Search This Blog

Saturday, 5 May 2012

Mobility Management Approaches for Mobile IP Networks


Abstract



    In wireless networks, efficient management of mobility is a crucial issue to support mobile users. The Mobile Internet Protocol (MIP) has been proposed to support global mobility in IP networks. Several mobility management strategies have been proposed which aim reducing the signaling traffic related to the Mobile Terminals (MTs) registration with the Home Agents (HAs) whenever their Care-of-Addresses (CoAs) change. They use different Foreign Agents (FAs) and Gateway FAs (GFAs) hierarchies to concentrate the registration processes. For high-mobility MTs, the Hierarchical MIP (HMIP) and Dynamic HMIP (DHMIP) strategies localize the registration in FAs and GFAs, yielding to high-mobility signaling. The Multicast HMIP strategy limits the registration processes in the GFAs. For high-mobility MTs, it provides lowest mobility signaling delay compared to the HMIP and DHMIP approaches. However, it is resource consuming strategy unless for frequent MT mobility. Hence, we propose an analytic model to evaluate the mean signaling delay and the mean bandwidth per call according to the type of MT mobility. In our analysis, the MHMIP
Outperforms the DHMIP and MIP strategies in almost all the studied cases. The main contribution of this paper is the analytic model that allows the mobility management approaches performance evaluation.
 
System Analysis
Existing System

          Hierarchical Mobile IP (HMIP) has been proposed to reduce the number of location updates to HA and the signaling latency when an MT moves from one subnet to another. In this mobility scheme, FAs and Gateway FAs (GFAs) are organized into a hierarchy. When an MT changes FA within the same regional network, it updates its CoA by performing a regional registration to the GFA.
                 When an MT moves to another regional network, it performs a home registration with its HA using a publicly routable address of GFA. The packets intercepted by the HA are tunneled to a new GFA to which the MT is belonging .The GFA checks its visitor list and forwards the packets to the FA of the MT .This regional registration is sensitive to the GFAs failure because of the centralized system architecture .Moreover, a high traffic load on GFAs and frequent mobility between regional networks degrade the mobility scheme performance.

Proposed System

         In order to reduce the signaling load for interregional networks, mobility dynamic location management approaches for MIP have been proposed: A Hierarchical Distributed Dynamic Mobile IP (HDDMIP) and
Dynamic Hierarchical Mobile IP (DHMIP). In the HDDMIP approach, each FA can act either as an FA or GFA according to the user mobility. The traffic load in a regional network is distributed among the FAs. The number of FAs attached to a GFA is adjusted for each MT. Thus, the regional network boundary varies for each MT. This number is computed according to the MT mobility characteristics and the incoming packet arrival rate. This
number is adjustable from time to time according to the variation of the mobility and the packet arrival rate for each MT.

System Requirements
Hardware Requirements:

         System                : Pentium IV 2.4 GHz.
         Hard Disk           : 40 GB.
         Floppy Drive      : 1.44 Mb.
         Monitor               : 15 VGA Colour.
         Mouse                 : Logitech.
         Ram                     : 256 Mb.


Software Requirements:

         Operating system         : - Windows XP Professional.
         Coding Language         : - Java.
         Tool Used                     : - Eclipse.

. IRM: INTEGRATED FILE REPLICATION AND CONSISTENCY MAINTENANCE IN P2P SYSTEMS



ABSTRACT:
In peer-to-peer file sharing systems, file replication and consistency maintenance are widely used techniques for high system performance. Despite significant interdependencies between them, these two issues are typically addressed separately. Most file replication methods rigidly specify replica nodes, leading to low replica utilization, unnecessary replicas and hence extra consistency maintenance overhead. Most consistency maintenance methods propagate update messages based on message spreading or a structure without considering file replication dynamism, leading to inefficient file update and hence high possibility of outdated file response. This paper presents an Integrated file Replication and consistency Maintenance mechanism (IRM) that integrates the two techniques in a systematic and harmonized manner. It achieves high efficiency in file replication and consistency maintenance at a significantly low cost. Instead of passively accepting replicas and updates, each node determines file replication and update polling by dynamically adapting to time-varying file query and update rates, which avoids unnecessary file replications and updates. Simulation results demonstrate the effectiveness of IRM in comparison with other approaches. It dramatically reduces overhead and yields significant improvements on the efficiency of both file replication and consistency maintenance approaches.
EXISTING SYSTEM:
  • Content distribution is a centralized one, where the content is distributed from the centralized server to all clients requesting the document.

  • Clients send request to the centralized server for downloading the file.

  • Server accepts the request and sends the file as response to the request.

  • In most client-server setups, the server is a dedicated computer whose entire purpose is to distribute files.

PROPOSED SYSTEM:
·         We proposed an efficient and adaptive centralized file replication algorithm in P2P file sharing systems called IRM. In the method, traffic hubs that carry more query load and frequently requesters are chosen as replica nodes.
  • Peer-to-peer content distribution provides more resilience and higher availability through wide-scale replication of content at large numbers of peers. 
  • A P2P content distribution community is a collection of  intermittently-connected nodes with each node contributing storage, content and bandwidth to the rest of the community
  • The peer-to-peer file sharing networks had a centralized server system. This system controls traffic amongst the users. 


MODULE DESCRIPTION:
File Replication
File is sharing into IRM of equal size and k simultaneous connections are used. Client downloads a file from P2P at a time. Each peer sends a replication to the client.
Efficiency of File Consistency Maintenance
File is divided into many p2p and user downloads file replication sequentially one at time. The client randomly chooses the source peer at each time slot and download the file replication from each peer in the given time slots.
Effectiveness of File Consistency Maintenance
Whenever a user completes a replication from its current source peer, the user randomly selects a new source peer and connects to it to retrieve a new p2p. Switching source peers based on chunk can reduce average time varying file download replications and updates.
Overhead of File Consistency Maintenance
          File replication is an effective method to deal with the problem of overload condition due to flash crowds or hot files. It distributes load over replica nodes and improves file query efficiency. File consistency maintenance to maintain the consistency between a file and its replicas is indispensable to file replication. Requiring that the replica nodes be reliably informed of all updates could be prohibitively costly in a large system.

SYSTEM SPECIFICATION:
HARDWARE SPECIFICATION:
Processor           :        Intel Pentium-IV
Speed                        :         1.1GHz
RAM                  :         512MB
Hard Disk           :         40GB
General                      :        Key Board, Monitor , Mouse
SOFTWARE SPECIFICATION:
Operating System        :       Windows XP
Software                    :       JAVA ( JDK 1.6.0)

Modeling and Detection of Camouflaging Worm




Abstract:-

Active worms pose major security threats to the Internet. This is due to the ability of active worms to propagate in an automated fashion as they continuously compromise computers on the Internet. Active worms evolve during their propagation and thus pose great challenges to defend against them. In this paper, we investigate a new class of active worms, referred to as Camouflaging Worm (C-Worm in short). The C-Worm is different from traditional worms because of its ability to intelligently manipulate its scan traffic volume over time. Thereby, the C-Worm camouflages its propagation from existing worm detection systems based on analyzing the propagation traffic generated by worms. We analyze characteristics of the C-Worm and conduct a comprehensive comparison between its traffic and non-worm traffic (background traffic). We observe that these two types of traffic are barely distinguishable in the time domain. However, their distinction is clear in the frequency domain, due to the recurring manipulative nature of the C-Worm. Motivated by our observations, we design a novel spectrum-based scheme to detect the C-Worm. Our scheme uses the Power Spectral Density (PSD) distribution of the scan traffic volume and its corresponding Spectral Flatness Measure (SFM) to distinguish the C-Worm traffic from background traffic. Using a comprehensive set of detection metrics and real-world traces as background traffic, we conduct extensive performance evaluations on our proposed spectrum-based detection scheme. The performance data clearly demonstrates that our scheme can effectively detect the C-Worm propagation. Furthermore, we show the generality of our spectrum-based scheme in effectively detecting not only the C-Worm, but traditional worms as well.

Existing System

Existing worm detection schemes will not be able to detect such scan traffic patterns, it is very important to understand such smart-worms and develop new countermeasures to defend against them.

Existing detection schemes are based on a tacit assumption that each worm-infected computer keeps scanning the Internet and propagates itself at the highest possible speed. Furthermore, it has been shown that the worm scan traffic volume and the number of worm-infected computers exhibit exponentially increasing patterns. Nevertheless, the attackers are crafting attack strategies that intend to defeat existing worm detection systems. In particular, ‘stealth’ is one attack strategy used by a recently-discovered active worm called “Attack” worm  and the “self-stopping” worm  circumvent detection by hibernating (i.e., stop propagating) with a pre-determined period. Worm might also use the evasive scan and traffic morphing technique to hide the detection

Proposed System

Proposed Worm detection schemes that are based on the global scan traffic monitor by detecting traffic anomalous behavior, there are other worm detection and defense schemes such as sequential hypothesis testing for detecting worm-infected computers, payload-based worm signature detection. . In presented both theoretical modeling and experimental results on a collaborative worm signature generation system that employs distributed fingerprint filtering and aggregation and multiple edge networks... In presented a state-space feedback control model that detects and control the spread of these viruses or worms by measuring the velocity of the number of new connections an infected computer makes. Despite the different approaches described above, we believe that detecting widely scanning anomaly behavior continues to be a useful weapon against worms, and that in practice multifaceted defense has advantages


Modules

1. C-Worm detection Module

Camouflaging Worm (C Worm). The C-Worm has a self-propagating behavior similar to traditional worms, i.e., it intends to rapidly infect as many vulnerable computers as possible. However, the CWorm is quite different from traditional worms in which it camouflages any noticeable trends in the number of infected computers over time. The camouflage is achieved by manipulating the scan traffic volume of worm-infected computers. Such a manipulation of the scan traffic volume prevents exhibition of any exponentially increasing trends or even crossing of thresholds that are tracked by existing detection schemes

2. Worms are malicious Detection Module OR Anomaly Detection

Worms are malicious programs that execute on these computers, analyzing the behavior of worm executables plays an important role in host based detection systems. Many detection schemes fall under this category. In contrast, network-based detection systems detect worms primarily by monitoring, collecting, and analyzing the scan traffic (messages to identify vulnerable computers) generated by worm attacks. Many detection schemes fall under this category. Ideally, security vulnerabilities must be prevented to begin with, a problem which must addressed by the programming language community. However, while vulnerabilities exist and pose threats of large-scale damage, it is critical to also focus on network-based detection, as this paper does, to detect wide spreading worms.



3. Pure Random Scan (PRS) Module

C-Worm can be extended to defeat other newly developed detection schemes, such as destination distribution-based detection. In the following, Recall that the attack target distribution based schemes analyze the distribution of attack targets (the scanned destination IP addresses) as basic detection data to capture the fundamental features of worm propagation, i.e., they continuously scan different targets

4. Worm propagation Module

Worm scan traffic volume in the open-loop control system will expose a much higher probability to show an increasing trend with the progress of worm propagation. As more and more computers get infected, they, in turn, take part in scanning other computers. Hence, we consider the Cworm as a worst case attacking scenario that uses a closed loop control for regulating the propagation speed based on the feedback propagation status.



System Requirements:
Hardware Requirements:
PROCESSOR             :          PENTIUM IV 2.6 GHz
RAM                               :      512 MB DD RAM
MONITOR                     :      15” COLOR
HARD DISK               :         20 GB
FLOPPY DRIVE         :        1.44 MB
CDDRIVE              :     LG 52X
KEYBOARD                :        STANDARD 102 KEYS
MOUSE                 :     3 BUTTONS

Software Requirements:
Front End              :  Java, JFC (Swing)
Tools Used            :  Eclipse 3.3
Operating System:  Windows XP/7