Detection of Malicious nodes inVanet

Detection of Malicious nodes inVanet

Vehicular Ad hoc Network provides vehicle to vehicle and vehicle to roadside communication by a self-configuration type of network. Through the nodes the data is shared representing themselves as servers and clients across the network. Computers, communications, management technologies, sensor and control innovations comprises of several components. For integration of these functions there can be an improvement in the functioning of a transportation system. By using Vehicular Ad-Hoc Networks the warnings related to the environmental hazards, traffic, road conditions and data regarding the transmission amongst vehicles is provided. The information can be spread across the network if there is any kind of traffic jam or road closure.  This saves time and also helps the drivers for avoiding the specific routes.

Distributed Denial of Service Attack (DDOS) attack is an attempt made by an attacker from different location for stopping the legitimate users from the system for accessing the required objects. Examples of the DDOS attack are as follows:
i)            Flooding the network prevents access of legitimate network traffic.
ii)      Disruption of the connections amongst two machines prevents users to access service.
iii)    Through preventing one individual user to have access to it prevents the user from    accessing a service.

Within the DDOS attacks there are different tools utilized. Even though they have different name they have same basic structure of the tools. Following are the components as shown in figure .
·      Attacker: If the hacker uses the personal computer it is the responsibility of the hacker.
·     Master: the system receives direct command from the attacker also the other agents are controlled by it.
·     Handler: through this program the tasks are performed on the program master system.
·     Agent: the system directly attack the target
·  Demon program: with the help of this program the above tasks are performed on the agent system.

Garima Saini

Assistant Professor

Department of Information Technology.

Mobile Forensics

Mobile forensics is a branch of digital forensics related to the recovery of digital evidence from mobile devices. With the continued growth of smart phone market, the probability of their use in criminal activities has continued to increase. Mobile phone nowadays comes with a wide variety of software application, new technologies and operating systems. Therefore it becomes complicated for a forensic investigator to examine the evidence from a mobile phone. A proper knowledge of forensic tools and their features is required to collect relevant information.Forensics Operating system like android, being open source, is an advantage for the software developers; but, it is the biggest disadvantage for forensic analysts, as they have to craft and implement new methods for breaking into the device and performing forensic analysis. The methods of performing forensics analysis and data acquisitions on mobile devices are not constant. Investigators must adapt to new methods and change their approach each time they perform forensic investigation on mobile devices.

Important aspects of cell phones which are to be analysed:

· Internal memory

· SIM card

· Memory card

· Network provider

Important data types which can be extracted from the forensic analysis of mobile devices are - Text messages, contacts, history, photos, audio, video, GPS location, emails, memos, calendar, documents, web-history such as use of social media applications like Facebook, twitter, Instagram, WhatsApp etc.

The Chip-Off and JTAG methods are increasingly gaining popularity because of capability of this method to by-pass complicated phone locks and drive encryption. Ultimately, the tool on which forensic analysis is performed will be provided with physical image of the memory chip from that mobile device. In Chip-Off method, the chip is removed or unmounted from the circuit board of the mobile device and testing and programming is done using JTAG (Joint Test Action Group). This method requires the knowledge of location of the chip and JTAG connectors in the device. Along with this, the person must have the knowledge of dismantling and repairing the hardware of the device. The main difference between Chip-Off and JTAG method is that, in the chip extracted during Chip-off analysis cannot be remounted again in the device unlike the JTAG where the connections can again be soldered. Hence, Chip-Off is normally used on damaged devices. This physical image is created by bit-by-bit copy of data stored on memory chip. There are many cases, where calculating a physical dump is not possible with physically extracting the storage chip. Today with such a fast growing pace of mobile devices, it is impossible to design a customized tool for every device, but the physical dump obtained from a memory chip can be analysed in a similar way. Even though Chip-off and JTAG are complicated processes, due to their output obtaining capabilities, there use is on the rise. Sometimes, forensic experts need to analyse mobile devices which are completely damaged in an accident or even sometimes the suspects damage it on purpose, in-order to destroy the evidence, during such time, this method can be very effective and where the other processes fail.

Ms.Sonali Sharma

(Assistant Professor-IT)

Department of IT