.

Tuesday, August 20, 2019

Survey on Traffic Pattern Discovery in Mobile Ad hoc Network

Survey on Traffic Pattern Discovery in Mobile Ad hoc Network Priyanka Sen Priti Saktel Abstract— Mobile Ad-hoc Network (MANET) is one of the networks of mobile routers that is self-configuring and connected by wireless links. Anonymity communication is one of the major issues in MANET. Though there are many anonymity enhancing techniques that have been proposed based on packet encryption to protect the communication anonymity of mobile ad hoc networks. There are still passive statistical traffic analysis attacks that can be vulnerable to MANET. The communication anonymity consists of two aspects: source/destination anonymity and end-to-end anonymity. In order to discover the communication pattern without decrypting the captured packets, this proposed system will be designed. The proposed system will first search the required node by using a heuristic approach. Then statistical traffic analysis will be performed to find the data transmission of the searched node to its neighboring nodes. After performing the statistical traffic analysis whether the search node is source or destination will be estimated. With the help of this estimation the traffic pattern will be discovered. The utility of this proposed system is basically in military environment. Keywords— Mobile Ad hoc Network (MANET), anonymity communication, statistical traffic analysis. I. Introduction Mobile ad hoc network (MANET) is a self configuring infrastructure less network of mobile devices connected by wireless network. It is one of the types of ad hoc network. Every device in MANET is independent to move. This results in changes of link of such device. Thus MANET is also known as an infrastructure less network. The devices that are present in the network must forward the traffic to other devices. In MANET each device must act as a router. The basic figure of a mobile ad hoc network can be illustrated in Fig 1. One of the critical issues of MANET is communication anonymity. Anonymity can be defined as the state in which identity of an object that performs the action is hidden. An anonymous communication system can be defined as a technology that hides the object identity. Communication anonymity [1] has two aspects: Source/destination anonymity and End-to-End relationship anonymity. In source/destination anonymity it is difficult to identify the sources or the destinations of the network flows while in end-to-end relationship anonymity it is difficult to identify the end to- end communication relations. In MANET communication anonymity has been proposed by anonymous routing protocols such as ANODR (ANonymous On-Demand Routing) [7], OLAR (On-demand Lightweight Anonymous Routing) [6]. All these anonymous routing protocols rely on packet encryption to hide the information from attackers. Still the passive attackers can eavesdrop on the wireless channel, intercept the transmission, and then perform traffic analysis attacks. Traffic analysis [10] is one of the types of passive attack in MANET. Traffic analysis is further subdivided into predecessor attack [8] and disclosure attack [9]. The following are the three nature of MANET due to which above approaches do not work well to analyze traffic in MANET: 1) Broadcasting nature: In wired networks point to point transmission can be easily applied to only one possible receiver. While in wireless network message is broadcasted to multiple receivers. 2) Ad hoc nature: Mobile node can be served as both source and destination. This can create confusion to determine the role of the node. 3) Mobile nature: Traffic analysis model do not consider the mobility of communication peers. This makes the communication among mobile node more complex. There is a need of such a technology which can analyze traffic without any interruption of the above three characteristics of MANET. This proposed system fulfills the need. The objective of this paper is to show that passive attackers can perform traffic analysis without the knowledge of the adversaries. This approach is required in military environment. The proposed system will perform statistical traffic analysis to discover the traffic pattern. This system will perform the point to point as well as end-to-end traffic analysis among receivers. Indirectly this calculation will provide probable source and destination of the network that will discover the hidden traffic pattern. Thus the adversaries will not be able to know about the traffic analysis. Fig. 1. Mobile Ad hoc Network The remaining paper is organized as follows: Section II describes the previous work. Section III presents the proposed work. Section IV describes the expected outcome of the proposed system. Lastly section V presents the conclusion. II. PREVIOUS WORK Yang Qin, Dijiang Huang and Bing Li [1], proposed that though there are many anonymous routing protocols and anonymous enhancing techniques available still mobile ad hoc network (MANET) is vulnerable to passive statistical traffic analysis attacks. The authors proposed a system called as Statistical Traffic Pattern Discovery System (STARS). A STAR is used to discover the hidden traffic pattern in MANET. The drawback of this proposed system is that no searching algorithm is applied to search the traffic free path. Douglas Kelly, Richard Raines, Rusty Baldwin, Michael Grimaila, and Barry Mullins [2], investigated on anonymity. For a user anonymity can be defined as using any services while keeping their identity hidden from an adversary. Anonymity help user to protect their data from attacks. Unidentifiability, Unlinkability, and Unobservability are the three properties of anonymity. Unidentifiability means the adversary is unable to determine one’s identity or action among similar ones. Unlinkability means the adversary is unable to relate messages or actions by observing the system. Unobservability means the adversary is unable to observe the presence of messages or action in the system. Since unobservability keeps the identity of messages or action secret it can be implied as anonymity. Unidentifiability is subdivided into sender anonymity (SA), receiver anonymity (RA), mutual anonymity (MA) and group anonymity (GA). Unlinkability is subdivided into location anonymity (LA), communicat ion anonymity (CA) and group communication anonymity (GCA). In order to discover the traffic pattern we have to work on unidentifiability property of anonymity and decrease the sender anonymity (SA) and receiver anonymity (RA). Lei Liu, Xiaolong Jin, Geyong Min, and Li Xu [3], proposed that in order to detect the attack in a network traffic intensity and packet number are the two important metrics. Lei et al. had designed an anomaly detection system. This anomaly detection system is used to detect the distributed denial of service (DDoS) attack in MANET. When traffic analysis is carried on MANET these two metrics are used to detect the DDoS attack. Similarly when traffic analysis will be carried on our proposed system data transmission will be considered as a parameter. We can conclude that data transmission will be an important factor whenever traffic analysis will be carried out, though the reason may be for detection of attack or for discovery of traffic pattern. Zhilin Zhang and Yu Zhang [4], introduced that control traffic plays an important role in route discovery in MANET. The characteristic that involve to carry out research on control traffic in MANET when on demand routing protocols are used include distribution of nodes’ control packet traffic, communication of control packets between nodes, rate of RREQ (route request) packets and the ratio of number of RREQ packets originating from one node to all RREQ packets relayed by this node. These characteristics of control traffic are affected by factors such as mobility, node density and data traffic. Thus theoretically we can determine that indirectly one of the factors of control traffic is data traffic. Hence we can conclude that control traffic will also play an important role in route discovery in our proposed system though the situation will be different. In our proposed system we will find traffic free path i.e. control traffic path so that it will be easy to find out the numb er of data packets transmitted to neighboring nodes. This will help us to discover route in our proposed system. Y. Liu, R. Zhang, J. Shi, and Y. Zhang [5] designed a novel algorithm called as traffic inference algorithm (TIA) which allows an adversary to infer the traffic pattern in MANET. This algorithm is based on the assumption that difference between data frames, routing frames and MAC control frames is visible to passive adversaries. Through these differences they can identify the point-to-point traffic using the MAC control frames, recognize the end-to-end traffic by tracing the routing frames and then find out the actual traffic pattern using the data frames. This algorithm is not a successful invention as it depends on the deterministic network behaviors. Stephen Dabideen and J.J. Garcia-Luna-Aceves [6], proposed that routing in MANET using depth first search (DFS) is feasible as well as efficient than breadth first search (BFS). The algorithm introduced is called as ordered walk search algorithm (OSA). The objective of this algorithm is to take advantage of the smaller time complexity of BFS and combine it with the low communication complexity of DFS in order to improve the efficiency of the search through the known path information. In order to demonstrate the effectiveness of OSA, ordered walk with learning (OWL) routing protocol has been presented which uses DFS to establish and repair paths from the source to the destination with minimum signaling overhead and fast convergence. The following are the advantages of DFS over BFS that had been investigated by Stephen et al. in MANET: (i) DFS require less overhead as compared to BFS. When large number of nodes is performing BFS, the routing TABLE 1 COMPARISON OF SEARCHING ALGORITHMS overhead can saturate the network making it difficult to deliver any packets. However DFS use only small network for routing. (ii) When BFS is used in a network, where there are multiple flows of search packets this situation can lead to increase the load on network and loss of packets. On the other hand as DFS involves only a small part of the network, thus this reduces the load in the network and results in less packet loss. A comparative study of searching algorithms is shown in TABLE I. From this table we conclude that DFS is better searching algorithm for MANET than BFS. III. PROPOSED WORK One of the characteristic of MANET is that all the nodes are hidden. This proposed system will unhide the nodes by using one of the searching algorithms. The searching algorithm chosen for searching the node will be depth first search (DFS). Source node will use DFS algorithm for traversing or searching the path in the network. Then statistical traffic pattern analysis will be performed on these searched nodes. This analysis will provide an estimation of the data transmitted to all the neighboring nodes of every searched node. We can discover the traffic pattern by using probability distribution. The working of each of the module is explained in detailed below. A. Searching node in MANET using depth first search. In this proposed system we are using DFS for routing decisions. When a node receives message for the first time, it sorts all its neighboring nodes according to their distance to destination and then uses that same order in DFS algorithm. It starts its searching from the source node and updates one hop neighbors. This search continues to reach traffic free path between source and destination node. As shown in Fig. 2, depth first search works on tree or graph. The Fig. 2 gives an example of DFS routing path for the following graph: The searching starts from root node A. It is assumed that the left edges are selected than the right edges. Each node remembers the last visiting nodes which help to backtrack and reach the last node to complete the traversing. From Fig. 2 the path will be: A, B, D, E, C, and F. B. Statistical traffic analysis of packets in MANET For point-to-point (one hop) traffic in a certain period, first build point-to-point traffic matrices such that each traffic Fig. 2. Depth First Search matrix only contains independent hop packets. There can be situation in which two packets captured at different time could be the same packet appearing at different location. In order to avoid a single point-to-point traffic matrix form containing two dependent packets time slicing technique is used. Time slice technique is technique in which the process is allowed to run in a preemptive multitasking system. This is called as the time slice or quantum. The scheduler runs once every time slice to choose the next process to run. In this proposed system a sequence of snapshots during a time interval constructs a slice represented by a traffic matrix. The traffic matrix is denoted by W. This traffic matrix will consists of traffic volume from one node to another. For example, Here 1 indicates that there is transmission of data (traffic volume) from node 1 to node 2 whereas 0 indicate that there is no transmission of data between the two nodes. C. Discovery of system The traffic matrix tell us the deduce point-to-point and end-to-end traffic volume between each pair of nodes. We need to discover the actual source or destination in order to discover the traffic pattern. Here probability distribution is used. Probability distribution calculates the probability of the data transmitted to neighboring node which provide an accurate estimation of a node as source or destination. This will help to discover the traffic pattern. The equation required for source probability distribution is The equation required for destination probability distribution is Fig.3. System Flow Diagram Where s’(i) is the source vector, N is number of nodes, r(i,j) is the accumulative traffic volume from node i to node j, d’(i) is the destination vector. In the Fig. 3, the flow of the proposed system is explained. When the system will start it will form a network. This network will consist of certain number of nodes. All the nodes will be browsed. In order to search the node a heuristic searching algorithm will be applied. If the required node is present then statistical traffic analysis will be performed on it. After performing statistical traffic analysis probability distribution will be applied to discover the traffic pattern. However, if the required node is not found then the system will stop and no further process will be carried out. IV. EXPECTED OUTCOME From the idea of the proposed system we are clear with two outcomes. The outcomes will be to discover traffic pattern in MANET and to find probability of point to point transmission among receivers. These two outcomes are discussed below. 1. Discovery of traffic pattern in MANET The first step to discover traffic pattern will be searching a node. Then using point-to-point traffic matrix and end-to-end traffic matrix a statistical traffic analysis will be performed. The parameter to be considered for traffic pattern discovery will be number of data transmitted. 2. Probability of point to point transmission among receivers is estimated Point-to-Point transmission can be estimated by point-to-point traffic matrix. This matrix will consists of traffic volume between each node at one hop distance. The calculated traffic matrix will be used to determine the probability of point to point transmission among receivers. V. CONCLUSION The proposed system will be an attacking system. As nodes are hidden in MANET a heuristic searching algorithm will be applied. This heuristic searching algorithm will be depth first search (DFS).This system will perform statistical traffic analysis to find the data transmission between one to one and one to many nodes. Probability of point to point transmission among receivers will be estimated by point-to-point traffic matrix. Then by calculating multihop traffic and performing probability distribution the traffic pattern will be discovered. This will provide an approximate traffic pattern with approximate source and destination in the network. The proposed system will reduce the issue of anonymous communication in mobile ad hoc network (MANET). REFERENCES Yang Qin, Dijiang Huang and Bing Li â€Å"STARS: A Statistical Traffic Pattern Discovery System for MANETs† IEEE Transactions on Dependable and Secure Computing, Vol. 11, No. 2, March/April 2014. Douglas Kelly, Richard Raines, Rusty Baldwin, Michael Grimaila, and Barry Mullins, â€Å"Exploring Extant and Emerging Issues in Anonymous Networks: A Taxonomy and Survey of Protocols and Metrics†, IEEE Communications Surveys Tutorials, Vol. 14, No. 2, Second Quarter 2012. Lei Liu, Xiaolong Jin, Geyong Min, and Li Xu, â€Å"Real-Time Diagnosis of Network Anomaly based on Statistical Traffic Analysis†, IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, 2012. Zhilin Zhang and Yu Zhang, â€Å"Control Traffic Analysis of On-Demand Routing Protocol in Mobile Ad-hoc Networks†, IEEE Second International Conference on Networking and Distributed Computing, 2011 Y. Liu, R. Zhang, J. Shi, and Y. Zhang, â€Å"Traffic Inference in Anonymous MANETs,† Proc. IEEE Seventh Ann. Comm. Soc. Conf. Sensor Mesh and Ad Hoc Comm. and Networks, pp. 1-9, 2010. Stephen Dabideen and J.J. Garcia-Luna-Aceves, â€Å"OWL: Towards Scalable Routing In MANETs Using Depth-First Search On Demand†, IEEE 6th International Conference on Mobile Adhoc and Sensor Systems, Oct 2009. Y. Qin and D. Huang, â€Å"OLAR: On-Demand Lightweight Anonymous Routing in MANETs,† Proc.Fourth Int’l Conf. Mobile Computing and Ubiquitous Networking, pp. 72-79, 2008. J. Kong, X. Hong, and M. Gerla, â€Å"An Identity-Free and On- Demand Routing Scheme against Anonymity Threats in Mobile Ad Hoc Networks,† IEEE Trans. Mobile Computing, vol. 6, no. 8, pp.888-902, Aug. 2007. M. Wright, M. Adler, B. Levine, and C. Shields, â€Å"The Predecessor Attack: An Analysis of a Threat to Anonymous Communications Systems,† ACM Trans. Information and System Security, vol. 7, no. 4, pp. 489-522, 2004. G. Danezis, â€Å"Statistical Disclosure Attacks: Traffic Confirmation in Open Environments,† Proc. Security and Privacy in the Age of Uncertainty, vol. 122, pp. 421-426, 2003. J. Raymond, â€Å"Traffic Analysis: Protocols, Attacks, Design Issues, and Open Problems,† Proc. Int’l Workshop Designing Privacy Enhancing Technologies: Design Issues in Anonymity Unobservability, pp. 10-29, 2001.

No comments:

Post a Comment