A Novel Defense Scheme against DDOS Attack in VANET

Ayonija Pathre P.G.scholar

Department of CSE RITS Bhopal, India

ayo.pathre@gmail.com

Chetan Agrawal Assistant professor

Department of CSE RITS Bhopal, India

chetan.agrawal12@gmail.com

Anurag Jain Assistant professor

Department of CSE RITS Bhopal, India

anurag.akjain@gmail.com

Abstract Vehicular ad hoc network (VANET) has extensively used to enhance protection of the passengers and reduce occasion of traffic congestion. Consistent communication in vehicular ad-hoc networks is important to provide functional and reliable traffic safety and efficiency applications .Security is the major issue in the network due to the mobile nature of the vehicle. In this paper we proposed the novel traffic congestion detection and removal scheme against DDOS attack. Here the attacker behavior is broadcast the huge numbers of false information packets in network i.e. the false information about the traffic. The number of nodes or vehicles that receives the false packet information are affected from attack are called Abstract Node. Now if the traffic is jammed or congestion occurring and their information goes to Roadside Unit (RSU) then RSU must be detected and excluded permanently from the network after applying proposed effective approach. Proposed scheme against DDOS attack aims to identify and exclude attackers from the network. In the presence of misbehaving in network the false information is transferred in the network by that the vehicles are deciding to do the routing according to false information. Proposed security scheme recovers control information and improves the performance of VANET in the presence of an attacker.

Keywords Misbehavior, DDOS attack, False information, RSU, VANET.

I. INTRODUCTION Ad hoc Network (VANET) is the special class of Mobile

ad hoc Network (MANET). In VANET vehicle traffic scenario has consisted of vehicles and Road Side Units (RSU) that support in the administration of the network. Security is acting an important role in the system design with the development of VANETs. The communications in VANETs are changeable means all vehicles are mobile in

nature. Security protocols need more deliberations, such as privacy to protect the vehicles for transferring wrong confirmation about traffic, and reliability of messages. The intelligence system is proving to vehicles for loading them with information sensors which will be controlled by a "telematics box" use in the car. The box in term communicates with the driver and will be its guide that includes a future potential in terms of a chic set of applications that will offer to its client. However, not moving fake vehicles and vehicles with a probable mobility model are not considered in other approaches. Fig. 1 represents the Vehicular Ad-hoc Network.

VANET can be visualized as the network of affecting vehicles communicating in asynchronous and an autonomous manner. Efficient and scalable information distribution is a major challenge [1] due to the movement of vehicles which causes unpredictable changes in the network topology. The relevance of infrastructure and information technologies for this reason opened a new range of possibilities. The most promising area unit as of analysis are the study of the communication with vehicles and road-side units, or additional specifically the transport Ad-hoc Network. Congestion control is a challenging area under discussion in mobile ad hoc networks because no network is totally congested free as usual in VANET not possible to maintain traffic are completely congestion free. In VANET due to the malicious node possibility of congestion is more because here the vehicle has delivered the wrong information about the status of traffic.

One of the most popular Ad hoc protocols which are used in VANET is AODV. Unfortunately, AODV do not define special security mechanisms. This problem existed in Ad hoc previously and this lack of efficiency in securely migrates to VANET and it can give a good situation to attackers to perform attacks easily. The bad news is that there are only a few proposed solutions to solve this problem because AODV is not a source-based routing protocol and such solutions would introduce a tremendous overhead [1]. In addition, implementation of some of these methods which have good security capabilities is difficult or expensive. Several researchers tried to boost security weakness in AODV, like SAODV [2] that is concentrated on security or different strategies that attempt to improve AODV which can help improving security too such as [3] that introduced PRAODV and PRAODVM. These two methods improved AODV based protocols for predicting route life time.

Fig. 1. Vehicular Ad hoc Network

978-1-4673-5999-3/13/$31.00 2013 IEEE

The paper organization is as follows: section 2 describes DDOS attack and connected works are delineated in section 3. Proposed Work is described in section 4. Network simulation results are given in section 5 followed by conclusions in section 6.

II. DDOS ATTACK A DDOS attack [4] is any event that eliminates a

networks capacity to perform its expected function. These attacks area unit launched against server resources or network information measure by preventing licensed users from accessing resources.

An attacker sends multiple connection wrong requests to a number of victims in a network, killing all of the victims resources and preventing use by genuine users. Due to unnecessary bandwidth conception the problem of congestion is occurring. For example, a misbehaving vehicle or a node that discards any packets passing through it may end up in continual retransmission that successively causes network congestions. Also, a wireless link does not provide the same protection for data transmissions as does its wired link counterpart. Hence, any user or receiver inside the transmissions vary will listen in or interfere with knowledge packets or routing info Since all nodes can be mobile, changes in network connectivity and resource availability also expose a network to various attacks.

III. RELATED WORK Researchers are continuously working on Security in

VANET communication, finding ways out of this very critical problem and a number of techniques are proposed by the research community. Very few of them are described here:

In paper [5] author presents a traffic information aggregation and propagation scheme, which is suitable for the Vehicular city environment and based on Vehicle Ad hoc Network to improve the traffic condition. RSU can gather, produce and distribute traffic messages, victimization vehicle-to-vehicle communication and vehicles common cooperation. The traffic messages can help drivers to choose a better route and prepare against the traffic events. But in this paper author not show the effect of the attack by that the congestion occurs because to identify attacker is a difficult issue that one is the main cause of congestion.

In paper [6] author shows how security is one of the safety traits in VANET. Network availability must be obtained at all times since the availability of the network is vitally needed when a node sends any life critical information to other nodes. Due to this the network availability is exposed many types of attacks. In this paper, Distributed Denial of Service (DDOS) attack on network availability is presented and its cruelty level in VANET environment is complicated. A model to secure the VANET from the DDOS attacks has been developed and some possible solutions to overcome the attacks have been discussed.

In paper [7] author proposes five different classes of attacks and every class is expected to provide better point of view for the VANET security. The main role of this paper is to give information about proposed solutions for classification and identification of different attacks in VANET.

In paper [8] author present integrates mobile property protocols to expedite information transfer between vehicles additionally as between edge instrumentation and obtainable traffic in network. In VANET, Wireless device sends info to neighbor vehicles, and messages are usually transmit from one vehicle to a distinct vehicle. Therefore, using VANET can enhance safety and traffic optimization. In VANET also there are some important and noticeable issues similar to other technology. One of the most important of them is Security. In this paper, I try to discuss security issues as one of the most important problems in Vehicular Ad hoc network.

In paper [9] author design a cross layer control system where the objective is to not improve the efficiency of the MAC but to improve the vehicle tracking accuracy. The authors consider a lossy shared channel where increased message frequency can increase the channel congestion and effectively cause a loss in accuracy of other vehicles positions. The proposed algorithm is a method to adapt the periodicity of transmission to attain the optimal accuracy.

In paper [10] author proposed a congestion control mechanism where the packet injection rate is controlled to attain a given target channel load. However, the issues of discovery performance as well as the choice of the optimal channel load are not explicitly considered.

The black hole attack is one of the security attacks that occur in MANETs which can occur in VANETs as well. A black hole is formed when nodes refuse to participate in the network or when an established node drops out. In this type of attack, all network traffics area unit redirected to a selected node, that doesn't exist the least bit that causes those knowledge to be lost [11]. There are two proposed possible solutions for this problem in MANETs. The protocol finds more than one route to the destination. It is clear that this solution may impose overload to network. In addition, this solution may be useful in MANETs but for VANETs which has several mobile nodes, finding extra nodes increases unwanted parameters such as delay or cost of service. The second solution is to exploit the packet sequence number included in any packet header [12].

Some approaches [13, 14, 15] have been proposed which are using publish/subscribe paradigm for information dissemination in VANET like settings. These approaches have contributed significantly towards understanding the applicability of publish/subscribe over VANET. In these approaches, a hybrid setup is assumed where there are stationary info-stations and moving vehicles communicating in a cooperative manner. The main goal is to design a P/S middleware for vehicular networks that considers location a time in its design objectives. This middleware enables the application developers to easily publish notification in a specific location by treating location as context. It takes

advantage of the information that can be extracted from the vehicles navigation systems (location, map, destination of the driver etc.) to generate subscriptions. Navigation system decides if a vehicle is interested in receiving a specific notification or not. The Proposed system is an opportunist Publish/Subscribe system.

IV. PROPOSED ATTACK IDENTIFICATION AND REMOVAL SCHEME

In this paper we proposed a novel scheme against traffic congestion for VANET in [16]. The vehicles are moving in a single path to providing the information about the traffic to each other and the origin of the entire vehicle are same clearly shown in figure 5. In normal scenario each vehicle follows the rules and transferring right information in infrastructure about the traffic but an attacker sends multiple false requests to a number of victims in a network, exhausting all of the victims resources and preventing use by genuine users. In this paper we proposed a new scheme for detecting the routing misbehavior of an attacker against traffic congestion. Now if the conjunction occurs in a particular portion then in that case every vehicular node will generate the traffic jam signals called Congestion announcement signals to their neighbor and by that the vehicular node will change their route. But attacker node will continuously transferred the right information about the traffic by that conjunction will occur. The proposed models are providing the solution from DDOS attacks, which is the intention to ensure network availability for secure communication among or between the nodes. We found that network accessibility has been directly affected in the case of DDOS attacks, where the attacks have led to most severe impact by causing the network to break down. Now the following steps are done by RSU to protect traffic from congestion.

1. RSU monitors the communication between the vehicles or infrastructure.

2. Identify the vehicle Generates False information packets in traffic.

3. Check the information receives a message from infrastructure.

4. Identify receives a safety message from another vehicle.

5. The function of attacker is altering the content of the message and passes this message to another vehicle, means transferring the false information continuously about the traffic jam i.e traffic is clear.

6. RSU identified that node on the basis of continually false information rather than the other vehicles attacker forwards the wrong message to infrastructure.

7. RSU blocks the activity of attacker node or vehicle. 8. Manages the traffic schedule affected by an

attacker.

By that we identify detection and applying prevention of DDOS attacks in the network.

Now here the two different scenarios represents the information about the traffic at the time of traffic congestion and the next scenario are shown the information about the

traffic clearance by disable the effect of the attacker. The given scenarios are having the seven fields that show the information about the attacker false packet information and the next is a case of attacker identification and removal.

A. Traffic information in case of attack This scenario represents the information about the

attack. In fig. 2 we clearly visualized the seven fields first is written a single A which means "Abstract Node" represents affected by attacker second presents the number of nodes or vehicles i.e. 11, 12, 13 and so on third represents the number of false packets are generated by an attacker node in network i.e. here is 179908 then the fourth field represents the number of false packets (1, 3, 5.) that are received by nodes. Now the value 19990 is the total number of packets that are broadcast on the network and the number of nodes that receives those false information packets these numbers of packets are less from the total number of false packets i.e. fifth field. The last two fields represent the source port and destination port. Now this one is all information about the attack scenario. Some additional information is required about the ANS and AN. Now here ANS are Abstract Network Section and AN are abstract network. The information about the ANS is one part of the network and the AN is the whole network are infested from attack. Now information is about probing node 7 means vehicle 7 is fully effected from false packet information of the attacker. This is all about the information about traffic affected from an attacker.

B. Traffic information after identifying attack The scenario in Fig 3 shows the false packets are

completely disable means the attacker vehicle will generate the number of false information packets in the network, but these packets are not received by any node in the network (forth field information is showing that effect). Now the Road Side Unit recognizes the misbehavior activity of attacker node and broadcast their misbehavior activity information in a network by that no vehicle in the network will receive any control packet information deliver by an attacker. Now in that case the attacker has increased the packet broadcasting in the network (See field number 5). But this is totally ineffective.

Fig. 2. Traffic behavior in presence of attacker.

V. SIMULATION ENVIRONMENT NS2 (Network Simulator 2) [16] from Berkeley is an

open-source event-driven simulator specifically designed for research in computer networks communication and applications. The simulator we have used to create the network environment for the ad-hoc routing protocols. To simulate the mobile wireless radio atmosphere we've used a quality extension to NS that's developed by the CMU Monarch project at Carnegie altruist University. Since its beginning in 1989, NS2 has endlessly gained tremendous interest from business, academia, and government. On the basis of simulation parameters given in Table 1 simulation has been done in the NS-2 simulator (version NS -2.31).

A. Scenario in case of attack Now fig. 4 represents the scenario of VANET in case of

an attacker or traffic congestion. Here the rounded dense black circles represent the congestion occurrence in traffic. Here because of congestion no vehicle is moving forward on a road. The function of RSU only gathers the information from nodes or vehicles that are in range of it and control the traffic congestion if occur. And after some time RSU identifies that the only attacker vehicles forward the wrong information about the traffic i.e. traffic is clear, this one is the main origin of congestion. The behavior of attacker vehicle is clear by RSU also, that is generating the false information about the traffic.

B. Scenario in after removal attack or congestion Now after attack identification and removal scenario

represents the normal traffic condition in fig. 5. Here we

observe that traffic is normal under the vision of RSU units means the occurrence of congestion is negligible. The smooth movements of vehicle are shown the normal traffic conditions. RSU is represented by arrow sing and others are normal nodes.

C. Vehicle control packet Analysis The graph is represented in fig. 6 shows the information

about the traffic in VANET. In this graph at the right of the top three different color lines represents the information about the control traffic in case of normal attack and defense. Here we clearly see that the control packet information in case of normal traffic and traffic after congestion removal are same means after removing congestion equal number of control packets are delivered which are delivered in before congestion. But in case of attack only some control packets are delivering about on time 37sec. But no information about their receiving presents in the network because traffic network information are squashed by an attacker.

VI. CONCLUSION AND FUTURE WORK The traffic scenario in case of attack and identification is

clearly observed by Road Side Unit. In case of attack and removal congestion the correct information about the number of packets are present in different scenarios. The

Fig. 5. Scenario after removing traffic congestion

Fig. 4. Scenario of traffic congestion

Table1: Simulation Parameters Number of nodes 100

Dimension of simulated area 800800

Routing Protocol AODV

Attacker Node 1

RSU unit 2 Simulation time (seconds) 100

Transmission Range 250m

Information Packet size (bytes) 512

Maximum Speed (m/s) 30

Nodes Mobility Random way point

Fig. 3. Traffic behavior after identifying attacker

proposed scheme will definitely improve the performance in the presence of attack. The two different scenarios are really clearly visualized how traffic was congested and after identified and removal congestion the second scenario presents why the traffic are normal. A potential solution for traffic congestion problems control will be based on connected vehicles using information dissemination to exchange traffic in between the vehicles on the roads. Information on traffic roads will help the drivers to take appropriate actions such as real-time diversions to avoid congested areas. Proposed scenarios considering the optimization of routing protocols for VANET shows potential benefits on connected vehicles for more efficient congestion control scheme. The Road sides Units are really very effective to control and watch the traffic behavior.

In future the same scheme is applied on two way road scenario and analysis their effect in vehicle mobility. Now present scenarios the origins of vehicles are single but in the future we will use multiple origins of vehicles.

REFERENCES [1] Sherali Zeadally, Ray Hunt, Yuh-Shyan Chen, Angela Irwin, and

Aamir Hassan, "Vehicular Ad Hoc Networks (VANETs): Status, Results, and Challenges," Telecommunication System, Vol. 50, Issue 4, pp. 217-241, Aug. 2012.

[2] S. Y. Wang, C.C Lin Y.W Hwanq and K.C Toa,"A practical routing protocol for vehicle-formed mobile Adhoc networks on the Roads.," in Proceedings of the Ash IEEE International Conference on Intelligent Transportation, 2005, pp. 161-165.

[3] H. Fufler "Location based routing for vehicular ad hoc networks," presented at the ACM SIGMOBILE Mobile Computing and Communication Review, 2003.

[4] A.K. Kunnel Aboobaker, Performance Analysis of Authentication Protocols in Vehicular Ad Hoc Networks (VANET), Technical Report, RHUL-MA2010-02, 31stMarch2010.

[5] Feng Zhang, Jianjun Hao and Shan Le "Traffic information aggregation and propagation scheme for vanet in city environment " 3rd IEEE International Conference on Broadband Network and Multimedia Technology (IC-BNMT),26-28 Oct. 2010,ieee 2010,pp.619-623.

[6] Halabi Hasbullah, Irshad Ahmed Soomro, Jamalul-lail Ab Manan, "Denial of Service (DOS) Attack and Its Possible Solutions in VANET", IEEE 2010, pg 411-415.

[7] Irshad Ahmed Sumra,Iftikhar Ahmad, Halabi Hasbullah, Jamalul-lail

bin Ab Manan,"Classes of Attacks in VANET" Electronics, Communications and Photonics Conference (SIECPC), April 2011.

[8] Farzad Sabahi "The Security of Vehicular Adhoc Networks", Third International Conference on Computational Intelligence, Communication Systems and Networks (CICSyN),26-28-July,2011,pp-338-342.

[9] C.-L. Huang, Y. Fallah, R. Sengupta, and H. Krishnan. Intervehicle transmission rate control for cooperative active safety system. IEEE Trans. On Intelligent Transportation Systems, 12(3):645 658, 12(3):645 658, Sep. 2011.

[10] J. B. Kenney, G. Bansal, and C. E. Rohrs "LIMERIC a linear message rate control algorithm for vehicular DSRC systems", In Proceedings of the Eighth ACM international workshop on Vehicular inter-networking (VANET), pages 2130, 2011.

[11] S. Sharma and D. R. Gupta, "Simulation Study Of Black hole Attack in the Mobile Ad hoc Networks," presented at the International Conference on Network Applications, Protocols and Services 2008.

[12] M. Al-Shurman, Seong-Moo Yoo and Seungjin Park., "Black hole attack in mobile Ad Hoc networks," presented at the ACM Southeast Regional Conference'2004.

[13] Ilias Leontiadis, Publish/Subscribe Notification Middleware for Vehicular networks , in Proceedings of the 4th on Middleware doctoral symposium 2007, Newport Beach, California November 26 - 30, 2007.

[14] Ilias Leontiadis, Cecilia Mascolo"Opportunistic Spatio-Temporal Dissemination System for Vehicular Networks", In Proceedings of the First International Workshop on Mobile Opportunistic Networking (ACM/SIGMOBILE MobiOpp 2007),Colocated with Mobisys07, USA, June 2007

[15] Ilias Leontiadis, Cecilia Mascolo. "GeOpps: Opportunistic Geographical Routing for Vehicular Networks ", In Proceedings of the IEEE Workshop on Autonomic and OpportunisticCommunications (Colocated with WOWMOM07). June 2007.Helsinki, Finland. IEEE Press.

[16] Web reference, http://www.isi.edu/nsnam/ns

Fig. 6. Control packet analysis in case of different traffic conditions