Proceedings of 2007 International Symposium on Intelligent Signal Processing and Communication Systems Nov.28-Dec.1, 2007 Xiamen, China

A SECURE ROUTING MECHANISM IN AODV FOR AD HOC NETWORKS Liu Jinghua1, Geng Peng2,Qiu Yingqiang1,Feng Gui1 1

2

College of Information Science & Engineering , Huaqiao University, Quanzhou, China College of Communication Engineering, Nanjing Institute of Technology, Nanjing, China

ABSTRACT Ad Hoc network is particularly vulnerable due to the lack of any centralized infrastructure. However, the typical ondemand routing protocols for Ad Hoc networks such as AODV and DSR have no security considerations and trust all the participants to correctly forward routing and data traffic. In this paper, the foundational conception of Ad Hoc networks and the routing attacks in them are introduced. A secure routing solution based on watchdog mechanism and credence value mechanism is proposed over the AODV. The watchdog mechanism is defined to judge whether a node has abnormal behavior in process of forwarding information. The credence value mechanism is used to evaluate a node’s credit standing. The performance of average end-to-end delay, packet drop ratio, routing load and average throughput are proved well by computer simulation.

1. INTRODUCTION Ad Hoc network is a special peer-to-peer network which is self-creating, self-organizing, self-administrating and dynamically reconfiguration. A node can communicate with other nodes that are out of the direct range with the help of other nodes. So each node seeks the assistance of its neighbors in forwarding packets and there are always multi hops from source node to destination node. Comparing with other mobile communication networks, Ad Hoc networks don't need any fixed base station and their topology changes quickly. These lead to new vulnerabilities of attacks which are unknown in wired networks. Computer simulations have shown that if 10%40% of the nodes in an Ad Hoc network misbehave, then the average throughput degrades by 16%-32% [1]. So it is necessarily to research on routing security in Ad Hoc networks. Section 2 briefly introduces the possible routing attacks and the security routing protocols in Ad Hoc networks. Section 3 elaborates on the new approach to

1-4244-1447-4/07/$25.00 ©2007 IEEE

enhance the security of AODV [2] protocol which includes watchdog mechanism and credence value mechanism. The details of the computer simulation works and performance analysis are given in section 4. In section 5, brief conclusions are given. 2. ROUTING ATTACKS AND SECURITY PROTOCOLS IN AD HOC NETWORKS Routing attacks in Ad Hoc networks can be classified into two types, passive and active [3]. In a passive attack, the attacker does not disrupt the operation of a routing protocol but only eavesdrops on the network. Because the passive attack does not affect the performance of network, we do not discuss it in this paper. In an active attack, the attacker must be able to inject some packets into the network. The latter type of attack is particularly powerful and fatal. Some types of active attacks, including black hole, neighbor attack, wormhole, denial of service (DoS), information or location disclosure, rushing attack, jellyfish attack, Byzantine attack and blackmail attack have been addressed in literature [4]-[6]. Some secure routing protocols such as ARAN [7], Ariadne [8], SAODV [9], SRP [10] have been recently developed to protect an Ad Hoc network from attacks [11]. Table 1 is a comparison of the previously presented secure Ad Hoc routing protocols. 3. SECURITY ENHANCEMENT MECHANISM 3.1. THE WATCHDOG MECHANISIM We call a node is a mutual neighbor if it is the neighbor of two different nodes. Just as shown in Figure 1, node W1 is mutual neighbor it is the neighbor of both A and B. Node W2 and W3 are also mutual neighbors. W1

S

A

W2

B

W3

C

E

Figure 1 mutual neighbor listening mechanism

435

D

Proceedings of 2007 International Symposium on Intelligent Signal Processing and Communication Systems Nov.28-Dec.1, 2007 Xiamen, China

Suited protocol Requirements

Primary secure technology Secure route in request Secure route in reply Shortest path identification Assure route freshness Use of cached route

Table 1 comparison of some secure routing protocols ARAN Ariadne SAODV AODV, DSR DSR AODV Establishes trusted Using the TESLA system for Distributes certification authority. protecting broadcast messages, the signed public Distributes and existence of a shared secret keys to all maintains all nodes’ between source and destination nodes. public keys. node and clock synchronization. Digital Signature One-way Hash Chains, Message One-way Hash Authentication Code Chains, Digital Signature Yes Yes Yes

No

Yes

Yes

Yes

Optional

No

No

No

Yes

Yes

Yes

Yes

No

No

Yes

No

3.2.1. Credence value based on forwarding behavior Cr represents the credence value based on forwarding behavior, Crd is the direct value and Cri is the indirect value. Nrs and Nrf represent the cumulative sum of successful and failed events of forwarding information. Then the direct value of node A vs. B which based on forwarding behavior is equal to: C Ard→B =

A node’s behavior can be classified into forwarding behavior and attack behavior. Otherwise, we classify the credence value into direct value and indirect value. Just as shown in Figure 2, a node’s credence value can be classified into four kinds. direct value

{ {

credence valuebased on forwarding behavior credence valuebased on attack behavior

indirect value direct value indirect value

N rs N rs + N rf

(1)

If there have other nodes C1, C2 ... Ck also have evaluated the credence value of node B, so the indirect value of node A vs. B which based on forwarding behavior is equal to: C Ari →B = C Ard→B ×

3.2. THE CREDENCE VALUE MECHANISIM



Message Authentication Code

Yes

We assume node B is malicious node. S is the source node and D is the destination node. When A forwards RREQ or data packets or sends back RREP, W1 listens to A just like a watchdog [12], Including the information from S whether has been forwarded or not, which node receives the forwarding information, and whether the information has been tampered or not. Because W1 knows the next hop of A, black hole attack and wormhole attack will be detected. If just using S to listen to A, the malicious node cannot be detected when multiple nodes (node A and B for example) collude to bring the network down for S does not know the next hop of A. This is the reason the concept of mutual neighbor is introduced.

credence value

SRP DSR The existence of a shared secret between source and destination node.

1 k Cn → B ∑ Crd k n =1

(2)

According to (1) and (2), we can generalize the credence value based on forwarding behavior is equal to: C r = pCArd→B + qC Ari →B (3) where p≥0,q≥0 and p + q = 1. 3.2.2. Credence value based on attack behavior Cm represents the credence value based on attack behavior, C0 is the initialization, Cmd is the direct value, Cmi is the indirect value and m is the cumulative sum of attack. Then the direct value of node A vs. B which based on attack behavior is equal to: C Amd→B = 2− m × C0B − △C (4) B where C0 represents the initialization of node B. △C is a fixed value, and 0≤△C≤1.

Figure 2 structure of credence value

436

Proceedings of 2007 International Symposium on Intelligent Signal Processing and Communication Systems Nov.28-Dec.1, 2007 Xiamen, China

If there have other nodes C1, C2 ... Ck also have evaluated the credence value of node B, so the indirect value of node A vs. B which based on attack behavior is equal to: C

A →B mi

=C

A →B md

1 k × ∑ CCmdn →B k n =1

(5)

According to (4) and (5), we can generalize the credence value based on attack behavior is equal to: A →B C m = rCmd + sC Ami→B (6) where r≥0,s≥0 and r + s = 1. 3.2.3. Final credence value If C represents the final credence value, we can generalize the C according to (3) and (6): (7) C = Cr + Cm When the value of C is less than some gateway, we judge the node which holds C is malicious node. Some types of attacks can be detected by this secure mechanism as shown in table 2. Table 2 detect against attacks Attacks Whether can be detected Black hole Yes Neighbor Yes Wormhole Yes DoS Yes Information Disclosure No Rushing NA Jellyfish Yes Byzantine NA Blackmail No



Maximum speed: 20 m/s.



Simulation duration: 600 seconds.



Physical link bandwidth: 2 Mbps.



MAC layer: IEEE 802.11.

The computer simulation results are shown in the Figure 3~Figure 6. It can be seen that the end-to-end delay is increased about four times when the network is attacked. The common neighbor listening mechanism reduces delay about 50%. The maximum of delivery ratio is 64% increased when there have attack behaviors in the network. The delivery ratio of AODV with defense mechanism is almost the same as that of the AODV without attacks. Figure 5 shows that the routing load of the network is increased by the malicious nodes. After implementing the proposed secure mechanism, it considerably decreases the routing load by identifying the malicious node and isolating them from the network. The average throughput is twice reduced when the network is attacked. It is obviously increased by AODV with defense.

4. SIMULATION AND RESULTS ANALYSES We take the black hole attack for example. The performance of average end-to-end delay, packet drop ratio, routing load and average throughput are evaluated by computer simulation using ns-2 [13] by putting the watchdog mechanism and credence value mechanism into AODV. We also watch carefully the differences between the normal AODV and AODV under attacks, in which some nodes are made to play the role of attackers. The nodes in the computer simulation move according to the Random Waypoint Algorithm [14]. The scenario is defined with a set of parameters as follows: • Number of nodes: 50. •

Number of malicious nodes: 5.



Simulation area: 1000m×1000m.



Date rate: 1 packet / s.



Packet size: 512 byte.



Traffic type: CBR.

Figure 3 average end-to-end delay Vs pause time

Figure 4 packet drop ratio Vs pause time

437

Proceedings of 2007 International Symposium on Intelligent Signal Processing and Communication Systems Nov.28-Dec.1, 2007 Xiamen, China

REFERENCES [1] S. Marti, T.J. Giuli, K. Lai, M. Baker, “Mitigating routing misbehavior in mobile ad hoc networks,” 6th MobiCom, Boston, Massachusetts, August 2000. [2] C. E. Perkins, E. M. Royer, and S. Das, “Ad hoc On-demand Distance Vector (AODV),” RFC 3561, July 2003. [3] C.E. Perkins and E. M. Royer, “Ad-hoc On-Demand Distance Vector Routing,” Proc. 2nd IEEE Workshop, Mobile Comp. Sys. And Apps. Feb. 1999, pp. 90 – 100.

Figure 5 routing load Vs pause time

[4] N. Uushona and W T Penzhorn, “Towards the Security of Routing in Ad Hoc Networks,” IEEE ISIE 2005, June 20-23, 2005. [5] Yih-Chun Hu, Adrian Perring and David B. Johnson, “Wormhole Attacks in Wireless Networks,” IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, VOL. 24, NO. 2, FEBRUARY 2006. [6] Hoang Lan Nguyen and Uyen Trang Nguyen, “Study of Different Types of Attacks on Multicast in Mobile Ad Hoc Networks,” IEEE ICNICONSMCL’06, 2006. [7] Kimaya Sanzgiri, Bridget Dahill, Brian Neil Levine, Clay Shields, Elizabeth M. Belding-Royer , “A Secure Routing Protocol for Ad Hoc Networks,” In Proceedings of 2002 IEEE International Conference on Network Protocols(ICNP), November 2002.

Figure 6 average throughput Vs pause time 5. CONCLUSIONS AND FUTURE WORK In this paper, a secure mechanism in AODV for Ad Hoc networks is proposed to detect attack behaviors. The computer simulations demonstrate that the method can efficiently detect black hole attack without introducing much routing control overhead to the network. In the future, we would like to further explore this mechanism in different circumstances and take it to other routing protocols such as DSR. We also would like to mend this mechanism to detect the attacks such as Information Disclosure attack and Blackmail attack. ACKNOWLEDGEMENTS This paper was jointly supported by the Natural Science Foundation of Fujian Province of China under Grant(NO. A0610022), the China Postdoctoral Science Foundation (NO. 20060390180), the Youth Technological Talent Innovative Project of Fujian Province of China (NO. 2006F3086) and the Scientific Research Foundation of Huaqiao University (NO. 06BS217, NO. 07HRZ28).

[8] Yih-Chun Hu, Adrian Perrig, David B. Johnson , “Ariadne: A secure On-Demand Routing Protocol for Ad Hoc Networks,” in Proceedings of the MobiCom 2002, September 23-28, 2002, Atlanta, Georgia, USA. [9] M. G. Zapata, “Secure ad hoc on-demand distance vector (AODV),” [S]. Routing. Mobile Ad Hoc Networking Group, INTERNET DRAFT, Aug, 2001. [10] P. Papadimitratos, Z. Haas, “Secure routing for mobile Ad Hoc networks,” in Proceedings of the SCS communication Networks and Distributed Systems Modeling and Simulation Conference, San Antonio, TX, January 27-31,2002. [11] PATROKLOS G. ARGYROUDIS AND DONAL O’MAHONY, “Secure routing for mobile ad hoc networks,” IEEE Communications Surveys & Tutorials, Third Quarter 2005. [12] S. Marti, T.J. Giuli, K. Lai, M. Baker, “Mitigating routing misbehavior in mobile ad hoc networks,” 6th MobiCom, Boston, Massachusetts, August 2000. [13] http://www.isi.edu/nsnam/ns/. [14] J. Broch, D.A. Maltz, D.B. Johnson, Y.C. Hu, J. Jetcheva, “A performance comparison of multi-hop wireless ad hoc network routing protocols,” In: Proceedings of MOBICOM’98, Dallas, TX, 1998 pp. 85-97.

438

Author Guidelines for 8

technology. Digital Signature. One-way Hash Chains, Message. Authentication Code. One-way Hash. Chains, Digital. Signature. Message. Authentication Code.

874KB Sizes 1 Downloads 196 Views

Recommend Documents

Author Guidelines for 8
nature of surveillance system infrastructure, a number of groups in three ... developed as a Web-portal using the latest text mining .... Nguoi Lao Dong Online.

Author Guidelines for 8
The resulted Business model offers great ... that is more closely related to the business model of such an .... channels for the same physical (satellite, cable or terrestrial) ... currently under way is the integration of basic Internet access and .

Author Guidelines for 8
three structures came from the way the speaker and channel ... The results indicate that the pairwise structure is the best for .... the NIST SRE 2010 database.

Author Guidelines for 8
replace one trigger with another, for example, interchange between the, this, that is ..... Our own software for automatic text watermarking with the help of our ...

Author Guidelines for 8
these P2P protocols only work in wired networks. P2P networks ... on wired network. For example, IP .... advantages of IP anycast and DHT-based P2P protocol.

Author Guidelines for 8
Instant wireless sensor network (IWSN) is a type of. WSN deployed for a class ... WSNs can be densely deployed in battlefields, disaster areas and toxic regions ...

Author Guidelines for 8
Feb 14, 2005 - between assigned tasks and self-chosen “own” tasks finding that users behave ... fewer queries and different kinds of queries overall. This finding implies that .... The data was collected via remote upload to a server for later ..

Author Guidelines for 8
National Oceanic & Atmospheric Administration. Seattle, WA 98115, USA [email protected] .... space (CSS) representation [7] of the object contour is thus employed. A model set consisting of 3 fish that belong to ... two sets of descending-ordered l

Author Guidelines for 8
Digital circuits consume more power in test mode than in normal operation .... into a signature. Figure 1. A typical ..... The salient features and limitations of the ...

Author Guidelines for 8
idea of fuzzy window is firstly presented, where the similarity of scattering ... For years many approaches have been developed for speckle noise ... only a few typical non- square windows. Moreover, as the window size increases, the filtering perfor

Author Guidelines for 8
Ittiam Systems (Pvt.) Ltd., Bangalore, India. ABSTRACT. Noise in video influences the bit-rate and visual quality of video encoders and can significantly alter the ...

Author Guidelines for 8
to their uniqueness and immutability. Today, fingerprints are most widely used biometric features in automatic verification and identification systems. There exists some graph-based [1,2] and image-based [3,4] fingerprint matching but most fingerprin

Author Guidelines for 8
sequences resulting in a total or partial removal of image motion. ..... Add noise. Add targets. Performance Measurement System. Estimate. Residual offset.

Author Guidelines for 8
application requests without causing severe accuracy and performance degradation, as .... capacity), and (3) the node's location (host address). Each information ... service also sends a message to the meta-scheduler at the initialization stage ...

Author Guidelines for 8
camera's operation and to store the image data to a solid state hard disk drive. A full-featured software development kit (SDK) supports the core acquisition and.

Author Guidelines for 8 - Research at Google
Feb 14, 2005 - engines and information retrieval systems in general, there is a real need to test ... IR studies and Web use investigations is a task-based study, i.e., when a ... education, age groups (18 – 29, 21%; 30 – 39, 38%, 40. – 49, 25%

Author Guidelines for 8
There exists some graph-based [1,2] and image-based [3,4] fingerprint matching but most fingerprint verification systems require high degree of security and are ...

Author Guidelines for 8
Suffering from the inadequacy of reliable received data and ... utilized to sufficiently initialize and guide the recovery ... during the recovery process as follows.

Author Guidelines for 8
smart home's context-aware system based on ontology. We discuss the ... as collecting context information from heterogeneous sources, such as ... create pre-defined rules in a file for context decision ... In order to facilitate the sharing of.

Author Guidelines for 8
affordable tools. So what are ... visualization or presentation domains: Local Web,. Remote Web ... domain, which retrieves virtual museum artefacts from AXTE ...

Author Guidelines for 8
*Department of Computer Science, University of Essex, Colchester, United Kingdom ... with 20 subjects totaling 800 VEP signals, which are extracted while ...

Author Guidelines for 8
that through a data driven approach, useful knowledge can be extracted from this freely available data set. Many previous research works have discussed the.

Author Guidelines for 8
3D facial extraction from volume data is very helpful in ... volume graph model is proposed, in which the facial surface ..... Mathematics and Visualization, 2003.

Author Guidelines for 8
Feb 4, 2010 - adjusted by the best available estimate of the seasonal coefficient ... seeing that no application listens on the port, the host will reply with an ...