This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Security is a weak point in ad hoc networks due to the inherent quality of wireless media, mobility of the nodes and lack of centralized entity. Improvisation of Quality of Service in MANET is a challenging issue due to its resource constraints. We present an Improved Secure-DSR (IS-DSR), a secure routing protocol for mobile ad hoc networks. IS-DSR authenticates the routing messages using digital signatures based on asymmetric cryptography. Our objective behind IS-DSR is to have secured multiple routes to each destination and store a local trust factor for each node in the network. A trust factor is assigned to each path based on trust factor of the nodes which occur on that path. The paths with higher trust factor are preferred for routing. We implemented our approach in Glomosim simulator and compared the performance of IS-DSR and DSR. Our results show the evaluation of packet delivery ratio, routing overhead and delay outperforms in varying malicious nodes between IS-DSR and DSR.
Keywords: Security, Quality of service, Mobile Ad Hoc, Network, DSR, IS-DSR
Mobile Ad-Hoc network is an infrastructure less, self-organizing and self-managing wireless network. Due to lack of any centralized infrastructure security is a major issue in adhoc network. To make a secure communication in ad-hoc network is a big challenge and many protocols are proposed towards this. Most of these routing protocols are cooperative in nature, and rely on neighbor relationships to route packets among participating nodes. In order to achieve an standard performance in such an environment, routing protocols should be robust against the dynamic nature of the environment, which may cause the existing links and discovered paths to break after a while as a result of mobility of the nodes, and possible presence of malicious nodes which do not cooperate with other nodes and try to disrupt the network . The presence of malicious node disrupt an ad hoc network by injecting erroneous routing updates, replying old routing information, changing routing updates, or advertising incorrect routing information and the dynamic nature of adhoc network makes these detection more difficult .
A number of conventional schemes [xxxx] for the defense against a variety of Malicious Attacks in ad hoc network are based on adapting the basic on-demand routing protocol design for use in mobile wireless ad hoc networks. However, most of these routing protocols ignore the security issues and assume that every node in the environment is cooperative and trustworthy which usually not suitable for secure routing in ad hoc mobile networks.
BACKGROUND AND RELATED WORKS
To prevent malicious attack in ad hoc network many secure routing protocols such as SRP , SDSR , Ariadne , SAR , ARAN  and SAODV  are proposed for mobile ad hoc networks for DSR and AODV routing protocol in the literature.
Secure Routing Protocol (SRP)  is a route discovery protocol that mitigates the detrimental effects of malicious behavior. This protocol assumes that a security association between any two nodes that want to communicate exists. Source and destination will use cryptographic methods to protect their connection based on this security association.
It requires security verification only between source and destination of a route using MAC for RREQ and RREP packets. SRP does not implement any authentication of the relay nodes in both route request and route reply which makes the protocol light-weight and insecure to various attacks.
Ariadne  authenticates routing messages using one of three schemes: shared secret keys between each pair of nodes, shared secret keys between end-to-end nodes combined with broadcast authentication or digital signatures. Though Ariadne can ensure that falsified route requests or replies are not accepted by the destination or source of the route being discovered, it cannot identify the nodes that caused the falsification.
Security-aware ad hoc Routing (SAR)  protocol modifies AODV routing protocol to include trust hierarchies of incorporated nodes for path evaluation and selection. Protocol implements trust levels according to organizational hierarchies with a shared key for each level, so that nodes can state their security requirements when requesting a route and only nodes that meet these requirements participate in the routing. However, how to define node trust hierarchies, key distribution, knowledge of the keys of the other nodes are not addressed in this work.
Authenticated Routing for Ad hoc Networks (ARAN)  source signs the RREQ packets it initiates. Each node in the path verifies the signature of the previous node, replaces the signature of the previous (if it is not the source) with its signature of the packet, and retransmits it. So a RREQ contains, after one hop, two security codes. Destination verifies the signatures of its previous hop and the source. The security mechanisms used for RREPs are similar. However, ARAN involves too expensive computation since every message is signed in a point-to-point manner.
Secure Ad hoc on-demand distance vector (SAODV)  implements two security mechanisms (1) Digital signatures to authenticate the non-mutable fields of RREQs and RREPs and (2) Hash chains to secure the mutable information (hop count). Due to the limitation of one way hash chain mechanism, SAODV can not secure malicious node from forwarding a RREQ with the same hop count as in the RREQ it receives. It required high resources for computation to authenticate non-mutable fields of control packets using digital signatures.
Nodes exchange information about their neighborhood and construct a network topology for data packets transmission to the desired destinations in routing protocols. Such information could be target of any malicious opponent who intends to disrupt functionality of the network. Based on the way of injection malicious nodes can be divided as External and Internal attackers.
External Attackers have strong impact on the adhoc network. It can partition the network into isolated segments by injecting erroneous routing information, caching previous routing messages or modifying the valid route path information. The result of external attacks can bring the network down. Internal Attackers also cause severe damages to network by attacking on nodes. The effects on internal attacks bring down the trustworthiness of the nodes. Nodes that have been trusted before are not committing the delivery anymore. On attacked nodes also send erroneous routing messages to other nodes and modify the local route which disrupts the entire network. It can also create traffic with injecting erroneous messages. It is hard to identify the internal attacks as they already have some trust credentials.
3.1 Security Attacks
This section explains the route discovery and routing attacks on routing protocols and countermeasures taken in IS-DSR Protocol to secure adhoc network.
A. Attacks on Route Discovery Process
Route discovery process is the initial phase of routing protocols. During this process a node can malicious by source routes modification, poisoning the route cache and not participating in discovery process.
Source Route Modification: Route discovery process is entirely depends on the intermediate node cooperation. Due to an attack on intermediate nodes it may change the message of a discovering route. To prevent this attack IS-DSR signs the route message after adding its address to the route. The process secures the message from detection and modification in the way by by neither the intermediate nodes nor the destination at the end. It is possible that malicious node can eliminate some or all of the nodes in the partial path discovered without being caught with their signatures and its address to the path. From the point of view of destination this will be a valid route and if it chooses this path to reply message to the source node the message will not reach the source node since the path information is not correct. A reply from destination can also be modified by malicious node. If destination node of a route reply message is changed, it will not reach to the source or dropped as an invalid packet. If the route is modified but still reaches the source, it will be rejected as an invalid route during the signature verification process.
Poisoning Route Cache: A malicious node advertising incorrect paths has no effect on route cache of other nodes as IS-DSR not allowed listening and snooping in forwarded packets containing route information, only the destination can send back route replies. Since of intermediate nodes not use the route caches any incorrect data about the topology of the network will remain local.
Not Participating in Discovery Process: As route discovery process depends on node cooperation, if nodes deny cooperating by dropping the route requests message. Not participating or packet dropping is passive malicious behaviors which will not disrupt the route discovery process as long as there are non-malicious nodes are available.
B. Attacks on Routing Process
During route discovery malicious nodes can behave properly but it can attack during routing phase. We will explain the routing attacks and countermeasures taken in IS-DSR Protocol to secure adhoc network.
Data Packet Modification: A malicious intermediate node can modify the data packet information or inject false route. Injection of false route may cause a circular loop path via which data packet is supposed to travel. Also, if the destination address of the packet is modified, then packet will never reach to the destination. IS-DSR detects this modification by checking the signature of the source. Intermediate node or destination node can check the signature for verification, if the signature verification fails, the destination will not reply acknowledgment for this packet. Source node punishes the path nodes by decreasing their trust value on non receive of acknowledgment. Non trustworthiness paths are avoided in future communication.
Data Packet Dropping: Dropping of data packets is a common behavior of malicious nodes. It impacts the performance of routing. Source use shortest route for routing until route error message received result in packet loss. IS-DSR use trusted and shortest route to improvise the routing performance. In case of malicious node dropping packets frequently decrease the route trust and continuous misbehaving makes them removed from the routing process.
IMPROVED SECURE - DYNAMIC SOURCE ROUTING
The proposed protocol IS-DSR, assumes that both internal and external attacks are exist in the network, but majority of the nodes in the network are trustworthy. The protocol implements public key cryptography techniques to secure the network against the malicious nodes. It uses public key signatures and message encryption to prevent the routing messages modification.
Every node maintains routes to the destination for routing in the proposed protocol. Each node stores discovered routes to destination during route discovery process. It will choose on trustworthy routes on every packet forwarding request from the source. This mechanism improvised the performance and same time provide secure and stable network with a reasonable extra overhead imposed on the network. The protocol works in three phases which are explained in following sections.
The notations used are denoted as, CAukey for CA Public Key, CApkey for CA Private Key, N for Node, Nadd for Node Address, Nukey for Node Public Key, Npkey for Node Private Key, Ncert for Node Certificate E for Encryption, D for Decryption, T for Time stamp and M for message.
4.1 Secure Certificate Acquisition
Each node in the network must obtain a secure certificate from a trusted Certificate Authority (CA) before joining the network. The secure certificate once issued cannot be revoked or expired during the lifetime of the network. The certificate will be gets invalid if the trust value the node degrades below threshold. It means the validity of the certificate will be remains till the trustworthy is maintained. In this process we will be able to identify the nodes which illegally possessing valid certificate and can be avoid in routing process.
A Certificate Authority is assumed to be secure and having a public key which everybody knows. The certificate issued by the CA will be bound with the CA Public Key, node address and node public key. CA also provide node private key along with certificate.
The certificate issued by CA denoted as,
The certificate consists of Node address, Node public key and CA Public Key which is encrypted using CA private Key. CA Public key will be used for verify other node certificate.
4.2 Secure Route Discovery Process
In proposed protocol to initiate route discovery process source node need to broadcast route request (RReq) message. To secure the route request message source node signs the route request message before broadcasting. A route request message represents as,
and the node signed message represent as,
Intermediate nodes on received of route request message verify each signature in the RReq message with a probability p in order to check the malicious node tampering. It checks the sequence of the signature in the message to check the existing of node certificate. If node certificate already exists it discard the message, else it will sign the message and re-broadcast. This process of re-broadcasting continues until its reach to the destination node of packet time stamp expired.
When route request receives by a destination node it sends a route reply (RRep) message. Destination node checks for duplicate path route request and discard those route requests. RRep sent back to the source through the route in which it reached to destination in unicast mode. To make the RRep secure destination node must sign the RRep message before sending. A route reply message represent as,
Intermediate node verifies each of the signatures in the RRep message by the probability p if all signature are valid it will sign the message and send to next node in the path else the route will be discard. This process continues till discovery period of source expired or number of route required is discovered.
It is not scalable to keeping all the possible paths from source to destination. This protocol maintains a constant of five routes in route cache to limit the memory overhead. Intermediate node also maintains the route details to keep track of source to destination route request messages broadcasted and also help in to taking decision for re-broadcasting in case of repeating route request.
4.3 Secure Routing Process
Efficient data routing is main objective of routing protocols in adhoc network. The proposed protocol sends data through the discovered routes which discovered in secure route discovering process after calculating each node trust value. The protocol assumes that all the nodes in the network are trustworthy initially. The trust value are calculated based on the three factors, is number of data packet delivered, is number of data packet dropped and is number of credential for participated in successful path for data delivery. The trust value of a node represent as,
where x is,
Source sends the data packets via the cached path to destination. On receive destination sends acknowledgement for every data packet received. This assures source the successful delivery of data packets.
The communication between source and destination initiate by selecting an optimal path from route cache. The optimal path selection based on the shortest and highest first hop node trust value which connected to the source.
Table-1 Source Node Routing Table
For example, as shown in Table-1 source node routing table which maintain 5 routes to destination D. Even though first route of the table is shortest our scheme select second route for routing as trust value of first hop of the second route is high. It is not wise to route based on entire route trust as trust of few intermediate nodes participating in the routing can be very low or few nodes may be very high, which give a fare trust on calculation and lead more packet loss and increase communication overhead on link failure. To overcome this proposed scheme route data packets to the node which has high trust in the maintain route.
Table-2 Intermediate Node-3 Routing Table
Intermediate node follows the same scheme as source node does. Table-2 shows the routing table of node 3. Node 3 has two hops as per the routing table shown in Table-2. Based on the trust value calculation node 3 sends the data packet to node 4 of instead of Node 5.This scheme of selection will continue till data packet delivered to destination. The proposed approach increases the efficiency of packet delivery.
Every intermediate node need send a signed acknowledgment to its previous hop on successful deliver of data packet to it next hop. If next hop fails to deliver then intermediate node sends a node error message to the source and tries for next available hops. If intermediate node fails to route with all the hops, it sends a route error message to the source. Source punish all those node by decreasing their trust and in future avoid those routes having those nodes.
Destination node on receive of data packet send a signed acknowledgement message in reply to source. The acknowledge message represent as,
Intermediate nodes forward this acknowledgement back to source again verifying the signature of destination by a by a probability p.
Source node maintains a table of sequence numbers of packets it has sent. Whenever it receives an acknowledgment it updates the trust factors entries for each of the nodes in the path used for packet sending. If after acknowledgment time source does not receive an acknowledgment, it will assume that the packet has never been delivered correctly and punishes nodes in the corresponding path by increasing their corresponding data drop value.
5. EXPERIMENT AND RESULTS
5.1 Simulation Setup
We implement the simulation using Glomosim Simulator. Glomosim is a scalable network simulation environment for mobile ad-hoc networks, developed at UCLA Parallel Computing Laboratory. It has the capabilities to simulate thousands of mobile nodes without disregarding the details in the lower layer protocols and allow rapid integration of developed protocols.
To implement IS-DSR we modified the DSR protocol and evaluated the effect of our proposed protocol over DSR. The packet header size of route request and routing has increased as we added the security parameters. We simulate the simulation with the following setup parameters for both DSR and IS-DSR.
1200m X 800m
No. of Nodes
0 to 20 m/s
Pause Time (sec)
Table-3 Simulation Parameters
We perform the experiment based on the Table-3 simulation parameter for a period of 600 seconds. The simulation runs on Random Way-point movement behavior model where each node placed randomly for a period of pause time and chooses a new location at random and moves with a speeds between 0 to 20 m/s. We run the simulation in six different pause times as mention in Table-1. For routing we have taken 15 source destination pairs at constant bit rate (CBR) flow of 4 data packets per seconds and each packet size is 512 bytes in size.
The experiment will be tested in two different scenarios, first without any malicious nodes in the network and secondly with 20% of malicious nodes. The experiment result demonstrates the overhead introduced due to security improvement and throughput improvisation between DSR and IS-DSR.
All nodes behave normally during route discovery process but during routing simulator choose 20% malicious node randomly, those nodes behave abnormally and drops all data packets routed through them. However any kind of packet modification attacks can be detected using signatures verification in IS-DSR and dropping of data packets isolates the malicious node from the network.
In this experiment we measure Control Overhead and Delivery Ration metrics.
Packet Delivery Ratio
Packet delivery is the total number of data packets received, divided by the total number of data packets originated.
Figure-1 Average Delivery Ratio in Absence of Malicious Nodes
Figure-2 Average Delivery Ratio in Presence of Malicious Nodes
Figure-1 shows the packet delivery ratio for IS-DSR and DSR in the absence of malicious nodes is nearly same. Figure- 2 shows the same result in the presence of malicious nodes. The figure-2 describes that except for the high mobility i.e., low pause time scenario the packet delivery ratio of IS-DSR out perform over DSR. However, the packet delivery ratio of DSR results low when 20% of the malicious nodes drop the data packets. The performance of DSR gets better with pause time increases. As the pause time increases the nodes become stable and a malicious node has a relatively low effect on the network. In fact, if none of the malicious nodes is on the shortest paths from sources to destinations then throughput ratio will be better.
Control overhead calculated based on the total number of control packets originated and forwarded by the protocols during entire communication process.
Figure-3 Average Control Overhead in Absence of Malicious Nodes
Figure-4 Average Control Overhead in Presence of Malicious Nodes
Figure-3 and 4 describe control overload for IS-DSR and DSR in the absence and presence of malicious nodes. In both cases IS-DSR has higher overload than DSR. The difference decreases with increases in the pause time. The main reason for this high overload due to acknowledgement exchange between intermediate nodes and IS-DSR route replies can be sent only by the destination. Moreover, IS-DSR depends on multiple routes so unlike DSR a route request can be rebroadcast more than once. When the mobility is higher number of performed route discovery operations increases due to a larger number of broken links, resulting in more overhead.
6. Conclusion and Future Work
We proposed a new IS-DSR secure routing protocol for mobile ad hoc networks. IS-DSR authenticates the routing messages using digital signatures based on asymmetric cryptography. IS-DSR manages multiple routes to each destination. Each node in the network also stores a local trust value for every other node and also maintain route table. A trust value of first hop node is computed for every node before selecting a path. Intermediate node select paths with higher trust node values are preferred for routing the packets. We have simulate our approach in Glomosim simulator and compared the performance of IS-DSR and DSR. When there are no malicious nodes in the network, IS-DSR achieves the same packet delivery ratio as DSR. In the presence of malicious nodes IS-DSR outperforms DSR in the throughput. In both cases, IS-DSR introduces a reasonable network load to establish the high packet delivery ratio.
An enhancement to punishing selfish nodes based on their packet delivery performance can be incorporated. Trust values for neighbors can be updated using a method monitoring neighbor transmissions. This enhancement can lead to smaller convergence period for the trust values. Also, more experiments need to be done to measure the effects of any changes in values of parameters of the protocol and to find out what the optimal values are for different setups.