Project Report on Wireless Intrusion Detection System

Mobility Configuration 

As all the nodes used in this simulation process are mobile in nature, the required mobility is set using at this step. Mobile configuration node is used to set the required mobility to all the nodes and this can be done by following the below steps 

• Right click on the mobile config node and check the option edit attributes
• Choose the Random mobility profiles and expand the default random waypoint option to set the required mobility profile for all the mobile nodes
• Now set the random waypoint parameters accordingly as shown in the screenshots in the appendix section
• Once the mobile configuration settings are done, go the topology menu
• Chose the option Random mobility and from there choose the option set mobility profile
• Click ok on the warning message and click ok on the default random waypoint model
• Once these steps are done, it can be observed that arrow marks are appended to all the mobile nodes and this indicates that required mobility is set to all the mobile nodes across the network

The detailed procedure followed in this context is shown in the appendix user manual section.

Performance metrics 

Thus the above procedure is followed to set the application and profile settings for the mobile nodes and the wireless LAN server and once these settings are done, the corresponding DES metrics should be chosen. As the main aim of this simulation is to understand the impact of intruders on the routing protocol and also detect the intruder actions based on the frequency of the number of nodes affected, few DES metrics related to routing protocol are chosen. In this scenario there are no attack nodes and the frequency is zero in this case. The process to choose the individual statistics is given in the below steps 

• Right click on the workspace of the network and choose the option Choose Individual DES statistics
• It can be observed that there are three level of performance metrics like Global statistics, Node statistics and link level statistics
• Global performance metrics are used in this context and among them the key aspects like DSR routing protocol metrics are used across this simulation.
• Expand the DSR metrics and then chose the option like route discovery time, routing traffic received, routing traffic sent, total cache replies sent, total packets dropped and total route errors sent are chosen to estimate the performance of the network against the intruder attacks
• Once these options are selected click on Ok button to apply these changes

Detailed procedure to built the first scenario is given in this section and the simulation procedure for the next scenarios is given as below 

Scenario two 

In this Wireless Intrusion Detection System, two nodes are identified across all the 30 nodes and the parameters of the DSR routing protocol are changed.  This scenario can be created by just choosing the duplicate scenario from the scenarios menu and this network setup is similar to the first scenario and the required changes are done to nodes identified. As said, two mobile nodes are identified in this process and they are node 2 and node 4 and the DSR routing protocols of these nodes are changed accordingly such that they introduce the required intruder actions for the network. These two nodes are now considered as the attack nodes and they generate the anomaly traffic across the network and the actual parameters changed are explained as below 

Following are the actual attributes set for node 2 and they are changed to impose the intruder actions on the network 

• Maximum buffer size is set to infinity
• Expiry time is set to 50 seconds
• Request table size is set to 10 nodes
• Maximum request table identifiers is set to 16
• Maximum request retransmission is set to 16
• Maximum request period is set to 10 seconds
• Initial request period is set to 0.5 seconds
• Non propagation time is set to 0.03 seconds
• Gratuitous router reply timer 1 second
• Maximum buffer size is set to 100 bytes
• Maintenance holdoff time is set to 0.25 seconds
•  Maximum maintenance retransmission attempts are set to 2
• Maintenance acknowledgment is set to 2 

Following are the attributes set for node 2 to impose the required intruder actions on the network

• Maximum buffer size is set to 1000
• Expiry time is set to 50 seconds
• Request table size is set to 64 nodes
• Maximum request table identifiers is set to 16
• Maximum request retransmission is set to 32
• Maximum request period is set to 10 seconds
• Initial request period is set to 0.5 seconds
• Non propagation time is set to 0.03 seconds
• Gratuitous router reply timer 1 second
• Maximum buffer size is set to 100 bytes
• Maintenance holdoff time is set to 0.25 seconds
•  Maximum maintenance retransmission attempts are set to 2
• Maintenance acknowledgment is set to 2 

Scenario three 

In this scenario one more attack nodes are added and thus the total number of attack nodes in this context is four and this scenario can be generated by duplicating the second scenario. One more nodes like node 6 is changed at their attributes level to impose more intruder actions across the network and the actual parameters set in this context as given below 

Following are the attributes used for the node 6 

• Maximum buffer size is set to 1500
• Expiry time is set to 50 seconds
• Request table size is set to 64 nodes
• Maximum request table identifiers is set to 16
• Maximum request retransmission is set to 16
• Maximum request period is set to 50 seconds
• Initial request period is set to 0.5 seconds
• Non propagation time is set to 0.03 seconds
• Gratuitous router reply timer 1 second
• Maximum buffer size is set to 50 bytes
• Maintenance holdoff time is set to 0.25 seconds
•  Maximum maintenance retransmission attempts are set to 2
• Maintenance acknowledgment is set to 2

Running the simulation 

Once all the scenarios are ready, they are run against the simulation and following steps should be followed in this context 

• Scenarios menu is opened and manage scenarios option is selected
• From there it can be observed that there are three scenarios like the normal scenario, two node attacks scenarios and three node attacks scenario
• Make sure all the scenarios are saved before running the simulation
• Set the simulation time to 2 minutes and it can be more also to derive more accurate results
• Click on Ok button to run all the scenarios against the simulation time set. 

Once the scenarios are run, the results can be viewed and compared to understand the intruder actions and the corresponding overall performance of the network and the results obtained are explained in the next chapter at a detail level.  All the screenshots used to make this simulation step are given in the user manual part of the appendix section.