Find Sender of Route Request
Ahmad Haghighi <haghighi.ahmad@gmail.com> Sat, 17 October 2015 06:58 UTC
Return-Path: <haghighi.ahmad@gmail.com>
X-Original-To: routing-discussion@ietfa.amsl.com
Delivered-To: routing-discussion@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E07CC1A88DC for <routing-discussion@ietfa.amsl.com>; Fri, 16 Oct 2015 23:58:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.739
X-Spam-Level:
X-Spam-Status: No, score=-1.739 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, HTML_OBFUSCATE_05_10=0.26, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B5g0tZzftAxs for <routing-discussion@ietfa.amsl.com>; Fri, 16 Oct 2015 23:58:20 -0700 (PDT)
Received: from mail-lb0-x22e.google.com (mail-lb0-x22e.google.com [IPv6:2a00:1450:4010:c04::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F9041A88D3 for <routing-discussion@ietf.org>; Fri, 16 Oct 2015 23:58:20 -0700 (PDT)
Received: by lbbpp2 with SMTP id pp2so85079229lbb.0 for <routing-discussion@ietf.org>; Fri, 16 Oct 2015 23:58:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=FjlxFot/5TbYHSx5cbOHG5U5IhcTYSND4vykI307HcI=; b=BV7029taH70ZEKbHgBHBkeCatn0/z9+9qGAuDGRtChW0auGc4LoRNUrgseC7+DLj5K KEp3BEg7ezwEvi0oGIumjt8+14oB7Huiglk2FFXO3p6sKMAEkc5SzXBjw68fIC3Dr1nl 4MzbfdUpRnZotU8FuCN611Vhw0XEDXbhBQfF7oXcKykDS7MdE0DjwvKolpyF/aTOPudy eBQaIz9tDu/waplzIeg6fjYf7incPEOttTgbtikD2xbS5c7coVLRNbUHXEtFGp9Mxl8X 8kiU/CKLKMmPgOqX5A6dal0i3y8cjPh/CHIlcAna830AJs6PVpabeWfrZRJJ02baePTG PHlQ==
MIME-Version: 1.0
X-Received: by 10.112.146.104 with SMTP id tb8mr10146610lbb.35.1445065098301; Fri, 16 Oct 2015 23:58:18 -0700 (PDT)
Received: by 10.25.132.18 with HTTP; Fri, 16 Oct 2015 23:58:18 -0700 (PDT)
Date: Sat, 17 Oct 2015 10:28:18 +0330
Message-ID: <CAJVE_fWBmXDxx05Tyux9qDmC6Mq-oqo2sA72bW61KGFVMvFzow@mail.gmail.com>
Subject: Find Sender of Route Request
From: Ahmad Haghighi <haghighi.ahmad@gmail.com>
To: routing-discussion@ietf.org
Content-Type: multipart/alternative; boundary="047d7b3a8bd0dc9a4e0522476f0f"
Archived-At: <http://mailarchive.ietf.org/arch/msg/routing-discussion/Oykne5t21i1BwEZ-wURLvJTGXPk>
X-BeenThere: routing-discussion@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Routing Area General mailing list <routing-discussion.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/routing-discussion>, <mailto:routing-discussion-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/routing-discussion/>
List-Post: <mailto:routing-discussion@ietf.org>
List-Help: <mailto:routing-discussion-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/routing-discussion>, <mailto:routing-discussion-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Oct 2015 06:58:22 -0000
Hello I'm working on MANET security and Blackhole/Grayhole detection. I have a question, so please help me, or If you have little time and so can't answer me, please refer me to some people or book for finding my answer. my question is: *In MANET (with DSR or AODV) when a Route Reply (RREP) packet received by the source node, the source node can not be sure who is the sender of RREP,* (*it is a assumption in all papers*) so source node (the node which initiated Route Discovery) should do some operations for detecting exact address of Malicious node (sender of malicious RREP). But e.g. in DSR Header we have a "Source Address" field which carries address of sender. or also in IP header of ADOV RREP. I don't understand why source node is *not sure* about identity of sender of RREP? I don't know the reason of above assumption. Let me explain my question more oblivious. Source node, receive a malicious RREP, the source node use it's path for sending packets. As expected Malicious node drops all packets. Ok. Now we want to find malicious node (sender of RREP), If value of "Source Address" Was reliable, we be able to easily find malicious node (sender of RREP). But in all papers, authors employs some mechanisms for detecting malicious node (sender of RREP). so we can conclude value of "Source address" field is not reliable. My question is, why? why source node can not use this field for detecting and removing malicious node? One answer is because of IP Spoofing i.e malicious node can use another address as source address but this not the only reason, I need to find another reason for that I hardly need the answer. So please guide me Thanks
- Find Sender of Route Request Ahmad Haghighi