Conference Paper

Cooperative black and gray hole attacks in mobile ad hoc networks.

DOI: 10.1145/1352793.1352859 Conference: Proceedings of the 2nd International Conference on Ubiquitous Information Management and Communication, ICUIMC 2008, Suwon, Korea, January 31 - February 01, 2008
Source: DBLP

ABSTRACT In this paper, we propose a complete protocol to detect a chain of cooperating malicious nodes in an ad hoc network that disrupts transmission of data by feeding wrong routing information. Our technique is based on sending data in equal but small sized blocks instead of sending whole of data in one continuous stream. The flow of traffic is monitored independently at the neighborhoods of both source and destination. The results of monitoring are gathered by a backbone network of trusted nodes. With assumption that a neighborhood of any node in the ad hoc network has more trusted nodes than malicious nodes, our protocol can not only detect but also remove a chain of cooperating malicious nodes (gray/black hole) by ensuring an end-to-end checking between the transmission of two blocks of data. The protocol takes O(mdBN) time for detection and removal of gray/black holes chain which betters an earlier O(n2) time bound [4] for detecting a single black hole in the network. Here, m is the number of malicious nodes in the network, dBN is the diameter of a backbone network formed out of the flat ad hoc network, and n is the total number of nodes in the ad hoc network.

  • Source
    5th International ICST Conference on Bio-Inspired Models of Network, Information, and Computing Systems (Bionetics); 12/2010
  • Source
    IEEE Communications Surveys and Tutorials. 01/2011; 13:658-672.
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Port sniffing, malicious hacking and the exploitation of web-based information systems’ vulnerabilities remains a clear and potent danger to communication and transactions on the world wide web. The situation is further complicated by the ubiquitous nature of the internet and the increasing volumes of private, organizational and institutional information repositories being migrated unto internet platforms. Malicious users sniffing private information engage in port scanning using automated tools hooked on proxy systems to intrude into unsuspecting hosts. Existing preventive measures that use plain-text authentication, port knocking and Single Packet Authorization (SPA) mechanism fail the requirement for strong authentication since captured tokens can be trivially replayed. They are also vulnerable to Denial of Service (DoS) attacks and a foreknowledge of the knock sequence makes it trivial for adversaries to replay the sequence in order to gain access to service ports. Our research propose a system that employ dynamic knock sequence to prevent hackers from sniffing or predicting the next sequence of interactions in online communication channels. Port knocking is combined with steganography and cryptography to make the system more robust, thus offering resilient protection against port scanners.
    06/2011; 18(1):58 - 70.

Full-text (2 Sources)

Available from
May 31, 2014