Secured Right Angled or Ant Search Protocol for Reducing Congestion Effects and Detecting Malicious Node in Mobile Ad hoc Networks by Multipath Routing

Shared by: ijcsiseditor

Stats

views:: 117
posted:: 7/5/2011
language:: English
pages:: 9

Public Domain

Document Sample

(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 6, June 2011

Secured Right Angled or Ant Search Protocol for Reducing Congestion
Effects and Detecting Malicious Node in Mobile Ad hoc Networks
by Multipath Routing
Lt. Dr. S Santhosh Baboo, Reader V J Chakravarthy
P.G. Research Dept of Com. Science Research Scholar
Arumbakkam, Chennai – 106. Dravidian University
D G Vaishnav College,
Arumbakkam, Chennai – 106.

Abstract – In this paper, we develop a simulation for the protocol scheme in NS-2.
security based protocol using Biased Simulation results show that RAOA
Geographical – Ant Search multipath achieves the fairness throughput, high
routing approach which attains packet delivery attaining low delay and
confidentiality and authentication of overhead in the presence of malicious
packets in both routing and link layers of nodes.
MANETs. In first phase we developed a
new method for routing the packets from I. INTRODUCTION
source to destination using right angled
geographical routing techniques and A. Mobile Ad-hoc Networks
shortest path by ant search method to A mobile ad hoc network (MANET) is a
reduce congestion effects. Secondly we temporary infrastructure less multi-hop
proposed a protocol called SRAOA wireless network in which the nodes can move
(Secured Right Angled or Ant Search) an arbitrarily. Such networks extends the limited
on-demand routing protocol. Thirdly, we wireless transmission range of each node by
added security to our proposed protocol multi-hop packet forwarding, thus well suited
using MD 5 (digest algorithm) which for the scenarios in which pre-deployed
provides link level security for the packets infrastructure support is not available. In ad
transmission between source and hoc network, there is no fixed infrastructure
destination and for detecting and isolating such as base stations or mobile switching
malicious nodes using certificate generation centers. Mobile nodes that are within each
for the nodes which are in the parent other’s radio range communicate directly via
network. In the next phase of the protocol, wireless links, while those that are far apart
we did encryption and decryption for rely on other nodes to relay messages frequent
authentication, we used RSA algorithm. changes of the network topology. Mobile ad
The performance of our SRAOA protocol is hoc networks are finding ever increasing
compared / validated with some prominent applications in both military and civilian
routing protocols for mobile ad hoc scenarios due to their self-organizing, self-
networks, in the presence of malicious node configuring capabilities.
in the simulation environment, namely Ad
hoc On Demand Distance vector (AODV) The following figure 1 shows mobile ad hoc
and Ad hoc On-demand Multipath network which consists of five mobile nodes.
Distance Vector (AOMDV), DSR (Dynamic Let us consider the mobile node 5 out of
Source Routing), DSDV (Destination transmission range from the mobile node 2. If
Sequenced Distance Vector. We have mobile node 2 wants to send packets to node 5
chosen four performance metrics, such as (i.e., wants of establish communication with
Average Delay, Packet Delivery Ratio, node 5). Now the node 2 sends the packets to
Routing Load, and Throughput. We did node 3 and node 3 transmits to node 4, since

275 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 6, June 2011

the node 3 and node 4 are in transmission eavesdroppers to obtain any useful
range with both node 2 and node 5 or the node information from the data overhead.
directly sends the packets to node 5 if the node
4 is busy. Thus the node 2 is able to
communicate node 5 successfully. Active Attacks

4 An Active attack, is one where the attacker
actively seeks to modify, abstract, alter or
1 3 destroy the data being exchanged, thus
disrupting the normal functioning of the
network. Active attacks can be classified
2 5 further into two types: external and internal.
External attacks come from nodes that do not
belong to the network; they can be prevented
by using standard security mechanism such as
Figure 1 encryption techniques and firewalls. Internal
attacks, however, are from compromised
The major difference between fixed networks
nodes that belong to the network. Since the
and MANET is that the computers in a
adversaries are already part of of the network
MANET are mobile (which are motion).
as authorized nodes, such attacks are more
severe and difficult to detect than external
B. Vulnerability of Existing Protocols
ones.
Within these categories, there are many
The security of communication in ad hoc
different types of attack that mobile ad hoc
wireless networks is important especially in
networks may face, some of which are
military applications. The absence of any
described here.
central coordination mechanism and shared
wireless medium makes MANETs more
Wormhole attack
vulnerable to digital/cyber attacks than wire
All packets are dropped by sending forged
networks. Malicious and selfish nodes are the
routing packets, the attacker could route all
ones that fabricate attack against physical,
packets, the attacker could route all packets
link, network, and application-layer
for some destination to itself and then discard
functionality. Current routing protocols are
them, or the attacker could cause the route at
exposed of two types of attacks: Passive and
all nodes in an area of the network to point
Active attacks.
“into” that area when infact the destination is
outside the area.
Passive Attacks
Black hole attack
A passive attack does not disrupt the operation
Using a pair of attacker nodes A and B linked
of the network; it occurs when an attacker tries
via a private network connection. Every
to eavesdrop on the data or the network traffic
packet that A receives from ad hoc
without altering it. This can violate the
network, A forwards through the wormhole to
requirements of confidentiality if an adversary
B, to then be rebroadcast by B, similarly, B
is also able to interpret that data gathered
may send all ad hoc network packets to A.
through snooping. This type of attack is less
harmful than an active one, but is much harder
to detect, because the attacker does not
Byzantine attack
interfere with the operation. One way of
A compromised intermediate node works by
overcoming such problems is to use powerful
itself, or a set of compromised intermediate
encryption mechanism to encrypt data being
nodes works in collusion and carries out
transmitted, thus making it impossible for
attacks at the creation of routing loops,

276 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 6, June 2011

forwarding packets on non-optimal paths and Table 1
selectively dropping packets.
Security Solution for MANETs

Information disclosure Layer Security Issues
An attacker may disclose private or important
information to unauthorized nodes in the Application Layer Detecting and preventing
network. Such information may include Viruses, Worms, Malicious
codes, and applications
information regarding the location of nodes or
abuses.
the structure of the network. It gathers the Transport Layer Authentication and Securing
node location information, such as a route end-to-end communication
table, then plans to attack in further scenarios. through date encryption
Network Layer Protecting the ad hoc routing
Resource consumption attack and forwarding protocols
A malicious node can attempt to consume or Link Layer Protecting the wireless MAC
protocol and providing link
waste resources of other nodes in the network.
layer security support
The resources targeted are bandwidth, Physical Layer Preventing Signal jamming,
computational power and battery life, which denial-of-service attacks
are limited in ad hoc wireless networks. Such
attacks may be in the form of requesting
excessive route discovery, very frequent II. OBJECTIVE & OVERVIEW OF THE
generation of beacon packets, or forwarding PROPOSED PROTOCOL
unnecessary packets to an unsuspecting node.
A. Objectives
Partition In this paper, we propose to design a
An attacker may try to partition the network congestion reduced and security based
by injecting forged routing packets to prevent protocol – Right angled or Ant Search
one set of nodes from reaching another. (RAOA) which is the enhancement over
AOMDV protocol, which works on energy
Detour based approach which attain high
An attacker may attempt to cause a node to confidentiality and authentication of packets in
detours through suboptimal routes. Also routing layer and layer of MANETs, having
compromised nodes may try to work together the following objectives:
to create a routing loop.
light weight in order to increase the network
Session Hijacking lifetime to provide, the application of ciphers
One weak point is that most authentications that are computationally efficient like the
processes are only carried out once when a symmetric-key algorithms and cryptographic
session starts. An adversary could try to hash functions
appear as an authentic node and hijack the cooperative to establish high-level security
session. with the aid of mutual
collaboration/cooperation amidst nodes along
Dos with other protocols
An adversary tries to disturb the attack-tolerant to facilitate the network to
communication in a network, for example by resist attacks to heal itself by detecting,
flooding the network with a huge amount of recognizing, and eliminating the sources and
packages. Service offered by the network are types of attacks
not working as usual, slow down or even stop. flexible & energy enough to trade security for
Ad hoc wireless networks are more affected energy consumption
than wired networks, because there are more Compatible with the security methodologies
possibilities to perform such an attack. and services in existence
scalable to the rapidly growing network side

277 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 6, June 2011

B. Overview of the protocol Minimising Congestion in Wireless
We propose to design a Multi-Path Routing Networks
Protocol, which sends the packets in In wireless networks, Congestion occurs when
alternative path in MANETs without any the wireless area around them is busy. With
centralized infrastructure. networks congestion is mostly situated at the
border of the network, with point to point
Explanation of the Right Angled Biased communication congestion usually builds in
Geographical Routing and ANT Search the center. So avoid the congestion in the
protocol (RAOA) wireless networks, the way should be
followed, i.e., we allow packets to route on
The main idea in our solution is to reduce the alternate paths. This type of routing avoid the
congestion during the transmission of packets congestion is busy area in the wireless
form source to destination, for that we inserted networks.
a “BIAS” i.e. the angle in each packet, which
determines the straight line path from the To reduce the congestion during transmission
source so that the packets move towards the of packets; we propose two more congestion
destination. Here the term bias is a measure control mechanisms that highly enhance
angle of which the packets take from the RAOA protocol.
source from greedy route and also indicates
the side of deviation. In our discussion, the Biased Node Packet Scatter (BNPS) is a
term bias is treated at each hop as an angle i.e., very light weight method mechanism that
90. Our proposed protocol “RAOA” routes partially aims to transient congestion by
greedily towards the point P2 (target point) locally splitting the traffic along multiple
situated at a predefined distance from the paths to avoid congested hotspots.
current node point P1 such that the angle
between the lines P1and P2 is equal to the bias Node-to-Node Packet Scatter (NNPS) is also
i.e angle 90° and finally the P3 node receives a mechanism but aim to transmit packets to
the packets. If the sending node doesn’t find longer term congestion, when BPNS fails.
any node at 90º, instantly it will search (Ant
Search) for the node which is very near to that We have evaluated the performance of RAOA
node. Once it finds the very nearest node, it protocol by using a high-level, a packet-level
will send the packets continuously. Then that simulator (ns2). The results show that RAOA
node finds the other node at 90° and sends the is a practical and efficient multipath routing
packets. algorithm. We have evaluated BPNS and
NNPS using ns2.

III. EFFICIENT MAC LAYER
P5
SECURITY PROTOCOL

A. Forwarding Scheme
P2 P3
In our proposed protocol, Let us consider two
nodes one is sending node (source) and
P6 another is the receiving node (destination) in
P4 the transmission range. We did this
P1
experiment with 50 nodes named from N1 to
N50.

In the scenario, when running our RAOA
protocol, first the RSA algorithm will run
creates the encrypted message with private
Figure 2: RAOA Forwarding key in the source node and the RAOA

278 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 6, June 2011

protocol starts finding the path, i.e., sending summarized in table 2.
the nodes through 90° angle and then MD5
algorithm starts running creates the link level No of Nodes 50
security i.e., creates the certificates for the
Area Size 1000 x 1000
nodes which are the parent network.
Mac 802.11
B. Working of MD5 message – digest Radio Range 250m
algorithm and RSA algorithm.
Simulation time 10 sec
The MD-5 message-digest algorithm is a Traffic Source CBR
simple to implement and provides a
Packet Size 512
“fingerpoint” or message digest of a message
of arbitrary length. It is conjectured that the Mobility Random Way Point
difficulty of coming up with two message Speed 5 m/s
having the same message digest is on the order
of 2^64 operations, and that the difficulty of Pause time 0, 1, 2, 3, 4, 5
coming up with any message having a given
message digest is on the order of 2^128
operations. When routing of packets takes C. Performance Metrics
place from source to destination through We evaluated mainly the performance of the
different nodes in the network. Encryption and RAOA protocol according to the following
Decryption process will done using RSA metrics.
algorithm. After the process takes place the
MD5 will generate certificate for the nodes, Control overhead: The control overhead is
suppose the node is in network, but certificate defined as the total number of routing control
is not generated the MD5 doesn’t consider that packets normalized by the total number of
node as malicious node instead it will generate received data packets.
certificate for that node also. The above
consideration will be done by setting flag Average end-to-end delay: The end-to-end
value. If the flag value = 0 for a node means, it delay is averaged over all surviving data
is not a malicious node, if flag value = 1 for a packets from the sources to the destinations.
node then, that node is considered as a
malicious node and no certificate will be Average Packet Delivery Ratio: It is the ratio
generated for that node and no transmission or of the number of packets received successfully
receiving of packets will take place. and the total number of packets sent.

Each certificate contains the following items; Through put: It is the number of packets
1. IP address received successfully.
2. Encrypted Message
3. MAC Address
4. Private Key Simulation Results
5. Public Key.

Example of certificate generated through MD5
algorithm to provide secured routing:
Node (13)
192.26.2.1
01bcbb824aa1d6fd6b9bf6ca4306b6ec
00:31:19:19:B1:EM
7
7
Our simulation setting and parameters are

279 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 6, June 2011

280 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 6, June 2011

for the nodes which are in the home network.
The malicious node punished and rewarded by
not generating certificate by setting the flag
value. By simulation results, we have shown
that the RAOA security protocol achieves high
packet delivery ratio while attaining low
delay, packet loss, high packet delivery ratio
and throughput. Above all, our RAOA
protocol provides high security challenges
with any types of attacks (both active and
passive attacks). In future, we will propose
send video packets using the RAOA protocol
in presence of malicious node.
REFERENCES
1. Lt. Dr. S. Santhosh Baboo, V J
Chakravarthy “Performance Analysis of
the RAOA Protocol with Three Routing
Protocols for Various Routing Metrics"
IJCSIS May 2011, Vol. 9 No. 5
Publication.
2. Liu, Kejun Deng, Jing Varshney, Pramod
K, Balakrishnan and
Kashyap“AnAcknowledgment-based
Approach for the detection of Routing
Misbehavior in MANETs”, IEEE
Transactions on Mobile Computing, May
2007.
3. Based Approach for the Detection of
Routing Misbehavior in MANETs”, IEEE
Transactions on mobile Computing, May
2007.
4. Anand Patwardhan, Jim Parker, Anupam
Joshi, Michaela Lorga and Tom
Karygiannis “Secure Routing and
Intrusion Detection in Ad Hoc Networks”,
Third IEEE International Conference on
Pervasive Computing and
Communications, March 2005.
Conclusion 5. A. Patwardhan, J. Parker, M. Lorga, A.
In this paper, we have developed an Joshi, T. Karygiannis and Y. Yesha
authenticated routing protocol with the “Threshold-based Intrusion Detection in
security issues, which attains high Ad hoc Networks and Secure AODV”
confidentiality and authentication of packets in Elsevier Science PublishersB.V, Ad Hoc
both routing and link layers of MANETs. In Networks Journal (ADHOCNET), June
the first phase of the protocol, we have 2008.
designed with RSA algorithm for encryption 6. Muhammad Mahmudul Islam, Ronald
and decryption and added security for the Pose and Carlo Kopp, “ A Link Layer
protocol using MD5 (digest-algorithm) Security Protocol for Suburban Ad-Hoc
scheme for detecting and isolating the Networks”, in proceedings of Australian
malicious nodes using routing layer Telecommunication Networks and
information and also by generating certificates Applications Conference, December 2004.

281 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 6, June 2011

7. Shiqun Li, Tieyan Li, Xinkai Wang, 16. Eric Setton, Xiaoqing Zhu and Bernd
Jianying Zhou and Kefei Chen, “Efficient Girod “Congestion-Optimized Multipath
Link Security Scheme for Wireless Sensor Streaming of Video over Ad Hoc Wireless
Networks”, Journal of Information And Networks”.
Computational Science, Vol.4, 17. S R Biradar, Subir Kumar Sarkar, Rajanna
No.2.pp.553-567, June 2007. K M, Puttamadappa C “Analysis QOS
8. S. Schmidt, H. Krahn, S. Fischer, and D. Parameters for MANETs Routing
Watjen, "A Security Arichitecture for Protocols”, International Journal on
Mobile Wireless Sensor Networks“, In Computer Science and Engineering, Vol.
proceedings of First European Workshop 02, No. 03, 2010, 593-599.
on security in Ad-Hoc and Sensor 18. P Chenna Reddy, Dr. P. Chandrasekhar
Networks (ESAS 2004), August 2004. Reddy, “Performance Analysis of Ad Hoc
9. A. Rajaram and Dr. Palaniswami Network Routing Protocols”, Academic
“Detecting Malicious Node in MANET Open Internet Journal, ISSN 1311-4360,
Using Trust Based-Layer Security Vol-17, 2006.
Protocol”, International Journal of 19. Lucian Popa, Costin Raiciu, Ion Stoica,
Computer Science and Information David s. Rosenblum, “Reducing
Technologies, Vol. 1 (2), 2010, 130-137. Congestion Effects in Wireless Networks
10. Ajay Jangra, Nitin Goel, Priyanka & by Multipath Routing”.
Komal Bhatia “Security Aspects in Mobile 20. Josh Broch, David A. Maltz, David B.
Ad Hoc Networks (MANETs): A Big Johnson Yih-Chun Hu, Jorjeta Jetcheva,
Picture”, International Journal of “A Performance Comparision of Multi-
Electronics Engineering, 2(1), 2010, pp. Hop Wireless Ad Hoc Network Routing
189-196. Protocols.
11. Abhay Kumar Rai, Rajiv Ranjan Tewari, 21. Rahul C. Shan, Adam Wolisz, Jan M.
Saurabh Kant Upadhyay “Different Types Rabacy, “On the performance of
of Attack on Integrated MANET – Internet geographical routing in the presence of
Communication”. localization errors”.
12. Dr. S. Santhosh Baboo, B. Narasimhan “A 22. A. Rajaram, Dr. S. Palaniswami,
Hop-by-Hop Congestion – Aware Routing “Detecting Malicious Node in MANET
Protocol Using Trust Based Cross-Layer Security
for Heterogeneous Mobile Ad-hoc Protocol, IJCSIT, vol. 1 (2), 2010, 130-
Network”, International Journal of 137.
Computer Science and Information
Security, Vol. 3, No. 1, 2009. AUTHORS PROFILE
13. Marina and Das, “On-demand multipath
distance vector routing in ad hoc Lt. Dr. S .Santhosh Baboo,
networks”, Ninth International Conference aged forty, has around Twenty
on Network protocols, pp.14-23, 2001. years of postgraduate teaching
14. Xiaoqin Chen, Haley M. Jones and experience in Computer Science,
Jayalath, “Congestion-Aware Routing which includes Six years of
protocol for Mobile Ad Hoc Networks”, administrative experience. He is a member,
IEEE 66th conference on Vehicle board of studies, in several autonomous
Technology, pp.21-25, October 2005. colleges, and designs the curriculum of
15. N. Vetrivelan, Dr. A V Reddy, undergraduate and postgraduate programmes.
“Performance Analysis of Three Routing He is a consultant for starting new courses,
Protocols for Varying MANET Size”, setting up computer labs, and recruiting
Proceedings of the International lecturers for many colleges. Equipped with a
MultiConference of Engineers and Masters degree in Computer Science and a
Computer Scientists 2008 Vol II, IMECS Doctorate in Computer Science he is a visiting
2008 19-21, March 2008, Hong Kong. faculty to IT companies. It is customary to

282 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 6, June 2011

see him at several National/international
conferences and training programmes, both as V J Chakravarthy, done his
a participant and as a resource person. He has Under-Graduation in Madras
been keenly involved in organizing training University and Post-Graduation
programmes for students and faculty in Bharathidasan University and
members. His good rapport with the IT Master of Philosophy Degree in
companies has been instrumental in on /off Periyar University. He is currently pursuing
campus interviews, and has helped the post his Ph.D in Computer Science in Dravidian
graduate students to get real time projects. He University, Kuppam, Andhra Pradesh. Also,
has also guided many such live projects. Lt. he is working as a Assistant Professor in P G
Dr. Santhosh Baboo has authored a Department of Computer Science, in the New
commendable number of research papers in College, (accredited at ‘A’ grade by NAAC),
international/national Conference/journals and one of the premier institutions in Chennai.. He
also guides research scholars in Computer is having more than two years of research
Science. Currently he is Reader in the experience and seven years of teaching
Postgraduate and Research department of experience. His research interest includes
Computer Science at Dwaraka Doss Wireless - Ad-HocNetworks - Congestion
Goverdhan Doss Vaishnav College (accredited reduction – Shortest Path detection, new
at ‘A’ grade by NAAC), one of the premier protocols findings and security challenges in
institutions in Chennai. routing techniques.

283 http://sites.google.com/site/ijcsis/
ISSN 1947-5500