Data Security in Mobile Ad Hoc Networks using Genetic Based Biometrics

Report as inappropriate Your report has been received

Description

IJCSIS is an open access publishing venue for research in general computer science and information security. Target Audience: IT academics, university IT faculties; industry IT departments; government departments; the mobile industry and computing industry. Coverage includes: security infrastructures, network security: Internet security, content protection, cryptography, steganography and formal methods in information security; computer science, computer applications, multimedia systems, software, information systems, intelligent systems, web services, data mining, wireless communication, networking and technologies, innovation technology and management. The average paper acceptance rate for IJCSIS issues is kept at 25-30% with an aim to provide selective research work of quality in the areas of computer science and engineering. Thanks for your contributions in September 2010 issue and we are grateful to the experienced team of reviewers for providing valuable comments.

Shared by: ijcsis

Stats

views:: 596
posted:: 10/10/2010
language:: English
pages:: 5

Public Domain

Document Sample

(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 6, September 2010

Data Security in Mobile Ad Hoc Networks using
Genetic Based Biometrics
B. Shanthini, Research Scholar S. Swamynathan, Assistant Professor
CSE Department CSE Department
Anna University Anna University
Chennai, India Chennai, India
bshanthini@gmail.com swamyns@annauniv.edu

Abstract— A mobile ad hoc network (MANET) is a self A. Security challenges in MANET
configuring, dynamic, multi hop radio network without any fixed Wireless ad hoc networks are vulnerable to various attacks
infrastructure. MANETs are collections of wireless mobile [1]. Adversaries may attempt passive and active attacks to gain
devices with restricted broadcast range and resources and unauthorized access to classified information, modify the
communication is achieved by relaying data along appropriate information, delete the information or disrupt the information
routes that are dynamically discovered and maintained through flow. The best way to protect data information in a most fine-
collaboration between the nodes. The main challenge in the granular way is by providing security at the application layer. It
design of such networks is how to prevent the attacks against is highly desirable to handle data confidentiality and integrity
data such as unauthorized data modification, impersonation etc. in application layer, since this is the easiest way to protect data
Biometrics provides possible solutions for this security problem from altering, fabrication and compromise. With the rapid
in MANET since it has the direct connection with user identity evolution of wireless technology the reliance of ad hoc
and needs little user interruption. So, researchers have been networks to carry mission critical information is rapidly
investigating ways to use biometric features of the user rather
growing. This is especially important in a military scenario
than memorable password or passphrase, in an attempt to
produce tough and repeatable cryptographic keys. In this paper where strategic and tactical information is sent. Therefore the
such a security system based on Biometrics and Genetic ability to achieve a highly secure authentication is becoming
algorithm which is providing data security in MANET is more critical.
presented. Numerous countermeasures such as strong authentication,
Keywords-– Mobile Ad hoc Networks, Data Security, encrypting and decrypting the messages using traditional
Biometrics, Genetic Algorithm. cryptographic algorithms and redundant transmission can be
used to tackle these attacks. Even though these traditional
I. INTRODUCTION approaches play an important role in achieving confidentiality,
Mobile ad hoc networks are seen as autonomous that can be integrity, authentication and non-repudiation, these are not
quickly formed, on demand, for specific tasks and mission sufficient for more sensitive and mission-critical applications
support. Communication generally happens through wireless and they can address only a subset of the threats. Moreover,
links, in which nodes within a radio range communicate and MANETs [2] cannot support complex computations or high
coordinate to create a virtual and temporary communication communication over head due to the limited memory and
infrastructure for data routing and data transmission. MANET limited computation power of mobile nodes.
can operate in isolation or in coordination with a wired network
through a gateway node participating in both networks. This B. Necessity of Biometrics Security
flexibility along with their self-organizing capabilities, are For mission-critical applications such as a military
some of their biggest strengths, as well as their biggest security application may have higher requirements regarding data or
weaknesses. information security. In such a scenario, we may design the
The applications of MANET include the foremost security system combining both biometrics and cryptography.
situations such as emergency/crisis management, military, Biometric based security scheme overcome the limitations of
healthcare, disaster relief operations and intelligent traditional security solutions. Biometrics refers to the methods
transportation systems. So message security plays a vital role in for uniquely recognizing humans based upon one or more
data transmission in MANET. However, because of the intrinsic physical or behavioral traits like fingerprints, iris,
absence of an established infrastructure or centralized retina scans, hand, face, ear geometry, hand vein, nail bed,
administration, implementation of hard-cryptographic DNA, palm print, signature, voice, keystroke or mouse
algorithms is a challenging prospect. So, in this paper, we dynamics, and gait analysis etc.
present a novel security method using genetic based biometric
cryptography for message security in mobile ad hoc networks.

149 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 6, September 2010

Biometric technologies have confirmed its importance in Qinghan Xiao [5] introduced a new strategy for
the fields such as security, access control and monitoring authentication of mobile users. Each user has a profile which
applications. The tradeoffs among these biometric contains all the information of the ID holders. The group leader
technologies really depend on the application and security also maintains the biometric templates of the group members.
level involved. The best biometric technology [3] that can Instead of a central authentication server, the group leaders act
easily be deployable in ad hoc networks is fingerprint as distributed authenticators. Each group has a shared
recognition. Fingerprints have been successfully used in cryptographic key which is used for cryptographic
civilian identification for years because of their communication within the group. The proposed approach is
designed for high security small group coalition operations and
unchangeability during the human life time and uniqueness of
may not be suitable for enterprise usage.
each individual. As biometrics can't be borrowed, stolen, or
forgotten, and forging is practically impossible, it has been Jie Liu et al. [6] proposed an optimal biometric-based
presented as a natural identity tool that offers greater security continuous authentication scheme in MANET which
and convenience than traditional methods of personal distinguished two classes of authentications: user-to-device and
recognition. device-to-network. This model focused on the user-to-device
Even though biometric has advantages, it also raises many class and it can optimally control whether or not to perform
security and privacy concerns as given below: authentication as well as which biometrics to use to minimize
the usage of system resources.
i. Biometric is authentic but not secret.
ii. Biometric cannot be revoked or cancelled. B Ananda Krishna et al. [7] depicted a model which used
iii. If a biometric is lost once, it is compromised forever. multiple algorithms for encryption and decryption. Each time a
iv. Cross-matching can be used to track individuals without data packet is sent to the application layer it is encrypted using
their consent. one of these randomly selected algorithms. When responses are
analyzed they give a random pattern and difficult to know
To overcome these disadvantages, instead of using the neither algorithms nor keys. The proposed scheme worked
original biometric, a set of features are taken from it and well for heavily loaded networks with high mobility.
transformed using genetic algorithm. If a biometric is
compromised, it can be simply reenrolled using another feature Zarza L et al. [8] explained the context of the study of
set and another genetic operation, thus providing revocability Genetic Algorithms as an aiding tool for generating and
and the privacy of the biometric is preserved. optimizing security protocols. This paper explains how security
protocols can be represented as binary strings, how GA tools
are used to define genome interpretation in optimization
C. Genetic Algorithms
problems.
Genetic algorithms [4] are a family of computational
models inspired by natural evolution. They belong to the field B. Shanthini et al. [9] explained Cancelable Biometric-
of evolutionary computation and are based on three main Based Security System (CBBSS), where cancelable biometrics
operators: Selection selects the fittest individuals, called is used for data security in mobile ad hoc networks. Fingerprint
parents that contribute to the reproduction of the population at feature of the receiver is coupled with the tokenized random
the next generation, Crossover combines two parents to form data by using inner-product algorithm and this product is
children for the next generation and Mutation applies random discretized based on a threshold to produce a set of private
changes to individual parents to form children. Two-point binary code which is acting as a cryptographic key in this
crossover operator is used here which has the ability to generate, system.
promote, and juxtapose building blocks to form the optimal
strings. A. Jagadeesan et al. [10], proposed an efficient approach
based on multimodal biometrics (Iris and fingerprint) for
This paper is organized into 4 sections. Section 1 introduces generating a secure cryptographic key, where the security is
the background and initiatives of the research. It also discusses further enhanced with the difficulty of factoring large
the challenges of message security, the necessity of biometric numbers. At first, the features, minutiae points and texture
security in MANET and Genetic algorithms. Section 2 explains
properties are extracted from the fingerprint and iris images
the related research works that has been done to provide
respectively. Then, the extracted features are fused at the
security in MANET. Section 3 proposes a new security scheme
feature level to obtain the multi-biometric template. Finally, a
for MANET which combines genetic algorithm and biometrics.
Section 4 contains conclusion and suggestions for future multi-biometric template is used for generating a 256-bit
research. cryptographic key.

III. PROPOSED WORK
II. RELATED WORK
In this proposed Genetic-Based Biometric Security System
A few research works that has been done for data security (GBBSS), a genetic two-point crossover operator is applied on
in MANET, the various approaches of biometric security and biometric feature set and is used for data security in mobile ad
Genetic algorithms in security are briefly presented. hoc networks. The main objective of the proposed security
scheme is to improvise the existing data security approaches
for MANET to suit technology enhancements and to study the
network performance.

150 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 6, September 2010

A. Generation of Genetic-Based Biometric Key B. Securing the Data
In this model all the group members maintain the biometric Data is secured by applying this cryptographic key to
templates of the other group members. Suppose a member encrypt the actual message using a simple cryptographic
wants to send a message to any other member, the receiver’s algorithm say Fiestel algorithm. The encryption and decryption
fingerprint is divided into slices and feature set taken from the processes are specified by the formulae:
slices is undergone a genetic two-point crossover operation and
the result is the cryptographic key in this system. Generation of C = EKR ( P ) and P = DKR ( C )
cryptographic key is shown in figure 1. where P – Plain Text
C - Cipher Text
Fingerprint KR - Key created by Receiver’s Biometric
E - Encryption Algorithm
D - Decryption Algorithm

In Fiestal algorithm, a block of size N is divided into two
halves, of length N/2, the left half called XL and right half
called XR. The output of the ith round is determined from the
output of the (i-1)th round. The same key is used for all
iterations without generating sub keys. Also the number of
iterations performed is reduced to show that security can be
achieved by using simple algorithm. For example if the
plaintext is of 512 bytes, then encryption is performed for
every 64 bits and the process is repeated until all 512 bytes are
encrypted. Fiestel structure is given in figure 2. [1].

Cryptographic Key
Figure 1.

Figure 1. Generation of cryptographic key from the finger print features.

The same key is generated by the receiver by using his
biometric and the same sort of cross over operations and is
used for decryption.
Example:
01011100 1010000011111010 00110101
Parent
00110011 1111000011110000 11001100

After Crossover
Figure 2. Fiestel Algorithm

01011100 1111000011110000 00110101
Algorithm for Encryption:
Children
1. Divide the plaintext into two blocks of size, 32 bytes,
00110011 1010000011111010 11001100
XL and XR
2. For I = 1 to 32
If this biometric based key is compromised a new one can
Do XL = XL XOR Key
be issued by using a different set of features and different cross
XR = F (XL) XOR XR
over operation and the compromised one is rendered
completely useless. It can also be an application specific that is Swap XL, XR
different sets of fingerprint features can be used with different Join XL, XR
cross over operations to generate respective cryptographic key 3. Repeat step 2 until the entire plaintext is encrypted
for different applications.
Algorithm for Decryption:
Do the reverse operation of Encryption process.

151 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 6, September 2010

C. Implementation of GBBSS in MANET Even though the attacker can get the cipher text he cannot
The proposed scheme can be implemented over any unicast view the original message since it is secured using genetic
routing protocols like DSR or AODV which discover routes as based biometric cryptography.
and when necessary and the routes are maintained just as long
as necessary. A typical MANET is shown in figure 3. E. Security Analysis
Suppose User A wants to send the message to User C, after This section reports the analysis of the security parameters
like time taken for key generation, encryption and decryption
the forward and reverse paths are set up by the route discovery
for various algorithms like 3DES192, AES128, AES256 and
method, the data will be sent through that path to the
GBBSS64 in an ad hoc network environment. The graphs
destination C. Before sending the data through that path, the
shown in figure 4 and figure 5 are generated by using the
data will be encrypted by Fiestel algorithm using the genetic
values given in the following table 1:
based biometric key. Once the cipher text is received by the
receiver, the cipher text is decrypted by using the same key. Parameters
Encryption Time taken
Algorithm Key Time taken for Time taken for
for Key
Size Encryption Decryption
Generation
3DES192 192 0.08 ms 0.08 ms 0.07 ms
Mobile
Ad hoc NW AES-128 128 0.13 ms 0.1 ms 0.1 ms

AES-256 256 0.13 ms 0.12 ms 0.11 ms

GBBSS-64 64 0.06 ms 0.04 ms 0.02 ms

Table 1: Key size and Timing measurements for various algorithms

0.14
0.12
0.1

Time in ms
Figure 3. MANET Structure 0.08
0.06
0.04
D. The security functions of the proposed system 0.02

 Confidentiality: The privacy of the message is protected 0
3DES-192 AES-128 AES-256 GBBSS-64
by this scheme. Suppose if the attacker wants to derive the Algorithms Applied
original message from the encrypted text, he needs the
Key Generation Encryption Decryption
cryptographic key. The key can be obtained only by using
the biometric of the receiver. Furthermore the biometric is Figure 4. Timing measurements for various algorithms
not used as such instead a cancelable version is used. So, it
is computationally infeasible to get the key.
400
 Authentication: In our proposed scheme, the members of
Key Size and Security Level

350
the ad hoc group can authenticate each other through their 300
biometric. If the receiver wants to verify whether the 250
message is coming from the genuine sender, the message 200
can be encrypted by using the sender’s biometric and the 150
receiver can use the same biometric to decrypt the 100
message. These processes can be specified by the
50
following formulae:
0
C = EKS ( P ) and P = DKS ( C ) 3DES 192 AES-128 AES-256 GBBSS-64
Algorithms Applied
where KS is the Key created by Sender’s Biometric. Key size Security Level

 Integrity: In our proposed scheme, the recipient can verify
whether the received message is the original one that was Figure 5. Key Size and Security Levels for various algorithms
sent by the sender. If the attacker changes the cipher text,
the original plain text can not be generated after decrypting From the above charts we can understand that our proposed
with the key created by using receiver’s biometric. By the GBBSS achieves relatively high performance in terms of less
property of one-way hash function, it is computationally overhead and high security level. Since the key size is very
infeasible for the attacker to modify the cipher text. small compared to the other algorithms, the time taken to
generate the key, time taken to encrypt and decrypt are also
 Man-in-the-middle attack: An attacker sits between the less.
sender and the receiver and sniffs any information being
sent between two ends is called man in the middle attack.

152 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 6, September 2010

IV. CONCLUSION AND FUTURE WORK [5] Qinghan Xiao, “A Biometric Authentication Approach for
High Security Ad hoc Networks”, Proceedings of IEEE
Although MANET is a very promising technology, Workshop on Information Assistance, pp. 250-256, June
challenges are slowing its development and deployment. 2004.
Traditional security mechanisms are not sufficient for the [6] Jie Liu, F. Richard Yu, Chung-Horng Lung and Helen
nodes roaming in a hostile environment with relatively poor Tang, “Optimal Biometric-Based Continuous
physical protection. Therefore to strengthen the encryption Authentication in Mobile Ad hoc Networks”, Third IEEE
International Conference on Wireless and Mobile
algorithm and key, first the advantages of biometric and Computing, Networking and Communications, pp. 76-81,
genetic algorithms are taken into our system. Secondly, 2007.
security should be achieved by using simple algorithms that [7] B Ananda Krishna, S Radha and K Chenna Kesava
involve small inherent delays rather than complex algorithms Reddy, “Data Security in Ad hoc Networks using
which occupy considerable memory and delay. Finally, ad hoc Randomization of Cryptographic Algorithms”, Journal of
network may consist of thousands of nodes. So, security Applied Sciences, pp. 4007-4012, 2007.
mechanisms should be scalable to handle such a large network. [8] Zarza L., Pegueroles J and Soriano M “Interpretation of
Binary Strings as Security Protocols for their Evolution
The method presented in this paper remains as a by means of Genetic Algorithms”, International
preliminary approach to realize biometric security in ad hoc Conference on Database and Expert Systems
Applications, pp. 708-712, 2007.
networks which needs high security. This approach can be used
[9] B. Shanthini and S. Swamynathan “A Cancelable
in very critical, crucial and vital applications where data Biometric-Based Security System for Mobile Ad Hoc
security is very important and members who have accessed that Networks”, International Conference on Computer
data is limited in number like military officers at war-field, Technology (ICONCT 09), pp. 179-184, December, 2009.
scientists in a confidential conference, officers in the intelligent [10] A. Jagadeesan, T. Thillaikkarasi and K. Duraiswamy,
buildings etc. There are many security problems still persist in “Cryptographic Key Generation from Multiple Biometric
these types of ad-hoc networks and as a future work, this paper Modalities: Fusing Minutiae with Iris Feature”,
International Journal of Computer Applications , Vol. 2,
can be extended to solve those problems with different No.6, pp. 0975–8887, June 2010.
biometrics and also with multimodal biometrics.

REFERENCES B. Shanthini is a research scholar in
Anna University, Chennai, India.
[1] Stallings W, “Cryptography and Network Security– She received her Bachelor’s degree
Principles and Practices”, 3rd Edition, Pearson Education,
2004. in C.S.E. from M.K.University,
[2] Animesh K. Trivedi, Rajan Arora, Rishi Kapoor, Sudip Madurai and Master’s degree in
Sanyal, Ajith Abraham, Sugata Sanyal, “Mobile Ad Hoc C.S.E. from M.S. University,
Network Security Vulnerabilities”, IGI Global, 2009. Tirunelveli. Her research interests
[3] Maltoni D. Maio, Jain A. K. and Prabhakar S, “Handbook include Network Security, Web
of Fingerprint Recognition”, Springer Verlag, 2003.
Security, Wireless Communication,
[4] Fessi B A, Ben Abdallah, S, Hamdi Mand Boudriga, “A
new genetic algorithm approach for intrusion response Biometrics and Cloud Computing.
system in computer networks”, IEEE Symposium on
Computers and Communications, pp. 342-347, 2009.
Dr. S. Swamynathan is an
Assistant Professor of Computer
Science and Engineering at Anna
University Chennai, India. He
received his Master’s in Computer
Science and Engineering and
Doctorate in Reactive Web Services
from Anna University, Chennai. His
research interests include Web
Service, Security, Web Mining and
Automated Workflow Systems.

153 http://sites.google.com/site/ijcsis/
ISSN 1947-5500