Development of an Improved Intrusion Detection Based Secured Robust Header Compression Technique
Chapter One
Aim and Objectives
The aim of this research work is to develop an improved intrusion detection based secured robust header compression technique.
The objectives of the research are as follows:
- Replication and implementation of the secured robust header compression
- Develop an improved Intrusion Detection based SecureRObust Header Compression technique (IDSROHC) using modified selective watchdog intrusion detection algorithm .
- Compare the performance of the IDSROHC and secured ROHC using throughput and packet delivery success as performance.
CHAPTER TWO
LITERATURE REVIEW
Introduction
The chapter comprises of the overview of fundamental concept and the review of similar works. The review of fundamental concept presents theories and works that lay foundation for the success of this research while review of similar works present existing work related to the research.
Review of Fundamental Concepts
In this section, concepts fundamental to this research work such as review of existing Internet Protocol (IP) header compression andshared-state IP header compressionare reviewed, also works similar to this research are reviewed. The review also include techniques, methods and model equations considered in other research works
Internet Protocol (IP) header compression
Packet compression can be achieved by either header or payload compression, or the combination of both(Sun et al., 2011). Packet compression allows much smaller amounts of packet drops, more simultaneous sessions, and a smooth and fast behavior of applications(Matias & Refua, 2005). The overhead portion, especially for a small packet couple with the desire for industry to move to an IPv6 (or dual stack IPv4/IPv6) have pushed research towards maximizing bandwidth efficiency (Jivorasetkul et al., 2012).There are 20 bytes of IPv4 header, 40 bytes ofIPv6 header, 12 bytes of User Datagram Protocol(UDP) header and 8 bytes of Real-time Transport Protocol (RTP)header. These make a total of 40 bytes to 60 bytes. However, the effective payload of data packets in real-time multimedia services is usually 15-20 bytes.
Therefore, only 27% -33% of the bandwidth is used to transmit the actually useful data, and a lot of bandwidth is used to transmit the protocol headers(Chen et al., 2012). Studies performed in 2008 by the Cooperative Association for Internet Data Analysis (CAIDA) have shown that the potential bandwidth savings per packet for IPv6packets on the core networks is 10–30 percent(Cheng et al., 2013).Therefore, it is essential to find a way to improve the network bandwidth utilization. One method of increasing bandwidth efficiency is the use of IP header compression (Cheng et al., 2013; Jivorasetkul et al., 2013; Tomoskozi et al., 2015).
IP header compression is the process of reducing protocol header overhead in order to improve bandwidth efficiency while maintaining the end-to-end transparency (Rawat & Bonnin, 2010).IP header compression concept relies on the characteristic that many header fields in consecutive packets belonging to the same packet flow remain a constant or change in predictable manner (Jivorasetkul et al., 2012). A lot of header fields do not change their value or change according to certain rules during a communication session. Therefore,it is useful to separate the header fields according to their classification as static, dynamic, static known and static inferred(Majanen et al., 2015). The header fields of an IP packet is classified in to the following:
- Inferable fields: These are fields that can be inferred by other header fields, such as the length The inferable field is never sent in header compression schemes.
- Static fields: The value of these fields does not change during the entire transmission of the data stream, such as the version field in IP headers. Static fields are just sent when a data stream is
- Statically defined fields: These fields are generally used to define the properties of data streams and to distinguish them, such as the address fields. Statically defined fields are also sent once when a data stream is established.
- Changed fields: These fields change between the packets in a data stream, in accordance with certain rules or randomly. It is necessary to compress the changed fields by using some of the compression algorithms(Chen et , 2012).
An IP header compression protocol comes in two broad categories. They are stateful IP header compression and shared-state (often called stateless) IP header compression.
CHAPTER THREE
MATERIALS AND METHOD
Introduction
This chapter describes the methods, materials and procedures employed for the successful completion of this research. The secured ROHC and an IDSROHC technique based on selective watchdog intrusion detection system were developed and simulated using MATLAB based GUI
.The steps of the methodology adopted for this research, towards developing improved intrusion detection based secured robust header compression techniqueare highlightedin section 1.4.
CHAPTER FOUR
RESULTS AND DISCUSSIONS
In this section the performance of the secured ROHC and that of IDSROHCtechniques werecompared on the basis of throughput and packet delivery success. This is to determine by how much the improved model outperformed the existing model.
CHAPTER FIVE
CONCLUSION AND RECOMMENDATION
Summary
This research hasdeveloped an improved Intrusion Detection based Secured RObust Header Compression (IDSROHC) using watchdog technique. The developed IDSROHC is aimed at mitigating brute force attack in a robust header compression network. The developed IDSROHC is GUI based and evaluated using packet delivery success and average network throughput. Conclusion, recommendation and limitation encountered during the course of this research are presented. Areas of future research have also been suggested.
Conclusion
Secured ROHC using processes such as random waypoint model, Bellman-ford calculation of shortest path, ROHC model, traffic model, packet encryption, calculation of cyclic redundancy check and brute force attack model. In other to mitigate the challenge (brute force attack) associated with Secured ROHC, an improved Intrusion Detection based Secured RObust Header Compression (IDSROHC) technique has been developed using watchdog based intrusion detection system. This was developed on a MATLAB graphical user interface platform. The result obtained show that when seventy five thousand packets was transmitted from the source node to destination node with IDSROHC use against brute force attack , throughput and packet delivery success improvement of 4.97% and 29% respectively was recorded over Secured ROHC .
Significant Contributions
A lot of Researches has been done on compressing IPv6 header using Robust Header Compression. Research has also been done on Securing RObust Header Compression. Significant contributions of this research work are as follows:
- Development of a graphical user interface (GUI) improved Intrusion Detection based Secured RObust Header Compression technique (IDSROHC). This has added ability of secured RObust Header Compression (ROHC) to detect brute force attack link by using watchdog base intrusion detection
- The IDSROHC was validated using two performance metrics (Packet delivery success and throughput). IDSROHC outperformed Secured ROHC by 4.97% throughput and 29% packet delivery
Limitations
The limitation of this research work is:
- Queueing Delay and Network Congestion was not considered
Recommendations for further work
The following possible areas of further work are recommended for consideration for future research:
- Further study can be done to Implement these security features into a kernel implementation of ROHC and evaluating in an emulation environment with real
- The algorithm can be modified to increase the encryption strength by applying randomize encryption to CRC
REFERENCES
- AB, E. ( 2004 ). The concept of robust header compression, ROHC. Retrieved 8 march 2016, from http://www.effnet.com/pdf/uk/Whitepaper_Robust_Header_Compression.pdf
- Al-Roubaiey, A., Sheltami, T., Mahmoud, A., Shakshuki, E., & Mouftah, H. (2010). AACK: adaptive acknowledgment intrusion detection for MANET with node detection enhancement. 2010 24th IEEE International Conference on Advanced Information Networking and Applications, 634-640.
- Ali, A. N. A. (2012). Comparison study between IPV4 & IPV6. International Journal of Computer Science Issues, 9(3), 314-317.
- Ang, W.-C., Wan, T.-C., Kataoka, K., & Teh, C.-H. (2008). Performance Evaluation of Robust Header Compression (ROHC) over Unidirectional Links using DVB‑ S Testbed. Keio SFC Journal, 8(2), 21-36.
- Azhagiri, M., Rajesh, A., & Karthik, S. (2015). Intrusion Detection and Prevention System: Technologies and Challenges. 384-395.
- Batabyal, S., & Bhaumik, P. (2015). Mobility models, traces and impact of mobility on opportunistic routing algorithms: A survey. IEEE Communications Surveys & Tutorials, 17(3), 1679-1707.
- Beijnum, I. v. (2006). Running IPv6 (J. Sumser Ed.). New york,United States: Springer publishers, 2.
- Bow-Nan, C., John, Z., Jim, W., Scott, M., & Brian, H. (2013). MANET IP Header Compression. MILCOM 2013-2013 IEEE Military Communicatinos Conference, 494- 503. doi: 10.1109/milcom.2013.91
- Butun, I., Morgera, S. D., & Sankar, R. (2014). A survey of intrusion detection systems in wireless sensor networks. IEEE Communications Surveys & Tutorials, 16(1), 266-282.
- Can, O., & Sahingoz, O. K. (2015). A survey of intrusion detection systems in wireless sensor networks. 6th International Conference on Modeling, Simulation, and Applied Optimization (ICMSAO), 2015, 1-6.
- Casoni, M., Grazia, C. A., Klapez, M., & Patriciello, N. (2017). How to avoid TCP Congestion without dropping Packets: an Effective AQM called PINK. Computer Communications.
- Cha, H., Shon, T., Kim, K., & Hong, M. (2015). Improving packet header compression with adaptive sliding window size. Paper presented at the 2015 International Conference on Information Networking (ICOIN), 541-543.