayer verification framework (CLVF)

• RTS/CTS mechanism

• Wormhole detection using CLVF

• Solution of wormhole attack

• Results and discussion

• Limitations

• Future proposal

• conclusion
 Introduction
• A wireless ad hoc network (WANET) is a decentralized type of wireless network.
• Wireless ad-hoc network (WAN) systems have turned into a serious feature in our regular
day to day existences as they are progressively conveyed in various applications.
• The natural idea of the remote medium makes it vulnerable to assortment of security
attacks going from aloof listening stealthily to dynamic obstruction.
Contributions
This paper the auther acquainted a novel framework with restrict a
remote hub by using sticking attack as the advantage of the system. They
proposed:
• Frameworks for detecting Blackhole attack and Wormhole attack.
• Introduced a new remedy for blackhole and wormhole attack.
Wormhole Attack
• In wormhole attack, two or more nodes in the route is compromised by
the malicious node. These more number of malicious nodes in the
network creates a low latency based link among two endpoints in the
network.
Wormhole Attack
• Generally wormhole attack looks for low latency based link where
provides a high quality routes to base station. Hence malicious
attackers adopt the quality links for communication and transmit their
data in their paths.
• Whenever a ROUTE REQUEST message is received immediately sends
out a fake RESPONSE with the help of a high quality link (called as
wormhole link)from the source node.
• The paper proposes a new framework for detecting the malicious
nodes. It is done for a maximum number of 250 nodes.
 Related works
• Michiardi and Molva utilize uninvolved listening in to confine the
getting rowdy hubs and allot notoriety to the hubs with the end goal
that lone great hubs in the system are trusted.
• Kachirski and Guha, propose the possibility of a disseminated IDS
where bunch heads are chosen and the IDS usefulness is conveyed
among them.
• Abd Razak, Furnell ,ClarkeN ,BrookeP. Proposed a framework named
LBIDS to detect wormhole attack.
Proposed methodology-crosslayer verification
framework(CLVF)
 Proposed methodology-crosslayer verification
framework(CLVF) cont.
• The entire framework focused on investigating the malicious activities on
the layers and provides a trust value where it evaluates the network to
increase the reliability and security in routing the data in perfect
environment.
• The malicious activities are detected by investigating the activities of each
node in the network. In this paper, a node is selected as a neighbor node
through the route discovery process, and the nodes produce a packet-level
acknowledgment at the time of receipt and of passing the data packet.
• The round trip time of a data packet-based communication can be verified
by configuring and deploying the RTS/CTS mechanism in the MAC layer
of the network. According to the round trip time variance, the blackhole
node is detected
 RTS/CTS mechanism
• Each node has to start their functions by RTS/CTS process in order to
indentify the status of the channels and the packets.
• When a node wants to transmit data to another node, it sends out
a RTS 'Request to Send' packet.
• The receiver node replies with a packet called CTS 'Cleared to Send' packet.
• After the transmitter node receives the CTS packet, it transmits the data
packets. Encoded within the RTS/CTS packets is a duration field.
• The duration field is set such that the data transmission can be completed
within the designated time period. If a transmiter node does not receive
a CTS packet it enters into an exponential back off mode.
Wormhole detection using CLVF
• Firstly, the distance each nodes are calculated.
• Then from source to destination nodes, route requests are sent(RREQ)
and they are given a value i.
• Each nodes responds with a route response(RRES)
• If the interval time between sending and receiving the route request
and response is lower than the threshold value, they jump to the next
neighbour.
• Now as the packet id resembles i, if they are not matched, we can say
they are malicious node
Wormhole detection using CLVF
Solution of wormhole attack
• Suppose that, in a node’s set of n neighbors, there are S Wormhole
nodes, M malicious nodes and G good(correct) nodes, then a node can
only test C neighbors one at time.The probability of a Wormhole node
being detected is
Solution of wormhole attack(cont)
• This test is repeated for r rounds, choosing a random subset to test and
a random channel to listen in each round. The probability of a
Wormhole node being detected is,

• According the probability ratio, the Wormhole node can be controlled

in any network topology of the WAN
Results and discussion
• To investigate the CLVF approach efficiency it is simulated in NS2.
• Where the area of the network size is 1000×1000 and the number of
nodes deployed in simulation is 10, 20, 30, 40 and 50 in 5 rounds.
• The front end of the simulation is developed in TCL and the protocol
configuration is implemented in C++ code.
• This is compared with the existing results obtained using LBIDS
Results and discussion
It is clear and noticed that the
proposed CLVF approach is better than
the existing LBIDS approach.Though
the performance degrades in the
proposed CLVF compared to LBIDS
approach it can be observed that the
performance is very better closed
Reduction factor can be greater than
1so that the network behavior can be
understood
Limitations
• In this framework, It can be found that after 250 nodes the network
behavior remains the same for all performance parameters.
• The framework has not been checked for cloud services.
• Performance degrades over time.
 Future Proposal
• The proposed framework is proved to be better. However in future the
framework need to be checked in future by experimenting the services
on the cloud. It will present challenges like scalability, robustness.
Moreover it will also depend on the application level services provided
to the users.
• In the future, the preferred approach should be LBIDS for preventing
any kind of attack on the network, energy conservation.
• The performance need to be studied more in detail for nodes greater
than 250 using probabilistic approaches like Hidden Markov Model.
Conclusion
• The main objective of this paper is to detect and eliminate wormhole
attacks created in MAC layer and in Network layer.
• This paper provides a solution by implementing RTS/CTS and verifying
all the data and node information in the route. By providing remedy
against wormhole attacks the malicious activities are eliminated.
• It defines that the nodes available in “ON” the route and “OFF” the
route investigation. According to the results, the performance of this
approach is superior to all existing approaches